diff options
author | Jakob Unterwurzacher | 2019-05-01 13:11:42 +0200 |
---|---|---|
committer | Jakob Unterwurzacher | 2019-05-01 13:12:44 +0200 |
commit | 96935e16b9167dc3c472505872b3fc5235203a05 (patch) | |
tree | 36873e28d72c1b5f85efbcdee6d643367f0f3630 /tests | |
parent | 3ac98722306c316223169fa4a0f9a2769bcceb65 (diff) |
tests: add root_tests (tests that must run as root)
First test is a reproducer for
https://github.com/rfjakob/gocryptfs/issues/394 "Group permissions: No write access"
Diffstat (limited to 'tests')
-rw-r--r-- | tests/root_test/root_test.go | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/tests/root_test/root_test.go b/tests/root_test/root_test.go new file mode 100644 index 0000000..3607f77 --- /dev/null +++ b/tests/root_test/root_test.go @@ -0,0 +1,60 @@ +package root_test + +import ( + "os" + "runtime" + "syscall" + "testing" + + "github.com/rfjakob/gocryptfs/tests/test_helpers" +) + +func asUser(uid int, gid int, supplementaryGroups []int, f func() error) error { + runtime.LockOSThread() + defer runtime.UnlockOSThread() + + err := syscall.Setgroups(supplementaryGroups) + if err != nil { + return err + } + defer syscall.Setgroups(nil) + + err = syscall.Setregid(-1, gid) + if err != nil { + return err + } + defer syscall.Setregid(-1, 0) + + err = syscall.Setreuid(-1, uid) + if err != nil { + return err + } + defer syscall.Setreuid(-1, 0) + + return f() +} + +func TestSupplementaryGroups(t *testing.T) { + if os.Getuid() != 0 { + t.Skip("must run as root") + } + cDir := test_helpers.InitFS(t) + pDir := cDir + ".mnt" + test_helpers.MountOrFatal(t, cDir, pDir, "-allow_other", "-extpass=echo test") + defer test_helpers.UnmountPanic(pDir) + + dir1 := pDir + "/dir1" + err := os.Mkdir(dir1, 0770) + if err != nil { + t.Fatal(err) + } + err = os.Chown(dir1, 0, 1234) + if err != nil { + t.Fatal(err) + } + + err = asUser(1235, 1235, []int{1234}, func() error { return os.Mkdir(dir1+"/foo", 0700) }) + if err != nil { + t.Error(err) + } +} |