Re: Another A:T patch for review

Wed, 21 Apr 2010 01:05:10 -0700 

On Tuesday 20 April 2010 23:51:40 Fred Moyer wrote:
> This is a more extensive patch than the one I submitted a couple days
> ago.  This makes a move to keep any Apache::Test tests (or tests in
> modules that use Apache::Test) from running as root.  Most tests are
> likely being run as non-privileged users currently; if you ever ran
> them as root you likely had to change the permissions of the build
> files, so that seems to be an exception.
> 
> There's one more addition here where the prompt to skip the test suite
> is skipped if the tests are running under $ENV{AUTOMATED_TESTING}

The root of the problem if I understand it correctly is that Apache doesn't 
run as

  User root

unless compiled with a special BIG_SECURITY_HOLE flag or so.

So, we have to start it as an unprivileged user.

But now, ServerRoot, DocumentRoot etc might not be read/writable by the user. 
Stas tried to solve that by chowning or chmoding our files. Still the tests 
can fail if the current directory is not accessible by the unprivileged user 
because some parent directory is forbidden.

Why not create a temp dir as the unprivileged user (using File::Temp, so the 
base path can be adjusted via $ENV{TMPDIR}) and copy all the stuff needed by 
Apache there.

Assuming that the stuff that needs to be copied is all in t and perhaps blib 
these directories can even be symlinked (or "mount --bind"ed on linux) back to 
the current directory.

Another way to deal with it may be:

   PREREQ_PM  => {
     ($<==0 ? ('Please retry as non-privilged user'=>0) : ()),
     ...
   },

or see "How can I stop getting FAIL reports for missing libraries or other 
non-Perl dependencies?" in http://wiki.cpantesters.org/wiki/CPANAuthorNotes

> Index: lib/Apache/TestMM.pm
> ===================================================================
> --- lib/Apache/TestMM.pm        (revision 935715)
> +++ lib/Apache/TestMM.pm        (working copy)
> @@ -22,6 +22,29 @@
>  use Apache::TestConfig ();
>  use Apache::TestTrace;
> 
> +
> +sub is_root {
> +    my $user = getpwuid($>) || '';
> +
> +    return unless $user eq 'root';

why not C<< $>==0 >>?

This is what apache checks, not the name.

Torsten Förtsch

-- 
Need professional modperl support? Hire me! (http://foertsch.name)

Like fantasy? http://kabatinte.net

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@perl.apache.org
For additional commands, e-mail: dev-h...@perl.apache.org

Reply via email to