xref: /freebsd/crypto/openssh/regress/sftp-chroot.sh (revision 535af610a4fdace6d50960c0ad9be0597eea7a1b) 
1*535af610SEd Maste#	$OpenBSD: sftp-chroot.sh,v 1.9 2023/05/12 06:37:42 djm Exp $
2ce3adf43SDag-Erling Smørgrav#	Placed in the Public Domain.
3ce3adf43SDag-Erling Smørgrav
4ce3adf43SDag-Erling Smørgravtid="sftp in chroot"
5ce3adf43SDag-Erling Smørgrav
6ce3adf43SDag-Erling SmørgravCHROOT=/var/run
719261079SEd MasteFILENAME=testdata_${USER}.$$
8ce3adf43SDag-Erling SmørgravPRIVDATA=${CHROOT}/${FILENAME}
919261079SEd Mastetrap "${SUDO} rm -f ${PRIVDATA}" 0
10ce3adf43SDag-Erling Smørgrav
11ca86bcf2SDag-Erling Smørgravif [ -z "$SUDO" -a ! -w /var/run ]; then
12e9e8876aSEd Maste	skip "need SUDO to create file in /var/run, test won't work without"
13ce3adf43SDag-Erling Smørgravfi
14ce3adf43SDag-Erling Smørgrav
15acc1a9efSDag-Erling Smørgravif ! $OBJ/check-perm -m chroot "$CHROOT" ; then
16e9e8876aSEd Maste  skip "$CHROOT is unsuitable as ChrootDirectory"
17acc1a9efSDag-Erling Smørgravfi
18acc1a9efSDag-Erling Smørgrav
19ce3adf43SDag-Erling Smørgrav$SUDO sh -c "echo mekmitastdigoat > $PRIVDATA" || \
20ce3adf43SDag-Erling Smørgrav	fatal "create $PRIVDATA failed"
21ce3adf43SDag-Erling Smørgrav
22*535af610SEd Masteecho "ForceCommand internal-sftp -d /" >> $OBJ/sshd_config
23*535af610SEd Maste
24*535af610SEd Mastestart_sshd -oChrootDirectory=$CHROOT
25ce3adf43SDag-Erling Smørgrav
26ce3adf43SDag-Erling Smørgravverbose "test $tid: get"
27b83788ffSDag-Erling Smørgrav${SFTP} -S "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY \
28b83788ffSDag-Erling Smørgrav    >>$TEST_REGRESS_LOGFILE 2>&1 || \
29ce3adf43SDag-Erling Smørgrav	fatal "Fetch ${FILENAME} failed"
30ce3adf43SDag-Erling Smørgravcmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ"
31*535af610SEd Maste
32*535af610SEd Mastestop_sshd
33*535af610SEd Maste
34*535af610SEd Masteverbose "test $tid: match"
35*535af610SEd Mastecat << EOF >> $OBJ/sshd_config
36*535af610SEd MasteMatch All
37*535af610SEd Maste	ChrootDirectory $CHROOT
38*535af610SEd MasteEOF
39*535af610SEd Mastestart_sshd
40*535af610SEd Maste$SUDO sh -c "echo orpheanbeholder > $PRIVDATA" || \
41*535af610SEd Maste	fatal "create $PRIVDATA failed"
42*535af610SEd Maste${SFTP} -S "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY \
43*535af610SEd Maste    >>$TEST_REGRESS_LOGFILE 2>&1 || \
44*535af610SEd Maste	fatal "Fetch ${FILENAME} failed"
45*535af610SEd Mastecmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ"
46*535af610SEd Maste
47*535af610SEd Mastestop_sshd
48