stas 2003/12/13 18:09:04
Modified: perl-framework/Apache-Test/lib/Apache TestRun.pm
perl-framework/Apache-Test Changes
Log:
Another attempt at providing a test function that verifies whether
Apache when switching from 'root' to 'nobody' or another user will be
able to access and create files under the t/ directory. This time
using perl's vars $(, $< since POSIX equivalents seem to be broken on
some systems. Also using a better test that actually tries to
write/read/execute in the path under test.
Revision Changes Path
1.124 +47 -11
httpd-test/perl-framework/Apache-Test/lib/Apache/TestRun.pm
Index: TestRun.pm
===================================================================
RCS file:
/home/cvs/httpd-test/perl-framework/Apache-Test/lib/Apache/TestRun.pm,v
retrieving revision 1.123
retrieving revision 1.124
diff -u -u -r1.123 -r1.124
--- TestRun.pm 24 Nov 2003 08:28:34 -0000 1.123
+++ TestRun.pm 14 Dec 2003 02:09:04 -0000 1.124
@@ -13,7 +13,7 @@
use File::Find qw(finddepth);
use File::Spec::Functions qw(catfile);
-use File::Basename qw(basename);
+use File::Basename qw(basename dirname);
use Getopt::Long qw(GetOptions);
use Config;
@@ -809,6 +809,44 @@
}
}
+# this sub is executed from an external process only, since it
+# "sudo"'s into a uid/gid of choice
+sub run_root_fs_test {
+ my($uid, $gid, $dir) = @_;
+
+ # first must change gid and egid
+ $( = $) = $gid+0;
+ die "failed to change gid to $gid" unless $( == $gid;
+
+ # only now can change uid and euid
+ $< = $> = $uid+0;
+ die "failed to change uid to $uid" unless $< == $uid;
+
+ my $file = catfile $dir, ".apache-test-file-$$-".time.int(rand);
+ eval "END { unlink q[$file] }";
+
+ # unfortunately we can't run the what seems to be an obvious test:
+ # -r $dir && -w _ && -x _
+ # since not all perl implementations do it right (e.g. sometimes
+ # acls are ignored, at other times setid/gid change is ignored)
+ # therefore we test by trying to attempt to read/write/execute
+
+ # -w
+ open TEST, ">$file" or die "failed to open $file: $!";
+
+ # -x
+ -f $file or die "$file cannot be looked up";
+ close TEST;
+
+ # -r
+ opendir DIR, $dir or die "failed to open dir $dir: $!";
+ defined readdir DIR or die "failed to read dir $dir: $!";
+ close DIR;
+
+ # all tests passed
+ print "OK";
+}
+
sub check_perms {
my ($self, $user, $uid, $gid) = @_;
@@ -817,16 +855,14 @@
my $dir = $vars->{t_dir};
my $perl = $vars->{perl};
- my $check = <<"EOC";
-$perl -e '
- require POSIX;
- POSIX::setuid($uid);
- POSIX::setgid($gid);
- print -r q{$dir} && -w _ && -x _ ? q{OK} : q{NOK};
-'
-EOC
- $check =~ s/\n/ /g;
- warning "$check\n";
+ # find where Apache::TestRun was loaded from, so we load this
+ # exact package from the external process
+ my $inc = dirname dirname $INC{"Apache/TestRun.pm"};
+ my $sub = "Apache::TestRun::run_root_fs_test";
+ my $check = <<"EOI";
+$perl -Mlib=$inc -MApache::TestRun -e 'eval { $sub($uid, $gid, q[$dir]) }';
+EOI
+ warning "testing whether '$user' is able to -rwx $dir\n$check\n";
my $res = qx[$check] || '';
warning "result: $res";
1.72 +7 -0 httpd-test/perl-framework/Apache-Test/Changes
Index: Changes
===================================================================
RCS file: /home/cvs/httpd-test/perl-framework/Apache-Test/Changes,v
retrieving revision 1.71
retrieving revision 1.72
diff -u -u -r1.71 -r1.72
--- Changes 10 Dec 2003 02:26:30 -0000 1.71
+++ Changes 14 Dec 2003 02:09:04 -0000 1.72
@@ -8,6 +8,13 @@
=item 1.07-dev
+Another attempt at providing a test function that verifies whether
+Apache when switching from 'root' to 'nobody' or another user will be
+able to access and create files under the t/ directory. This time
+using perl's vars $(, $< since POSIX equivalents seem to be broken on
+some systems. Also using a better test that actually tries to
+write/read/execute in the path under test. [Stas]
+
Cleanly exit (and complain) if the default hostname resolution has
failed (usually due to a missing localhost entry in /etc/hosts) [Stas]
