cmd/sharefs/test: check option handling
All checks were successful
Test / Sandbox (push) Successful in 46s
Test / Create distribution (push) Successful in 42s
Test / Sandbox (race detector) (push) Successful in 46s
Test / Hpkg (push) Successful in 50s
Test / Hakurei (push) Successful in 55s
Test / Hakurei (race detector) (push) Successful in 56s
Test / ShareFS (push) Successful in 2m27s
Test / Flake checks (push) Successful in 1m43s
All checks were successful
Test / Sandbox (push) Successful in 46s
Test / Create distribution (push) Successful in 42s
Test / Sandbox (race detector) (push) Successful in 46s
Test / Hpkg (push) Successful in 50s
Test / Hakurei (push) Successful in 55s
Test / Hakurei (race detector) (push) Successful in 56s
Test / ShareFS (push) Successful in 2m27s
Test / Flake checks (push) Successful in 1m43s
This verifies behaviour related to setuid/setgid when starting as root. Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
@@ -1,4 +1,4 @@
|
||||
{ pkgs, ... }:
|
||||
{ pkgs, config, ... }:
|
||||
{
|
||||
users.users = {
|
||||
alice = {
|
||||
@@ -14,8 +14,13 @@
|
||||
# Automatically login on tty1 as a normal user:
|
||||
services.getty.autologinUser = "alice";
|
||||
|
||||
environment = {
|
||||
# For benchmarking sharefs:
|
||||
environment.systemPackages = [ pkgs.fsmark ];
|
||||
systemPackages = [ pkgs.fsmark ];
|
||||
|
||||
# For sharefs option checks without adding to PATH:
|
||||
etc.sharefs.source = "${config.environment.hakurei.package}/libexec/sharefs";
|
||||
};
|
||||
|
||||
virtualisation = {
|
||||
diskSize = 6 * 1024;
|
||||
|
||||
@@ -1,6 +1,31 @@
|
||||
start_all()
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
|
||||
def check_bad_opts_output(opts, want, privileged=False):
|
||||
output = machine.fail(("" if privileged else "sudo -u alice -i ") + f"/etc/sharefs -f -o source=/proc/nonexistent,{opts} /mnt 2>&1")
|
||||
if output != want:
|
||||
raise Exception(f"unexpected output: {output}")
|
||||
|
||||
# Malformed setuid/setgid representation:
|
||||
check_bad_opts_output("setuid=ff", "sharefs: invalid value for option setuid\n")
|
||||
check_bad_opts_output("setgid=ff", "sharefs: invalid value for option setgid\n")
|
||||
|
||||
# Bounds check for setuid/setgid:
|
||||
check_bad_opts_output("setuid=0", "sharefs: invalid value for option setuid\n")
|
||||
check_bad_opts_output("setgid=0", "sharefs: invalid value for option setgid\n")
|
||||
check_bad_opts_output("setuid=-1", "sharefs: invalid value for option setuid\n")
|
||||
check_bad_opts_output("setgid=-1", "sharefs: invalid value for option setgid\n")
|
||||
|
||||
# Non-root setuid/setgid:
|
||||
check_bad_opts_output("setuid=1023", "sharefs: setuid and setgid has no effect when not starting as root\n")
|
||||
check_bad_opts_output("setgid=1023", "sharefs: setuid and setgid has no effect when not starting as root\n")
|
||||
check_bad_opts_output("setuid=1023,setgid=1023", "sharefs: setuid and setgid has no effect when not starting as root\n")
|
||||
|
||||
# Starting as root without setuid/setgid:
|
||||
check_bad_opts_output("allow_other", "sharefs: setuid and setgid must not be 0\n", privileged=True)
|
||||
check_bad_opts_output("setuid=1023", "sharefs: setuid and setgid must not be 0\n", privileged=True)
|
||||
check_bad_opts_output("setgid=1023", "sharefs: setuid and setgid must not be 0\n", privileged=True)
|
||||
|
||||
# Benchmark sharefs:
|
||||
machine.succeed("fs_mark -v -d /sdcard/fs_mark -l /tmp/fs_log.txt")
|
||||
machine.copy_from_vm("/tmp/fs_log.txt", "")
|
||||
@@ -11,4 +36,4 @@ machine.succeed("sudo -u alice rm -rf /sdcard/fs_mark")
|
||||
machine.fail("ls /var/lib/hakurei/sdcard/fs_mark")
|
||||
|
||||
# Run hakurei tests on sharefs:
|
||||
machine.succeed("sudo -u alice sharefs-workload-hakurei-tests")
|
||||
machine.succeed("sudo -u alice -i sharefs-workload-hakurei-tests")
|
||||
|
||||
Reference in New Issue
Block a user