It will be used in LTP IMA tests. Not only it removes external dependency, but also fixes problem when 'nobody' user is not possible to use due using /usr/sbin/nologin shell.
Suggested-by: Jan Stancek <[email protected]> Signed-off-by: Petr Vorel <[email protected]> --- doc/users/setup_tests.rst | 4 ++++ testcases/lib/.gitignore | 1 + testcases/lib/Makefile | 2 +- testcases/lib/tst_runas.c | 50 +++++++++++++++++++++++++++++++++++++++ 4 files changed, 56 insertions(+), 1 deletion(-) create mode 100644 testcases/lib/tst_runas.c diff --git a/doc/users/setup_tests.rst b/doc/users/setup_tests.rst index 38976f3b0a..e3608127e4 100644 --- a/doc/users/setup_tests.rst +++ b/doc/users/setup_tests.rst @@ -71,6 +71,10 @@ users. * - LTP_IMA_LOAD_POLICY - Load IMA example policy, see :master:`testcases/kernel/security/integrity/ima/README.md`. + * - LTP_USR_UID, LTP_USR_GID + - Set UID and GID of ``nobody`` user for :doc:`../developers/api_shell_tests`, + see :master:`testcases/lib/tst_runas.c`. + * - LTP_VIRT_OVERRIDE - Overrides virtual machine detection in the test library. Setting it to empty string, tells the library that system is not a virtual machine. diff --git a/testcases/lib/.gitignore b/testcases/lib/.gitignore index 19d7c67bbe..c379cd5ac4 100644 --- a/testcases/lib/.gitignore +++ b/testcases/lib/.gitignore @@ -26,3 +26,4 @@ /tst_res_ /tst_run_shell /tst_remaining_runtime +/tst_runas diff --git a/testcases/lib/Makefile b/testcases/lib/Makefile index 2309a42a3d..e2461924a7 100644 --- a/testcases/lib/Makefile +++ b/testcases/lib/Makefile @@ -17,6 +17,6 @@ MAKE_TARGETS := tst_sleep tst_random tst_checkpoint tst_rod tst_kvcmp\ tst_get_median tst_hexdump tst_get_free_pids tst_timeout_kill\ tst_check_kconfigs tst_cgctl tst_fsfreeze tst_ns_create tst_ns_exec\ tst_ns_ifmove tst_lockdown_enabled tst_secureboot_enabled tst_res_\ - tst_run_shell tst_remaining_runtime + tst_run_shell tst_remaining_runtime tst_runas include $(top_srcdir)/include/mk/generic_trunk_target.mk diff --git a/testcases/lib/tst_runas.c b/testcases/lib/tst_runas.c new file mode 100644 index 0000000000..e8d5d8dd9d --- /dev/null +++ b/testcases/lib/tst_runas.c @@ -0,0 +1,50 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright (c) 2025 Petr Vorel <[email protected]> + */ + +#define LTP_USR_UID 65534 +#define LTP_USR_GID 65534 + +#define TST_NO_DEFAULT_MAIN +#include "tst_test.h" + +static void print_help(void) +{ + fprintf(stderr, "Usage: %s cmd [args] ...\n", __FILE__); + fprintf(stderr, "Usage: %s cmd [-h] print help\n\n", __FILE__); + + fprintf(stderr, "Environment Variables\n"); + fprintf(stderr, "LTP_USR_UID: UID of 'nobody' user, defaults %d\n", + LTP_USR_UID); + fprintf(stderr, "LTP_USR_GID: GID of 'nobody' user, defaults %d\n", + LTP_USR_GID); +} + +int main(int argc, char *argv[]) +{ + if (argc < 2 || !strcmp(argv[1], "-h")) { + print_help(); + return 1; + } + + unsigned uid = LTP_USR_UID, gid = LTP_USR_GID; + + char *uid_env = getenv(TST_TO_STR_(LTP_USR_UID)); + char *gid_env = getenv(TST_TO_STR_(LTP_USR_GID)); + + if (uid_env) + uid = SAFE_STRTOL(uid_env, 1, INT_MAX); + + if (gid_env) + gid = SAFE_STRTOL(gid_env, 1, INT_MAX); + + tst_res(TINFO, "UID: %d, GID: %d", uid, gid); + SAFE_SETGROUPS(0, NULL); + SAFE_SETRESGID(gid, gid, gid); + SAFE_SETRESUID(uid, uid, uid); + + SAFE_CMD((const char * const *)&argv[1], NULL, NULL); + + return 0; +} -- 2.51.0
