internal: wrap calls to os standard library functions
All checks were successful
test / test (push) Successful in 19s
All checks were successful
test / test (push) Successful in 19s
This change helps tests stub out and simulate OS behaviour during the sealing process. This also removes dependency on XDG_RUNTIME_DIR as the internal.System implementation provided to App provides a compat directory inside the tmpdir-based share when XDG_RUNTIME_DIR is unavailable. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
This commit is contained in:
11
main.go
11
main.go
@@ -2,7 +2,6 @@ package main
|
||||
|
||||
import (
|
||||
"flag"
|
||||
"os"
|
||||
"syscall"
|
||||
|
||||
"git.ophivana.moe/security/fortify/internal"
|
||||
@@ -20,6 +19,8 @@ func init() {
|
||||
flag.BoolVar(&flagVerbose, "v", false, "Verbose output")
|
||||
}
|
||||
|
||||
var os = new(internal.Std)
|
||||
|
||||
func main() {
|
||||
// linux/sched/coredump.h
|
||||
if _, _, errno := syscall.RawSyscall(syscall.SYS_PRCTL, syscall.PR_SET_DUMPABLE, 0, 0); errno != 0 {
|
||||
@@ -38,9 +39,9 @@ func main() {
|
||||
shim.Try()
|
||||
|
||||
// root check
|
||||
if os.Getuid() == 0 {
|
||||
fmsg.Println("this program must not run as root")
|
||||
os.Exit(1)
|
||||
if os.Geteuid() == 0 {
|
||||
fmsg.Fatal("this program must not run as root")
|
||||
panic("unreachable")
|
||||
}
|
||||
|
||||
// version/license/template command early exit
|
||||
@@ -53,7 +54,7 @@ func main() {
|
||||
|
||||
// invoke app
|
||||
r := 1
|
||||
a, err := app.New()
|
||||
a, err := app.New(os)
|
||||
if err != nil {
|
||||
fmsg.Fatalf("cannot create app: %s\n", err)
|
||||
} else if err = a.Seal(loadConfig()); err != nil {
|
||||
|
||||
Reference in New Issue
Block a user