1*57718be8SEnji Cooper /* $NetBSD: t_revoke.c,v 1.1 2011/07/07 06:57:54 jruoho Exp $ */ 2*57718be8SEnji Cooper 3*57718be8SEnji Cooper /*- 4*57718be8SEnji Cooper * Copyright (c) 2011 The NetBSD Foundation, Inc. 5*57718be8SEnji Cooper * All rights reserved. 6*57718be8SEnji Cooper * 7*57718be8SEnji Cooper * This code is derived from software contributed to The NetBSD Foundation 8*57718be8SEnji Cooper * by Jukka Ruohonen. 9*57718be8SEnji Cooper * 10*57718be8SEnji Cooper * Redistribution and use in source and binary forms, with or without 11*57718be8SEnji Cooper * modification, are permitted provided that the following conditions 12*57718be8SEnji Cooper * are met: 13*57718be8SEnji Cooper * 1. Redistributions of source code must retain the above copyright 14*57718be8SEnji Cooper * notice, this list of conditions and the following disclaimer. 15*57718be8SEnji Cooper * 2. Redistributions in binary form must reproduce the above copyright 16*57718be8SEnji Cooper * notice, this list of conditions and the following disclaimer in the 17*57718be8SEnji Cooper * documentation and/or other materials provided with the distribution. 18*57718be8SEnji Cooper * 19*57718be8SEnji Cooper * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20*57718be8SEnji Cooper * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21*57718be8SEnji Cooper * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22*57718be8SEnji Cooper * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23*57718be8SEnji Cooper * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24*57718be8SEnji Cooper * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25*57718be8SEnji Cooper * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26*57718be8SEnji Cooper * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27*57718be8SEnji Cooper * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28*57718be8SEnji Cooper * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29*57718be8SEnji Cooper * POSSIBILITY OF SUCH DAMAGE. 30*57718be8SEnji Cooper */ 31*57718be8SEnji Cooper #include <sys/cdefs.h> 32*57718be8SEnji Cooper __RCSID("$NetBSD: t_revoke.c,v 1.1 2011/07/07 06:57:54 jruoho Exp $"); 33*57718be8SEnji Cooper 34*57718be8SEnji Cooper #include <sys/resource.h> 35*57718be8SEnji Cooper #include <sys/wait.h> 36*57718be8SEnji Cooper 37*57718be8SEnji Cooper #include <atf-c.h> 38*57718be8SEnji Cooper #include <fcntl.h> 39*57718be8SEnji Cooper #include <errno.h> 40*57718be8SEnji Cooper #include <pwd.h> 41*57718be8SEnji Cooper #include <stdio.h> 42*57718be8SEnji Cooper #include <stdlib.h> 43*57718be8SEnji Cooper #include <string.h> 44*57718be8SEnji Cooper #include <unistd.h> 45*57718be8SEnji Cooper 46*57718be8SEnji Cooper static const char path[] = "revoke"; 47*57718be8SEnji Cooper 48*57718be8SEnji Cooper ATF_TC_WITH_CLEANUP(revoke_basic); 49*57718be8SEnji Cooper ATF_TC_HEAD(revoke_basic, tc) 50*57718be8SEnji Cooper { 51*57718be8SEnji Cooper atf_tc_set_md_var(tc, "descr", "A basic test of revoke(2)"); 52*57718be8SEnji Cooper } 53*57718be8SEnji Cooper 54*57718be8SEnji Cooper ATF_TC_BODY(revoke_basic, tc) 55*57718be8SEnji Cooper { 56*57718be8SEnji Cooper struct rlimit res; 57*57718be8SEnji Cooper char tmp[10]; 58*57718be8SEnji Cooper size_t i, n; 59*57718be8SEnji Cooper int *buf; 60*57718be8SEnji Cooper 61*57718be8SEnji Cooper (void)memset(&res, 0, sizeof(struct rlimit)); 62*57718be8SEnji Cooper (void)getrlimit(RLIMIT_NOFILE, &res); 63*57718be8SEnji Cooper 64*57718be8SEnji Cooper if ((n = res.rlim_cur / 10) == 0) 65*57718be8SEnji Cooper n = 10; 66*57718be8SEnji Cooper 67*57718be8SEnji Cooper buf = calloc(n, sizeof(int)); 68*57718be8SEnji Cooper ATF_REQUIRE(buf != NULL); 69*57718be8SEnji Cooper 70*57718be8SEnji Cooper buf[0] = open(path, O_RDWR | O_CREAT, 0600); 71*57718be8SEnji Cooper ATF_REQUIRE(buf[0] >= 0); 72*57718be8SEnji Cooper 73*57718be8SEnji Cooper for (i = 1; i < n; i++) { 74*57718be8SEnji Cooper buf[i] = open(path, O_RDWR); 75*57718be8SEnji Cooper ATF_REQUIRE(buf[i] >= 0); 76*57718be8SEnji Cooper } 77*57718be8SEnji Cooper 78*57718be8SEnji Cooper ATF_REQUIRE(revoke(path) == 0); 79*57718be8SEnji Cooper 80*57718be8SEnji Cooper for (i = 0; i < n; i++) { 81*57718be8SEnji Cooper 82*57718be8SEnji Cooper ATF_REQUIRE(read(buf[i], tmp, sizeof(tmp)) == -1); 83*57718be8SEnji Cooper 84*57718be8SEnji Cooper (void)close(buf[i]); 85*57718be8SEnji Cooper } 86*57718be8SEnji Cooper 87*57718be8SEnji Cooper free(buf); 88*57718be8SEnji Cooper 89*57718be8SEnji Cooper (void)unlink(path); 90*57718be8SEnji Cooper } 91*57718be8SEnji Cooper 92*57718be8SEnji Cooper ATF_TC_CLEANUP(revoke_basic, tc) 93*57718be8SEnji Cooper { 94*57718be8SEnji Cooper (void)unlink(path); 95*57718be8SEnji Cooper } 96*57718be8SEnji Cooper 97*57718be8SEnji Cooper ATF_TC(revoke_err); 98*57718be8SEnji Cooper ATF_TC_HEAD(revoke_err, tc) 99*57718be8SEnji Cooper { 100*57718be8SEnji Cooper atf_tc_set_md_var(tc, "descr", "Test errors from revoke(2)"); 101*57718be8SEnji Cooper atf_tc_set_md_var(tc, "require.user", "unprivileged"); 102*57718be8SEnji Cooper } 103*57718be8SEnji Cooper 104*57718be8SEnji Cooper ATF_TC_BODY(revoke_err, tc) 105*57718be8SEnji Cooper { 106*57718be8SEnji Cooper char buf[1024 + 1]; /* XXX: From the manual page... */ 107*57718be8SEnji Cooper 108*57718be8SEnji Cooper (void)memset(buf, 'x', sizeof(buf)); 109*57718be8SEnji Cooper 110*57718be8SEnji Cooper errno = 0; 111*57718be8SEnji Cooper ATF_REQUIRE_ERRNO(EFAULT, revoke((char *)-1) == -1); 112*57718be8SEnji Cooper 113*57718be8SEnji Cooper errno = 0; 114*57718be8SEnji Cooper ATF_REQUIRE_ERRNO(ENAMETOOLONG, revoke(buf) == -1); 115*57718be8SEnji Cooper 116*57718be8SEnji Cooper errno = 0; 117*57718be8SEnji Cooper ATF_REQUIRE_ERRNO(EPERM, revoke("/etc/passwd") == -1); 118*57718be8SEnji Cooper 119*57718be8SEnji Cooper errno = 0; 120*57718be8SEnji Cooper ATF_REQUIRE_ERRNO(ENOENT, revoke("/etc/xxx/yyy") == -1); 121*57718be8SEnji Cooper } 122*57718be8SEnji Cooper 123*57718be8SEnji Cooper ATF_TC_WITH_CLEANUP(revoke_perm); 124*57718be8SEnji Cooper ATF_TC_HEAD(revoke_perm, tc) 125*57718be8SEnji Cooper { 126*57718be8SEnji Cooper atf_tc_set_md_var(tc, "descr", "Test permissions revoke(2)"); 127*57718be8SEnji Cooper atf_tc_set_md_var(tc, "require.user", "root"); 128*57718be8SEnji Cooper } 129*57718be8SEnji Cooper 130*57718be8SEnji Cooper ATF_TC_BODY(revoke_perm, tc) 131*57718be8SEnji Cooper { 132*57718be8SEnji Cooper struct passwd *pw; 133*57718be8SEnji Cooper int fd, sta; 134*57718be8SEnji Cooper pid_t pid; 135*57718be8SEnji Cooper 136*57718be8SEnji Cooper pw = getpwnam("nobody"); 137*57718be8SEnji Cooper fd = open(path, O_RDWR | O_CREAT, 0600); 138*57718be8SEnji Cooper 139*57718be8SEnji Cooper ATF_REQUIRE(fd >= 0); 140*57718be8SEnji Cooper ATF_REQUIRE(pw != NULL); 141*57718be8SEnji Cooper ATF_REQUIRE(revoke(path) == 0); 142*57718be8SEnji Cooper 143*57718be8SEnji Cooper pid = fork(); 144*57718be8SEnji Cooper ATF_REQUIRE(pid >= 0); 145*57718be8SEnji Cooper 146*57718be8SEnji Cooper if (pid == 0) { 147*57718be8SEnji Cooper 148*57718be8SEnji Cooper if (setuid(pw->pw_uid) != 0) 149*57718be8SEnji Cooper _exit(EXIT_FAILURE); 150*57718be8SEnji Cooper 151*57718be8SEnji Cooper errno = 0; 152*57718be8SEnji Cooper 153*57718be8SEnji Cooper if (revoke(path) == 0) 154*57718be8SEnji Cooper _exit(EXIT_FAILURE); 155*57718be8SEnji Cooper 156*57718be8SEnji Cooper if (errno != EACCES) 157*57718be8SEnji Cooper _exit(EXIT_FAILURE); 158*57718be8SEnji Cooper 159*57718be8SEnji Cooper if (close(fd) != 0) 160*57718be8SEnji Cooper _exit(EXIT_FAILURE); 161*57718be8SEnji Cooper 162*57718be8SEnji Cooper _exit(EXIT_SUCCESS); 163*57718be8SEnji Cooper } 164*57718be8SEnji Cooper 165*57718be8SEnji Cooper (void)wait(&sta); 166*57718be8SEnji Cooper 167*57718be8SEnji Cooper if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS) 168*57718be8SEnji Cooper atf_tc_fail("revoke(2) did not obey permissions"); 169*57718be8SEnji Cooper 170*57718be8SEnji Cooper ATF_REQUIRE(unlink(path) == 0); 171*57718be8SEnji Cooper } 172*57718be8SEnji Cooper 173*57718be8SEnji Cooper ATF_TC_CLEANUP(revoke_perm, tc) 174*57718be8SEnji Cooper { 175*57718be8SEnji Cooper (void)unlink(path); 176*57718be8SEnji Cooper } 177*57718be8SEnji Cooper 178*57718be8SEnji Cooper ATF_TP_ADD_TCS(tp) 179*57718be8SEnji Cooper { 180*57718be8SEnji Cooper 181*57718be8SEnji Cooper ATF_TP_ADD_TC(tp, revoke_basic); 182*57718be8SEnji Cooper ATF_TP_ADD_TC(tp, revoke_err); 183*57718be8SEnji Cooper ATF_TP_ADD_TC(tp, revoke_perm); 184*57718be8SEnji Cooper 185*57718be8SEnji Cooper return atf_no_error(); 186*57718be8SEnji Cooper } 187