Git wants to ensure that you do not read .git owned by other users.
But we fetch+build as 'build' user, and run tests as root user. Those
tests calculate git topdir using git rev-parse --show-toplevel, which
git now fails.
Setting safe.directory, seems wrong. Let's just use bash to figure
out the top dir.
sleep 2s before running newxidmap - it seems we were sometimes
racing, causing newxidmap to fail.
Make sure to remove /tmp/test-xidmap, for some reason they
were sometimes still there, causing test to fail.
Fix some irregular tabbing.
Signed-off-by: Serge Hallyn <serge@hallyn.com>
Rename list_subid_ranges to getsubids to provide a system binary to
check the sub*ids of a user. The intention is to provide this binary
with any distribution that includes the subid feature, so that system
administrators can check the subid ranges of a given user.
Finally, add a man page to explain the behaviour of getsubids.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1980780
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Following alexey-tikhonov's suggestion.
Since we've dropped the 'owner' field in the data returned for
get_subid_ranges, we can just return a single allocated array of
simple structs. This means we can return a ** instead of ***, and
we can get rid of the subid_free_ranges() helper, since the caller
can just free() the returned data.
Signed-off-by: Serge Hallyn <serge@hallyn.com>
Closes: 339
struct subordinate_range is pretty closely tied to the existing
subid code and /etc/subuid format, so it includes an owner. Dropping
that or even renaming it is more painful than I'd first thought.
So introduce a 'struct subid_range' which is only the start and
count, leaving 'struct subordinate_range' as the owner, start and
count.
Signed-off-by: Serge Hallyn <serge@hallyn.com>
Otherwise our su -p uses bash if that is what root was
configured to use, and then fails to read /root/ for
.bash_profile. This caused an unexpected error message
in /tmp/err, failing the test.
Signed-off-by: Serge Hallyn <serge@hallyn.com>
Closes#154
When starting any operation to do with subuid delegation, check
nsswitch for a module to use. If none is specified, then use
the traditional /etc/subuid and /etc/subgid files.
Currently only one module is supported, and there is no fallback
to the files on errors. Several possibilities could be considered:
1. in case of connection error, fall back to files
2. in case of unknown user, also fall back to files
etc...
When non-files nss module is used, functions to edit the range
are not supported. It may make sense to support it, but it also
may make sense to require another tool to be used.
libsubordinateio also uses the nss_ helpers. This is how for instance
lxc could easily be converted to supporting nsswitch.
Add a set of test cases, including a dummy libsubid_zzz module. This
hardcodes values such that:
'ubuntu' gets 200000 - 300000
'user1' gets 100000 - 165536
'error' emulates an nss module error
'unknown' emulates a user unknown to the nss module
'conn' emulates a connection error ot the nss module
Changes to libsubid:
Change the list_owner_ranges api: return a count instead of making the array
null terminated.
This is a breaking change, so bump the libsubid abi major number.
Rename free_subuid_range and free_subgid_range to ungrant_subuid_range,
because otherwise it's confusing with free_subid_ranges which frees
memory.
Run libsubid tests in jenkins
Switch argument order in find_subid_owners
Move the db locking into subordinateio.c
Signed-off-by: Serge Hallyn <serge@hallyn.com>
Some of these tests seem wrong. The assume that
su -- -c command
should work, whereas -- should mean pass all remaining arguments
along to the command.
Add some new tests based on examples in Issue 253
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
Closes#154
Currently this has three functions: one which returns the
list of subuid ranges for a user, one returning the subgids,
and one which frees the ranges lists.
I might be mistaken about what -disable-man means; some of
the code suggests it means just don't re-generate them, but
not totally ignore them. But that doesn't seem to really work,
so let's just ignore man/ when -disable-man.
Remove --disable-shared. I'm not sure why it was there, but it stems
from long, long ago, and I suspect it comes from some ancient
toolchain bug.
Create a tests/run_some, a shorter version of run_all. I'll
slowly add tests to this as I verify they work, then I can
work on fixing the once which don't.
Also, don't touch man/ if not -enable-man.
Changelog:
Apr 22: change the subid list api as recomended by Dan Walsh.
Apr 23: implement get_subid_owner
Apr 24: implement range add/release
Apr 25: finish tests and rebase
May 10: make @owner const
Signed-off-by: Serge Hallyn <serge@hallyn.com>
Serge Hallyn
KOSHIKAWA Kenichi
Iker Pedrosa
a1346054
Martijn de Gouw
Serge Hallyn
Josh Soref
WheresAlice
Balint Reczey
Nicolas François