projects / thirdparty / systemd.git / blame
| Commit | Line | Data |
|---|---|---|
| 6160e473 RC |
1 | /*** |
| 2 | This file is part of systemd | |
| 3 | ||
| 4 | Copyright 2014 Ronny Chevalier | |
| 5 | ||
| 6 | systemd is free software; you can redistribute it and/or modify it | |
| 7 | under the terms of the GNU Lesser General Public License as published by | |
| 8 | the Free Software Foundation; either version 2.1 of the License, or | |
| 9 | (at your option) any later version. | |
| 10 | ||
| 11 | systemd is distributed in the hope that it will be useful, but | |
| 12 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
| 14 | Lesser General Public License for more details. | |
| 15 | ||
| 16 | You should have received a copy of the GNU Lesser General Public License | |
| 17 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
| 18 | ***/ | |
| 19 | ||
| 20 | #include <sys/types.h> | |
| 21 | #include <sys/wait.h> | |
| 22 | #include <sys/capability.h> | |
| 23 | #include <sys/socket.h> | |
| 24 | #include <netinet/in.h> | |
| 25 | #include <pwd.h> | |
| 26 | #include <unistd.h> | |
| 27 | ||
| 28 | #include "capability.h" | |
| 29 | #include "util.h" | |
| 30 | #include "macro.h" | |
| 31 | ||
| 32 | static uid_t test_uid = -1; | |
| 33 | static gid_t test_gid = -1; | |
| 34 | // We keep CAP_DAC_OVERRIDE to avoid errors with gcov when doing test coverage | |
| 35 | static uint64_t test_flags = 1ULL << CAP_DAC_OVERRIDE; | |
| 36 | ||
| 37 | static void fork_test(void (*test_func)(void)) { | |
| 38 | pid_t pid = 0; | |
| 39 | ||
| 40 | pid = fork(); | |
| 41 | assert_se(pid >= 0); | |
| 42 | if (pid == 0) { | |
| 43 | test_func(); | |
| 44 | exit(0); | |
| 45 | } else if (pid > 0) { | |
| 46 | int status; | |
| 47 | ||
| 48 | assert_se(waitpid(pid, &status, 0) > 0); | |
| 49 | assert_se(WIFEXITED(status) && WEXITSTATUS(status) == 0); | |
| 50 | } | |
| 51 | } | |
| 52 | ||
| 53 | static void show_capabilities(void) { | |
| 54 | cap_t caps; | |
| 55 | char *text; | |
| 56 | ||
| 57 | caps = cap_get_proc(); | |
| 58 | assert_se(caps); | |
| 59 | ||
| 60 | text = cap_to_text(caps, NULL); | |
| 61 | assert_se(text); | |
| 62 | ||
| 63 | log_info("Capabilities:%s", text); | |
| 64 | cap_free(caps); | |
| 65 | cap_free(text); | |
| 66 | } | |
| 67 | ||
| 68 | static int setup_tests(void) { | |
| 69 | struct passwd *nobody; | |
| 70 | ||
| 71 | nobody = getpwnam("nobody"); | |
| 72 | if (!nobody) { | |
| 56f64d95 | 73 | log_error_errno(errno, "Could not find nobody user: %m"); |
| 6160e473 RC |
74 | return -EXIT_TEST_SKIP; |
| 75 | } | |
| 76 | test_uid = nobody->pw_uid; | |
| 77 | test_gid = nobody->pw_gid; | |
| 78 | ||
| 79 | return 0; | |
| 80 | } | |
| 81 | ||
| 82 | static void test_drop_privileges_keep_net_raw(void) { | |
| 83 | int sock; | |
| 84 | ||
| 85 | sock = socket(AF_INET, SOCK_RAW, IPPROTO_UDP); | |
| 86 | assert_se(sock >= 0); | |
| 87 | safe_close(sock); | |
| 88 | ||
| 89 | assert_se(drop_privileges(test_uid, test_gid, test_flags | (1ULL << CAP_NET_RAW)) >= 0); | |
| 90 | assert_se(getuid() == test_uid); | |
| 91 | assert_se(getgid() == test_gid); | |
| 92 | show_capabilities(); | |
| 93 | ||
| 94 | sock = socket(AF_INET, SOCK_RAW, IPPROTO_UDP); | |
| 95 | assert_se(sock >= 0); | |
| 96 | safe_close(sock); | |
| 97 | } | |
| 98 | ||
| 99 | static void test_drop_privileges_dontkeep_net_raw(void) { | |
| 100 | int sock; | |
| 101 | ||
| 102 | sock = socket(AF_INET, SOCK_RAW, IPPROTO_UDP); | |
| 103 | assert_se(sock >= 0); | |
| 104 | safe_close(sock); | |
| 105 | ||
| 106 | assert_se(drop_privileges(test_uid, test_gid, test_flags) >= 0); | |
| 107 | assert_se(getuid() == test_uid); | |
| 108 | assert_se(getgid() == test_gid); | |
| 109 | show_capabilities(); | |
| 110 | ||
| 111 | sock = socket(AF_INET, SOCK_RAW, IPPROTO_UDP); | |
| 112 | assert_se(sock < 0); | |
| 113 | } | |
| 114 | ||
| 115 | static void test_drop_privileges_fail(void) { | |
| 116 | assert_se(drop_privileges(test_uid, test_gid, test_flags) >= 0); | |
| 117 | assert_se(getuid() == test_uid); | |
| 118 | assert_se(getgid() == test_gid); | |
| 119 | ||
| 120 | assert_se(drop_privileges(test_uid, test_gid, test_flags) < 0); | |
| 121 | assert_se(drop_privileges(0, 0, test_flags) < 0); | |
| 122 | } | |
| 123 | ||
| 124 | static void test_drop_privileges(void) { | |
| 125 | fork_test(test_drop_privileges_keep_net_raw); | |
| 126 | fork_test(test_drop_privileges_dontkeep_net_raw); | |
| 127 | fork_test(test_drop_privileges_fail); | |
| 128 | } | |
| 129 | ||
| 130 | static void test_have_effective_cap(void) { | |
| 131 | assert_se(have_effective_cap(CAP_KILL)); | |
| 132 | assert_se(have_effective_cap(CAP_CHOWN)); | |
| 133 | ||
| 134 | assert_se(drop_privileges(test_uid, test_gid, test_flags | (1ULL << CAP_KILL)) >= 0); | |
| 135 | assert_se(getuid() == test_uid); | |
| 136 | assert_se(getgid() == test_gid); | |
| 137 | ||
| 138 | assert_se(have_effective_cap(CAP_KILL)); | |
| 139 | assert_se(!have_effective_cap(CAP_CHOWN)); | |
| 140 | } | |
| 141 | ||
| 142 | int main(int argc, char *argv[]) { | |
| 143 | int r; | |
| 144 | ||
| 145 | log_parse_environment(); | |
| 146 | log_open(); | |
| 147 | ||
| 148 | if (getuid() != 0) | |
| 149 | return EXIT_TEST_SKIP; | |
| 150 | ||
| 151 | r = setup_tests(); | |
| 152 | if (r < 0) | |
| 153 | return -r; | |
| 154 | ||
| 155 | show_capabilities(); | |
| 156 | ||
| 157 | test_drop_privileges(); | |
| 158 | fork_test(test_have_effective_cap); | |
| 159 | ||
| 160 | return 0; | |
| 161 | } |