[CRIU] [PATCH 3/3] zdtm: execite test cases from a test user

Pavel Emelyanov xemul at parallels.com
Wed Apr 24 05:35:45 EDT 2013 

On 04/24/2013 10:46 AM, Andrey Vagin wrote:
> From: Andrew Vagin <avagin at openvz.org>

How to do it?

> 
> Signed-off-by: Andrey Vagin <avagin at openvz.org>
> ---
>  test/zdtm.sh                           | 24 ++++++++++++++++++++++++
>  test/zdtm/lib/ns.c                     |  2 ++
>  test/zdtm/lib/test.c                   | 12 ++++++++++++
>  test/zdtm/live/static/Makefile         |  2 +-
>  test/zdtm/live/static/file_fown.c      |  2 +-
>  test/zdtm/live/static/unlink_fstat00.c | 15 +++++++++++----
>  6 files changed, 51 insertions(+), 6 deletions(-)
> 
> diff --git a/test/zdtm.sh b/test/zdtm.sh
> index f7d908c..4b11a96 100755
> --- a/test/zdtm.sh
> +++ b/test/zdtm.sh
> @@ -131,6 +131,21 @@ static/sigpending
>  static/sk-netlink
>  "
>  
> +TEST_SUID_LIST="
> +pid00
> +caps00
> +maps01
> +groups
> +sched_prio00
> +sched_policy00
> +sock_opts00
> +sock_opts01
> +cmdlinenv00
> +packet_sock
> +fanotify00
> +sk-netlink
> +"
> +
>  CRTOOLS=$(readlink -f `dirname $0`/../crtools)
>  CRTOOLS_CPT=$CRTOOLS
>  TMP_TREE=""
> @@ -216,6 +231,15 @@ start_test()
>  	killall -9 $tname > /dev/null 2>&1
>  	make -C $tdir $tname.cleanout
>  
> +	unset ZDTM_UID
> +	unset ZDTM_GID
> +
> +	echo $TEST_SUID_LIST | grep $tname || {
> +		export ZDTM_UID=18943
> +		export ZDTM_GID=58467
> +		chown $ZDTM_UID:$ZDTM_GID $tdir
> +	}
> +
>  	if [ -z "$PIDNS" ]; then
>  		make -C $tdir $tname.pid
>  		PID=`cat $test.pid` || return 1
> diff --git a/test/zdtm/lib/ns.c b/test/zdtm/lib/ns.c
> index dd3c6fd..70efa8b 100644
> --- a/test/zdtm/lib/ns.c
> +++ b/test/zdtm/lib/ns.c
> @@ -72,6 +72,7 @@ static int prepare_mntns()
>  			fprintf(stderr, "mknod(/dev/ptmx) failed: %m\n");
>  			return -1;
>  		}
> +		chmod("/dev/ptmx", 0666);
>  		if (mkdir("/dev/pts", 0755) && errno != EEXIST) {
>  			fprintf(stderr, "mkdir(/dev/pts) failed: %m\n");
>  			return -1;
> @@ -88,6 +89,7 @@ static int prepare_mntns()
>  
>  	mkdir("/dev", 0777);
>  	mknod("/dev/null", 0777 | S_IFCHR, makedev(1, 3));
> +	chmod("/dev/null", 0777);
>  	return 0;
>  }
>  
> diff --git a/test/zdtm/lib/test.c b/test/zdtm/lib/test.c
> index f0d6483..209d107 100644
> --- a/test/zdtm/lib/test.c
> +++ b/test/zdtm/lib/test.c
> @@ -126,6 +126,18 @@ void test_init(int argc, char **argv)
>  		exit(1);
>  	}
>  
> +	val = getenv("ZDTM_GID");
> +	if (val && (setgid(atoi(val)) == -1)) {
> +		fprintf(stderr, "Can't set gid: %m");
> +		exit(1);
> +	}
> +
> +	val = getenv("ZDTM_UID");
> +	if (val && (setuid(atoi(val)) == -1)) {
> +		fprintf(stderr, "Can't set gid: %m");
> +		exit(1);
> +	}
> +
>  	if (sigaction(SIGTERM, &sa, NULL)) {
>  		fprintf(stderr, "Can't set SIGTERM handler: %m\n");
>  		exit(1);
> diff --git a/test/zdtm/live/static/Makefile b/test/zdtm/live/static/Makefile
> index 9a0509d..0750b6a 100644
> --- a/test/zdtm/live/static/Makefile
> +++ b/test/zdtm/live/static/Makefile
> @@ -248,7 +248,7 @@ cleanout:
>  	$(RM) -f -r *.pid *.out* *.test* *.state
>  
>  %.cleanout: %
> -	$(RM) -f -r $<.pid $<.out* $<.test* $<.*.test $<.state
> +	$(RM) -f -r $<.pid $<.out* *$<.test* $<.*.test $<.state
>  
>  realclean:	cleandep cleanout
>  
> diff --git a/test/zdtm/live/static/file_fown.c b/test/zdtm/live/static/file_fown.c
> index 0dfe47c..d6fd316 100644
> --- a/test/zdtm/live/static/file_fown.c
> +++ b/test/zdtm/live/static/file_fown.c
> @@ -108,7 +108,7 @@ int main(int argc, char *argv[])
>  		exit(1);
>  	}
>  
> -	if (setresuid(-1, 1, -1)) {
> +	if (!getuid() && setresuid(-1, 1, -1)) {
>  		fail("setresuid failed\n");
>  		exit(1);
>  	}
> diff --git a/test/zdtm/live/static/unlink_fstat00.c b/test/zdtm/live/static/unlink_fstat00.c
> index 3f3d70e..fe75dbe 100644
> --- a/test/zdtm/live/static/unlink_fstat00.c
> +++ b/test/zdtm/live/static/unlink_fstat00.c
> @@ -58,14 +58,21 @@ int main(int argc, char ** argv)
>  		mode = (fst.st_mode | S_IXOTH);
>  	else
>  		mode = (fst.st_mode ^ S_IXOTH);
> +
>  	if (fchmod(fd, mode) < 0) {
>  		err("can't chmod %s: %m\n", filename);
>  		goto failed;
>  	}
> -	/* Change uid, gid */
> -	if (fchown(fd, (uid = fst.st_uid + 1), (gid = fst.st_gid + 1)) < 0) {
> -		err("can't chown %s: %m\n", filename);
> -		goto failed;
> +
> +	if (getuid()) {
> +		uid = getuid();
> +		gid = getgid();
> +	} else {
> +		/* Change uid, gid */
> +		if (fchown(fd, (uid = fst.st_uid + 1), (gid = fst.st_gid + 1)) < 0) {
> +			err("can't chown %s: %m\n", filename);
> +			goto failed;
> +		}
>  	}
>  
>  	if (lseek(fd, 0, SEEK_SET) != 0) {
>

More information about the CRIU mailing list