diff options
| author | christian <christian@980ebf18-57e1-0310-9a29-db15c13687c0> | 2007-08-09 08:45:50 +0000 |
|---|---|---|
| committer | christian <christian@980ebf18-57e1-0310-9a29-db15c13687c0> | 2007-08-09 08:45:50 +0000 |
| commit | 3de4829cf0b607624b8a5f5f1e6055141d85af2f (patch) | |
| tree | 16cb9ef447771dace252003abba400a40d8b520d | |
| parent | 5a25701723431e0ebe2d7134ab65d56bee2c5244 (diff) | |
| download | puppet-3de4829cf0b607624b8a5f5f1e6055141d85af2f.tar.gz puppet-3de4829cf0b607624b8a5f5f1e6055141d85af2f.tar.xz puppet-3de4829cf0b607624b8a5f5f1e6055141d85af2f.zip | |
Refactor SUIDManager tests to run without root, change SUIDManager's behavior to not silently fail when it's not root and fix all other tests that broke as a result.
git-svn-id: https://reductivelabs.com/svn/puppet/trunk@2759 980ebf18-57e1-0310-9a29-db15c13687c0
| -rwxr-xr-x | test/certmgr/ca.rb | 7 | ||||
| -rwxr-xr-x | test/certmgr/certmgr.rb | 3 | ||||
| -rwxr-xr-x | test/certmgr/inventory.rb | 45 | ||||
| -rwxr-xr-x | test/certmgr/support.rb | 2 | ||||
| -rwxr-xr-x | test/executables/puppetca.rb | 6 | ||||
| -rwxr-xr-x | test/network/client/ca.rb | 1 | ||||
| -rwxr-xr-x | test/network/client/client.rb | 2 | ||||
| -rwxr-xr-x | test/network/handler/bucket.rb | 3 | ||||
| -rwxr-xr-x | test/network/handler/ca.rb | 7 | ||||
| -rwxr-xr-x | test/network/server/webrick.rb | 6 | ||||
| -rwxr-xr-x | test/network/xmlrpc/client.rb | 6 | ||||
| -rwxr-xr-x | test/network/xmlrpc/processor.rb | 1 | ||||
| -rwxr-xr-x | test/puppet/tc_suidmanager.rb | 107 | ||||
| -rwxr-xr-x | test/ral/types/filesources.rb | 2 | ||||
| -rwxr-xr-x | test/util/utiltest.rb | 109 |
15 files changed, 111 insertions, 196 deletions
diff --git a/test/certmgr/ca.rb b/test/certmgr/ca.rb index aca674f02..f464f4501 100755 --- a/test/certmgr/ca.rb +++ b/test/certmgr/ca.rb @@ -6,9 +6,16 @@ require 'puppet' require 'puppet/sslcertificates/ca.rb' require 'puppettest' require 'puppettest/certificates' +require 'mocha' class TestCA < Test::Unit::TestCase include PuppetTest + + def setup + super + Puppet::Util::SUIDManager.stubs(:asuser).yields + end + def hosts %w{host.domain.com Other.Testing.Com} end diff --git a/test/certmgr/certmgr.rb b/test/certmgr/certmgr.rb index ea4ce19bd..ff0a3b61b 100755 --- a/test/certmgr/certmgr.rb +++ b/test/certmgr/certmgr.rb @@ -6,6 +6,7 @@ require 'puppet' require 'puppet/sslcertificates.rb' require 'puppettest' require 'puppettest/certificates' +require 'mocha' class TestCertMgr < Test::Unit::TestCase include PuppetTest::Certificates @@ -14,6 +15,8 @@ class TestCertMgr < Test::Unit::TestCase #@dir = File.join(Puppet[:certdir], "testing") @dir = File.join(@configpath, "certest") system("mkdir -p %s" % @dir) + + Puppet::Util::SUIDManager.stubs(:asuser).yields end def testCreateSelfSignedCertificate diff --git a/test/certmgr/inventory.rb b/test/certmgr/inventory.rb index c94523d85..3d9da1e5d 100755 --- a/test/certmgr/inventory.rb +++ b/test/certmgr/inventory.rb @@ -5,12 +5,18 @@ $:.unshift("../lib").unshift("../../lib") if __FILE__ =~ /\.rb$/ require 'puppet' require 'puppettest/certificates' require 'puppet/sslcertificates/inventory.rb' +require 'mocha' class TestCertInventory < Test::Unit::TestCase include PuppetTest::Certificates Inventory = Puppet::SSLCertificates::Inventory + def setup + super + Puppet::Util::SUIDManager.stubs(:asuser).yields + end + def test_format cert = mksignedcert @@ -20,8 +26,8 @@ class TestCertInventory < Test::Unit::TestCase end assert(format =~ /^0x0001 \S+ \S+ #{cert.subject}/, - "Did not create correct format") - end + "Did not create correct format") + end def test_init # First create a couple of certificates @@ -42,36 +48,19 @@ class TestCertInventory < Test::Unit::TestCase end def test_add - certs = [] - - user = Puppet::Util.uid(Puppet[:user]) - ca = mkCA - 3.times do |i| - cert = mksignedcert(ca, "host#{i.to_s}.domain.com") - certs << cert + cert = mksignedcert(ca, "host.domain.com") - # Add the cert - assert_nothing_raised do - Puppet::SSLCertificates::Inventory.add(cert) - end - - # Now make sure the cert is in there - assert(FileTest.exists?(Puppet[:cert_inventory]), - "Inventory file was not created") - - # And make sure all of our certs are in there - certs.each do |c| - assert( - File.read(Puppet[:cert_inventory]).include?(cert.subject.to_s), - "File does not contain %s" % cert.subject.to_s - ) + assert_nothing_raised do + file = nil + file.expects(:puts).times(1).with do |written| + written.include? cert.subject.to_s end + Puppet::Util::Config.any_instance.stubs(:write) + Puppet::Util::Config.any_instance.expects(:write). + with(:cert_inventory, 'a').yields(file) - # And make sure the inventory file is owned by the right user - if Process.uid == 0 - assert_equal(user, File.stat(Puppet[:cert_inventory]).uid) - end + Puppet::SSLCertificates::Inventory.add(cert) end end end diff --git a/test/certmgr/support.rb b/test/certmgr/support.rb index f43d620a2..e6080a237 100755 --- a/test/certmgr/support.rb +++ b/test/certmgr/support.rb @@ -4,6 +4,7 @@ $:.unshift("../lib") if __FILE__ =~ /\.rb$/ require 'puppettest' require 'puppet/sslcertificates/support' +require 'mocha' class TestCertSupport < Test::Unit::TestCase include PuppetTest @@ -15,6 +16,7 @@ class TestCertSupport < Test::Unit::TestCase def setup super + Puppet::Util::SUIDManager.stubs(:asuser).yields @user = CertUser.new @ca = Puppet::SSLCertificates::CA.new @client = Puppet::Network::Client.ca.new(:CA => @ca) diff --git a/test/executables/puppetca.rb b/test/executables/puppetca.rb index 21185df10..82e90df72 100755 --- a/test/executables/puppetca.rb +++ b/test/executables/puppetca.rb @@ -3,9 +3,15 @@ $:.unshift("../lib").unshift("../../lib") if __FILE__ =~ /\.rb$/ require 'puppettest' +require 'mocha' class TestPuppetCA < Test::Unit::TestCase include PuppetTest::ExeTest + + def setup + super + Puppet::Util::SUIDManager.stubs(:asuser).yields + end def gen_cert(ca, host) runca("-g #{host}") diff --git a/test/network/client/ca.rb b/test/network/client/ca.rb index 26fb72f40..00ed7413a 100755 --- a/test/network/client/ca.rb +++ b/test/network/client/ca.rb @@ -11,6 +11,7 @@ class TestClientCA < Test::Unit::TestCase include PuppetTest::ServerTest def setup + Puppet::Util::SUIDManager.stubs(:asuser).yields super @ca = Puppet::Network::Handler.ca.new @client = Puppet::Network::Client.ca.new :CA => @ca diff --git a/test/network/client/client.rb b/test/network/client/client.rb index 534518fe6..14c90f2a9 100755 --- a/test/network/client/client.rb +++ b/test/network/client/client.rb @@ -230,6 +230,8 @@ class TestClient < Test::Unit::TestCase # Make sure that reading the cert in also sets up the cert stuff for the driver def test_read_cert + Puppet::Util::SUIDManager.stubs(:asuser).yields + ca = Puppet::Network::Handler.ca.new caclient = Puppet::Network::Client.ca.new :CA => ca diff --git a/test/network/handler/bucket.rb b/test/network/handler/bucket.rb index eb488dd33..65badc9eb 100755 --- a/test/network/handler/bucket.rb +++ b/test/network/handler/bucket.rb @@ -5,6 +5,7 @@ $:.unshift("../../lib") if __FILE__ =~ /\.rb$/ require 'puppettest' require 'puppet/network/handler/filebucket' require 'base64' +require 'mocha' class TestBucket < Test::Unit::TestCase include PuppetTest::ServerTest @@ -204,6 +205,8 @@ class TestBucket < Test::Unit::TestCase # test that things work over the wire def test_webxmlmix + Puppet::Util::SUIDManager.stubs(:asuser).yields + files = filelist() tmpdir = File.join(tmpdir(),"tmpfiledir") diff --git a/test/network/handler/ca.rb b/test/network/handler/ca.rb index 3c89f597b..f503d7c7a 100755 --- a/test/network/handler/ca.rb +++ b/test/network/handler/ca.rb @@ -4,6 +4,7 @@ $:.unshift("../../lib") if __FILE__ =~ /\.rb$/ require 'puppettest' require 'puppet/network/handler/ca' +require 'mocha' if ARGV.length > 0 and ARGV[0] == "short" $short = true @@ -13,6 +14,12 @@ end class TestCA < Test::Unit::TestCase include PuppetTest::ServerTest + + def setup + Puppet::Util::SUIDManager.stubs(:asuser).yields + super + end + # Verify that we're autosigning. We have to autosign a "different" machine, # since we always autosign the CA server's certificate. def test_autocertgeneration diff --git a/test/network/server/webrick.rb b/test/network/server/webrick.rb index 3404a5089..69f23f3c2 100755 --- a/test/network/server/webrick.rb +++ b/test/network/server/webrick.rb @@ -4,10 +4,16 @@ $:.unshift("../../lib") if __FILE__ =~ /\.rb$/ require 'puppettest' require 'puppet/network/server/webrick' +require 'mocha' class TestWebrickServer < Test::Unit::TestCase include PuppetTest::ServerTest + def setup + Puppet::Util::SUIDManager.stubs(:asuser).yields + super + end + # Make sure we can create a server, and that it knows how to create its # certs by default. def test_basics diff --git a/test/network/xmlrpc/client.rb b/test/network/xmlrpc/client.rb index 2dec2c030..f3c6d2388 100755 --- a/test/network/xmlrpc/client.rb +++ b/test/network/xmlrpc/client.rb @@ -8,6 +8,12 @@ require 'mocha' class TestXMLRPCClient < Test::Unit::TestCase include PuppetTest + + def setup + Puppet::Util::SUIDManager.stubs(:asuser).yields + super + end + def test_set_backtrace error = Puppet::Network::XMLRPCClientError.new("An error") assert_nothing_raised do diff --git a/test/network/xmlrpc/processor.rb b/test/network/xmlrpc/processor.rb index 02f0fbd2c..97cc2a774 100755 --- a/test/network/xmlrpc/processor.rb +++ b/test/network/xmlrpc/processor.rb @@ -26,6 +26,7 @@ class TestXMLRPCProcessor < Test::Unit::TestCase def setup super + Puppet::Util::SUIDManager.stubs(:asuser).yields @processor = Processor.new end diff --git a/test/puppet/tc_suidmanager.rb b/test/puppet/tc_suidmanager.rb index 2a9eabe30..6db59d165 100755 --- a/test/puppet/tc_suidmanager.rb +++ b/test/puppet/tc_suidmanager.rb @@ -5,17 +5,13 @@ $:.unshift("../lib").unshift("../../lib") if __FILE__ =~ /\.rb$/ require 'puppet' require 'puppettest' require 'test/unit' +require 'mocha' class TestSUIDManager < Test::Unit::TestCase include PuppetTest def setup - if Process.uid != 0 - warn "Process tests must be run as root" - @run = false - else - @run = true - end + @user = nonrootuser super end @@ -24,6 +20,8 @@ class TestSUIDManager < Test::Unit::TestCase # SUIDManager for the UID/GID calls was causing problems due to the # modification of a closure. Should the bug rear itself again, this # test will fail. + Process.expects(:uid).times(2) + assert_nothing_raised do Puppet::Util::SUIDManager.uid Puppet::Util::SUIDManager.uid @@ -31,77 +29,68 @@ class TestSUIDManager < Test::Unit::TestCase end def test_id_set - if @run - user = nonrootuser - assert_nothing_raised do - Puppet::Util::SUIDManager.egid = user.gid - Puppet::Util::SUIDManager.euid = user.uid - end - - assert_equal(Puppet::Util::SUIDManager.euid, Process.euid) - assert_equal(Puppet::Util::SUIDManager.egid, Process.egid) - - assert_nothing_raised do - Puppet::Util::SUIDManager.euid = 0 - Puppet::Util::SUIDManager.egid = 0 - end + Process.expects(:euid=).with(@user.uid) + Process.expects(:egid=).with(@user.gid) + + assert_nothing_raised do + Puppet::Util::SUIDManager.egid = @user.gid + Puppet::Util::SUIDManager.euid = @user.uid end end def test_utiluid - user = nonrootuser.name - if @run - assert_not_equal(nil, Puppet::Util.uid(user)) - end + assert_not_equal(nil, Puppet::Util.uid(@user.name)) end def test_asuser - if @run - user = nonrootuser - uid, gid = [nil, nil] - - assert_nothing_raised do - Puppet::Util::SUIDManager.asuser(user.uid, user.gid) do - uid = Process.euid - gid = Process.egid - end - end - assert_equal(user.uid, uid) - assert_equal(user.gid, gid) - end + expects_id_set_and_revert @user.uid, @user.gid + Puppet::Util::SUIDManager.asuser @user.uid, @user.gid do end end + def test_system - # NOTE: not sure what shells this will work on.. - if @run - user = nonrootuser - status = Puppet::Util::SUIDManager.system("exit $EUID", user.uid, user.gid) - assert_equal(user.uid, status.exitstatus, "EUID does not seem to be inherited. This test consistently fails on RedHat-like machines.") - end + expects_id_set_and_revert @user.uid, @user.gid + Kernel.expects(:system).with('blah') + Puppet::Util::SUIDManager.system('blah', @user.uid, @user.gid) end def test_run_and_capture if (RUBY_VERSION <=> "1.8.4") < 0 warn "Cannot run this test on ruby < 1.8.4" else - # NOTE: because of the way that run_and_capture currently - # works, we cannot just blindly echo to stderr. This little - # hack gets around our problem, but the real problem is the - # way that run_and_capture works. - user = nil - uid = nil - if Puppet::Util::SUIDManager.uid == 0 - userobj = nonrootuser() - user = userobj.name - uid = userobj.uid - else - uid = Process.uid - end - cmd = [%{/bin/echo $EUID}] - output = Puppet::Util::SUIDManager.run_and_capture(cmd, uid)[0].chomp - assert_equal(uid.to_s, output) + Puppet::Util.expects(:execute).with( 'yay', + { :failonfail => false, + :uid => @user.uid, + :gid => @user.gid } + ).returns('output') + + + output = Puppet::Util::SUIDManager.run_and_capture 'yay', + @user.uid, + @user.gid + + assert_equal 'output', output.first + assert_kind_of Process::Status, output.last end end + + private + def expects_id_set_and_revert uid, gid + Process.expects(:uid).returns(99999) + Process.expects(:gid).returns(99998) + Process.expects(:euid).returns(99997) + Process.expects(:egid).returns(99996) + + Process.expects(:uid=).with(uid) + Process.expects(:gid=).with(gid) + Process.expects(:euid=).with(uid) + Process.expects(:egid=).with(gid) + + Process.expects(:uid=).with(99999) + Process.expects(:gid=).with(99998) + Process.expects(:euid=).with(99997) + Process.expects(:egid=).with(99996) + end end # $Id$ diff --git a/test/ral/types/filesources.rb b/test/ral/types/filesources.rb index 7c8e65d82..b257fd935 100755 --- a/test/ral/types/filesources.rb +++ b/test/ral/types/filesources.rb @@ -5,6 +5,7 @@ $:.unshift("../../lib") if __FILE__ =~ /\.rb$/ require 'puppettest' require 'cgi' require 'fileutils' +require 'mocha' class TestFileSources < Test::Unit::TestCase include PuppetTest::FileTesting @@ -17,6 +18,7 @@ class TestFileSources < Test::Unit::TestCase end @file = Puppet::Type.type(:file) Puppet[:filetimeout] = -1 + Puppet::Util::SUIDManager.stubs(:asuser).yields end def use_storage diff --git a/test/util/utiltest.rb b/test/util/utiltest.rb index 419d9820e..405ddbb48 100755 --- a/test/util/utiltest.rb +++ b/test/util/utiltest.rb @@ -84,115 +84,6 @@ class TestPuppetUtil < Test::Unit::TestCase end end - unless Puppet::Util::SUIDManager.uid == 0 - $stderr.puts "Run as root to perform Utility tests" - def test_nothing - end - else - - def mknverify(file, user, group = nil, id = false) - if File.exists?(file) - File.unlink(file) - end - args = [] - unless user or group - args << nil - end - if user - if id - args << user.uid - else - args << user.name - end - end - - if group - if id - args << group.gid - else - args << group.name - end - end - - gid = nil - if group - gid = group.gid - else - gid = Puppet::Util::SUIDManager.gid - end - - uid = nil - if user - uid = user.uid - else - uid = Puppet::Util::SUIDManager.uid - end - - assert_nothing_raised { - Puppet::Util::SUIDManager.asuser(*args) { - assert_equal(Puppet::Util::SUIDManager.euid, uid, "UID is %s instead of %s" % - [Puppet::Util::SUIDManager.euid, uid] - ) - assert_equal(Puppet::Util::SUIDManager.egid, gid, "GID is %s instead of %s" % - [Puppet::Util::SUIDManager.egid, gid] - ) - system("touch %s" % file) - } - } - if uid == 0 - #Puppet.warning "Not testing user" - else - #Puppet.warning "Testing user %s" % uid - assert(File.exists?(file), "File does not exist") - assert_equal(File.stat(file).uid, uid, - "File is owned by %s instead of %s" % - [File.stat(file).uid, uid] - ) - #system("ls -l %s" % file) - end - # I'm skipping these, because it seems so system dependent. - #if gid == 0 - # #Puppet.warning "Not testing group" - #else - # Puppet.warning "Testing group %s" % gid.inspect - # system("ls -l %s" % file) - # assert_equal(gid, File.stat(file).gid, - # "File group is %s instead of %s" % - # [File.stat(file).gid, gid] - # ) - #end - assert_nothing_raised { - File.unlink(file) - } - end - - def test_asuser - file = File.join(tmpdir, "asusertest") - @@tmpfiles << file - [ - [nil], # Nothing - [nonrootuser()], # just user, by name - [nonrootuser(), nil, true], # user, by uid - [nonrootuser(), nonrootgroup()], # user and group, by name - [nonrootuser(), nonrootgroup(), true], # user and group, by id - ].each { |ary| - mknverify(file, *ary) - } - end - - # Verify that we get reset back to the right user - def test_asuser_recovery - begin - Puppet::Util.asuser(nonrootuser()) { - raise "an error" - } - rescue - end - - assert(Puppet::Util::SUIDManager.euid == 0, "UID did not get reset") - end - end - def test_proxy klass = Class.new do attr_accessor :hash |