[CRIU] [PATCH 3/3] zdtm: execite test cases from a test user

Andrew Vagin avagin at gmail.com
Wed Apr 24 08:42:27 EDT 2013 

On Wed, Apr 24, 2013 at 01:35:45PM +0400, Pavel Emelyanov wrote:
> On 04/24/2013 10:46 AM, Andrey Vagin wrote:
> > From: Andrew Vagin <avagin at openvz.org>
> 
> How to do it?

All tests are executed from a test user except the TEST_SUID_LIST

> 
> > 
> > Signed-off-by: Andrey Vagin <avagin at openvz.org>
> > ---
> >  test/zdtm.sh                           | 24 ++++++++++++++++++++++++
> >  test/zdtm/lib/ns.c                     |  2 ++
> >  test/zdtm/lib/test.c                   | 12 ++++++++++++
> >  test/zdtm/live/static/Makefile         |  2 +-
> >  test/zdtm/live/static/file_fown.c      |  2 +-
> >  test/zdtm/live/static/unlink_fstat00.c | 15 +++++++++++----
> >  6 files changed, 51 insertions(+), 6 deletions(-)
> > 
> > diff --git a/test/zdtm.sh b/test/zdtm.sh
> > index f7d908c..4b11a96 100755
> > --- a/test/zdtm.sh
> > +++ b/test/zdtm.sh
> > @@ -131,6 +131,21 @@ static/sigpending
> >  static/sk-netlink
> >  "
> >  
> > +TEST_SUID_LIST="
> > +pid00
> > +caps00
> > +maps01
> > +groups
> > +sched_prio00
> > +sched_policy00
> > +sock_opts00
> > +sock_opts01
> > +cmdlinenv00
> > +packet_sock
> > +fanotify00
> > +sk-netlink
> > +"
> > +
> >  CRTOOLS=$(readlink -f `dirname $0`/../crtools)
> >  CRTOOLS_CPT=$CRTOOLS
> >  TMP_TREE=""
> > @@ -216,6 +231,15 @@ start_test()
> >  	killall -9 $tname > /dev/null 2>&1
> >  	make -C $tdir $tname.cleanout
> >  
> > +	unset ZDTM_UID
> > +	unset ZDTM_GID
> > +
> > +	echo $TEST_SUID_LIST | grep $tname || {
> > +		export ZDTM_UID=18943
> > +		export ZDTM_GID=58467
> > +		chown $ZDTM_UID:$ZDTM_GID $tdir
> > +	}
> > +
> >  	if [ -z "$PIDNS" ]; then
> >  		make -C $tdir $tname.pid
> >  		PID=`cat $test.pid` || return 1
> > diff --git a/test/zdtm/lib/ns.c b/test/zdtm/lib/ns.c
> > index dd3c6fd..70efa8b 100644
> > --- a/test/zdtm/lib/ns.c
> > +++ b/test/zdtm/lib/ns.c
> > @@ -72,6 +72,7 @@ static int prepare_mntns()
> >  			fprintf(stderr, "mknod(/dev/ptmx) failed: %m\n");
> >  			return -1;
> >  		}
> > +		chmod("/dev/ptmx", 0666);
> >  		if (mkdir("/dev/pts", 0755) && errno != EEXIST) {
> >  			fprintf(stderr, "mkdir(/dev/pts) failed: %m\n");
> >  			return -1;
> > @@ -88,6 +89,7 @@ static int prepare_mntns()
> >  
> >  	mkdir("/dev", 0777);
> >  	mknod("/dev/null", 0777 | S_IFCHR, makedev(1, 3));
> > +	chmod("/dev/null", 0777);
> >  	return 0;
> >  }
> >  
> > diff --git a/test/zdtm/lib/test.c b/test/zdtm/lib/test.c
> > index f0d6483..209d107 100644
> > --- a/test/zdtm/lib/test.c
> > +++ b/test/zdtm/lib/test.c
> > @@ -126,6 +126,18 @@ void test_init(int argc, char **argv)
> >  		exit(1);
> >  	}
> >  
> > +	val = getenv("ZDTM_GID");
> > +	if (val && (setgid(atoi(val)) == -1)) {
> > +		fprintf(stderr, "Can't set gid: %m");
> > +		exit(1);
> > +	}
> > +
> > +	val = getenv("ZDTM_UID");
> > +	if (val && (setuid(atoi(val)) == -1)) {
> > +		fprintf(stderr, "Can't set gid: %m");
> > +		exit(1);
> > +	}
> > +
> >  	if (sigaction(SIGTERM, &sa, NULL)) {
> >  		fprintf(stderr, "Can't set SIGTERM handler: %m\n");
> >  		exit(1);
> > diff --git a/test/zdtm/live/static/Makefile b/test/zdtm/live/static/Makefile
> > index 9a0509d..0750b6a 100644
> > --- a/test/zdtm/live/static/Makefile
> > +++ b/test/zdtm/live/static/Makefile
> > @@ -248,7 +248,7 @@ cleanout:
> >  	$(RM) -f -r *.pid *.out* *.test* *.state
> >  
> >  %.cleanout: %
> > -	$(RM) -f -r $<.pid $<.out* $<.test* $<.*.test $<.state
> > +	$(RM) -f -r $<.pid $<.out* *$<.test* $<.*.test $<.state
> >  
> >  realclean:	cleandep cleanout
> >  
> > diff --git a/test/zdtm/live/static/file_fown.c b/test/zdtm/live/static/file_fown.c
> > index 0dfe47c..d6fd316 100644
> > --- a/test/zdtm/live/static/file_fown.c
> > +++ b/test/zdtm/live/static/file_fown.c
> > @@ -108,7 +108,7 @@ int main(int argc, char *argv[])
> >  		exit(1);
> >  	}
> >  
> > -	if (setresuid(-1, 1, -1)) {
> > +	if (!getuid() && setresuid(-1, 1, -1)) {
> >  		fail("setresuid failed\n");
> >  		exit(1);
> >  	}
> > diff --git a/test/zdtm/live/static/unlink_fstat00.c b/test/zdtm/live/static/unlink_fstat00.c
> > index 3f3d70e..fe75dbe 100644
> > --- a/test/zdtm/live/static/unlink_fstat00.c
> > +++ b/test/zdtm/live/static/unlink_fstat00.c
> > @@ -58,14 +58,21 @@ int main(int argc, char ** argv)
> >  		mode = (fst.st_mode | S_IXOTH);
> >  	else
> >  		mode = (fst.st_mode ^ S_IXOTH);
> > +
> >  	if (fchmod(fd, mode) < 0) {
> >  		err("can't chmod %s: %m\n", filename);
> >  		goto failed;
> >  	}
> > -	/* Change uid, gid */
> > -	if (fchown(fd, (uid = fst.st_uid + 1), (gid = fst.st_gid + 1)) < 0) {
> > -		err("can't chown %s: %m\n", filename);
> > -		goto failed;
> > +
> > +	if (getuid()) {
> > +		uid = getuid();
> > +		gid = getgid();
> > +	} else {
> > +		/* Change uid, gid */
> > +		if (fchown(fd, (uid = fst.st_uid + 1), (gid = fst.st_gid + 1)) < 0) {
> > +			err("can't chown %s: %m\n", filename);
> > +			goto failed;
> > +		}
> >  	}
> >  
> >  	if (lseek(fd, 0, SEEK_SET) != 0) {
> > 
> 
>

More information about the CRIU mailing list