diff options
| author | Jim Meyering <jim@meyering.net> | 2003-07-19 11:19:12 +0000 |
|---|---|---|
| committer | Jim Meyering <jim@meyering.net> | 2003-07-19 11:19:12 +0000 |
| commit | 1d510c3f9bfd66a4c6c7880af01ba7a5b96b59cf (patch) | |
| tree | 0f18a4c801608e734b48d0e6a5c2f6479c10cd65 | |
| parent | c321e53e8861cb04fcc6eea875f395fbd669f5e7 (diff) | |
| download | coreutils-1d510c3f9bfd66a4c6c7880af01ba7a5b96b59cf.tar.xz | |
Use `id -u' to see if we're running as root,
rather than trying go write to an write-protected file.
When running as root, ensure $NON_ROOT_USERNAME is valid.
When running as root with `require-non-root', ensure that `.'
is writable by $NON_ROOT_USERNAME, then reinvoke $0 set-user-ID
to $NON_ROOT_USERNAME. If `.' is not writable, then skip the test.
| -rw-r--r-- | tests/priv-check | 72 |
1 files changed, 44 insertions, 28 deletions
diff --git a/tests/priv-check b/tests/priv-check index 877081790..abb336023 100644 --- a/tests/priv-check +++ b/tests/priv-check @@ -9,43 +9,33 @@ case "$PRIV_CHECK_ARG" in 1>&2; exit 1;; esac -priv_check_temp=priv-check.$$ -touch $priv_check_temp || framework_failure=1 -chmod a-w $priv_check_temp || framework_failure=1 +# Make sure id -u succeeds. +my_uid=`id -u` +test $? = 0 || { + echo "$0: cannot run \`id -u'" 1>&2 + (exit 1); exit +} -# FIXME: use id -u, as below -- avoiding use of a temporary file -(echo foo >> $priv_check_temp) >/dev/null 2>&1 -overwrite_status=$? -give_msg=no -case $PRIV_CHECK_ARG:$overwrite_status in - require-root:0) ;; - require-root:*) give_msg=yes ;; - require-non-root:0) give_msg=yes ;; - require-non-root:*) ;; +# Make sure it gives valid output. +case $my_uid in + *[^0-9]*) + echo "$0: invalid output (\`$my_uid') from \`id -u'" 1>&2 + (exit 1); exit + ;; + *) ;; esac -test $give_msg = yes && { - cat <<EOF -*************************** -NOTICE: -$0: This test is being skipped, since it works only -when run $who. -*************************** -EOF - rm -f $priv_check_temp - (exit 77); exit -} - -test "$PRIV_CHECK_ARG" = require-root && +test $my_uid = 0 && \ { # When running as root, always ensure that we have a valid non-root username. + # As non-root, don't do anything, since we won't be running setuidgid. : ${NON_ROOT_USERNAME=nobody} # Ensure that the supplied username is valid and with UID != 0. - coreutils_non_root_uid=`setuidgid $NON_ROOT_USERNAME id -u` + coreutils_non_root_uid=`id -u $NON_ROOT_USERNAME` test $? = 0 || \ { - echo "$0: This command failed: \`setuidgid $NON_ROOT_USERNAME id -u'" 1>&2 + echo "$0: This command failed: \`id -u $NON_ROOT_USERNAME'" 1>&2 echo "$0: Skipping this test. To enable it, set the envvar" 1>&2 echo "$0: NON_ROOT_USERNAME to a non-root user name." 1>&2 (exit 77); exit 77 @@ -58,4 +48,30 @@ test "$PRIV_CHECK_ARG" = require-root && } } -rm -f $priv_check_temp +give_msg=no +case $PRIV_CHECK_ARG:$my_uid in + require-root:0) ;; + require-root:*) give_msg=yes ;; + require-non-root:0) + # `.' must be writable by $NON_ROOT_USERNAME + setuidgid $NON_ROOT_USERNAME test -w . || + { + echo "$0: `pwd`: not writable by user \`$NON_ROOT_USERNAME'" 1>&2 + echo "$0: skipping this test" 1>&2 + (exit 77); exit + } + exec setuidgid $NON_ROOT_USERNAME $0 + ;; + require-non-root:*) ;; +esac + +test $give_msg = yes && { + cat <<EOF +*************************** +NOTICE: +$0: This test is being skipped, since it works only +when run $who. +*************************** +EOF + (exit 77); exit +} |