From 96935e16b9167dc3c472505872b3fc5235203a05 Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Wed, 1 May 2019 13:11:42 +0200 Subject: tests: add root_tests (tests that must run as root) First test is a reproducer for https://github.com/rfjakob/gocryptfs/issues/394 "Group permissions: No write access" --- tests/root_test/root_test.go | 60 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 tests/root_test/root_test.go (limited to 'tests') diff --git a/tests/root_test/root_test.go b/tests/root_test/root_test.go new file mode 100644 index 0000000..3607f77 --- /dev/null +++ b/tests/root_test/root_test.go @@ -0,0 +1,60 @@ +package root_test + +import ( + "os" + "runtime" + "syscall" + "testing" + + "github.com/rfjakob/gocryptfs/tests/test_helpers" +) + +func asUser(uid int, gid int, supplementaryGroups []int, f func() error) error { + runtime.LockOSThread() + defer runtime.UnlockOSThread() + + err := syscall.Setgroups(supplementaryGroups) + if err != nil { + return err + } + defer syscall.Setgroups(nil) + + err = syscall.Setregid(-1, gid) + if err != nil { + return err + } + defer syscall.Setregid(-1, 0) + + err = syscall.Setreuid(-1, uid) + if err != nil { + return err + } + defer syscall.Setreuid(-1, 0) + + return f() +} + +func TestSupplementaryGroups(t *testing.T) { + if os.Getuid() != 0 { + t.Skip("must run as root") + } + cDir := test_helpers.InitFS(t) + pDir := cDir + ".mnt" + test_helpers.MountOrFatal(t, cDir, pDir, "-allow_other", "-extpass=echo test") + defer test_helpers.UnmountPanic(pDir) + + dir1 := pDir + "/dir1" + err := os.Mkdir(dir1, 0770) + if err != nil { + t.Fatal(err) + } + err = os.Chown(dir1, 0, 1234) + if err != nil { + t.Fatal(err) + } + + err = asUser(1235, 1235, []int{1234}, func() error { return os.Mkdir(dir1+"/foo", 0700) }) + if err != nil { + t.Error(err) + } +} -- cgit v1.2.3