&> $TEST_DIR/certtool.log
certtool --generate-self-signed --load-privkey $TEST_DIR/server.key \
--template $TEST_DIR/cert.cfg --outfile $TEST_DIR/server.crt &>> $TEST_DIR/certtool.log
-chown $user $TEST_DIR/server.*
+chown "$(get_user)" $TEST_DIR/server.*
ntpport=$(get_free_port)
ntsport=$(get_free_port)
&> $TEST_DIR/certtool.log
certtool --generate-self-signed --load-privkey $TEST_DIR/server.key \
--template $TEST_DIR/cert.cfg --outfile $TEST_DIR/server.crt &>> $TEST_DIR/certtool.log
-chown $user $TEST_DIR/server.*
+chown "$(get_user)" $TEST_DIR/server.*
ntpport=$(get_free_port)
ntsport=$(get_free_port)
TEST_LIBDIR=${CHRONY_LIBDIR:-/var/lib/chrony}
TEST_LOGDIR=${CHRONY_LOGDIR:-/var/log/chrony}
TEST_RUNDIR=${CHRONY_RUNDIR:-/var/run/chrony}
+TEST_PRIVDROP_USER=$(ls -ld "$TEST_RUNDIR" 2> /dev/null | awk '{print $3}')
. ./test.common
-user=$(ls -ld "$TEST_RUNDIR" 2> /dev/null | awk '{print $3}')
+priv_drop=1
test_start "system directories"
TEST_LOGDIR=${TEST_LOGDIR:-$TEST_DIR}
TEST_RUNDIR=${TEST_RUNDIR:-$TEST_DIR}
TEST_SCFILTER=${TEST_SCFILTER:-0}
+TEST_ROOT_USER=${TEST_ROOT_USER:-root}
+TEST_PRIVDROP_USER=${TEST_PRIVDROP_USER:-nobody}
test_start() {
+ local user=$(get_user)
+
check_chronyd_features NTP CMDMON || test_skip "NTP/CMDMON support disabled"
[ "${#TEST_DIR}" -ge 5 ] || test_skip "invalid TEST_DIR"
rm -f "$TEST_LIBDIR"/* "$TEST_LOGDIR"/* "$TEST_RUNDIR"/*
- if [ "$user" != "root" ]; then
+ if [ "$user" != "$TEST_ROOT_USER" ]; then
id -u "$user" > /dev/null 2> /dev/null || test_skip "missing user $user"
chown "$user:$(id -g "$user")" "$TEST_DIR" || test_skip "could not chown $TEST_DIR"
su "$user" -s /bin/sh -c "touch $TEST_DIR/test" 2> /dev/null || \
default_server=127.0.0.1
default_server_name=127.0.0.1
default_server_options=""
-default_user=root
+default_priv_drop=0
# Initialize test settings from their defaults
for defoptname in ${!default_*}; do
echo "$TEST_RUNDIR/chronyd.sock"
}
+get_user() {
+ if [ "$priv_drop" -ne 0 ]; then
+ echo "$TEST_PRIVDROP_USER"
+ else
+ echo "$TEST_ROOT_USER"
+ fi
+}
+
# Find a free port in the 10000-20000 range (their use is racy)
get_free_port() {
local port
}
generate_chrony_conf() {
- local ntpport cmdport
+ local user ntpport cmdport
+ user=$(get_user)
ntpport=$(get_free_port)
cmdport=$(get_free_port)
[ "$clock_control" -eq 0 ] && echo "-x"
echo "-l $(get_logfile)"
echo "-f $(get_conffile)"
- echo "-u $user"
+ echo "-u $(get_user)"
echo "-F $TEST_SCFILTER"
echo "$extra_chronyd_options"
}
projects / thirdparty / chrony.git / commitdiff
