[gentoo-commits] proj/sandbox:master commit in: tests/

2023-07-01 Thread Mike Gilbert 
commit: e5032c6b89621db0475e36fb06c2905b6a9c024c
Author: Michael Orlitzky  gentoo  org>
AuthorDate: Sat Jul  1 20:52:34 2023 +
Commit: Mike Gilbert  gentoo  org>
CommitDate: Sat Jul  1 23:51:18 2023 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=e5032c6b

tests: use explicit adddeny() calls in fchmod and fchown tests.

When running the test suite under portage, the entire build directory
will be writable because portage adds PORTAGE_TMPDIR to SANDBOX_WRITE
(thanks floppym). This breaks the tests for these two wrappers, since
they expect to fail when trying to write above $PWD.

To avoid that, we create a new file to call fchown/fchmod on, and then
explicitly deny access to it.

Closes: https://bugs.gentoo.org/909445
Signed-off-by: Michael Orlitzky  gentoo.org>
Signed-off-by: Mike Gilbert  gentoo.org>

 tests/fchmod-1.sh | 6 +-
 tests/fchown-1.sh | 6 +-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/tests/fchmod-1.sh b/tests/fchmod-1.sh
index db404ba..140d84f 100755
--- a/tests/fchmod-1.sh
+++ b/tests/fchmod-1.sh
@@ -4,11 +4,15 @@
 #
 
 addwrite $PWD
+rm -f deny || exit 1
+touch deny || exit 1
+adddeny $PWD/deny
 
 # The sandbox doesn't log anything when it returns a junk file
 # descriptor? It doesn't look like we can test the contents of
 # sandbox.log here... instead, we just have to count on fchmod
 # failing, which it does if you use O_RDWR, and it *should* if you use
 # O_RDONLY (because that won't stop the change of permissions).
-fchmod-0 $(stat --format='%#04a' ../..) ../.. && exit 1
+fchmod-0 $(stat --format='%#04a' $PWD/deny) $PWD/deny && exit 1
+
 exit 0

diff --git a/tests/fchown-1.sh b/tests/fchown-1.sh
index 1b4a173..6c1178e 100755
--- a/tests/fchown-1.sh
+++ b/tests/fchown-1.sh
@@ -4,11 +4,15 @@
 #
 
 addwrite $PWD
+rm -f deny || exit 1
+touch deny || exit 1
+adddeny $PWD/deny
 
 # The sandbox doesn't log anything when it returns a junk file
 # descriptor? It doesn't look like we can test the contents of
 # sandbox.log here... instead, we just have to count on fchown
 # failing, which it does if you use O_RDWR, and it *should* if you use
 # O_RDONLY (because that won't stop the change of ownership).
-fchown-0 ${SB_UID} ${SB_GID} ../.. && exit 1
+fchown-0 ${SB_UID} ${SB_GID} $PWD/deny && exit 1
+
 exit 0

[gentoo-commits] proj/sandbox:master commit in: tests/

2023-06-22 Thread Mike Gilbert 
commit: 652097eb4228ac9ba9973811b2832fc77f2048a2
Author: Michael Orlitzky  gentoo  org>
AuthorDate: Sun Jan 28 03:38:26 2018 +
Commit: Mike Gilbert  gentoo  org>
CommitDate: Thu Jun 22 13:54:38 2023 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=652097eb

tests: add more tests to make sure fchown/fchmod are handled correctly.

Closes: https://bugs.gentoo.org/599706
Signed-off-by: Michael Orlitzky  gentoo.org>
Signed-off-by: Mike Gilbert  gentoo.org>

 tests/fchmod-2.sh | 11 +++
 tests/fchmod.at   |  1 +
 tests/fchown-2.sh | 11 +++
 tests/fchown.at   |  1 +
 4 files changed, 24 insertions(+)

diff --git a/tests/fchmod-2.sh b/tests/fchmod-2.sh
new file mode 100755
index 000..96d7cc9
--- /dev/null
+++ b/tests/fchmod-2.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+#
+# Ensure that fchmod() doesn't trigger spurious violations in the most
+# basic of cases.
+#
+addwrite $PWD
+
+# This should not trigger a violation.
+rm -f file
+touch file
+fchmod-0 0644 file || exit 1

diff --git a/tests/fchmod.at b/tests/fchmod.at
index 081d7d2..d364b4b 100644
--- a/tests/fchmod.at
+++ b/tests/fchmod.at
@@ -1 +1,2 @@
 SB_CHECK(1)
+SB_CHECK(2)

diff --git a/tests/fchown-2.sh b/tests/fchown-2.sh
new file mode 100755
index 000..dedfbe4
--- /dev/null
+++ b/tests/fchown-2.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+#
+# Ensure that fchown() doesn't trigger spurious violations in the most
+# basic of cases.
+#
+addwrite $PWD
+
+# This should not trigger a violation.
+rm -f file
+touch file
+fchown-0 ${SB_UID} ${SB_GID} file || exit 1

diff --git a/tests/fchown.at b/tests/fchown.at
index 081d7d2..d364b4b 100644
--- a/tests/fchown.at
+++ b/tests/fchown.at
@@ -1 +1,2 @@
 SB_CHECK(1)
+SB_CHECK(2)

[gentoo-commits] proj/sandbox:master commit in: tests/

2023-06-22 Thread Mike Gilbert 
commit: 05e32f542c145253eb01ae4005ca13c63a1c79d8
Author: Michael Orlitzky  gentoo  org>
AuthorDate: Sun Jan 28 01:05:02 2018 +
Commit: Mike Gilbert  gentoo  org>
CommitDate: Thu Jun 22 13:54:38 2023 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=05e32f54

tests: add test case for fchown/fchmod with O_RDONLY.

Bug: https://bugs.gentoo.org/599706
Signed-off-by: Michael Orlitzky  gentoo.org>
Signed-off-by: Mike Gilbert  gentoo.org>

 tests/fchmod-0.c  | 35 +++
 tests/fchmod-1.sh | 14 ++
 tests/fchmod.at   |  1 +
 tests/fchown-0.c  | 34 ++
 tests/fchown-1.sh | 14 ++
 tests/fchown.at   |  1 +
 tests/local.mk|  2 ++
 7 files changed, 101 insertions(+)

diff --git a/tests/fchmod-0.c b/tests/fchmod-0.c
new file mode 100644
index 000..de0c237
--- /dev/null
+++ b/tests/fchmod-0.c
@@ -0,0 +1,35 @@
+/*
+ * https://bugs.gentoo.org/599706
+ *
+ */
+
+#include "headers.h"
+
+int main(int argc, char *argv[])
+{
+   if (argc < 2)
+   return -2;
+
+   int mode = 0;
+   sscanf(argv[1], "%i", );
+   /* The sandbox catches this:
+*
+*   int fd = open(argv[2], O_RDWR);
+*
+* And it /should/ catch this:
+*
+*int fd = open(argv[2], O_RDONLY);
+*
+* ...but the latter only works when /proc/self/fd/%i
+* is available.
+*
+*/
+#ifdef SANDBOX_PROC_SELF_FD
+   int fd = open(argv[2], O_RDONLY);
+#else
+   int fd = open(argv[2], O_RDWR);
+#endif
+   int fchmod_result = fchmod(fd, (mode_t)mode);
+   close(fd);
+   return fchmod_result;
+}

diff --git a/tests/fchmod-1.sh b/tests/fchmod-1.sh
new file mode 100755
index 000..db404ba
--- /dev/null
+++ b/tests/fchmod-1.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# https://bugs.gentoo.org/599706
+#
+
+addwrite $PWD
+
+# The sandbox doesn't log anything when it returns a junk file
+# descriptor? It doesn't look like we can test the contents of
+# sandbox.log here... instead, we just have to count on fchmod
+# failing, which it does if you use O_RDWR, and it *should* if you use
+# O_RDONLY (because that won't stop the change of permissions).
+fchmod-0 $(stat --format='%#04a' ../..) ../.. && exit 1
+exit 0

diff --git a/tests/fchmod.at b/tests/fchmod.at
new file mode 100644
index 000..081d7d2
--- /dev/null
+++ b/tests/fchmod.at
@@ -0,0 +1 @@
+SB_CHECK(1)

diff --git a/tests/fchown-0.c b/tests/fchown-0.c
new file mode 100644
index 000..7fdca73
--- /dev/null
+++ b/tests/fchown-0.c
@@ -0,0 +1,34 @@
+/*
+ * https://bugs.gentoo.org/599706
+ *
+ */
+
+#include "headers.h"
+
+int main(int argc, char *argv[])
+{
+   if (argc < 3)
+   return -2;
+
+   uid_t uid = atoi(argv[1]);
+   gid_t gid = atoi(argv[2]);
+   /* The sandbox catches this:
+*
+*   int fd = open(argv[3], O_RDWR);
+*
+* And it /should/ catch this:
+*
+*int fd = open(argv[3], O_RDONLY);
+*
+* ...but the latter only works when /proc/self/fd/%i
+* is available.
+*/
+#ifdef SANDBOX_PROC_SELF_FD
+   int fd = open(argv[3], O_RDONLY);
+#else
+   int fd = open(argv[3], O_RDWR);
+#endif
+   int fchown_result = fchown(fd, uid, gid);
+   close(fd);
+   return fchown_result;
+}

diff --git a/tests/fchown-1.sh b/tests/fchown-1.sh
new file mode 100755
index 000..1b4a173
--- /dev/null
+++ b/tests/fchown-1.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# https://bugs.gentoo.org/599706
+#
+
+addwrite $PWD
+
+# The sandbox doesn't log anything when it returns a junk file
+# descriptor? It doesn't look like we can test the contents of
+# sandbox.log here... instead, we just have to count on fchown
+# failing, which it does if you use O_RDWR, and it *should* if you use
+# O_RDONLY (because that won't stop the change of ownership).
+fchown-0 ${SB_UID} ${SB_GID} ../.. && exit 1
+exit 0

diff --git a/tests/fchown.at b/tests/fchown.at
new file mode 100644
index 000..081d7d2
--- /dev/null
+++ b/tests/fchown.at
@@ -0,0 +1 @@
+SB_CHECK(1)

diff --git a/tests/local.mk b/tests/local.mk
index 046cf6f..f1f4ac0 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -29,7 +29,9 @@ check_PROGRAMS += \
%D%/execv-0 \
%D%/execvp-0 \
%D%/faccessat-0 \
+   %D%/fchmod-0 \
%D%/fchmodat-0 \
+   %D%/fchown-0 \
%D%/fchownat-0 \
%D%/fopen-0 \
%D%/fopen64-0 \

[gentoo-commits] proj/sandbox:master commit in: tests/, libsandbox/

2023-06-13 Thread Mike Gilbert 
commit: cdc89a00ac0bc3170d4ca7bfc77bc2572ce076b0
Author: Mike Gilbert  gentoo  org>
AuthorDate: Mon Jun 12 14:58:39 2023 +
Commit: Mike Gilbert  gentoo  org>
CommitDate: Mon Jun 12 16:00:04 2023 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=cdc89a00

libsandbox: add lutimes to symlink_func

lutimes operates on symlinks, so we should not check for access against
the symlink target.

Bug: https://bugs.gentoo.org/908105
Signed-off-by: Mike Gilbert  gentoo.org>

 libsandbox/libsandbox.c | 1 +
 tests/lutimes-1.sh  | 9 +
 tests/lutimes.at| 1 +
 3 files changed, 11 insertions(+)

diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index 0ca2bc9..b9ef52e 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -679,6 +679,7 @@ static bool symlink_func(int sb_nr, int flags)
sb_nr == SB_NR_LCHOWN   ||
sb_nr == SB_NR_LREMOVEXATTR ||
sb_nr == SB_NR_LSETXATTR||
+   sb_nr == SB_NR_LUTIMES  ||
sb_nr == SB_NR_REMOVE   ||
sb_nr == SB_NR_RENAME   ||
sb_nr == SB_NR_RENAMEAT ||

diff --git a/tests/lutimes-1.sh b/tests/lutimes-1.sh
new file mode 100755
index 000..8638bb2
--- /dev/null
+++ b/tests/lutimes-1.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+addwrite "${PWD}"
+
+sym="lutimes-1.sym"
+ln -s /bad/path "${sym}"
+
+lutimes-0 0 "${sym}" NULL || exit 1
+lutimes-0 -1,EACCES /bin/sh NULL || exit 1

diff --git a/tests/lutimes.at b/tests/lutimes.at
new file mode 100644
index 000..081d7d2
--- /dev/null
+++ b/tests/lutimes.at
@@ -0,0 +1 @@
+SB_CHECK(1)

[gentoo-commits] proj/sandbox:master commit in: tests/

2021-11-03 Thread Mike Frysinger 
commit: 369fc5965ce5065f2653225627f61442641c5bef
Author: Mike Frysinger  gentoo  org>
AuthorDate: Wed Nov  3 19:11:33 2021 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Wed Nov  3 19:11:33 2021 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=369fc596

tests: skip static children tests when YAMA ptrace_scope is enabled

Since we can't trace static children under certain YAMA ptrace_scope
settings, skip tests that rely on that functionality.

Closes: https://bugs.gentoo.org/821418
Signed-off-by: Mike Frysinger  gentoo.org>

 tests/atlocal.in   | 9 +
 tests/script-17.sh | 8 +++-
 tests/script-8.sh  | 3 +++
 3 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/tests/atlocal.in b/tests/atlocal.in
index e8213c0..adf3bad 100644
--- a/tests/atlocal.in
+++ b/tests/atlocal.in
@@ -42,5 +42,14 @@ case "${MAKEFLAGS}" in
;;
 esac
 
+# Figure out currently YAMA ptrace_scope restriction level.
+at_yama_ptrace_scope=$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null || 
echo 0)
+if [ ${at_yama_ptrace_scope} -gt 0 ] ; then
+   if [ "$(id -u)" -eq 0 ] ; then
+   at_yama_ptrace_scope=0
+   fi
+fi
+export at_yama_ptrace_scope
+
 # This script must finish with ($? == 0) else the autotest runner gets upset.
 :

diff --git a/tests/script-17.sh b/tests/script-17.sh
index a8a8f51..83c51f9 100755
--- a/tests/script-17.sh
+++ b/tests/script-17.sh
@@ -10,7 +10,13 @@ adddeny "${PWD}/subdir"
 for child in 0 1 2 3 4 5 ; do
fork-follow_tst ${child} subdir/dyn${child} || exit $?
 done
-for child in 0 1 2 3 4 5 ; do
+
+depth="0"
+# We can't trace static children currently with YAMA ptrace_scope 1+.
+if [ ${at_yama_ptrace_scope} -eq 0 ] ; then
+   depth="${depth} 1 2 3 4 5"
+fi
+for child in ${depth} ; do
fork-follow_static_tst ${child} subdir/static${child} || exit $?
 done
 

diff --git a/tests/script-8.sh b/tests/script-8.sh
index 6d9de55..9d8ca11 100755
--- a/tests/script-8.sh
+++ b/tests/script-8.sh
@@ -6,6 +6,9 @@ sigsuspend-zsh_tst
 d=$?
 echo "ret = $d"
 
+# We can't trace static children currently with YAMA ptrace_scope 1+.
+[ ${at_yama_ptrace_scope} -gt 0 ] && exit ${d}
+
 sigsuspend-zsh_static_tst
 s=$?
 echo "ret = $s"

[gentoo-commits] proj/sandbox:master commit in: tests/, libsbutil/, libsandbox/

2021-11-02 Thread Mike Frysinger 
commit: ba41b3b01c573a4f942605142a5a0d2f08b4c799
Author: Mike Frysinger  gentoo  org>
AuthorDate: Mon Oct 18 22:06:39 2021 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Wed Nov  3 00:05:25 2021 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=ba41b3b0

libsandbox: fix ptracing children

The ptrace logic was largely built around the assumption of execing a
single static binary and that's it.  But there's nothing stopping it
from also forking & creating children.  Today, that means children do
not get tracked for problems.

One major known issue is that the sandbox env is frozen upon launch.
So once we switch to ptrace mode, it's not possible for traced code
to disable sandboxing or otherwise reconfigure it.  Currently that
shouldn't be a big deal as we assume the main execution environment
(i.e. bash) is dynamic, and that's where the env will be tweaked,
but we'll have to address this before we can deploy ptrace more.

Signed-off-by: Mike Frysinger  gentoo.org>

 libsandbox/trace.c | 73 +-
 libsbutil/sb_efuncs.c  |  1 +
 libsbutil/sbutil.h |  9 ++
 tests/fork-follow_static_tst.c |  1 +
 tests/fork-follow_tst.c| 34 
 tests/local.mk |  2 ++
 tests/script-17.sh | 17 ++
 tests/script.at|  3 +-
 8 files changed, 131 insertions(+), 9 deletions(-)

diff --git a/libsandbox/trace.c b/libsandbox/trace.c
index 4ae58aa..0434f96 100644
--- a/libsandbox/trace.c
+++ b/libsandbox/trace.c
@@ -29,7 +29,7 @@ static long _do_ptrace(sb_ptrace_req_t request, const char 
*srequest, void *addr
 # define SBDEBUG 0
 #endif
 #define __sb_debug(fmt, args...) do { if (SBDEBUG) sb_eraw(fmt, ## args); } 
while (0)
-#define _sb_debug(fmt, args...)  do { if (SBDEBUG) sb_ewarn("TRACE 
(pid=%i):%s: " fmt, getpid(), __func__, ## args); } while (0)
+#define _sb_debug(fmt, args...)  do { if (SBDEBUG) sb_ewarn("TRACE 
(pid=%i<%i):%s: " fmt, getpid(), trace_pid, __func__, ## args); } while (0)
 #define sb_debug(fmt, args...)   _sb_debug(fmt "\n", ## args)
 
 #include "trace/os.c"
@@ -397,6 +397,19 @@ static bool trace_check_syscall(const struct syscall_entry 
*se, void *regs)
return ret;
 }
 
+static void trace_init_tracee(void)
+{
+   do_ptrace(PTRACE_SETOPTIONS, NULL, (void *)(uintptr_t)(
+   PTRACE_O_EXITKILL |
+   PTRACE_O_TRACECLONE |
+   PTRACE_O_TRACEEXEC |
+   PTRACE_O_TRACEEXIT |
+   PTRACE_O_TRACEFORK |
+   PTRACE_O_TRACEVFORK |
+   PTRACE_O_TRACESYSGOOD
+   ));
+}
+
 static void trace_loop(void)
 {
trace_regs regs;
@@ -471,6 +484,56 @@ static void trace_loop(void)
__sb_debug(" exit event!\n");
continue;
 
+   case PTRACE_EVENT_CLONE:
+   case PTRACE_EVENT_FORK:
+   case PTRACE_EVENT_VFORK: {
+   /* The tracee is forking, so fork a new tracer to 
handle it. */
+   long newpid;
+   do_ptrace(PTRACE_GETEVENTMSG, NULL, );
+   sb_debug("following forking event %i; pid=%li %i\n",
+event, newpid, before_syscall);
+
+   /* Pipe for synchronizing detach & attach events. */
+   int fds[2];
+   ret = pipe(fds);
+   sb_assert(ret == 0);
+   if (fork() == 0) {
+   /* New tracer needs to take control of new 
tracee. */
+   char ch;
+   close(fds[1]);
+   RETRY_EINTR(read(fds[0], , 1));
+   close(fds[0]);
+   trace_pid = newpid;
+ retry_attach:
+   ret = do_ptrace(PTRACE_ATTACH, NULL, NULL);
+   if (ret) {
+   if (errno == EPERM)
+   goto retry_attach;
+   sb_ebort("ISE:PTRACE_ATTACH %s", 
strerror(errno));
+   }
+   trace_init_tracee();
+   before_syscall = true;
+   continue;
+   } else {
+   /* Existing tracer needs to release new tracee. 
*/
+ retry_detach:
+   ret = ptrace(PTRACE_DETACH, newpid, NULL, (void 
*)SIGSTOP);
+   if (ret) {
+   if (errno == ESRCH) {
+   /* The kernel might not have 
the proc ready yet. */
+   struct timespec ts = {0, 500 * 
1000 /* 0.5 millisec */};
+

[gentoo-commits] proj/sandbox:master commit in: tests/, src/

2021-10-28 Thread Mike Frysinger 
commit: 9a026d957ffc18ab4f4f7d069f4373ddf190eca9
Author: Mike Frysinger  gentoo  org>
AuthorDate: Fri Oct 29 03:50:00 2021 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Fri Oct 29 03:50:00 2021 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=9a026d95

sandbox: change interface to make it easier to pass thru

The sandbox command line is passed to a shell for execution.  This can
be a bit awkward to quote right if you weren't expecting it, and even
if you were.  Change the default behavior to be more like `env` where
the arguments, as they are, get passed through and run.  If people want
the old shell behavior, they can use the -c option akin to `bash -c`.

Bug: https://bugs.gentoo.org/265907
Signed-off-by: Mike Frysinger  gentoo.org>

 src/options.c |  8 +++-
 src/sandbox.c | 46 +++---
 src/sandbox.h |  1 +
 tests/git-bisector.sh | 15 +--
 tests/local.at|  2 +-
 5 files changed, 49 insertions(+), 23 deletions(-)

diff --git a/src/options.c b/src/options.c
index 03cffda..64cd750 100644
--- a/src/options.c
+++ b/src/options.c
@@ -20,6 +20,7 @@ int opt_use_ns_sysv = -1;
 int opt_use_ns_time = -1;
 int opt_use_ns_user = -1;
 int opt_use_ns_uts = -1;
+bool opt_use_bash = false;
 
 static const struct {
const char *name;
@@ -76,7 +77,7 @@ static void show_version(void)
exit(0);
 }
 
-#define PARSE_FLAGS "+hV"
+#define PARSE_FLAGS "+chV"
 #define a_argument required_argument
 static struct option const long_opts[] = {
{"ns-on", no_argument, _use_namespaces, true},
@@ -99,6 +100,7 @@ static struct option const long_opts[] = {
{"ns-user-off",   no_argument, _use_ns_user, false},
{"ns-uts-on", no_argument, _use_ns_uts, true},
{"ns-uts-off",no_argument, _use_ns_uts, false},
+   {"bash",  no_argument, NULL, 'c'},
{"help",  no_argument, NULL, 'h'},
{"version",   no_argument, NULL, 'V'},
{"run-configure", no_argument, NULL, 0x800},
@@ -125,6 +127,7 @@ static const char * const opts_help[] = {
"Disable the use of user namespaces",
"Enable  the use of UTS (hostname/uname) namespaces",
"Disable the use of UTS (hostname/uname) namespaces",
+   "Run command through bash shell",
"Print this help and exit",
"Print version and exit",
"Run local sandbox configure in same way and exit (developer only)",
@@ -201,6 +204,9 @@ void parseargs(int argc, char *argv[])
 
while ((i = getopt_long(argc, argv, PARSE_FLAGS, long_opts, NULL)) != 
-1) {
switch (i) {
+   case 'c':
+   opt_use_bash = true;
+   break;
case 'V':
show_version();
case 'h':

diff --git a/src/sandbox.c b/src/sandbox.c
index 7e8a769..7d6b03f 100644
--- a/src/sandbox.c
+++ b/src/sandbox.c
@@ -175,7 +175,9 @@ static int spawn_shell(char *argv_bash[], char **env, int 
debug)
 
/* Child's process */
if (0 == child_pid) {
-   int ret = execve(argv_bash[0], argv_bash, env);
+   /* Would be nice if execvpe were in POSIX. */
+   environ = env;
+   int ret = execvp(argv_bash[0], argv_bash);
sb_pwarn("failed to exec child");
_exit(ret);
} else if (child_pid < 0) {
@@ -258,25 +260,31 @@ int main(int argc, char **argv)
goto oom_error;
 
/* Setup bash argv */
-   str_list_add_item_copy(argv_bash, "/bin/bash", oom_error);
-   str_list_add_item_copy(argv_bash, "-rcfile", oom_error);
-   str_list_add_item_copy(argv_bash, sandbox_info.sandbox_rc, oom_error);
-   if (argc >= 2) {
-   int i;
-   size_t cmdlen;
-   char *cmd = NULL;
-
-   str_list_add_item_copy(argv_bash, run_str, oom_error);
-   str_list_add_item_copy(argv_bash, argv[1], oom_error);
-   cmdlen = strlen(argv_bash[4]);
-   for (i = 2; i < argc; i++) {
-   size_t arglen = strlen(argv[i]);
-   argv_bash[4] = xrealloc(argv_bash[4], cmdlen + arglen + 
2);
-   argv_bash[4][cmdlen] = ' ';
-   memcpy(argv_bash[4] + cmdlen + 1, argv[i], arglen);
-   cmdlen += arglen + 1;
-   argv_bash[4][cmdlen] = '\0';
+   if (opt_use_bash || argc == 1) {
+   str_list_add_item_copy(argv_bash, "/bin/bash", oom_error);
+   str_list_add_item_copy(argv_bash, "-rcfile", oom_error);
+   str_list_add_item_copy(argv_bash, sandbox_info.sandbox_rc, 
oom_error);
+   if (argc >= 2) {
+   int i;
+   size_t cmdlen;
+   char *cmd = NULL;
+
+

[gentoo-commits] proj/sandbox:master commit in: tests/

2021-10-23 Thread Mike Frysinger 
commit: 192ed5f48b728877a46c39523717363df87dec82
Author: Mike Frysinger  gentoo  org>
AuthorDate: Sun Oct 24 00:53:48 2021 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Sun Oct 24 00:53:48 2021 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=192ed5f4

tests: fix lremovexattr typo

Signed-off-by: Mike Frysinger  gentoo.org>

 tests/lremovexattr-0.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/lremovexattr-0.c b/tests/lremovexattr-0.c
index 4abdfff..ca925f1 100644
--- a/tests/lremovexattr-0.c
+++ b/tests/lremovexattr-0.c
@@ -1,5 +1,5 @@
-#define FUNC removexattr
-#define SFUNC "removexattr"
+#define FUNC lremovexattr
+#define SFUNC "lremovexattr"
 #define FUNC_STR "\"%s\", \"%s\""
 #define FUNC_IMP path, name
 #define ARG_CNT 2

[gentoo-commits] proj/sandbox:master commit in: tests/

2021-10-23 Thread Mike Frysinger 
commit: 38348c15ee54a9d5a6aefeaef9dd41e031271dc0
Author: Mike Frysinger  gentoo  org>
AuthorDate: Sat Oct 23 22:01:04 2021 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Sat Oct 23 22:17:09 2021 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=38348c15

tests: fix handling of srcdir vs abs_srcdir for dist creation

The paths listed in EXTRA_DIST must be the targets that we define
exactly, or running distcheck can fail with stale targets -- they
should have been generated before creating the dist, but they get
updated afterwards.  This is easy to repro with:
  touch tests/testsuite.at && make distcheck

Let's split the relative & absolute path logic a bit to help with
this.  We should only use relative paths in dependency related
settings, but use absolute paths when running tools after a cd to
a different location.

Also add testsuite.list.at to the dist explicitly.  We were getting
this implicitly via testsuite depending on it, but better to list
all the files exactly.

Signed-off-by: Mike Frysinger  gentoo.org>

 tests/local.mk | 20 
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/tests/local.mk b/tests/local.mk
index 0aac4f1..aa2acac 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -1,12 +1,16 @@
 AT_FILES = $(wildcard $(top_srcdir)/%D%/*.at)
-TESTSUITE = $(abs_top_srcdir)/%D%/testsuite
 DISTCLEANFILES += %D%/atconfig
 
+# Use top_srcdir for dependencies, and abs_top_srcdir to execute it.
+TESTSUITE = $(top_srcdir)/%D%/testsuite
+ABS_TESTSUITE = $(abs_top_srcdir)/%D%/testsuite
+
 EXTRA_DIST += \
$(AT_FILES) \
+   $(TESTSUITE) \
+   $(TESTSUITE_LIST) \
%D%/atlocal.in \
%D%/package.m4.in \
-   %D%/testsuite \
%D%/test-skel-0.c \
%D%/tests.h \
%D%/xattr-0
@@ -118,23 +122,23 @@ TESTSUITEFLAGS = --jobs=`getconf _NPROCESSORS_ONLN || 
echo 1`
 tests: $(check_PROGRAMS) $(TESTSUITE)
 
 check-local: %D%/atconfig %D%/atlocal $(TESTSUITE)
-   cd %D% && $(SHELL) '$(TESTSUITE)' AUTOTEST_PATH='src:tests' 
$(TESTSUITEFLAGS)
+   cd %D% && $(SHELL) '$(ABS_TESTSUITE)' AUTOTEST_PATH='src:tests' 
$(TESTSUITEFLAGS)
 
 installcheck-local: %D%/atconfig %D%/atlocal $(TESTSUITE)
-   cd %D% && $(SHELL) '$(TESTSUITE)' AUTOTEST_PATH='src:tests:$(bindir)' 
$(TESTSUITEFLAGS)
+   cd %D% && $(SHELL) '$(ABS_TESTSUITE)' 
AUTOTEST_PATH='src:tests:$(bindir)' $(TESTSUITEFLAGS)
 
 clean-local:
-   test ! -f '$(TESTSUITE)' || { cd %D% && $(SHELL) '$(TESTSUITE)' 
--clean; }
+   test ! -f '$(TESTSUITE)' || { cd %D% && $(SHELL) '$(ABS_TESTSUITE)' 
--clean; }
 
 TESTSUITE_LIST = $(top_srcdir)/%D%/testsuite.list.at
 AUTOTEST = $(AUTOM4TE) --language=autotest
 $(TESTSUITE): $(AT_FILES) $(TESTSUITE_LIST)
-   @$(MKDIR_P) $(abs_top_srcdir)/%D%
-   $(AM_V_GEN)cd $(abs_top_srcdir)/%D% && $(AUTOTEST) -I. -o $@.tmp $@.at
+   @$(MKDIR_P) $(top_srcdir)/%D%
+   $(AM_V_GEN)cd $(top_srcdir)/%D% && $(AUTOTEST) -I. -o testsuite.tmp 
testsuite.at
$(AM_V_at)mv $@.tmp $@
 
 $(TESTSUITE_LIST): $(AT_FILES)
-   @$(MKDIR_P) $(abs_top_srcdir)/%D%
+   @$(MKDIR_P) $(top_srcdir)/%D%
$(AM_V_GEN)( echo "dnl DO NOT EDIT: GENERATED BY MAKEFILE.AM"; \
$(GREP) -l -e '^SB_CHECK' -e '^AT_CHECK' $(AT_FILES) | LC_ALL=C sort | \
$(SED) -e 's:^[^/]*/%D%/:sb_inc([:' -e 's:[.]at$$:]):' ) > $@

[gentoo-commits] proj/sandbox:master commit in: /, tests/

2021-10-23 Thread Mike Frysinger 
commit: 8cda01a02f00f271050050823e6facae0a730da6
Author: Mike Frysinger  gentoo  org>
AuthorDate: Sat Oct 23 05:12:47 2021 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Sat Oct 23 05:12:47 2021 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=8cda01a0

tests: merge into top level makefile too

This kills off recursive make entirely.

Closes: https://bugs.gentoo.org/819411
Signed-off-by: Mike Frysinger  gentoo.org>

 .gitignore|   4 +-
 Makefile.am   |   9 ++--
 configure.ac  |   1 -
 tests/Makefile|   4 ++
 tests/Makefile.am | 134 ---
 tests/local.mk| 140 ++
 6 files changed, 151 insertions(+), 141 deletions(-)

diff --git a/.gitignore b/.gitignore
index 04a0f20..7704390 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,8 +8,7 @@ a.out
 .libs
 .dirstamp
 /Makefile
-/tests/Makefile
-Makefile.in
+/Makefile.in
 
 f
 f2
@@ -43,7 +42,6 @@ core
 /ltmain.sh
 /missing
 /stamp-h1
-/test.sh
 
 /m4/libtool.m4
 /m4/ltoptions.m4

diff --git a/Makefile.am b/Makefile.am
index cd5e3b3..07b1c6d 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -4,12 +4,13 @@ AM_CPPFLAGS = \
$(SANDBOX_DEFINES) \
-I$(top_srcdir)
 
-SUBDIRS = tests
-
 confdir = $(sysconfdir)
 confddir = $(sysconfdir)/sandbox.d
 
 bin_PROGRAMS =
+check_PROGRAMS =
+check_SCRIPTS =
+dist_check_SCRIPTS =
 dist_conf_DATA = etc/sandbox.conf
 confd_DATA = etc/sandbox.d/00default
 dist_pkgdata_DATA  = data/sandbox.bashrc
@@ -17,6 +18,7 @@ lib_LTLIBRARIES =
 noinst_LTLIBRARIES =
 
 CLEANFILES =
+DISTCLEANFILES =
 
 EXTRA_DIST = \
headers.h \
@@ -47,5 +49,6 @@ dist-hook:
 include libsandbox/local.mk
 include libsbutil/local.mk
 include src/local.mk
+include tests/local.mk
 
-DISTCLEANFILES = $(CLEANFILES)
+DISTCLEANFILES += $(CLEANFILES)

diff --git a/configure.ac b/configure.ac
index 96c602f..0f2b0ea 100644
--- a/configure.ac
+++ b/configure.ac
@@ -471,7 +471,6 @@ AC_CONFIG_FILES([
Makefile
etc/sandbox.d/00default
tests/atlocal
-   tests/Makefile
tests/package.m4
 ])
 AC_OUTPUT

diff --git a/tests/Makefile b/tests/Makefile
new file mode 100644
index 000..2eed23e
--- /dev/null
+++ b/tests/Makefile
@@ -0,0 +1,4 @@
+# Helper for developers.
+all: tests ;
+clean: clean-checkPROGRAMS ; rm -f *.o *.l[ao] .libs/*
+%: ; $(MAKE) -C .. $@

diff --git a/tests/Makefile.am b/tests/Makefile.am
deleted file mode 100644
index 5bb476d..000
--- a/tests/Makefile.am
+++ /dev/null
@@ -1,134 +0,0 @@
-AT_FILES = $(wildcard $(srcdir)/*.at)
-TESTSUITE = $(srcdir)/testsuite
-DISTCLEANFILES = atconfig
-EXTRA_DIST = atlocal.in package.m4.in $(AT_FILES) $(TESTSUITE) \
-   test-skel-0.c \
-   tests.h \
-   xattr-0
-
-AM_CPPFLAGS = -I$(top_srcdir) $(SANDBOX_DEFINES)
-
-check_PROGRAMS = \
-   get-group \
-   get-user \
-   sb_true \
-   sb_true_static \
-   \
-   access-0 \
-   chmod-0 \
-   chown-0 \
-   creat-0 \
-   creat64-0 \
-   execv-0 \
-   execvp-0 \
-   faccessat-0 \
-   fchmodat-0 \
-   fchownat-0 \
-   fopen-0 \
-   fopen64-0 \
-   futimesat-0 \
-   lchown-0 \
-   link-0 \
-   linkat-0 \
-   linkat_static-0 \
-   lremovexattr-0 \
-   lsetxattr-0 \
-   lutimes-0 \
-   mkdtemp-0 \
-   mkdir-0 \
-   mkdir_static-0 \
-   mkdirat-0 \
-   mkfifo-0 \
-   mkfifoat-0 \
-   mknod-0 \
-   mknodat-0 \
-   mkostemp-0 \
-   mkostemp64-0 \
-   mkostemps-0 \
-   mkostemps64-0 \
-   mkstemp-0 \
-   mkstemp64-0 \
-   mkstemps-0 \
-   mkstemps64-0 \
-   open-0 \
-   open_static-0 \
-   open64-0 \
-   openat-0 \
-   openat_static-0 \
-   openat64-0 \
-   opendir-0 \
-   remove-0 \
-   removexattr-0 \
-   rename-0 \
-   renameat-0 \
-   renameat2-0 \
-   rmdir-0 \
-   setxattr-0 \
-   signal_static-0 \
-   symlink-0 \
-   symlinkat-0 \
-   truncate-0 \
-   truncate64-0 \
-   unlink-0 \
-   unlink_static-0 \
-   unlinkat-0 \
-   utime-0 \
-   utimensat-0 \
-   utimensat_static-0 \
-   utimes-0 \
-   vfork-0 \
-   \
-   getcwd-gnulib_tst \
-   libsigsegv_tst \
-   malloc_hooked_tst \
-   malloc_mmap_tst \
-   pipe-fork_tst \
-   pipe-fork_static_tst \
-   sb_printf_tst \
-   sigsuspend-zsh_tst \
-   sigsuspend-zsh_static_tst \
-   trace-memory_static_tst
-
-dist_check_SCRIPTS = \
-   $(wildcard $(srcdir)/*-[0-9]*.sh) \
-   malloc-0 \
-   script-0 \
-   trace-0
-
-AM_LDFLAGS = `expr $@ : .*_static >/dev/null && echo -all-static`
-
-sb_printf_tst_CFLAGS = -I$(top_srcdir)/libsbutil 
-I$(top_srcdir)/libsbutil/include
-sb_printf_tst_LDADD = $(top_builddir)/libsbutil/libsbutil.la
-
-malloc_hooked_tst_LDFLAGS = $(AM_LDFLAGS) -pthread
-

[gentoo-commits] proj/sandbox:master commit in: tests/

2021-10-22 Thread Michał Górny 
commit: 4283dce8529d7423e8dc7584dc3b5e3b110c48e9
Author: Michał Górny  gentoo  org>
AuthorDate: Fri Oct 22 07:14:57 2021 +
Commit: Michał Górny  gentoo  org>
CommitDate: Fri Oct 22 07:14:57 2021 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=4283dce8

tests: Add missing EXTRA_DIST for xattr-0

Signed-off-by: Michał Górny  gentoo.org>

 tests/Makefile.am | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 846a8f6..5bb476d 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -3,7 +3,8 @@ TESTSUITE = $(srcdir)/testsuite
 DISTCLEANFILES = atconfig
 EXTRA_DIST = atlocal.in package.m4.in $(AT_FILES) $(TESTSUITE) \
test-skel-0.c \
-   tests.h
+   tests.h \
+   xattr-0
 
 AM_CPPFLAGS = -I$(top_srcdir) $(SANDBOX_DEFINES)

[gentoo-commits] proj/sandbox:master commit in: tests/

2021-10-21 Thread Mike Frysinger 
commit: 9cdd208c660ac8c01f43bbcffaf9c786c31be59b
Author: Mike Frysinger  gentoo  org>
AuthorDate: Fri Oct 22 04:53:43 2021 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Fri Oct 22 04:53:43 2021 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=9cdd208c

tests: add missing xattr-0 program

Needed for new xattr tests.

Signed-off-by: Mike Frysinger  gentoo.org>

 tests/xattr-0 | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/tests/xattr-0 b/tests/xattr-0
new file mode 100755
index 000..5504443
--- /dev/null
+++ b/tests/xattr-0
@@ -0,0 +1,7 @@
+#!/bin/sh
+# Make sure the filesystem supports xattrs.
+file=".test.xattrs"
+touch "${file}"
+setxattr-0 0 "${file}" user.sandbox test 4 0 && ret=0 || ret=77
+rm -f "${file}"
+exit "${ret}"

[gentoo-commits] proj/sandbox:master commit in: tests/

2021-10-21 Thread Mike Frysinger 
commit: be55fcb37786f6d29ac3db0c9c98bad5b1de5d94
Author: Mike Frysinger  gentoo  org>
AuthorDate: Fri Oct 22 02:38:12 2021 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Fri Oct 22 04:15:04 2021 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=be55fcb3

libsandbox: add renameat2 wrapper

It's basically renameat at this point as we don't care about the flags.

Signed-off-by: Mike Frysinger  gentoo.org>

 tests/renameat2-2.sh | 12 
 tests/renameat2-3.sh | 11 +++
 2 files changed, 23 insertions(+)

diff --git a/tests/renameat2-2.sh b/tests/renameat2-2.sh
new file mode 100755
index 000..420b36d
--- /dev/null
+++ b/tests/renameat2-2.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+# make sure we can clobber symlinks #612202
+
+addwrite $PWD
+
+ln -s /asdf sym || exit 1
+touch file
+renameat2-0 0 AT_FDCWD file AT_FDCWD sym || exit 1
+[ ! -e file ]
+[ ! -L sym ]
+[ -e sym ]
+test ! -s "${SANDBOX_LOG}"

diff --git a/tests/renameat2-3.sh b/tests/renameat2-3.sh
new file mode 100755
index 000..ca945a5
--- /dev/null
+++ b/tests/renameat2-3.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+# make sure we reject bad renames #612202
+
+addwrite $PWD
+mkdir deny
+adddeny $PWD/deny
+
+touch file
+renameat2-0 -1,EACCES AT_FDCWD file AT_FDCWD deny/file || exit 1
+[ -e file ]
+test -s "${SANDBOX_LOG}"

[gentoo-commits] proj/sandbox:master commit in: tests/, libsbutil/, libsandbox/

2021-10-21 Thread Mike Frysinger 
commit: b79b3a4be4d18a551831a680fbf73c6af169e0d9
Author: Mike Frysinger  gentoo  org>
AuthorDate: Thu Oct 21 07:41:44 2021 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Thu Oct 21 07:41:44 2021 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=b79b3a4b

tests: add a convenience build target

This makes it easy to quickly compile all the tools without actually
running the testsuite.

Signed-off-by: Mike Frysinger  gentoo.org>

 libsandbox/Makefile | 2 +-
 libsbutil/Makefile  | 2 +-
 tests/Makefile.am   | 3 +++
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/libsandbox/Makefile b/libsandbox/Makefile
index ab08445..2db82ff 100644
--- a/libsandbox/Makefile
+++ b/libsandbox/Makefile
@@ -1,4 +1,4 @@
 # Helper for developers.
-all libsandbox: libsandbox/libsandbox.la ;
+all libsandbox libsandbox.la: libsandbox/libsandbox.la ;
 clean: ; rm -f *.o *.l[ao] .libs/*
 %: ; $(MAKE) -C .. $@

diff --git a/libsbutil/Makefile b/libsbutil/Makefile
index 608bccf..f5638c7 100644
--- a/libsbutil/Makefile
+++ b/libsbutil/Makefile
@@ -1,4 +1,4 @@
 # Helper for developers.
-all libsbutil: libsbutil/libsbutil.la ;
+all libsbutil libsbutil.la: libsbutil/libsbutil.la ;
 clean: ; rm -f *.o *.l[ao] .libs/*
 %: ; $(MAKE) -C .. $@

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 52746ee..c899603 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -104,6 +104,9 @@ endif
 
 TESTSUITEFLAGS = --jobs=`getconf _NPROCESSORS_ONLN || echo 1`
 
+# Helper target for devs to precompile.
+tests: $(check_PROGRAMS)
+
 check-local: atconfig atlocal $(TESTSUITE)
$(SHELL) '$(TESTSUITE)' AUTOTEST_PATH='src:tests' $(TESTSUITEFLAGS)

[gentoo-commits] proj/sandbox:master commit in: tests/

2021-10-20 Thread Mike Frysinger 
commit: ac981df3077edde8bfc95dc54d8a82943986042f
Author: Mike Frysinger  gentoo  org>
AuthorDate: Thu Oct 21 02:40:59 2021 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Thu Oct 21 02:40:59 2021 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=ac981df3

tests: handle fd leakage from GNU make jobservers

Current versions of GNU make (at least v4.3) seem to be leaking its
jobserver fds to children which breaks some tests that expect fd 3
and higher to be free.  Add some startup logic to clean those to fix
`make -j check` failures.

Signed-off-by: Mike Frysinger  gentoo.org>

 tests/atlocal.in  | 18 ++
 tests/script-1.sh |  5 -
 2 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/tests/atlocal.in b/tests/atlocal.in
index 91b41b2..e8213c0 100644
--- a/tests/atlocal.in
+++ b/tests/atlocal.in
@@ -24,5 +24,23 @@ export SANDBOX_VERBOSE=0
 # If the terminal has this flag set, the tests get all messed up.
 stty -tostop 2>/dev/null || :
 
+# Some tests want this internal path.
+for devfd in /proc/self/fd /dev/fd ; do
+   [ -e "${devfd}" ] && break
+done
+
+# GNU make likes to leak fds when using jobservers (i.e. using -j).
+case "${MAKEFLAGS}" in
+*--jobserver-auth=*)
+   flags=${MAKEFLAGS#*--jobserver-auth=}
+   flags=${flags%% *}
+   for fd in $(echo "${flags}" | tr ',' ' ') ; do
+   if [ -e "${devfd}/${fd}" ] ; then
+   eval "exec ${fd}>&-"
+   fi
+   done
+   ;;
+esac
+
 # This script must finish with ($? == 0) else the autotest runner gets upset.
 :

diff --git a/tests/script-1.sh b/tests/script-1.sh
index 3ac6252..8b18114 100755
--- a/tests/script-1.sh
+++ b/tests/script-1.sh
@@ -1,5 +1,8 @@
 #!/bin/sh
 # http://bugs.gentoo.org/257418
 [ "${at_xfail}" = "yes" ] && exit 77 # see script-0
-(>/dev/fd/3)
+(
+cd "${devfd}"
+>3
+)
 exit 0

[gentoo-commits] proj/sandbox:master commit in: tests/

2021-10-17 Thread Mike Frysinger 
commit: 422e3666f6118448062defccab99af6c9b40d5d0
Author: Mike Frysinger  gentoo  org>
AuthorDate: Mon Oct 18 04:36:04 2021 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Mon Oct 18 04:36:04 2021 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=422e3666

tests: add missing +x on scripts

Signed-off-by: Mike Frysinger  gentoo.org>

 tests/script-14.sh | 0
 tests/script-15.sh | 0
 2 files changed, 0 insertions(+), 0 deletions(-)

diff --git a/tests/script-14.sh b/tests/script-14.sh
old mode 100644
new mode 100755

diff --git a/tests/script-15.sh b/tests/script-15.sh
old mode 100644
new mode 100755

[gentoo-commits] proj/sandbox:master commit in: tests/, /

2021-03-11 Thread Michał Górny 
commit: 7962de6a71a4f8c99df1ad448a455c96ee4c33b3
Author: Michał Górny  gentoo  org>
AuthorDate: Thu Mar 11 08:45:52 2021 +
Commit: Michał Górny  gentoo  org>
CommitDate: Thu Mar 11 08:55:49 2021 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=7962de6a

Fix detecting libsigsegv

Apparently the hack to pretend that libsigsegv's headers do not exist
does not work anymore.  Fix the test to actually respect library check
status instead.

Signed-off-by: Michał Górny  gentoo.org>

 configure.ac   | 1 -
 tests/Makefile.am  | 2 ++
 tests/libsigsegv_tst.c | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index d0f46e2..b3bc10d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -90,7 +90,6 @@ AM_CONDITIONAL([SB_SCHIZO], [test "x$enable_schizo" != "xno"])
 dnl this test fills up the stack and then triggers a segfault ...
 dnl but it's hard to wrap things without a stack, so let's ignore
 dnl this test for now ...
-ac_cv_header_sigsegv_h=no
 ac_cv_lib_sigsegv_stackoverflow_install_handler=false
 
 dnl Checks for libraries.

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 3baf5b1..52746ee 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -96,7 +96,9 @@ sb_printf_tst_LDADD = $(top_builddir)/libsbutil/libsbutil.la
 
 malloc_hooked_tst_LDFLAGS = $(AM_LDFLAGS) -pthread
 
+libsigsegv_tst_CPPFLAGS = ${AM_CPPFLAGS}
 if HAVE_LIBSIGSEGV
+libsigsegv_tst_CPPFLAGS += -DHAVE_LIBSIGSEGV
 libsigsegv_tst_LDADD = -lsigsegv
 endif
 

diff --git a/tests/libsigsegv_tst.c b/tests/libsigsegv_tst.c
index 82ed21b..2b17fa4 100644
--- a/tests/libsigsegv_tst.c
+++ b/tests/libsigsegv_tst.c
@@ -11,7 +11,7 @@
 
 #define WRITE(msg) ({ ssize_t w = write(1, msg, sizeof(msg) - 1); w; })
 
-#ifdef HAVE_SIGSEGV_H
+#if defined(HAVE_SIGSEGV_H) && defined(HAVE_LIBSIGSEGV)
 #include 
 
 static int segv_handler(void *address, int serious)

[gentoo-commits] proj/sandbox:master commit in: tests/

2020-05-31 Thread Michał Górny 
commit: 818d14f59a5bcf3cc9e8e88a993abc5605ed0b26
Author: Sergei Trofimovich  gentoo  org>
AuthorDate: Sun May 31 09:55:41 2020 +
Commit: Michał Górny  gentoo  org>
CommitDate: Sun May 31 10:31:10 2020 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=818d14f5

tests/script-16.sh: mark as passing only for native ABI

All scripts assume that ran tools matck tested sandbox's ABI.
Most scripts have a guard against ABI check, but script-16 was missing it.

It's afollow-up commit to 24fd102c9976
("check_syscall(): turn internal sandbox violation into denywrite")

Reported-by: Michał Górny
Signed-off-by: Sergei Trofimovich  gentoo.org>
Closes: https://bugs.gentoo.org/590084
Signed-off-by: Michał Górny  gentoo.org>

 tests/script-16.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tests/script-16.sh b/tests/script-16.sh
index c668cfa..1622694 100755
--- a/tests/script-16.sh
+++ b/tests/script-16.sh
@@ -1,5 +1,6 @@
 #!/bin/sh
-
+# http://bugs.gentoo.org/139591
+[ "${at_xfail}" = "yes" ] && exit 77 # see script-0
 addwrite $PWD
 
 mkdir -p to-be/deleted

[gentoo-commits] proj/sandbox:master commit in: tests/

2019-06-27 Thread Sergei Trofimovich 
commit: 604927f331829f971d3a32c2e67e0ad5ce3d8ee4
Author: Sergei Trofimovich  gentoo  org>
AuthorDate: Thu Jun 27 09:09:56 2019 +
Commit: Sergei Trofimovich  gentoo  org>
CommitDate: Thu Jun 27 09:09:56 2019 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=604927f3

tests: disable utimensat-3 on *-linux-musl

x86_64-gentoo-linux-musl fails a single test:
83: utimensat/3 FAILED (utimensat.at:3)

The test checks if sandbox does not crash when
utimensat(, NULL, NULL, 0)
is called. The behaviour is not specified by POSIX
but glibc returns EINVAL for such a case. Thus the
test behaves differently on varius libs.

https://www.openwall.com/lists/musl/2019/06/25/1 has
a conversation with musl upstream.

The change restricts test down to glibc targets.

Bug: https://bugs.gentoo.org/549108
Signed-off-by: Sergei Trofimovich  gentoo.org>

 tests/atlocal.in |  1 +
 tests/utimensat-3.sh | 11 +++
 2 files changed, 12 insertions(+)

diff --git a/tests/atlocal.in b/tests/atlocal.in
index b9a631b..91b41b2 100644
--- a/tests/atlocal.in
+++ b/tests/atlocal.in
@@ -2,6 +2,7 @@
 
 export abs_top_srcdir abs_top_builddir abs_srcdir abs_builddir
 export AWK="@AWK@"
+export HOST="@host@"
 
 if ! ${at_clean} ; then
export SB_UID=$(./get-user)

diff --git a/tests/utimensat-3.sh b/tests/utimensat-3.sh
index 4ecd4b3..a7b9843 100755
--- a/tests/utimensat-3.sh
+++ b/tests/utimensat-3.sh
@@ -1,6 +1,17 @@
 #!/bin/sh
 # make sure NULL filename is handled correctly
 
+# Note: this test is dependent on glibc internals
+# other libcs chose not to validate invalid parameters:
+#https://bugs.gentoo.org/549108#c28
+#https://www.openwall.com/lists/musl/2019/06/25/1
+# Run this test only on glibc systems.
+
+case $HOST in
+*-linux-gnu);;
+*) exit 77;;
+esac
+
 addwrite $PWD
 
 exec utimensat-0 -1:22 'f:O_WRONLY|O_CREAT:0666' NULL NULL 0

[gentoo-commits] proj/sandbox:master commit in: tests/

2018-02-18 Thread Michał Górny 
commit: 3cc39bfc6387d1f1f61dd2a8533f5dc6a6edc42c
Author: Michał Górny  gentoo  org>
AuthorDate: Mon Feb 19 05:49:45 2018 +
Commit: Michał Górny  gentoo  org>
CommitDate: Mon Feb 19 05:49:45 2018 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=3cc39bfc

tests: Add a test for LD_PRELOAD non-preserving (SANDBOX_ON=0)

 tests/script-15.sh | 21 +
 tests/script.at|  1 +
 2 files changed, 22 insertions(+)

diff --git a/tests/script-15.sh b/tests/script-15.sh
new file mode 100644
index 000..b2acddc
--- /dev/null
+++ b/tests/script-15.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+# check that sandbox stops cloberring LD_PRELOAD when it's disabled
+[ "${at_xfail}" = "yes" ] && exit 77 # see script-0
+
+SANDBOX_ON=0
+
+# keep in sync with script-4!
+checkit() {
+   if eval "$@" | grep -q '^LD_PRELOAD=.*libsandbox.so.*' ; then
+   echo "LD_PRELOAD was reset when running (w/ SANDBOX_ON=0):"
+   echo "  $*"
+   exit 1
+   fi
+}
+
+checkit "env -uLD_PRELOAD env"
+checkit "(unset LD_PRELOAD; env)"
+checkit "env LD_PRELOAD= env"
+checkit "env LD_PRELOAD=libc.so env"
+
+exit $?

diff --git a/tests/script.at b/tests/script.at
index 9134ac1..8837bda 100644
--- a/tests/script.at
+++ b/tests/script.at
@@ -12,3 +12,4 @@ SB_CHECK(11)
 SB_CHECK(12)
 SB_CHECK(13)
 SB_CHECK(14)
+SB_CHECK(15)

[gentoo-commits] proj/sandbox:master commit in: tests/

2016-03-29 Thread Mike Frysinger 
commit: a0285db815b3604899453c215cce93df74066fdc
Author: Mike Frysinger  gentoo  org>
AuthorDate: Wed Feb 17 00:22:29 2016 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Wed Feb 17 00:22:29 2016 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=a0285db8

tests: add test for overriding mmap

URL: http://bugs.gentoo.org/290249
Reported-by: Diego E. Pettenò  gentoo.org>
Signed-off-by: Mike Frysinger  gentoo.org>

 tests/Makefile.am   |  3 +++
 tests/execvp-0.c| 15 +++
 tests/malloc-0  |  7 +++
 tests/malloc-1.sh   |  4 
 tests/malloc.at |  1 +
 tests/malloc_mmap_tst.c | 26 ++
 6 files changed, 56 insertions(+)

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 3627344..943ce3b 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -18,6 +18,7 @@ check_PROGRAMS = \
chown-0 \
creat-0 \
creat64-0 \
+   execvp-0 \
faccessat-0 \
fchmodat-0 \
fchownat-0 \
@@ -72,6 +73,7 @@ check_PROGRAMS = \
\
getcwd-gnulib_tst \
libsigsegv_tst \
+   malloc_mmap_tst \
pipe-fork_tst \
pipe-fork_static_tst \
sb_printf_tst \
@@ -81,6 +83,7 @@ check_PROGRAMS = \
 
 dist_check_SCRIPTS = \
$(wildcard $(srcdir)/*-[0-9]*.sh) \
+   malloc-0 \
script-0 \
trace-0
 

diff --git a/tests/execvp-0.c b/tests/execvp-0.c
new file mode 100644
index 000..6cfce13
--- /dev/null
+++ b/tests/execvp-0.c
@@ -0,0 +1,15 @@
+/*
+ * A simple wrapper for execvp.  Useful when most host programs don't match
+ * the ABI of the active libsandbox.so (e.g. 64bit vs 32bit).
+ */
+
+#include "tests.h"
+
+int main(int argc, char *argv[])
+{
+   if (argc < 2) {
+   printf("usage: execvp  [argv0 [argvN] ...]\n");
+   return 0;
+   }
+   return execvp(argv[1], argv + 2);
+}

diff --git a/tests/malloc-0 b/tests/malloc-0
new file mode 100755
index 000..9a4190b
--- /dev/null
+++ b/tests/malloc-0
@@ -0,0 +1,7 @@
+#!/bin/sh
+# make sure `timeout` is available.
+if timeout --help >/dev/null ; then
+   exit 0
+else
+   exit 77
+fi

diff --git a/tests/malloc-1.sh b/tests/malloc-1.sh
new file mode 100755
index 000..2b5623d
--- /dev/null
+++ b/tests/malloc-1.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+# Since the malloc binary is in the target ABI, make sure the exec is
+# launched from the same ABI so the same libsandbox.so is used.
+timeout -s KILL 10 execvp-0 malloc_mmap_tst malloc_mmap_tst

diff --git a/tests/malloc.at b/tests/malloc.at
new file mode 100644
index 000..081d7d2
--- /dev/null
+++ b/tests/malloc.at
@@ -0,0 +1 @@
+SB_CHECK(1)

diff --git a/tests/malloc_mmap_tst.c b/tests/malloc_mmap_tst.c
new file mode 100644
index 000..a1a15e1
--- /dev/null
+++ b/tests/malloc_mmap_tst.c
@@ -0,0 +1,26 @@
+/* Make sure programs that override mmap don't mess us up. #290249 */
+
+#include "headers.h"
+
+/* A few basic stubs that do nothing. */
+void *mmap(void *addr, size_t length, int prot, int flags, int fd, off_t 
offset)
+{
+   errno = ENOMEM;
+   return MAP_FAILED;
+}
+int munmap(void *addr, size_t length)
+{
+   errno = ENOMEM;
+   return -1;
+}
+
+int main(int argc, char *argv[])
+{
+   /* Don't loop forever. */
+   alarm(10);
+
+   /* Make sure we do an operation to trigger the sandbox. */
+   open("/dev/null", 0);
+
+   return 0;
+}

[gentoo-commits] proj/sandbox:master commit in: tests/

2016-03-29 Thread Mike Frysinger 
commit: e10203aa97bae3060606a9115cd42aaf0c5e0bd9
Author: Mike Frysinger  gentoo  org>
AuthorDate: Tue Mar 29 09:22:56 2016 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Tue Mar 29 09:22:56 2016 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=e10203aa

tests: make all shell scripts executable

Signed-off-by: Mike Frysinger  gentoo.org>

 tests/mkdtemp-1.sh | 0
 tests/mkostemp-1.sh| 0
 tests/mkostemp64-1.sh  | 0
 tests/mkostemps-1.sh   | 0
 tests/mkostemps64-1.sh | 0
 tests/mkstemp-1.sh | 0
 tests/mkstemp64-1.sh   | 0
 tests/mkstemps-1.sh| 0
 tests/mkstemps64-1.sh  | 0
 9 files changed, 0 insertions(+), 0 deletions(-)

diff --git a/tests/mkdtemp-1.sh b/tests/mkdtemp-1.sh
old mode 100644
new mode 100755

diff --git a/tests/mkostemp-1.sh b/tests/mkostemp-1.sh
old mode 100644
new mode 100755

diff --git a/tests/mkostemp64-1.sh b/tests/mkostemp64-1.sh
old mode 100644
new mode 100755

diff --git a/tests/mkostemps-1.sh b/tests/mkostemps-1.sh
old mode 100644
new mode 100755

diff --git a/tests/mkostemps64-1.sh b/tests/mkostemps64-1.sh
old mode 100644
new mode 100755

diff --git a/tests/mkstemp-1.sh b/tests/mkstemp-1.sh
old mode 100644
new mode 100755

diff --git a/tests/mkstemp64-1.sh b/tests/mkstemp64-1.sh
old mode 100644
new mode 100755

diff --git a/tests/mkstemps-1.sh b/tests/mkstemps-1.sh
old mode 100644
new mode 100755

diff --git a/tests/mkstemps64-1.sh b/tests/mkstemps64-1.sh
old mode 100644
new mode 100755

[gentoo-commits] proj/sandbox:master commit in: tests/

2015-12-20 Thread Mike Frysinger 
commit: 4f000d9c228474b6e34c9ce9e84bcce781271914
Author: Mike Frysinger  gentoo  org>
AuthorDate: Sun Dec 20 21:32:26 2015 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Sun Dec 20 21:32:26 2015 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=4f000d9c

tests: check errno with more static tests

This verifies the error code setting with ptrace logic -- if the ptrace
code is broken, the errno will often be ENOSYS instead of EPERM.

Signed-off-by: Mike Frysinger  gentoo.org>

 tests/open_static-1.sh   | 2 +-
 tests/openat_static-1.sh | 2 +-
 tests/unlink_static-1.sh | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/open_static-1.sh b/tests/open_static-1.sh
index faf91d0..e815b57 100755
--- a/tests/open_static-1.sh
+++ b/tests/open_static-1.sh
@@ -8,5 +8,5 @@ open_static-0 3 ok O_RDONLY 0666 || exit 1
 
 mkdir deny || exit 1
 adddeny $PWD/deny
-open_static-0 -1 deny/not-ok "O_WRONLY|O_CREAT" 0666
+open_static-0 -1,EPERM deny/not-ok "O_WRONLY|O_CREAT" 0666 || exit 1
 test -e sandbox.log

diff --git a/tests/openat_static-1.sh b/tests/openat_static-1.sh
index 929fc51..a4d1b90 100755
--- a/tests/openat_static-1.sh
+++ b/tests/openat_static-1.sh
@@ -8,5 +8,5 @@ openat_static-0 3 AT_FDCWD ok O_RDONLY 0666 || exit 1
 
 mkdir deny || exit 1
 adddeny $PWD/deny
-openat_static-0 -1 AT_FDCWD deny/not-ok "O_WRONLY|O_CREAT" 0666
+openat_static-0 -1,EPERM AT_FDCWD deny/not-ok "O_WRONLY|O_CREAT" 0666 || exit 1
 test -e sandbox.log

diff --git a/tests/unlink_static-1.sh b/tests/unlink_static-1.sh
index 9585862..2281a98 100755
--- a/tests/unlink_static-1.sh
+++ b/tests/unlink_static-1.sh
@@ -5,5 +5,5 @@
 touch f
 test -e f || exit 1
 adddeny "${PWD}"
-unlink_static-0 -1,EPERM f
+unlink_static-0 -1,EPERM f || exit 1
 test -e sandbox.log -a -e f

[gentoo-commits] proj/sandbox:master commit in: tests/

2015-09-28 Thread Mike Frysinger 
commit: 6b0db7d9abfded8bdf8c7d061b261f053eec886d
Author: Mike Frysinger  gentoo  org>
AuthorDate: Mon Sep 28 20:00:17 2015 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Mon Sep 28 20:00:17 2015 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=6b0db7d9

tests: add basic parsing of timespec fields

Signed-off-by: Mike Frysinger  gentoo.org>

 tests/test-skel-0.c | 23 ++-
 tests/tests.h   |  3 +++
 tests/utimensat-0.c |  2 +-
 3 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/tests/test-skel-0.c b/tests/test-skel-0.c
index dbe60db..96e42ae 100644
--- a/tests/test-skel-0.c
+++ b/tests/test-skel-0.c
@@ -9,7 +9,6 @@ const char *color_red= "\033[31;01m";
 # define CONFIG 1
 #endif
 
-#define V_TIMESPEC "NULL"
 #define V_STRMODE "[+bcemx] (see `man 3 fopen`)"
 
 static bool _strtoul(const char *sul, unsigned long *ul)
@@ -132,6 +131,28 @@ int at_get_fd(const char *str_dirfd)
return open(str_path, f_get_flags(str_flags), sscanf_mode_t(str_mode));
 }
 
+#define V_TIMESPEC "NULL | NOW | #[,#]"
+struct timespec *parse_timespec(const char *s)
+{
+   struct timespec *times;
+
+   if (!strcmp(s, "NULL"))
+   return NULL;
+
+   times = xzalloc(sizeof(*times));
+
+   if (!strcmp(s, "NOW")) {
+   times->tv_sec = time(0);
+   } else {
+   long sec = 0, nsec = 0;
+   sscanf(s, "%li,%li", , );
+   times->tv_sec = sec;
+   times->tv_nsec = nsec;
+   }
+
+   return times;
+}
+
 #define V_ACCESS_MODE "r | w | x | f"
 int access_mode(const char *s)
 {

diff --git a/tests/tests.h b/tests/tests.h
index 51dc68a..22733ca 100644
--- a/tests/tests.h
+++ b/tests/tests.h
@@ -10,6 +10,9 @@
 #define err(fmt, args...) ({ _stderr_msg(fmt, ##args); exit(1); })
 #define errp(fmt, args...) ({ _stderr_pmsg(fmt, ##args); exit(1); })
 
+#define xmalloc(size) ({ void *ret = malloc(size); assert(ret); ret; })
+#define xzalloc(size) ({ void *ret = xmalloc(size); memset(ret, 0, size); ret; 
})
+
 typedef struct {
const char *name;
int val;

diff --git a/tests/utimensat-0.c b/tests/utimensat-0.c
index 431d179..99c3fa4 100644
--- a/tests/utimensat-0.c
+++ b/tests/utimensat-0.c
@@ -14,7 +14,7 @@
const char *file = f_get_file(s); \
\
s = argv[i++]; \
-   const struct timespec *times = NULL; \
+   const struct timespec *times = parse_timespec(s); \
\
s = argv[i++]; \
int flags = at_get_flags(s);

[gentoo-commits] proj/sandbox:master commit in: tests/, libsandbox/

2015-09-28 Thread Mike Frysinger 
commit: 4377a68df2a20cda06aadb58c179ce2e8d78f7cd
Author: Mike Frysinger  gentoo  org>
AuthorDate: Mon Sep 28 20:01:33 2015 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Mon Sep 28 20:01:33 2015 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=4377a68d

libsandbox: do not unnecessarily dereference symlinks

When the target uses a func that operates on a symlink, we should not
dereference that symlink when trying to validate the call.  It's both
a waste of time and it subtly breaks code that checks atime updates.
The act of reading symlinks is enough to cause their atime to change.

URL: https://bugs.gentoo.org/415475
Reported-by: Marien Zwart  gentoo.org>
Signed-off-by: Mike Frysinger  gentoo.org>

 libsandbox/libsandbox.c | 15 ---
 tests/utimensat-4.sh| 30 ++
 tests/utimensat.at  |  1 +
 3 files changed, 43 insertions(+), 3 deletions(-)

diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index 1d9fa04..2bcff95 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -909,7 +909,14 @@ static int check_syscall(sbcontext_t *sbcontext, int 
sb_nr, const char *func,
bool access, debug, verbose, set;
 
absolute_path = resolve_path(file, 0);
-   resolved_path = resolve_path(file, 1);
+   /* Do not bother dereferencing symlinks when we are using a function 
that
+* itself does not dereference.  This speeds things up and avoids 
updating
+* the atime implicitly. #415475
+*/
+   if (symlink_func(sb_nr, flags, absolute_path))
+   resolved_path = absolute_path;
+   else
+   resolved_path = resolve_path(file, 1);
if (!absolute_path || !resolved_path)
goto error;
sb_debug_dyn("absolute_path: %s\n", absolute_path);
@@ -955,7 +962,8 @@ static int check_syscall(sbcontext_t *sbcontext, int sb_nr, 
const char *func,
}
 
free(absolute_path);
-   free(resolved_path);
+   if (absolute_path != resolved_path)
+   free(resolved_path);
 
errno = old_errno;
 
@@ -967,7 +975,8 @@ static int check_syscall(sbcontext_t *sbcontext, int sb_nr, 
const char *func,
 */
if (errno_is_too_long()) {
free(absolute_path);
-   free(resolved_path);
+   if (absolute_path != resolved_path)
+   free(resolved_path);
return 2;
}
 

diff --git a/tests/utimensat-4.sh b/tests/utimensat-4.sh
new file mode 100755
index 000..731c7d1
--- /dev/null
+++ b/tests/utimensat-4.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+# make sure we don't accidentally trip atime updates on files
+# through symlinks #415475
+[ "${at_xfail}" = "yes" ] && exit 77 # see script-0
+
+# We assume $PWD supports atimes, and the granularity is more than 1 second.
+# If it doesn't, this test will still pass, but not really because the code
+# was proven to be correct.
+
+# XXX: Maybe we need to add our own stat shim to avoid portability issues ?
+get_atime() {
+   # This shows the full atime field (secs, msecs, nsecs).
+   stat -c %x "$1"
+}
+
+# Create a symlink.
+sym="sym"
+ln -s atime "${sym}"
+
+# Get the state before we test it.
+before=$(get_atime "${sym}")
+
+# A quick sleep of a few msecs.
+sleep 0.1
+
+# See if the atime changes -- it should not.
+utimensat-0 -1,EINVAL AT_FDCWD "${sym}" -1,-1 AT_SYMLINK_NOFOLLOW || exit 1
+after=$(get_atime "${sym}")
+
+[ "${after}" = "${before}" ]

diff --git a/tests/utimensat.at b/tests/utimensat.at
index eec4638..1909650 100644
--- a/tests/utimensat.at
+++ b/tests/utimensat.at
@@ -1,3 +1,4 @@
 SB_CHECK(1)
 SB_CHECK(2)
 SB_CHECK(3)
+SB_CHECK(4)

[gentoo-commits] proj/sandbox:master commit in: tests/

2015-09-27 Thread Mike Frysinger 
commit: 314587590c5ab7204171606cadac52933a49f89d
Author: Mike Frysinger  gentoo  org>
AuthorDate: Sun Sep 20 23:23:10 2015 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Sun Sep 20 23:23:10 2015 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=31458759

tests: avoid overflowing exit codes

Signed-off-by: Mike Frysinger  gentoo.org>

 tests/script-8.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/script-8.sh b/tests/script-8.sh
index 685d5d3..6d9de55 100755
--- a/tests/script-8.sh
+++ b/tests/script-8.sh
@@ -10,4 +10,4 @@ sigsuspend-zsh_static_tst
 s=$?
 echo "ret = $s"
 
-exit $(( d + s ))
+exit $(( d | s ))

[gentoo-commits] proj/sandbox:master commit in: tests/, libsbutil/

2015-09-11 Thread Mike Frysinger 
commit: 13a9a7d17d80b9dae0543e54167d4bca7656e48b
Author: Mike Frysinger  gentoo  org>
AuthorDate: Sun Mar  3 10:38:43 2013 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Sun Mar  3 10:38:43 2013 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=13a9a7d1

sandbox: use a non-shell var for the message path

By allowing the SANDBOX_MESSAGE_PATH var to be stored in the shell
environment and then modified on the fly, we run into a fun edge
case with the PM.  When a phase has finished running, it saves the
current environment.  When the next phase runs, it loads the env
from the previous run.  Since the message path var can contain a
pid, the previous run will no longer be valid.

Since we want this to simply be a way for the active sandbox to
pass information to the active libsandbox.so's, there's no need
to use an env var that the shell can save/reload.  As such, use a
variable name that the shell will skip.  Non-shell programs have
no problem with this.

Signed-off-by: Mike Frysinger  gentoo.org>

 libsbutil/sbutil.h | 2 +-
 tests/script-10.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/libsbutil/sbutil.h b/libsbutil/sbutil.h
index 479734b..c76465f 100644
--- a/libsbutil/sbutil.h
+++ b/libsbutil/sbutil.h
@@ -46,7 +46,7 @@
 #define ENV_SANDBOX_BASHRC "SANDBOX_BASHRC"
 #define ENV_SANDBOX_LOG"SANDBOX_LOG"
 #define ENV_SANDBOX_DEBUG_LOG  "SANDBOX_DEBUG_LOG"
-#define ENV_SANDBOX_MESSAGE_PATH   "SANDBOX_MESSAGE_PATH"
+#define ENV_SANDBOX_MESSAGE_PATH "SANDBOX_MESSAGE_P@TH" /* @ is not a typo */
 #define ENV_SANDBOX_WORKDIR"SANDBOX_WORKDIR"
 
 #define ENV_SANDBOX_DENY   "SANDBOX_DENY"

diff --git a/tests/script-10.sh b/tests/script-10.sh
index 801730e..aa62b01 100755
--- a/tests/script-10.sh
+++ b/tests/script-10.sh
@@ -5,7 +5,7 @@
 ret=0
 
 out=$(env -i env)
-for var in LOG DEBUG_LOG MESSAGE_PATH DENY READ WRITE PREDICT ON ACTIVE ; do
+for var in LOG DEBUG_LOG MESSAGE_P@TH DENY READ WRITE PREDICT ON ACTIVE ; do
var="SANDBOX_${var}"
oval=$(env | grep "^${var}=" | sed 's:^[^=]*=::')

[gentoo-commits] proj/sandbox:master commit in: tests/

2015-09-11 Thread Mike Frysinger 
commit: 3559ba4b30934da041801f1a150fd28d2d64002c
Author: Mike Frysinger  gentoo  org>
AuthorDate: Fri Sep 11 06:47:17 2015 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Fri Sep 11 06:47:17 2015 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=3559ba4b

tests: make sure we ignore stty exit status

If the stty step fails (for any reason really), the main testrunner
will abort with a weird error message:
$ make check
...
/bin/sh './testsuite' AUTOTEST_PATH='src:tests' --jobs=`getconf 
_NPROCESSORS_ONLN || echo 1`
testsuite: error: invalid content: atlocal
...

Make sure we ignore stty's exit status, and we put a final comment/$?
reset at the end of the script.

Signed-off-by: Mike Frysinger  gentoo.org>

 tests/atlocal.in | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tests/atlocal.in b/tests/atlocal.in
index 8435f61..b9a631b 100644
--- a/tests/atlocal.in
+++ b/tests/atlocal.in
@@ -21,4 +21,7 @@ fi
 export SANDBOX_VERBOSE=0
 
 # If the terminal has this flag set, the tests get all messed up.
-stty -tostop 2>/dev/null
+stty -tostop 2>/dev/null || :
+
+# This script must finish with ($? == 0) else the autotest runner gets upset.
+:

[gentoo-commits] proj/sandbox:master commit in: tests/

2015-09-11 Thread Mike Frysinger 
commit: 441c11d5c5f628d2be20972b023d908bf6c39fc8
Author: Mike Frysinger  gentoo  org>
AuthorDate: Fri Sep 11 07:10:51 2015 +
Commit: Mike Frysinger  gentoo  org>
CommitDate: Fri Sep 11 07:10:51 2015 +
URL:https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=441c11d5

tests: add dynamic/static categories

This way we can quickly execute the tests that run dynamic or static
binaries.  We leave scripts out as they're a bit of a special case.

Signed-off-by: Mike Frysinger  gentoo.org>

 tests/local.at | 4 
 1 file changed, 4 insertions(+)

diff --git a/tests/local.at b/tests/local.at
index f937ff1..95db774 100644
--- a/tests/local.at
+++ b/tests/local.at
@@ -17,6 +17,10 @@ m4_defun([AT_SB_CHECK],[AT_CHECK([SB_RUN 
$1],[$2],[$3],[$4],[$5],[$6])])
 m4_defun([SB_CHECK],[dnl
 AT_SETUP([SB_SECTION/$1])
 AT_KEYWORDS([SB_SECTION])
+m4_bmatch(SB_SECTION,
+   [_static$], [AT_KEYWORDS([static])],
+   [^script$], [],
+   [AT_KEYWORDS([dynamic])])
 AT_XFAIL_IF([(
]SB_SECTION[-0 >/dev/null ; test $? -eq 77 && exit 0
if expr ]SB_SECTION[ : .*_static >/dev/null ; then