xref: /freebsd/tests/sys/mac/do/valid_configs.sh (revision cba191e291c17b32247e12d6f94dcde56994bfe6) 
1#!/usr/bin/env atf-sh
2#
3# Copyright (c) 2026, The FreeBSD Foundation
4#
5# This software was developed by Olivier Certner <olce@FreeBSD.org> at
6# Kumacom SARL under sponsorship from the FreeBSD Foundation.
7
8atf_test_case rule_uid_to_any
9rule_uid_to_any_head()
10{
11    atf_set descr "Single \"to any\" rule"
12}
13rule_uid_to_any_body()
14{
15    sysctl_set_and_check_rules "uid=1001>any"
16    sysctl_set_and_check_rules "gid=1001>any"
17}
18
19atf_test_case rule_uid_to_uid
20rule_uid_to_uid_head()
21{
22    atf_set descr "Single \"to UID\" rule"
23}
24rule_uid_to_uid_body()
25{
26    sysctl_set_and_check_rules "uid=1001>uid=0"
27    sysctl_set_and_check_rules "gid=1001>uid=0"
28}
29
30atf_test_case rule_uid_to_uid_any
31rule_uid_to_uid_any_head()
32{
33    atf_set descr "Single \"to UID any\" rule"
34}
35rule_uid_to_uid_any_body()
36{
37    sysctl_set_and_check_rules "uid=1001>uid=any"
38    sysctl_set_and_check_rules "gid=1001>uid=any"
39}
40
41atf_test_case rule_uid_to_uid_star
42rule_uid_to_uid_star_head()
43{
44    atf_set descr "Single \"to any (with '*')\" rule"
45}
46rule_uid_to_uid_star_body()
47{
48    sysctl_set_and_check_rules "uid=1001>uid=*"
49    sysctl_set_and_check_rules "gid=1001>uid=*"
50}
51
52atf_test_case rule_uid_to_uid_gid
53rule_uid_to_uid_gid_head()
54{
55    atf_set descr "Single \"to UID and GID\" rule"
56}
57rule_uid_to_uid_gid_body()
58{
59    sysctl_set_and_check_rules "uid=1001>uid=0,gid=0"
60    sysctl_set_and_check_rules "gid=1001>uid=0,gid=0"
61}
62
63atf_test_case rule_uid_to_uid_gid_optional_sgid
64rule_uid_to_uid_gid_optional_sgid_head()
65{
66    atf_set descr "Single \"to UID, GID and \
67optional supplementary group rule\" rule"
68}
69rule_uid_to_uid_gid_optional_sgid_body()
70{
71    sysctl_set_and_check_rules "uid=1001>uid=0,gid=0,+gid=0"
72    sysctl_set_and_check_rules "gid=1001>uid=0,gid=0,+gid=0"
73}
74
75atf_test_case rule_uid_to_uid_gid_mandatory_sgid
76rule_uid_to_uid_gid_mandatory_sgid_head()
77{
78    atf_set descr "Single \"to UID, GID and \
79mandatory supplementary group\" rule"
80}
81rule_uid_to_uid_gid_mandatory_sgid_body()
82{
83    sysctl_set_and_check_rules "uid=1001>uid=0,gid=0,!gid=0"
84    sysctl_set_and_check_rules "gid=1001>uid=0,gid=0,!gid=0"
85}
86
87atf_test_case rule_uid_to_uid_gid_excluded_sgid
88rule_uid_to_uid_gid_excluded_sgid_head()
89{
90    atf_set descr "Single \"to UID, GID and excluded supplementary group\" rule"
91}
92rule_uid_to_uid_gid_excluded_sgid_body()
93{
94    sysctl_set_and_check_rules "uid=1001>uid=0,gid=0,-gid=0"
95    sysctl_set_and_check_rules "gid=1001>uid=0,gid=0,-gid=0"
96}
97
98atf_test_case rules_uid_to_uid
99rules_uid_to_uid_head()
100{
101    atf_set descr "Multiple \"to UID\" rules"
102}
103rules_uid_to_uid_body() {
104    sysctl_set_and_check_rules \
105        "uid=1001>uid=0;uid=1001>uid=0,gid=0,!gid=0,+gid=5;gid=1001>gid=5"
106}
107
108atf_test_case rules_uid_to_uid_with_spaces
109rules_uid_to_uid_with_spaces_head()
110{
111    atf_set descr "Multiple \"to UID\" rules with extra spaces"
112}
113rules_uid_to_uid_with_spaces_body()
114{
115    sysctl_set_and_check_rules \
116        "uid=1001 > uid=0; uid=1001>uid=0, gid = 0, !gid =0,+gid =5;  \
117gid= 1001 >gid =5"
118}
119
120
121atf_init_test_cases()
122{
123    . $(atf_get_srcdir)/common.sh
124
125    atf_add_test_case rule_uid_to_any
126    atf_add_test_case rule_uid_to_uid
127    atf_add_test_case rule_uid_to_uid_any
128    atf_add_test_case rule_uid_to_uid_star
129    atf_add_test_case rule_uid_to_uid_gid
130    atf_add_test_case rule_uid_to_uid_gid_optional_sgid
131    atf_add_test_case rule_uid_to_uid_gid_mandatory_sgid
132    atf_add_test_case rule_uid_to_uid_gid_excluded_sgid
133    atf_add_test_case rules_uid_to_uid
134    atf_add_test_case rules_uid_to_uid_with_spaces
135}
136