xref: /freebsd/contrib/netbsd-tests/lib/libc/sys/t_chroot.c (revision 8a6fe8ce60ab99778558c4951d23615a0141daf0) 
1*ddba0402SEnji Cooper /* $NetBSD: t_chroot.c,v 1.2 2017/01/10 22:36:29 christos Exp $ */
257718be8SEnji Cooper 
357718be8SEnji Cooper /*-
457718be8SEnji Cooper  * Copyright (c) 2011 The NetBSD Foundation, Inc.
557718be8SEnji Cooper  * All rights reserved.
657718be8SEnji Cooper  *
757718be8SEnji Cooper  * This code is derived from software contributed to The NetBSD Foundation
857718be8SEnji Cooper  * by Jukka Ruohonen.
957718be8SEnji Cooper  *
1057718be8SEnji Cooper  * Redistribution and use in source and binary forms, with or without
1157718be8SEnji Cooper  * modification, are permitted provided that the following conditions
1257718be8SEnji Cooper  * are met:
1357718be8SEnji Cooper  * 1. Redistributions of source code must retain the above copyright
1457718be8SEnji Cooper  *    notice, this list of conditions and the following disclaimer.
1557718be8SEnji Cooper  * 2. Redistributions in binary form must reproduce the above copyright
1657718be8SEnji Cooper  *    notice, this list of conditions and the following disclaimer in the
1757718be8SEnji Cooper  *    documentation and/or other materials provided with the distribution.
1857718be8SEnji Cooper  *
1957718be8SEnji Cooper  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
2057718be8SEnji Cooper  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
2157718be8SEnji Cooper  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
2257718be8SEnji Cooper  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
2357718be8SEnji Cooper  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
2457718be8SEnji Cooper  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
2557718be8SEnji Cooper  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
2657718be8SEnji Cooper  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
2757718be8SEnji Cooper  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
2857718be8SEnji Cooper  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
2957718be8SEnji Cooper  * POSSIBILITY OF SUCH DAMAGE.
3057718be8SEnji Cooper  */
3157718be8SEnji Cooper #include <sys/cdefs.h>
32*ddba0402SEnji Cooper __RCSID("$NetBSD: t_chroot.c,v 1.2 2017/01/10 22:36:29 christos Exp $");
3357718be8SEnji Cooper 
3457718be8SEnji Cooper #include <sys/wait.h>
35*ddba0402SEnji Cooper #include <sys/stat.h>
3657718be8SEnji Cooper 
3757718be8SEnji Cooper #include <atf-c.h>
3857718be8SEnji Cooper #include <errno.h>
3957718be8SEnji Cooper #include <fcntl.h>
4057718be8SEnji Cooper #include <limits.h>
4157718be8SEnji Cooper #include <pwd.h>
4257718be8SEnji Cooper #include <stdlib.h>
4357718be8SEnji Cooper #include <string.h>
4457718be8SEnji Cooper #include <unistd.h>
4557718be8SEnji Cooper 
4657718be8SEnji Cooper ATF_TC(chroot_basic);
ATF_TC_HEAD(chroot_basic,tc)4757718be8SEnji Cooper ATF_TC_HEAD(chroot_basic, tc)
4857718be8SEnji Cooper {
4957718be8SEnji Cooper 	atf_tc_set_md_var(tc, "descr", "A basic test of chroot(2)");
5057718be8SEnji Cooper 	atf_tc_set_md_var(tc, "require.user", "root");
5157718be8SEnji Cooper }
5257718be8SEnji Cooper 
ATF_TC_BODY(chroot_basic,tc)5357718be8SEnji Cooper ATF_TC_BODY(chroot_basic, tc)
5457718be8SEnji Cooper {
5557718be8SEnji Cooper 	char buf[PATH_MAX];
5657718be8SEnji Cooper 	int fd, sta;
5757718be8SEnji Cooper 	pid_t pid;
5857718be8SEnji Cooper 
5957718be8SEnji Cooper 	(void)memset(buf, '\0', sizeof(buf));
6057718be8SEnji Cooper 	(void)getcwd(buf, sizeof(buf));
6157718be8SEnji Cooper 	(void)strlcat(buf, "/dir", sizeof(buf));
6257718be8SEnji Cooper 
6357718be8SEnji Cooper 	ATF_REQUIRE(mkdir(buf, 0500) == 0);
6457718be8SEnji Cooper 	ATF_REQUIRE(chdir(buf) == 0);
6557718be8SEnji Cooper 
6657718be8SEnji Cooper 	pid = fork();
6757718be8SEnji Cooper 	ATF_REQUIRE(pid >= 0);
6857718be8SEnji Cooper 
6957718be8SEnji Cooper 	if (pid == 0) {
7057718be8SEnji Cooper 
7157718be8SEnji Cooper 		if (chroot(buf) != 0)
7257718be8SEnji Cooper 			_exit(EXIT_FAILURE);
7357718be8SEnji Cooper 
7457718be8SEnji Cooper 		errno = 0;
7557718be8SEnji Cooper 
7657718be8SEnji Cooper 		if (chroot("/root") != -1)
7757718be8SEnji Cooper 			_exit(EXIT_FAILURE);
7857718be8SEnji Cooper 
7957718be8SEnji Cooper 		if (errno != ENOENT)
8057718be8SEnji Cooper 			_exit(EXIT_FAILURE);
8157718be8SEnji Cooper 
8257718be8SEnji Cooper 		fd = open("file", O_RDONLY | O_CREAT, 0600);
8357718be8SEnji Cooper 
8457718be8SEnji Cooper 		if (fd < 0)
8557718be8SEnji Cooper 			_exit(EXIT_FAILURE);
8657718be8SEnji Cooper 
8757718be8SEnji Cooper 		if (close(fd) != 0)
8857718be8SEnji Cooper 			_exit(EXIT_FAILURE);
8957718be8SEnji Cooper 
9057718be8SEnji Cooper 		_exit(EXIT_SUCCESS);
9157718be8SEnji Cooper 	}
9257718be8SEnji Cooper 
9357718be8SEnji Cooper 	(void)wait(&sta);
9457718be8SEnji Cooper 
9557718be8SEnji Cooper 	if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
9657718be8SEnji Cooper 		atf_tc_fail("chroot(2) failed");
9757718be8SEnji Cooper 
9857718be8SEnji Cooper 	(void)chdir("/");
9957718be8SEnji Cooper 	(void)strlcat(buf, "/file", sizeof(buf));
10057718be8SEnji Cooper 
10157718be8SEnji Cooper 	fd = open(buf, O_RDONLY);
10257718be8SEnji Cooper 
10357718be8SEnji Cooper 	if (fd < 0)
10457718be8SEnji Cooper 		atf_tc_fail("chroot(2) did not change the root directory");
10557718be8SEnji Cooper 
10657718be8SEnji Cooper 	ATF_REQUIRE(close(fd) == 0);
10757718be8SEnji Cooper 	ATF_REQUIRE(unlink(buf) == 0);
10857718be8SEnji Cooper }
10957718be8SEnji Cooper 
11057718be8SEnji Cooper ATF_TC(chroot_err);
ATF_TC_HEAD(chroot_err,tc)11157718be8SEnji Cooper ATF_TC_HEAD(chroot_err, tc)
11257718be8SEnji Cooper {
11357718be8SEnji Cooper 	atf_tc_set_md_var(tc, "descr", "Test error conditions of chroot(2)");
11457718be8SEnji Cooper 	atf_tc_set_md_var(tc, "require.user", "root");
11557718be8SEnji Cooper }
11657718be8SEnji Cooper 
ATF_TC_BODY(chroot_err,tc)11757718be8SEnji Cooper ATF_TC_BODY(chroot_err, tc)
11857718be8SEnji Cooper {
11957718be8SEnji Cooper 	char buf[PATH_MAX + 1];
12057718be8SEnji Cooper 
12157718be8SEnji Cooper 	(void)memset(buf, 'x', sizeof(buf));
12257718be8SEnji Cooper 
12357718be8SEnji Cooper 	errno = 0;
12457718be8SEnji Cooper 	ATF_REQUIRE_ERRNO(ENAMETOOLONG, chroot(buf) == -1);
12557718be8SEnji Cooper 
12657718be8SEnji Cooper 	errno = 0;
12757718be8SEnji Cooper 	ATF_REQUIRE_ERRNO(EFAULT, chroot((void *)-1) == -1);
12857718be8SEnji Cooper 
12957718be8SEnji Cooper 	errno = 0;
13057718be8SEnji Cooper 	ATF_REQUIRE_ERRNO(ENOENT, chroot("/a/b/c/d/e/f/g/h/i/j") == -1);
13157718be8SEnji Cooper }
13257718be8SEnji Cooper 
13357718be8SEnji Cooper ATF_TC(chroot_perm);
ATF_TC_HEAD(chroot_perm,tc)13457718be8SEnji Cooper ATF_TC_HEAD(chroot_perm, tc)
13557718be8SEnji Cooper {
13657718be8SEnji Cooper 	atf_tc_set_md_var(tc, "descr", "Test permissions with chroot(2)");
13757718be8SEnji Cooper 	atf_tc_set_md_var(tc, "require.user", "unprivileged");
13857718be8SEnji Cooper }
13957718be8SEnji Cooper 
ATF_TC_BODY(chroot_perm,tc)14057718be8SEnji Cooper ATF_TC_BODY(chroot_perm, tc)
14157718be8SEnji Cooper {
14257718be8SEnji Cooper 	static char buf[LINE_MAX];
14357718be8SEnji Cooper 	pid_t pid;
14457718be8SEnji Cooper 	int sta;
14557718be8SEnji Cooper 
14657718be8SEnji Cooper 	(void)memset(buf, '\0', sizeof(buf));
14757718be8SEnji Cooper 	ATF_REQUIRE(getcwd(buf, sizeof(buf)) != NULL);
14857718be8SEnji Cooper 
14957718be8SEnji Cooper 	pid = fork();
15057718be8SEnji Cooper 	ATF_REQUIRE(pid >= 0);
15157718be8SEnji Cooper 
15257718be8SEnji Cooper 	if (pid == 0) {
15357718be8SEnji Cooper 
15457718be8SEnji Cooper 		errno = 0;
15557718be8SEnji Cooper 
15657718be8SEnji Cooper 		if (chroot(buf) != -1)
15757718be8SEnji Cooper 			_exit(EXIT_FAILURE);
15857718be8SEnji Cooper 
15957718be8SEnji Cooper 		if (errno != EPERM)
16057718be8SEnji Cooper 			_exit(EXIT_FAILURE);
16157718be8SEnji Cooper 
16257718be8SEnji Cooper 		_exit(EXIT_SUCCESS);
16357718be8SEnji Cooper 	}
16457718be8SEnji Cooper 
16557718be8SEnji Cooper 	(void)wait(&sta);
16657718be8SEnji Cooper 
16757718be8SEnji Cooper 	if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
16857718be8SEnji Cooper 		atf_tc_fail("chroot(2) succeeded as unprivileged user");
16957718be8SEnji Cooper }
17057718be8SEnji Cooper 
171203a8409SEnji Cooper #ifdef __NetBSD__
17257718be8SEnji Cooper ATF_TC(fchroot_basic);
ATF_TC_HEAD(fchroot_basic,tc)17357718be8SEnji Cooper ATF_TC_HEAD(fchroot_basic, tc)
17457718be8SEnji Cooper {
17557718be8SEnji Cooper 	atf_tc_set_md_var(tc, "descr", "A basic test of fchroot(2)");
17657718be8SEnji Cooper 	atf_tc_set_md_var(tc, "require.user", "root");
17757718be8SEnji Cooper }
17857718be8SEnji Cooper 
ATF_TC_BODY(fchroot_basic,tc)17957718be8SEnji Cooper ATF_TC_BODY(fchroot_basic, tc)
18057718be8SEnji Cooper {
18157718be8SEnji Cooper 	char buf[PATH_MAX];
18257718be8SEnji Cooper 	int fd, sta;
18357718be8SEnji Cooper 	pid_t pid;
18457718be8SEnji Cooper 
18557718be8SEnji Cooper 	(void)memset(buf, '\0', sizeof(buf));
18657718be8SEnji Cooper 	(void)getcwd(buf, sizeof(buf));
18757718be8SEnji Cooper 	(void)strlcat(buf, "/dir", sizeof(buf));
18857718be8SEnji Cooper 
18957718be8SEnji Cooper 	ATF_REQUIRE(mkdir(buf, 0500) == 0);
19057718be8SEnji Cooper 	ATF_REQUIRE(chdir(buf) == 0);
19157718be8SEnji Cooper 
19257718be8SEnji Cooper 	fd = open(buf, O_RDONLY);
19357718be8SEnji Cooper 	ATF_REQUIRE(fd >= 0);
19457718be8SEnji Cooper 
19557718be8SEnji Cooper 	pid = fork();
19657718be8SEnji Cooper 	ATF_REQUIRE(pid >= 0);
19757718be8SEnji Cooper 
19857718be8SEnji Cooper 	if (pid == 0) {
19957718be8SEnji Cooper 
20057718be8SEnji Cooper 		if (fchroot(fd) != 0)
20157718be8SEnji Cooper 			_exit(EXIT_FAILURE);
20257718be8SEnji Cooper 
20357718be8SEnji Cooper 		if (close(fd) != 0)
20457718be8SEnji Cooper 			_exit(EXIT_FAILURE);
20557718be8SEnji Cooper 
20657718be8SEnji Cooper 		fd = open("file", O_RDONLY | O_CREAT, 0600);
20757718be8SEnji Cooper 
20857718be8SEnji Cooper 		if (fd < 0)
20957718be8SEnji Cooper 			_exit(EXIT_FAILURE);
21057718be8SEnji Cooper 
21157718be8SEnji Cooper 		if (close(fd) != 0)
21257718be8SEnji Cooper 			_exit(EXIT_FAILURE);
21357718be8SEnji Cooper 
21457718be8SEnji Cooper 		_exit(EXIT_SUCCESS);
21557718be8SEnji Cooper 	}
21657718be8SEnji Cooper 
21757718be8SEnji Cooper 	(void)wait(&sta);
21857718be8SEnji Cooper 
21957718be8SEnji Cooper 	if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
22057718be8SEnji Cooper 		atf_tc_fail("fchroot(2) failed");
22157718be8SEnji Cooper 
22257718be8SEnji Cooper 	(void)chdir("/");
22357718be8SEnji Cooper 	(void)strlcat(buf, "/file", sizeof(buf));
22457718be8SEnji Cooper 
22557718be8SEnji Cooper 	fd = open(buf, O_RDONLY);
22657718be8SEnji Cooper 
22757718be8SEnji Cooper 	if (fd < 0)
22857718be8SEnji Cooper 		atf_tc_fail("fchroot(2) did not change the root directory");
22957718be8SEnji Cooper 
23057718be8SEnji Cooper 	ATF_REQUIRE(close(fd) == 0);
23157718be8SEnji Cooper 	ATF_REQUIRE(unlink(buf) == 0);
23257718be8SEnji Cooper }
23357718be8SEnji Cooper 
23457718be8SEnji Cooper ATF_TC(fchroot_err);
ATF_TC_HEAD(fchroot_err,tc)23557718be8SEnji Cooper ATF_TC_HEAD(fchroot_err, tc)
23657718be8SEnji Cooper {
23757718be8SEnji Cooper 	atf_tc_set_md_var(tc, "descr", "Test error conditions of fchroot(2)");
23857718be8SEnji Cooper 	atf_tc_set_md_var(tc, "require.user", "root");
23957718be8SEnji Cooper }
24057718be8SEnji Cooper 
ATF_TC_BODY(fchroot_err,tc)24157718be8SEnji Cooper ATF_TC_BODY(fchroot_err, tc)
24257718be8SEnji Cooper {
24357718be8SEnji Cooper 	int fd;
24457718be8SEnji Cooper 
24557718be8SEnji Cooper 	fd = open("/etc/passwd", O_RDONLY);
24657718be8SEnji Cooper 	ATF_REQUIRE(fd >= 0);
24757718be8SEnji Cooper 
24857718be8SEnji Cooper 	errno = 0;
24957718be8SEnji Cooper 	ATF_REQUIRE_ERRNO(EBADF, fchroot(-1) == -1);
25057718be8SEnji Cooper 
25157718be8SEnji Cooper 	errno = 0;
25257718be8SEnji Cooper 	ATF_REQUIRE_ERRNO(ENOTDIR, fchroot(fd) == -1);
25357718be8SEnji Cooper 
25457718be8SEnji Cooper 	ATF_REQUIRE(close(fd) == 0);
25557718be8SEnji Cooper }
25657718be8SEnji Cooper 
25757718be8SEnji Cooper ATF_TC(fchroot_perm);
ATF_TC_HEAD(fchroot_perm,tc)25857718be8SEnji Cooper ATF_TC_HEAD(fchroot_perm, tc)
25957718be8SEnji Cooper {
26057718be8SEnji Cooper 	atf_tc_set_md_var(tc, "descr", "Test permissions with fchroot(2)");
26157718be8SEnji Cooper 	atf_tc_set_md_var(tc, "require.user", "root");
26257718be8SEnji Cooper }
26357718be8SEnji Cooper 
ATF_TC_BODY(fchroot_perm,tc)26457718be8SEnji Cooper ATF_TC_BODY(fchroot_perm, tc)
26557718be8SEnji Cooper {
26657718be8SEnji Cooper 	static char buf[LINE_MAX];
26757718be8SEnji Cooper 	struct passwd *pw;
26857718be8SEnji Cooper 	int fd, sta;
26957718be8SEnji Cooper 	pid_t pid;
27057718be8SEnji Cooper 
27157718be8SEnji Cooper 	(void)memset(buf, '\0', sizeof(buf));
27257718be8SEnji Cooper 	ATF_REQUIRE(getcwd(buf, sizeof(buf)) != NULL);
27357718be8SEnji Cooper 
27457718be8SEnji Cooper 	pw = getpwnam("nobody");
27557718be8SEnji Cooper 	fd = open(buf, O_RDONLY);
27657718be8SEnji Cooper 
27757718be8SEnji Cooper 	ATF_REQUIRE(fd >= 0);
27857718be8SEnji Cooper 	ATF_REQUIRE(pw != NULL);
27957718be8SEnji Cooper 
28057718be8SEnji Cooper 	pid = fork();
28157718be8SEnji Cooper 	ATF_REQUIRE(pid >= 0);
28257718be8SEnji Cooper 
28357718be8SEnji Cooper 	if (pid == 0) {
28457718be8SEnji Cooper 
28557718be8SEnji Cooper 		(void)setuid(pw->pw_uid);
28657718be8SEnji Cooper 
28757718be8SEnji Cooper 		errno = 0;
28857718be8SEnji Cooper 
28957718be8SEnji Cooper 		if (fchroot(fd) != -1)
29057718be8SEnji Cooper 			_exit(EXIT_FAILURE);
29157718be8SEnji Cooper 
29257718be8SEnji Cooper 		if (errno != EPERM)
29357718be8SEnji Cooper 			_exit(EXIT_FAILURE);
29457718be8SEnji Cooper 
29557718be8SEnji Cooper 		_exit(EXIT_SUCCESS);
29657718be8SEnji Cooper 	}
29757718be8SEnji Cooper 
29857718be8SEnji Cooper 	(void)wait(&sta);
29957718be8SEnji Cooper 
30057718be8SEnji Cooper 	if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
30157718be8SEnji Cooper 		atf_tc_fail("fchroot(2) succeeded as unprivileged user");
30257718be8SEnji Cooper }
303203a8409SEnji Cooper #endif
30457718be8SEnji Cooper 
ATF_TP_ADD_TCS(tp)30557718be8SEnji Cooper ATF_TP_ADD_TCS(tp)
30657718be8SEnji Cooper {
30757718be8SEnji Cooper 
30857718be8SEnji Cooper 	ATF_TP_ADD_TC(tp, chroot_basic);
30957718be8SEnji Cooper 	ATF_TP_ADD_TC(tp, chroot_err);
31057718be8SEnji Cooper 	ATF_TP_ADD_TC(tp, chroot_perm);
311203a8409SEnji Cooper #ifdef __NetBSD__
31257718be8SEnji Cooper 	ATF_TP_ADD_TC(tp, fchroot_basic);
31357718be8SEnji Cooper 	ATF_TP_ADD_TC(tp, fchroot_err);
31457718be8SEnji Cooper 	ATF_TP_ADD_TC(tp, fchroot_perm);
315203a8409SEnji Cooper #endif
31657718be8SEnji Cooper 
31757718be8SEnji Cooper 	return atf_no_error();
31857718be8SEnji Cooper }
319