]>
Commit | Line | Data |
---|---|---|
6160e473 RC |
1 | /*** |
2 | This file is part of systemd | |
3 | ||
4 | Copyright 2014 Ronny Chevalier | |
5 | ||
6 | systemd is free software; you can redistribute it and/or modify it | |
7 | under the terms of the GNU Lesser General Public License as published by | |
8 | the Free Software Foundation; either version 2.1 of the License, or | |
9 | (at your option) any later version. | |
10 | ||
11 | systemd is distributed in the hope that it will be useful, but | |
12 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | Lesser General Public License for more details. | |
15 | ||
16 | You should have received a copy of the GNU Lesser General Public License | |
17 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
18 | ***/ | |
19 | ||
20 | #include <sys/types.h> | |
21 | #include <sys/wait.h> | |
22 | #include <sys/capability.h> | |
23 | #include <sys/socket.h> | |
24 | #include <netinet/in.h> | |
25 | #include <pwd.h> | |
26 | #include <unistd.h> | |
27 | ||
28 | #include "capability.h" | |
29 | #include "util.h" | |
30 | #include "macro.h" | |
31 | ||
32 | static uid_t test_uid = -1; | |
33 | static gid_t test_gid = -1; | |
34 | // We keep CAP_DAC_OVERRIDE to avoid errors with gcov when doing test coverage | |
35 | static uint64_t test_flags = 1ULL << CAP_DAC_OVERRIDE; | |
36 | ||
37 | static void fork_test(void (*test_func)(void)) { | |
38 | pid_t pid = 0; | |
39 | ||
40 | pid = fork(); | |
41 | assert_se(pid >= 0); | |
42 | if (pid == 0) { | |
43 | test_func(); | |
44 | exit(0); | |
45 | } else if (pid > 0) { | |
46 | int status; | |
47 | ||
48 | assert_se(waitpid(pid, &status, 0) > 0); | |
49 | assert_se(WIFEXITED(status) && WEXITSTATUS(status) == 0); | |
50 | } | |
51 | } | |
52 | ||
53 | static void show_capabilities(void) { | |
54 | cap_t caps; | |
55 | char *text; | |
56 | ||
57 | caps = cap_get_proc(); | |
58 | assert_se(caps); | |
59 | ||
60 | text = cap_to_text(caps, NULL); | |
61 | assert_se(text); | |
62 | ||
63 | log_info("Capabilities:%s", text); | |
64 | cap_free(caps); | |
65 | cap_free(text); | |
66 | } | |
67 | ||
68 | static int setup_tests(void) { | |
69 | struct passwd *nobody; | |
70 | ||
71 | nobody = getpwnam("nobody"); | |
72 | if (!nobody) { | |
56f64d95 | 73 | log_error_errno(errno, "Could not find nobody user: %m"); |
6160e473 RC |
74 | return -EXIT_TEST_SKIP; |
75 | } | |
76 | test_uid = nobody->pw_uid; | |
77 | test_gid = nobody->pw_gid; | |
78 | ||
79 | return 0; | |
80 | } | |
81 | ||
82 | static void test_drop_privileges_keep_net_raw(void) { | |
83 | int sock; | |
84 | ||
85 | sock = socket(AF_INET, SOCK_RAW, IPPROTO_UDP); | |
86 | assert_se(sock >= 0); | |
87 | safe_close(sock); | |
88 | ||
89 | assert_se(drop_privileges(test_uid, test_gid, test_flags | (1ULL << CAP_NET_RAW)) >= 0); | |
90 | assert_se(getuid() == test_uid); | |
91 | assert_se(getgid() == test_gid); | |
92 | show_capabilities(); | |
93 | ||
94 | sock = socket(AF_INET, SOCK_RAW, IPPROTO_UDP); | |
95 | assert_se(sock >= 0); | |
96 | safe_close(sock); | |
97 | } | |
98 | ||
99 | static void test_drop_privileges_dontkeep_net_raw(void) { | |
100 | int sock; | |
101 | ||
102 | sock = socket(AF_INET, SOCK_RAW, IPPROTO_UDP); | |
103 | assert_se(sock >= 0); | |
104 | safe_close(sock); | |
105 | ||
106 | assert_se(drop_privileges(test_uid, test_gid, test_flags) >= 0); | |
107 | assert_se(getuid() == test_uid); | |
108 | assert_se(getgid() == test_gid); | |
109 | show_capabilities(); | |
110 | ||
111 | sock = socket(AF_INET, SOCK_RAW, IPPROTO_UDP); | |
112 | assert_se(sock < 0); | |
113 | } | |
114 | ||
115 | static void test_drop_privileges_fail(void) { | |
116 | assert_se(drop_privileges(test_uid, test_gid, test_flags) >= 0); | |
117 | assert_se(getuid() == test_uid); | |
118 | assert_se(getgid() == test_gid); | |
119 | ||
120 | assert_se(drop_privileges(test_uid, test_gid, test_flags) < 0); | |
121 | assert_se(drop_privileges(0, 0, test_flags) < 0); | |
122 | } | |
123 | ||
124 | static void test_drop_privileges(void) { | |
125 | fork_test(test_drop_privileges_keep_net_raw); | |
126 | fork_test(test_drop_privileges_dontkeep_net_raw); | |
127 | fork_test(test_drop_privileges_fail); | |
128 | } | |
129 | ||
130 | static void test_have_effective_cap(void) { | |
131 | assert_se(have_effective_cap(CAP_KILL)); | |
132 | assert_se(have_effective_cap(CAP_CHOWN)); | |
133 | ||
134 | assert_se(drop_privileges(test_uid, test_gid, test_flags | (1ULL << CAP_KILL)) >= 0); | |
135 | assert_se(getuid() == test_uid); | |
136 | assert_se(getgid() == test_gid); | |
137 | ||
138 | assert_se(have_effective_cap(CAP_KILL)); | |
139 | assert_se(!have_effective_cap(CAP_CHOWN)); | |
140 | } | |
141 | ||
142 | int main(int argc, char *argv[]) { | |
143 | int r; | |
144 | ||
145 | log_parse_environment(); | |
146 | log_open(); | |
147 | ||
148 | if (getuid() != 0) | |
149 | return EXIT_TEST_SKIP; | |
150 | ||
151 | r = setup_tests(); | |
152 | if (r < 0) | |
153 | return -r; | |
154 | ||
155 | show_capabilities(); | |
156 | ||
157 | test_drop_privileges(); | |
158 | fork_test(test_have_effective_cap); | |
159 | ||
160 | return 0; | |
161 | } |