1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
5 #include "alloc-util.h"
10 #include "id128-util.h"
13 #include "path-util.h"
15 #include "stdio-util.h"
16 #include "string-util.h"
19 #include "tmpfile-util.h"
20 #include "umask-util.h"
21 #include "user-util.h"
25 static const char *arg_test_dir
= NULL
;
27 static void test_chase_symlinks(void) {
28 _cleanup_free_
char *result
= NULL
;
30 const char *top
, *p
, *pslash
, *q
, *qslash
;
34 log_info("/* %s */", __func__
);
36 temp
= strjoina(arg_test_dir
?: "/tmp", "/test-chase.XXXXXX");
37 assert_se(mkdtemp(temp
));
39 top
= strjoina(temp
, "/top");
40 assert_se(mkdir(top
, 0700) >= 0);
42 p
= strjoina(top
, "/dot");
43 if (symlink(".", p
) < 0) {
44 assert_se(IN_SET(errno
, EINVAL
, ENOSYS
, ENOTTY
, EPERM
));
45 log_tests_skipped_errno(errno
, "symlink() not possible");
49 p
= strjoina(top
, "/dotdot");
50 assert_se(symlink("..", p
) >= 0);
52 p
= strjoina(top
, "/dotdota");
53 assert_se(symlink("../a", p
) >= 0);
55 p
= strjoina(temp
, "/a");
56 assert_se(symlink("b", p
) >= 0);
58 p
= strjoina(temp
, "/b");
59 assert_se(symlink("/usr", p
) >= 0);
61 p
= strjoina(temp
, "/start");
62 assert_se(symlink("top/dot/dotdota", p
) >= 0);
64 /* Paths that use symlinks underneath the "root" */
66 r
= chase_symlinks(p
, NULL
, 0, &result
, NULL
);
68 assert_se(path_equal(result
, "/usr"));
69 result
= mfree(result
);
71 pslash
= strjoina(p
, "/");
72 r
= chase_symlinks(pslash
, NULL
, 0, &result
, NULL
);
74 assert_se(path_equal(result
, "/usr/"));
75 result
= mfree(result
);
77 r
= chase_symlinks(p
, temp
, 0, &result
, NULL
);
78 assert_se(r
== -ENOENT
);
80 r
= chase_symlinks(pslash
, temp
, 0, &result
, NULL
);
81 assert_se(r
== -ENOENT
);
83 q
= strjoina(temp
, "/usr");
85 r
= chase_symlinks(p
, temp
, CHASE_NONEXISTENT
, &result
, NULL
);
87 assert_se(path_equal(result
, q
));
88 result
= mfree(result
);
90 qslash
= strjoina(q
, "/");
92 r
= chase_symlinks(pslash
, temp
, CHASE_NONEXISTENT
, &result
, NULL
);
94 assert_se(path_equal(result
, qslash
));
95 result
= mfree(result
);
97 assert_se(mkdir(q
, 0700) >= 0);
99 r
= chase_symlinks(p
, temp
, 0, &result
, NULL
);
101 assert_se(path_equal(result
, q
));
102 result
= mfree(result
);
104 r
= chase_symlinks(pslash
, temp
, 0, &result
, NULL
);
106 assert_se(path_equal(result
, qslash
));
107 result
= mfree(result
);
109 p
= strjoina(temp
, "/slash");
110 assert_se(symlink("/", p
) >= 0);
112 r
= chase_symlinks(p
, NULL
, 0, &result
, NULL
);
114 assert_se(path_equal(result
, "/"));
115 result
= mfree(result
);
117 r
= chase_symlinks(p
, temp
, 0, &result
, NULL
);
119 assert_se(path_equal(result
, temp
));
120 result
= mfree(result
);
122 /* Paths that would "escape" outside of the "root" */
124 p
= strjoina(temp
, "/6dots");
125 assert_se(symlink("../../..", p
) >= 0);
127 r
= chase_symlinks(p
, temp
, 0, &result
, NULL
);
128 assert_se(r
> 0 && path_equal(result
, temp
));
129 result
= mfree(result
);
131 p
= strjoina(temp
, "/6dotsusr");
132 assert_se(symlink("../../../usr", p
) >= 0);
134 r
= chase_symlinks(p
, temp
, 0, &result
, NULL
);
135 assert_se(r
> 0 && path_equal(result
, q
));
136 result
= mfree(result
);
138 p
= strjoina(temp
, "/top/8dotsusr");
139 assert_se(symlink("../../../../usr", p
) >= 0);
141 r
= chase_symlinks(p
, temp
, 0, &result
, NULL
);
142 assert_se(r
> 0 && path_equal(result
, q
));
143 result
= mfree(result
);
145 /* Paths that contain repeated slashes */
147 p
= strjoina(temp
, "/slashslash");
148 assert_se(symlink("///usr///", p
) >= 0);
150 r
= chase_symlinks(p
, NULL
, 0, &result
, NULL
);
152 assert_se(path_equal(result
, "/usr"));
153 assert_se(streq(result
, "/usr")); /* we guarantee that we drop redundant slashes */
154 result
= mfree(result
);
156 r
= chase_symlinks(p
, temp
, 0, &result
, NULL
);
158 assert_se(path_equal(result
, q
));
159 result
= mfree(result
);
161 /* Paths underneath the "root" with different UIDs while using CHASE_SAFE */
163 if (geteuid() == 0) {
164 p
= strjoina(temp
, "/user");
165 assert_se(mkdir(p
, 0755) >= 0);
166 assert_se(chown(p
, UID_NOBODY
, GID_NOBODY
) >= 0);
168 q
= strjoina(temp
, "/user/root");
169 assert_se(mkdir(q
, 0755) >= 0);
171 p
= strjoina(q
, "/link");
172 assert_se(symlink("/", p
) >= 0);
174 /* Fail when user-owned directories contain root-owned subdirectories. */
175 r
= chase_symlinks(p
, temp
, CHASE_SAFE
, &result
, NULL
);
176 assert_se(r
== -ENOLINK
);
177 result
= mfree(result
);
179 /* Allow this when the user-owned directories are all in the "root". */
180 r
= chase_symlinks(p
, q
, CHASE_SAFE
, &result
, NULL
);
182 result
= mfree(result
);
187 r
= chase_symlinks("/etc/./.././", NULL
, 0, &result
, NULL
);
189 assert_se(path_equal(result
, "/"));
190 result
= mfree(result
);
192 r
= chase_symlinks("/etc/./.././", "/etc", 0, &result
, NULL
);
193 assert_se(r
> 0 && path_equal(result
, "/etc"));
194 result
= mfree(result
);
196 r
= chase_symlinks("/../.././//../../etc", NULL
, 0, &result
, NULL
);
198 assert_se(streq(result
, "/etc"));
199 result
= mfree(result
);
201 r
= chase_symlinks("/../.././//../../test-chase.fsldajfl", NULL
, CHASE_NONEXISTENT
, &result
, NULL
);
203 assert_se(streq(result
, "/test-chase.fsldajfl"));
204 result
= mfree(result
);
206 r
= chase_symlinks("/../.././//../../etc", "/", CHASE_PREFIX_ROOT
, &result
, NULL
);
208 assert_se(streq(result
, "/etc"));
209 result
= mfree(result
);
211 r
= chase_symlinks("/../.././//../../test-chase.fsldajfl", "/", CHASE_PREFIX_ROOT
|CHASE_NONEXISTENT
, &result
, NULL
);
213 assert_se(streq(result
, "/test-chase.fsldajfl"));
214 result
= mfree(result
);
216 r
= chase_symlinks("/etc/machine-id/foo", NULL
, 0, &result
, NULL
);
217 assert_se(r
== -ENOTDIR
);
218 result
= mfree(result
);
220 /* Path that loops back to self */
222 p
= strjoina(temp
, "/recursive-symlink");
223 assert_se(symlink("recursive-symlink", p
) >= 0);
224 r
= chase_symlinks(p
, NULL
, 0, &result
, NULL
);
225 assert_se(r
== -ELOOP
);
227 /* Path which doesn't exist */
229 p
= strjoina(temp
, "/idontexist");
230 r
= chase_symlinks(p
, NULL
, 0, &result
, NULL
);
231 assert_se(r
== -ENOENT
);
233 r
= chase_symlinks(p
, NULL
, CHASE_NONEXISTENT
, &result
, NULL
);
235 assert_se(path_equal(result
, p
));
236 result
= mfree(result
);
238 p
= strjoina(temp
, "/idontexist/meneither");
239 r
= chase_symlinks(p
, NULL
, 0, &result
, NULL
);
240 assert_se(r
== -ENOENT
);
242 r
= chase_symlinks(p
, NULL
, CHASE_NONEXISTENT
, &result
, NULL
);
244 assert_se(path_equal(result
, p
));
245 result
= mfree(result
);
247 /* Path which doesn't exist, but contains weird stuff */
249 p
= strjoina(temp
, "/idontexist/..");
250 r
= chase_symlinks(p
, NULL
, 0, &result
, NULL
);
251 assert_se(r
== -ENOENT
);
253 r
= chase_symlinks(p
, NULL
, CHASE_NONEXISTENT
, &result
, NULL
);
254 assert_se(r
== -ENOENT
);
256 p
= strjoina(temp
, "/target");
257 q
= strjoina(temp
, "/top");
258 assert_se(symlink(q
, p
) >= 0);
259 p
= strjoina(temp
, "/target/idontexist");
260 r
= chase_symlinks(p
, NULL
, 0, &result
, NULL
);
261 assert_se(r
== -ENOENT
);
263 if (geteuid() == 0) {
264 p
= strjoina(temp
, "/priv1");
265 assert_se(mkdir(p
, 0755) >= 0);
267 q
= strjoina(p
, "/priv2");
268 assert_se(mkdir(q
, 0755) >= 0);
270 assert_se(chase_symlinks(q
, NULL
, CHASE_SAFE
, NULL
, NULL
) >= 0);
272 assert_se(chown(q
, UID_NOBODY
, GID_NOBODY
) >= 0);
273 assert_se(chase_symlinks(q
, NULL
, CHASE_SAFE
, NULL
, NULL
) >= 0);
275 assert_se(chown(p
, UID_NOBODY
, GID_NOBODY
) >= 0);
276 assert_se(chase_symlinks(q
, NULL
, CHASE_SAFE
, NULL
, NULL
) >= 0);
278 assert_se(chown(q
, 0, 0) >= 0);
279 assert_se(chase_symlinks(q
, NULL
, CHASE_SAFE
, NULL
, NULL
) == -ENOLINK
);
281 assert_se(rmdir(q
) >= 0);
282 assert_se(symlink("/etc/passwd", q
) >= 0);
283 assert_se(chase_symlinks(q
, NULL
, CHASE_SAFE
, NULL
, NULL
) == -ENOLINK
);
285 assert_se(chown(p
, 0, 0) >= 0);
286 assert_se(chase_symlinks(q
, NULL
, CHASE_SAFE
, NULL
, NULL
) >= 0);
289 p
= strjoina(temp
, "/machine-id-test");
290 assert_se(symlink("/usr/../etc/./machine-id", p
) >= 0);
292 r
= chase_symlinks(p
, NULL
, 0, NULL
, &pfd
);
294 _cleanup_close_
int fd
= -1;
299 fd
= fd_reopen(pfd
, O_RDONLY
|O_CLOEXEC
);
303 assert_se(id128_read_fd(fd
, ID128_PLAIN
, &a
) >= 0);
304 assert_se(sd_id128_get_machine(&b
) >= 0);
305 assert_se(sd_id128_equal(a
, b
));
308 /* Test CHASE_NOFOLLOW */
310 p
= strjoina(temp
, "/target");
311 q
= strjoina(temp
, "/symlink");
312 assert_se(symlink(p
, q
) >= 0);
313 r
= chase_symlinks(q
, NULL
, CHASE_NOFOLLOW
, &result
, &pfd
);
316 assert_se(path_equal(result
, q
));
317 assert_se(fstat(pfd
, &st
) >= 0);
318 assert_se(S_ISLNK(st
.st_mode
));
319 result
= mfree(result
);
321 /* s1 -> s2 -> nonexistent */
322 q
= strjoina(temp
, "/s1");
323 assert_se(symlink("s2", q
) >= 0);
324 p
= strjoina(temp
, "/s2");
325 assert_se(symlink("nonexistent", p
) >= 0);
326 r
= chase_symlinks(q
, NULL
, CHASE_NOFOLLOW
, &result
, &pfd
);
329 assert_se(path_equal(result
, q
));
330 assert_se(fstat(pfd
, &st
) >= 0);
331 assert_se(S_ISLNK(st
.st_mode
));
332 result
= mfree(result
);
336 p
= strjoina(temp
, "/start");
337 r
= chase_symlinks(p
, NULL
, CHASE_STEP
, &result
, NULL
);
339 p
= strjoina(temp
, "/top/dot/dotdota");
340 assert_se(streq(p
, result
));
341 result
= mfree(result
);
343 r
= chase_symlinks(p
, NULL
, CHASE_STEP
, &result
, NULL
);
345 p
= strjoina(temp
, "/top/./dotdota");
346 assert_se(streq(p
, result
));
347 result
= mfree(result
);
349 r
= chase_symlinks(p
, NULL
, CHASE_STEP
, &result
, NULL
);
351 p
= strjoina(temp
, "/top/../a");
352 assert_se(streq(p
, result
));
353 result
= mfree(result
);
355 r
= chase_symlinks(p
, NULL
, CHASE_STEP
, &result
, NULL
);
357 p
= strjoina(temp
, "/a");
358 assert_se(streq(p
, result
));
359 result
= mfree(result
);
361 r
= chase_symlinks(p
, NULL
, CHASE_STEP
, &result
, NULL
);
363 p
= strjoina(temp
, "/b");
364 assert_se(streq(p
, result
));
365 result
= mfree(result
);
367 r
= chase_symlinks(p
, NULL
, CHASE_STEP
, &result
, NULL
);
369 assert_se(streq("/usr", result
));
370 result
= mfree(result
);
372 r
= chase_symlinks("/usr", NULL
, CHASE_STEP
, &result
, NULL
);
374 assert_se(streq("/usr", result
));
375 result
= mfree(result
);
377 /* Make sure that symlinks in the "root" path are not resolved, but those below are */
378 p
= strjoina("/etc/..", temp
, "/self");
379 assert_se(symlink(".", p
) >= 0);
380 q
= strjoina(p
, "/top/dot/dotdota");
381 r
= chase_symlinks(q
, p
, 0, &result
, NULL
);
383 assert_se(path_equal(path_startswith(result
, p
), "usr"));
384 result
= mfree(result
);
387 assert_se(rm_rf(temp
, REMOVE_ROOT
|REMOVE_PHYSICAL
) >= 0);
390 static void test_unlink_noerrno(void) {
394 log_info("/* %s */", __func__
);
396 name
= strjoina(arg_test_dir
?: "/tmp", "/test-close_nointr.XXXXXX");
397 fd
= mkostemp_safe(name
);
399 assert_se(close_nointr(fd
) >= 0);
404 assert_se(unlink_noerrno(name
) >= 0);
405 assert_se(errno
== 42);
406 assert_se(unlink_noerrno(name
) < 0);
407 assert_se(errno
== 42);
411 static void test_readlink_and_make_absolute(void) {
412 const char *tempdir
, *name
, *name2
, *name_alias
;
413 _cleanup_free_
char *r1
= NULL
, *r2
= NULL
, *pwd
= NULL
;
415 log_info("/* %s */", __func__
);
417 tempdir
= strjoina(arg_test_dir
?: "/tmp", "/test-readlink_and_make_absolute");
418 name
= strjoina(tempdir
, "/original");
419 name2
= "test-readlink_and_make_absolute/original";
420 name_alias
= strjoina(arg_test_dir
?: "/tmp", "/test-readlink_and_make_absolute-alias");
422 assert_se(mkdir_safe(tempdir
, 0755, getuid(), getgid(), MKDIR_WARN_MODE
) >= 0);
423 assert_se(touch(name
) >= 0);
425 if (symlink(name
, name_alias
) < 0) {
426 assert_se(IN_SET(errno
, EINVAL
, ENOSYS
, ENOTTY
, EPERM
));
427 log_tests_skipped_errno(errno
, "symlink() not possible");
429 assert_se(readlink_and_make_absolute(name_alias
, &r1
) >= 0);
430 assert_se(streq(r1
, name
));
431 assert_se(unlink(name_alias
) >= 0);
433 assert_se(safe_getcwd(&pwd
) >= 0);
435 assert_se(chdir(tempdir
) >= 0);
436 assert_se(symlink(name2
, name_alias
) >= 0);
437 assert_se(readlink_and_make_absolute(name_alias
, &r2
) >= 0);
438 assert_se(streq(r2
, name
));
439 assert_se(unlink(name_alias
) >= 0);
441 assert_se(chdir(pwd
) >= 0);
444 assert_se(rm_rf(tempdir
, REMOVE_ROOT
|REMOVE_PHYSICAL
) >= 0);
447 static void test_get_files_in_directory(void) {
448 _cleanup_strv_free_
char **l
= NULL
, **t
= NULL
;
450 assert_se(get_files_in_directory(arg_test_dir
?: "/tmp", &l
) >= 0);
451 assert_se(get_files_in_directory(".", &t
) >= 0);
452 assert_se(get_files_in_directory(".", NULL
) >= 0);
455 static void test_var_tmp(void) {
456 _cleanup_free_
char *tmpdir_backup
= NULL
, *temp_backup
= NULL
, *tmp_backup
= NULL
;
457 const char *tmp_dir
= NULL
, *t
;
459 log_info("/* %s */", __func__
);
461 t
= getenv("TMPDIR");
463 tmpdir_backup
= strdup(t
);
464 assert_se(tmpdir_backup
);
469 temp_backup
= strdup(t
);
470 assert_se(temp_backup
);
475 tmp_backup
= strdup(t
);
476 assert_se(tmp_backup
);
479 assert_se(unsetenv("TMPDIR") >= 0);
480 assert_se(unsetenv("TEMP") >= 0);
481 assert_se(unsetenv("TMP") >= 0);
483 assert_se(var_tmp_dir(&tmp_dir
) >= 0);
484 assert_se(streq(tmp_dir
, "/var/tmp"));
486 assert_se(setenv("TMPDIR", "/tmp", true) >= 0);
487 assert_se(streq(getenv("TMPDIR"), "/tmp"));
489 assert_se(var_tmp_dir(&tmp_dir
) >= 0);
490 assert_se(streq(tmp_dir
, "/tmp"));
492 assert_se(setenv("TMPDIR", "/88_does_not_exist_88", true) >= 0);
493 assert_se(streq(getenv("TMPDIR"), "/88_does_not_exist_88"));
495 assert_se(var_tmp_dir(&tmp_dir
) >= 0);
496 assert_se(streq(tmp_dir
, "/var/tmp"));
499 assert_se(setenv("TMPDIR", tmpdir_backup
, true) >= 0);
500 assert_se(streq(getenv("TMPDIR"), tmpdir_backup
));
504 assert_se(setenv("TEMP", temp_backup
, true) >= 0);
505 assert_se(streq(getenv("TEMP"), temp_backup
));
509 assert_se(setenv("TMP", tmp_backup
, true) >= 0);
510 assert_se(streq(getenv("TMP"), tmp_backup
));
514 static void test_dot_or_dot_dot(void) {
515 log_info("/* %s */", __func__
);
517 assert_se(!dot_or_dot_dot(NULL
));
518 assert_se(!dot_or_dot_dot(""));
519 assert_se(!dot_or_dot_dot("xxx"));
520 assert_se(dot_or_dot_dot("."));
521 assert_se(dot_or_dot_dot(".."));
522 assert_se(!dot_or_dot_dot(".foo"));
523 assert_se(!dot_or_dot_dot("..foo"));
526 static void test_access_fd(void) {
527 _cleanup_(rmdir_and_freep
) char *p
= NULL
;
528 _cleanup_close_
int fd
= -1;
531 log_info("/* %s */", __func__
);
533 a
= strjoina(arg_test_dir
?: "/tmp", "/access-fd.XXXXXX");
534 assert_se(mkdtemp_malloc(a
, &p
) >= 0);
536 fd
= open(p
, O_RDONLY
|O_DIRECTORY
|O_CLOEXEC
);
539 assert_se(access_fd(fd
, R_OK
) >= 0);
540 assert_se(access_fd(fd
, F_OK
) >= 0);
541 assert_se(access_fd(fd
, W_OK
) >= 0);
543 assert_se(fchmod(fd
, 0000) >= 0);
545 assert_se(access_fd(fd
, F_OK
) >= 0);
547 if (geteuid() == 0) {
548 assert_se(access_fd(fd
, R_OK
) >= 0);
549 assert_se(access_fd(fd
, W_OK
) >= 0);
551 assert_se(access_fd(fd
, R_OK
) == -EACCES
);
552 assert_se(access_fd(fd
, W_OK
) == -EACCES
);
556 static void test_touch_file(void) {
557 uid_t test_uid
, test_gid
;
558 _cleanup_(rm_rf_physical_and_freep
) char *p
= NULL
;
564 log_info("/* %s */", __func__
);
566 test_uid
= geteuid() == 0 ? 65534 : getuid();
567 test_gid
= geteuid() == 0 ? 65534 : getgid();
569 test_mtime
= usec_sub_unsigned(now(CLOCK_REALTIME
), USEC_PER_WEEK
);
571 a
= strjoina(arg_test_dir
?: "/dev/shm", "/touch-file-XXXXXX");
572 assert_se(mkdtemp_malloc(a
, &p
) >= 0);
574 a
= strjoina(p
, "/regular");
575 r
= touch_file(a
, false, test_mtime
, test_uid
, test_gid
, 0640);
577 assert_se(IN_SET(r
, -EINVAL
, -ENOSYS
, -ENOTTY
, -EPERM
));
578 log_tests_skipped_errno(errno
, "touch_file() not possible");
582 assert_se(lstat(a
, &st
) >= 0);
583 assert_se(st
.st_uid
== test_uid
);
584 assert_se(st
.st_gid
== test_gid
);
585 assert_se(S_ISREG(st
.st_mode
));
586 assert_se((st
.st_mode
& 0777) == 0640);
587 assert_se(timespec_load(&st
.st_mtim
) == test_mtime
);
589 a
= strjoina(p
, "/dir");
590 assert_se(mkdir(a
, 0775) >= 0);
591 assert_se(touch_file(a
, false, test_mtime
, test_uid
, test_gid
, 0640) >= 0);
592 assert_se(lstat(a
, &st
) >= 0);
593 assert_se(st
.st_uid
== test_uid
);
594 assert_se(st
.st_gid
== test_gid
);
595 assert_se(S_ISDIR(st
.st_mode
));
596 assert_se((st
.st_mode
& 0777) == 0640);
597 assert_se(timespec_load(&st
.st_mtim
) == test_mtime
);
599 a
= strjoina(p
, "/fifo");
600 assert_se(mkfifo(a
, 0775) >= 0);
601 assert_se(touch_file(a
, false, test_mtime
, test_uid
, test_gid
, 0640) >= 0);
602 assert_se(lstat(a
, &st
) >= 0);
603 assert_se(st
.st_uid
== test_uid
);
604 assert_se(st
.st_gid
== test_gid
);
605 assert_se(S_ISFIFO(st
.st_mode
));
606 assert_se((st
.st_mode
& 0777) == 0640);
607 assert_se(timespec_load(&st
.st_mtim
) == test_mtime
);
609 a
= strjoina(p
, "/sock");
610 assert_se(mknod(a
, 0775 | S_IFSOCK
, 0) >= 0);
611 assert_se(touch_file(a
, false, test_mtime
, test_uid
, test_gid
, 0640) >= 0);
612 assert_se(lstat(a
, &st
) >= 0);
613 assert_se(st
.st_uid
== test_uid
);
614 assert_se(st
.st_gid
== test_gid
);
615 assert_se(S_ISSOCK(st
.st_mode
));
616 assert_se((st
.st_mode
& 0777) == 0640);
617 assert_se(timespec_load(&st
.st_mtim
) == test_mtime
);
619 if (geteuid() == 0) {
620 a
= strjoina(p
, "/bdev");
621 r
= mknod(a
, 0775 | S_IFBLK
, makedev(0, 0));
622 if (r
< 0 && errno
== EPERM
&& detect_container() > 0) {
623 log_notice("Running in unprivileged container? Skipping remaining tests in %s", __func__
);
627 assert_se(touch_file(a
, false, test_mtime
, test_uid
, test_gid
, 0640) >= 0);
628 assert_se(lstat(a
, &st
) >= 0);
629 assert_se(st
.st_uid
== test_uid
);
630 assert_se(st
.st_gid
== test_gid
);
631 assert_se(S_ISBLK(st
.st_mode
));
632 assert_se((st
.st_mode
& 0777) == 0640);
633 assert_se(timespec_load(&st
.st_mtim
) == test_mtime
);
635 a
= strjoina(p
, "/cdev");
636 assert_se(mknod(a
, 0775 | S_IFCHR
, makedev(0, 0)) >= 0);
637 assert_se(touch_file(a
, false, test_mtime
, test_uid
, test_gid
, 0640) >= 0);
638 assert_se(lstat(a
, &st
) >= 0);
639 assert_se(st
.st_uid
== test_uid
);
640 assert_se(st
.st_gid
== test_gid
);
641 assert_se(S_ISCHR(st
.st_mode
));
642 assert_se((st
.st_mode
& 0777) == 0640);
643 assert_se(timespec_load(&st
.st_mtim
) == test_mtime
);
646 a
= strjoina(p
, "/lnk");
647 assert_se(symlink("target", a
) >= 0);
648 assert_se(touch_file(a
, false, test_mtime
, test_uid
, test_gid
, 0640) >= 0);
649 assert_se(lstat(a
, &st
) >= 0);
650 assert_se(st
.st_uid
== test_uid
);
651 assert_se(st
.st_gid
== test_gid
);
652 assert_se(S_ISLNK(st
.st_mode
));
653 assert_se(timespec_load(&st
.st_mtim
) == test_mtime
);
656 static void test_unlinkat_deallocate(void) {
657 _cleanup_free_
char *p
= NULL
;
658 _cleanup_close_
int fd
= -1;
661 log_info("/* %s */", __func__
);
663 assert_se(tempfn_random_child(arg_test_dir
, "unlink-deallocation", &p
) >= 0);
665 fd
= open(p
, O_WRONLY
|O_CLOEXEC
|O_CREAT
|O_EXCL
, 0600);
668 assert_se(write(fd
, "hallo\n", 6) == 6);
670 assert_se(fstat(fd
, &st
) >= 0);
671 assert_se(st
.st_size
== 6);
672 assert_se(st
.st_blocks
> 0);
673 assert_se(st
.st_nlink
== 1);
675 assert_se(unlinkat_deallocate(AT_FDCWD
, p
, UNLINK_ERASE
) >= 0);
677 assert_se(fstat(fd
, &st
) >= 0);
678 assert_se(IN_SET(st
.st_size
, 0, 6)); /* depending on whether hole punching worked the size will be 6
679 (it worked) or 0 (we had to resort to truncation) */
680 assert_se(st
.st_blocks
== 0);
681 assert_se(st
.st_nlink
== 0);
684 static void test_fsync_directory_of_file(void) {
685 _cleanup_close_
int fd
= -1;
687 log_info("/* %s */", __func__
);
689 fd
= open_tmpfile_unlinkable(arg_test_dir
, O_RDWR
);
692 assert_se(fsync_directory_of_file(fd
) >= 0);
695 static void test_rename_noreplace(void) {
696 static const char* const table
[] = {
705 _cleanup_(rm_rf_physical_and_freep
) char *z
= NULL
;
706 const char *j
= NULL
;
709 log_info("/* %s */", __func__
);
712 j
= strjoina(arg_test_dir
, "/testXXXXXX");
713 assert_se(mkdtemp_malloc(j
, &z
) >= 0);
715 j
= strjoina(z
, table
[0]);
716 assert_se(touch(j
) >= 0);
718 j
= strjoina(z
, table
[1]);
719 assert_se(mkdir(j
, 0777) >= 0);
721 j
= strjoina(z
, table
[2]);
722 (void) mkfifo(j
, 0777);
724 j
= strjoina(z
, table
[3]);
725 (void) mknod(j
, S_IFSOCK
| 0777, 0);
727 j
= strjoina(z
, table
[4]);
728 (void) symlink("foobar", j
);
730 STRV_FOREACH(a
, (char**) table
) {
731 _cleanup_free_
char *x
= NULL
, *y
= NULL
;
736 if (access(x
, F_OK
) < 0) {
737 assert_se(errno
== ENOENT
);
741 STRV_FOREACH(b
, (char**) table
) {
742 _cleanup_free_
char *w
= NULL
;
747 if (access(w
, F_OK
) < 0) {
748 assert_se(errno
== ENOENT
);
752 assert_se(rename_noreplace(AT_FDCWD
, x
, AT_FDCWD
, w
) == -EEXIST
);
755 y
= strjoin(z
, "/somethingelse");
758 assert_se(rename_noreplace(AT_FDCWD
, x
, AT_FDCWD
, y
) >= 0);
759 assert_se(rename_noreplace(AT_FDCWD
, y
, AT_FDCWD
, x
) >= 0);
763 static void test_chmod_and_chown(void) {
764 _cleanup_(rm_rf_physical_and_freep
) char *d
= NULL
;
765 _unused_ _cleanup_umask_ mode_t u
= umask(0000);
772 log_info("/* %s */", __func__
);
774 assert_se(mkdtemp_malloc(NULL
, &d
) >= 0);
776 p
= strjoina(d
, "/reg");
777 assert_se(mknod(p
, S_IFREG
| 0123, 0) >= 0);
779 assert_se(chmod_and_chown(p
, S_IFREG
| 0321, 1, 2) >= 0);
780 assert_se(chmod_and_chown(p
, S_IFDIR
| 0555, 3, 4) == -EINVAL
);
782 assert_se(lstat(p
, &st
) >= 0);
783 assert_se(S_ISREG(st
.st_mode
));
784 assert_se((st
.st_mode
& 07777) == 0321);
786 p
= strjoina(d
, "/dir");
787 assert_se(mkdir(p
, 0123) >= 0);
789 assert_se(chmod_and_chown(p
, S_IFDIR
| 0321, 1, 2) >= 0);
790 assert_se(chmod_and_chown(p
, S_IFREG
| 0555, 3, 4) == -EINVAL
);
792 assert_se(lstat(p
, &st
) >= 0);
793 assert_se(S_ISDIR(st
.st_mode
));
794 assert_se((st
.st_mode
& 07777) == 0321);
796 p
= strjoina(d
, "/lnk");
797 assert_se(symlink("idontexist", p
) >= 0);
799 assert_se(chmod_and_chown(p
, S_IFLNK
| 0321, 1, 2) >= 0);
800 assert_se(chmod_and_chown(p
, S_IFREG
| 0555, 3, 4) == -EINVAL
);
801 assert_se(chmod_and_chown(p
, S_IFDIR
| 0555, 3, 4) == -EINVAL
);
803 assert_se(lstat(p
, &st
) >= 0);
804 assert_se(S_ISLNK(st
.st_mode
));
807 static void test_path_is_encrypted_one(const char *p
, int expect
) {
810 r
= path_is_encrypted(p
);
811 if (r
== -ENOENT
|| ERRNO_IS_PRIVILEGE(r
)) /* This might fail, if btrfs is used and we run in a
812 * container. In that case we cannot resolve the device node paths that
813 * BTRFS_IOC_DEV_INFO returns, because the device nodes are unlikely to exist in
814 * the container. But if we can't stat() them we cannot determine the dev_t of
815 * them, and thus cannot figure out if they are enrypted. Hence let's just ignore
816 * ENOENT here. Also skip the test if we lack privileges. */
820 log_info("%s encrypted: %s", p
, yes_no(r
));
822 assert_se(expect
< 0 || ((r
> 0) == (expect
> 0)));
825 static void test_path_is_encrypted(void) {
826 int booted
= sd_booted(); /* If this is run in build environments such as koji, /dev might be a
827 * reguar fs. Don't assume too much if not running under systemd. */
829 log_info("/* %s (sd_booted=%d)*/", __func__
, booted
);
831 test_path_is_encrypted_one("/home", -1);
832 test_path_is_encrypted_one("/var", -1);
833 test_path_is_encrypted_one("/", -1);
834 test_path_is_encrypted_one("/proc", false);
835 test_path_is_encrypted_one("/sys", false);
836 test_path_is_encrypted_one("/dev", booted
> 0 ? false : -1);
839 static void test_conservative_rename(void) {
840 _cleanup_(unlink_and_freep
) char *p
= NULL
;
841 _cleanup_free_
char *q
= NULL
;
843 assert_se(tempfn_random_child(NULL
, NULL
, &p
) >= 0);
844 assert_se(write_string_file(p
, "this is a test", WRITE_STRING_FILE_CREATE
) >= 0);
846 assert_se(tempfn_random_child(NULL
, NULL
, &q
) >= 0);
848 /* Check that the hardlinked "copy" is detected */
849 assert_se(link(p
, q
) >= 0);
850 assert_se(conservative_rename(AT_FDCWD
, q
, AT_FDCWD
, p
) == 0);
851 assert_se(access(q
, F_OK
) < 0 && errno
== ENOENT
);
853 /* Check that a manual copy is detected */
854 assert_se(copy_file(p
, q
, 0, (mode_t
) -1, 0, 0, COPY_REFLINK
) >= 0);
855 assert_se(conservative_rename(AT_FDCWD
, q
, AT_FDCWD
, p
) == 0);
856 assert_se(access(q
, F_OK
) < 0 && errno
== ENOENT
);
858 /* Check that a manual new writeout is also detected */
859 assert_se(write_string_file(q
, "this is a test", WRITE_STRING_FILE_CREATE
) >= 0);
860 assert_se(conservative_rename(AT_FDCWD
, q
, AT_FDCWD
, p
) == 0);
861 assert_se(access(q
, F_OK
) < 0 && errno
== ENOENT
);
863 /* Check that a minimally changed version is detected */
864 assert_se(write_string_file(q
, "this is a_test", WRITE_STRING_FILE_CREATE
) >= 0);
865 assert_se(conservative_rename(AT_FDCWD
, q
, AT_FDCWD
, p
) > 0);
866 assert_se(access(q
, F_OK
) < 0 && errno
== ENOENT
);
868 /* Check that this really is new updated version */
869 assert_se(write_string_file(q
, "this is a_test", WRITE_STRING_FILE_CREATE
) >= 0);
870 assert_se(conservative_rename(AT_FDCWD
, q
, AT_FDCWD
, p
) == 0);
871 assert_se(access(q
, F_OK
) < 0 && errno
== ENOENT
);
873 /* Make sure we detect extended files */
874 assert_se(write_string_file(q
, "this is a_testx", WRITE_STRING_FILE_CREATE
) >= 0);
875 assert_se(conservative_rename(AT_FDCWD
, q
, AT_FDCWD
, p
) > 0);
876 assert_se(access(q
, F_OK
) < 0 && errno
== ENOENT
);
878 /* Make sure we detect truncated files */
879 assert_se(write_string_file(q
, "this is a_test", WRITE_STRING_FILE_CREATE
) >= 0);
880 assert_se(conservative_rename(AT_FDCWD
, q
, AT_FDCWD
, p
) > 0);
881 assert_se(access(q
, F_OK
) < 0 && errno
== ENOENT
);
884 int main(int argc
, char *argv
[]) {
885 test_setup_logging(LOG_INFO
);
887 arg_test_dir
= argv
[1];
889 test_chase_symlinks();
890 test_unlink_noerrno();
891 test_readlink_and_make_absolute();
892 test_get_files_in_directory();
894 test_dot_or_dot_dot();
897 test_unlinkat_deallocate();
898 test_fsync_directory_of_file();
899 test_rename_noreplace();
900 test_chmod_and_chown();
901 test_path_is_encrypted();
902 test_conservative_rename();