Commit Graph

62 Commits

Author SHA1 Message Date
Serge Hallyn
5a7ed86fba Work around git safe.directory enforcement
Git wants to ensure that you do not read .git owned by other users.
But we fetch+build as 'build' user, and run tests as root user.  Those
tests calculate git topdir using git rev-parse --show-toplevel, which
git now fails.

Setting safe.directory, seems wrong.  Let's just use bash to figure
out the top dir.
2022-04-25 10:52:29 -05:00
Serge Hallyn
4ce27b5e60 nss test_range: make sure /etc/nsswitch.conf and /etc/subuid exists
Signed-off-by: Serge Hallyn <serge@hallyn.com>
2021-12-27 15:47:29 -06:00
Serge Hallyn
962c820fba fix newuidmap testcase
sleep 2s before running newxidmap - it seems we were sometimes
racing, causing newxidmap to fail.

Make sure to remove /tmp/test-xidmap, for some reason they
were sometimes still there, causing test to fail.

Fix some irregular tabbing.

Signed-off-by: Serge Hallyn <serge@hallyn.com>
2021-12-27 09:27:44 -06:00
Serge Hallyn
363eab25f0 libsubid_zzz (test): fix pointer test
Signed-off-by: Serge Hallyn <serge@hallyn.com>
2021-12-27 09:26:55 -06:00
Serge Hallyn
4758641b1d run_some: exit error if there were failed tests
Signed-off-by: Serge Hallyn <serge@hallyn.com>
2021-12-27 09:26:32 -06:00
KOSHIKAWA Kenichi
f7c2a54212 fixed typo in login.defs 2021-12-06 01:41:17 +09:00
Iker Pedrosa
3b6ccf642c getsubids: system binary for user's sub*ids
Rename list_subid_ranges to getsubids to provide a system binary to
check the sub*ids of a user. The intention is to provide this binary
with any distribution that includes the subid feature, so that system
administrators can check the subid ranges of a given user.

Finally, add a man page to explain the behaviour of getsubids.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1980780

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
2021-11-17 16:35:50 +01:00
a1346054
ecfcaed0b5 fix some shellcheck-identified issues in scripts 2021-08-18 18:21:06 +00:00
a1346054
f20c688a18 use a geographically close URL 2021-08-18 18:07:50 +00:00
Serge Hallyn
3d670ba7ed nss/libsubid: simplify the ranges variable for list_owner_ranges
Following alexey-tikhonov's suggestion.

Since we've dropped the 'owner' field in the data returned for
get_subid_ranges, we can just return a single allocated array of
simple structs.  This means we can return a ** instead of ***, and
we can get rid of the subid_free_ranges() helper, since the caller
can just free() the returned data.

Signed-off-by: Serge Hallyn <serge@hallyn.com>
2021-05-22 17:59:57 -05:00
Serge Hallyn
322db32971 Don't return owner in list_owner_ranges API call.
Closes: 339

struct subordinate_range is pretty closely tied to the existing
subid code and /etc/subuid format, so it includes an owner.  Dropping
that or even renaming it is more painful than I'd first thought.
So introduce a 'struct subid_range' which is only the start and
count, leaving 'struct subordinate_range' as the owner, start and
count.

Signed-off-by: Serge Hallyn <serge@hallyn.com>
2021-05-16 21:49:53 -05:00
Serge Hallyn
cc7ea6e8e5 tests: fix su failures under travis
HOME has to start as /root since we are testing
that su didn't change it.

Signed-off-by: Serge Hallyn <serge@hallyn.com>
2021-04-16 21:03:08 -05:00
Serge Hallyn
fa90ac11c8 su/03: export shell = sh
Otherwise our su -p uses bash if that is what root was
configured to use, and then fails to read /root/ for
.bash_profile.  This caused an unexpected error message
in /tmp/err, failing the test.

Signed-off-by: Serge Hallyn <serge@hallyn.com>
2021-04-16 21:03:08 -05:00
Serge Hallyn
716f3f99ce test: su -p doesn't set home
with out also doing '-'

Signed-off-by: Serge Hallyn <serge@hallyn.com>
2021-04-16 21:03:08 -05:00
Serge Hallyn
8492dee663 subids: support nsswitch
Closes #154

When starting any operation to do with subuid delegation, check
nsswitch for a module to use.  If none is specified, then use
the traditional /etc/subuid and /etc/subgid files.

Currently only one module is supported, and there is no fallback
to the files on errors.  Several possibilities could be considered:

1. in case of connection error, fall back to files
2. in case of unknown user, also fall back to files

etc...

When non-files nss module is used, functions to edit the range
are not supported.  It may make sense to support it, but it also
may make sense to require another tool to be used.

libsubordinateio also uses the nss_ helpers.  This is how for instance
lxc could easily be converted to supporting nsswitch.

Add a set of test cases, including a dummy libsubid_zzz module.  This
hardcodes values such that:

'ubuntu' gets 200000 - 300000
'user1' gets 100000 - 165536
'error' emulates an nss module error
'unknown' emulates a user unknown to the nss module
'conn' emulates a connection error ot the nss module

Changes to libsubid:

Change the list_owner_ranges api: return a count instead of making the array
null terminated.

This is a breaking change, so bump the libsubid abi major number.

Rename free_subuid_range and free_subgid_range to ungrant_subuid_range,
because otherwise it's confusing with free_subid_ranges which frees
    memory.

Run libsubid tests in jenkins

Switch argument order in find_subid_owners

Move the db locking into subordinateio.c

Signed-off-by: Serge Hallyn <serge@hallyn.com>
2021-04-16 21:02:37 -05:00
Martijn de Gouw
246d5c1c25 Add tests for group checking in newuidmap/newgidmap 2021-02-08 13:32:18 +01:00
Serge Hallyn
c32743808d Revert "Update su tests"
This reverts commit cf8101aaae.
2020-08-28 15:15:47 -05:00
Serge Hallyn
cf8101aaae Update su tests
Some of these tests seem wrong.  The assume that

    su -- -c command

should work, whereas -- should mean pass all remaining arguments
along to the command.

Add some new tests based on examples in Issue 253

Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2020-08-27 23:59:07 -05:00
Serge Hallyn
0a7888b1fa Create a new libsubid
Closes #154

Currently this has three functions: one which returns the
list of subuid ranges for a user, one returning the subgids,
and one which frees the ranges lists.

I might be mistaken about what -disable-man means;  some of
the code suggests it means just don't re-generate them, but
not totally ignore them.  But that doesn't seem to really work,
so let's just ignore man/ when -disable-man.

Remove --disable-shared.  I'm not sure why it was there, but it stems
from long, long ago, and I suspect it comes from some ancient
toolchain bug.

Create a tests/run_some, a shorter version of run_all.  I'll
slowly add tests to this as I verify they work, then I can
work on fixing the once which don't.

Also, don't touch man/ if not -enable-man.

Changelog:
	Apr 22: change the subid list api as recomended by Dan Walsh.
	Apr 23: implement get_subid_owner
	Apr 24: implement range add/release
	Apr 25: finish tests and rebase
	May 10: make @owner const

Signed-off-by: Serge Hallyn <serge@hallyn.com>
2020-06-07 12:11:58 -05:00
Serge Hallyn
089cf55e2c drop svn complications from test runner
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2020-06-07 12:07:14 -05:00
Serge Hallyn
316a153abb tests: use git to determine top_dir
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2020-06-07 12:07:09 -05:00
Josh Soref
5070132ee6
spelling: with-an 2020-03-17 17:09:26 -04:00
Josh Soref
a063580dbb spelling: within 2017-10-22 21:37:53 +00:00
Josh Soref
08248f0859 spelling: typical 2017-10-22 21:28:58 +00:00
Josh Soref
2c930b19ba spelling: succeeded 2017-10-22 21:23:22 +00:00
Josh Soref
4e0ac33eae spelling: password 2017-10-22 21:03:28 +00:00
Josh Soref
146a0da7b3 spelling: overridden 2017-10-22 21:01:25 +00:00
Josh Soref
008be2848e spelling: nonexistent 2017-10-22 20:54:42 +00:00
Josh Soref
63261593c8 spelling: negative 2017-10-22 20:48:57 +00:00
Josh Soref
4724e503b0 spelling: multiple 2017-10-22 20:41:18 +00:00
Josh Soref
5136659a59 spelling: maximum 2017-10-22 20:33:55 +00:00
Josh Soref
0556fea593 spelling: locally 2017-10-22 20:28:46 +00:00
Josh Soref
74fcf6f28d spelling: interactive 2017-10-22 20:24:32 +00:00
Josh Soref
70eb03ec29 spelling: inserted 2017-10-22 20:22:44 +00:00
Josh Soref
1adf386345 spelling: if the 2017-10-22 19:47:52 +00:00
Josh Soref
3025b9ebac spelling: groupmod 2017-10-22 19:33:50 +00:00
Josh Soref
831ff281d0 spelling: equivalent 2017-10-22 19:11:20 +00:00
Josh Soref
742868dc2d spelling: display its 2017-10-22 18:44:58 +00:00
Josh Soref
f7abcfb39a spelling: devices 2017-10-22 18:40:47 +00:00
Josh Soref
016bc8b813 spelling: default 2017-10-22 18:34:35 +00:00
Josh Soref
eb9db854d7 spelling: constraints 2017-10-22 21:07:23 +00:00
Josh Soref
60d2888605 spelling: comment 2017-10-22 18:25:35 +00:00
Josh Soref
2db724bc50 spelling: change 2017-10-22 08:24:59 +00:00
Josh Soref
483de7d614 spelling: beginning 2017-10-22 08:04:51 +00:00
Josh Soref
bd6f2760a3 spelling: at the 2017-10-22 08:00:59 +00:00
WheresAlice
1e98b3b559 Make language less binary 2017-09-20 17:00:29 +01:00
Balint Reczey
c8508fabd0 Replace user´s -> user's to make login.def files valid ASCII instead of UTF-8
The Unicode character caused issues in LANG=C environment.
See Debian bug #850338 for details.
2017-01-18 16:54:51 +01:00
Nicolas François
6b65c6aeae Test userdel/usermod when homedir is a symlink 2014-09-21 00:36:24 +02:00
Nicolas François
3fb292f3c7 Extend checks for changing U/GID in home directory
Add files with user or group owner different from the user.
2014-09-21 00:36:23 +02:00
Nicolas François
a8bf8af5aa Extend checks for moving home directory
Add hard link to files inside or outside the home directory)
Add files with user or group owner different from the user.
2014-09-21 00:36:16 +02:00