summaryrefslogtreecommitdiff
path: root/tests/root_test
diff options
context:
space:
mode:
authorJakob Unterwurzacher2019-05-01 13:11:42 +0200
committerJakob Unterwurzacher2019-05-01 13:12:44 +0200
commit96935e16b9167dc3c472505872b3fc5235203a05 (patch)
tree36873e28d72c1b5f85efbcdee6d643367f0f3630 /tests/root_test
parent3ac98722306c316223169fa4a0f9a2769bcceb65 (diff)
tests: add root_tests (tests that must run as root)
First test is a reproducer for https://github.com/rfjakob/gocryptfs/issues/394 "Group permissions: No write access"
Diffstat (limited to 'tests/root_test')
-rw-r--r--tests/root_test/root_test.go60
1 files changed, 60 insertions, 0 deletions
diff --git a/tests/root_test/root_test.go b/tests/root_test/root_test.go
new file mode 100644
index 0000000..3607f77
--- /dev/null
+++ b/tests/root_test/root_test.go
@@ -0,0 +1,60 @@
+package root_test
+
+import (
+ "os"
+ "runtime"
+ "syscall"
+ "testing"
+
+ "github.com/rfjakob/gocryptfs/tests/test_helpers"
+)
+
+func asUser(uid int, gid int, supplementaryGroups []int, f func() error) error {
+ runtime.LockOSThread()
+ defer runtime.UnlockOSThread()
+
+ err := syscall.Setgroups(supplementaryGroups)
+ if err != nil {
+ return err
+ }
+ defer syscall.Setgroups(nil)
+
+ err = syscall.Setregid(-1, gid)
+ if err != nil {
+ return err
+ }
+ defer syscall.Setregid(-1, 0)
+
+ err = syscall.Setreuid(-1, uid)
+ if err != nil {
+ return err
+ }
+ defer syscall.Setreuid(-1, 0)
+
+ return f()
+}
+
+func TestSupplementaryGroups(t *testing.T) {
+ if os.Getuid() != 0 {
+ t.Skip("must run as root")
+ }
+ cDir := test_helpers.InitFS(t)
+ pDir := cDir + ".mnt"
+ test_helpers.MountOrFatal(t, cDir, pDir, "-allow_other", "-extpass=echo test")
+ defer test_helpers.UnmountPanic(pDir)
+
+ dir1 := pDir + "/dir1"
+ err := os.Mkdir(dir1, 0770)
+ if err != nil {
+ t.Fatal(err)
+ }
+ err = os.Chown(dir1, 0, 1234)
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ err = asUser(1235, 1235, []int{1234}, func() error { return os.Mkdir(dir1+"/foo", 0700) })
+ if err != nil {
+ t.Error(err)
+ }
+}