summaryrefslogtreecommitdiff
path: root/init.cfg
AgeCommit message (Collapse)Author
2014-08-01chroot: perform chdir("/") again unless new --skip-chdir is specifiedBernhard Voelker
Since commit v8.22-94-g99960ee, chroot(1) skips the chroot(2) syscall for "/" arguments (and synonyms). The problem is that it also skips the following chdir("/") call in that case. The latter breaks existing scripts which expect "/" to be the working directory inside the chroot. While the first part of the change - i.e., skipping chroot("/") - is okay for consistency with systems where it might succeed for a non-root user, the second part might be malicious, e.g. cd /home/user && chroot '/' bin/foo In the "best" case, chroot(1) could not execute 'bin/foo' with ENOENT, but in the worst case, chroot(1) would execute '/home/user/bin/foo' in the case that exists - instead of '/bin/foo'. Revert that second part of the patch, i.e., perform the chdir("/) in the common case again - unless the new --skip-chdir option is specified. Restrict this new option to the case of "/" arguments. * src/chroot.c (SKIP_CHDIR): Add enum. (long_opts): Add entry for the new --skip-chdir option. (usage): Add --skip-chdir option, and while at it, move the other to options into alphabetical order. (main): Accept the above new option, allowing it only in the case when NEWROOT is the old "/". Move down the chdir() call after the if-clause to ensure it is run in any case - unless --skip-chdir is specified. Add a 'newroot' variable for the new root directory as it is used in a couple of places now. * tests/misc/chroot-fail.sh: Invert the last tests which check the working directory of the execvp()ed program when a "/"-like argument was passed: now expect it to be "/" - unless --skip-chdir is given. * doc/coreutils.texi (chroot invocation): Document the new option. Document that chroot(1) usually calls chdir("/") unless the new --skip-chdir option is specified. Sort options. * NEWS (Changes in behavior): Mention the fix. (New features): Mention the new option. * init.cfg (nonroot_has_perm_): Add chroot's new --skip-chdir option. * tests/cp/preserve-gid.sh (t1): Likewise. * tests/cp/special-bits.sh: Likewise. * tests/id/setgid.sh: Likewise. * tests/misc/truncate-owned-by-other.sh: Likewise. * tests/mv/sticky-to-xpart.sh: Likewise. * tests/rm/fail-2eperm.sh: Likewise. * tests/rm/no-give-up.sh: Likewise. * tests/touch/now-owned-by-other.sh: Likewise. Reported by Andreas Schwab in http://bugs.gnu.org/18062
2014-06-26tests: use predetermined NON_ROOT_GIDPádraig Brady
* HACKING: GID is more useful in tests than group name, so rename input param from NON_ROOT_GROUP to NON_ROOT_GID to make it obvious that only a group ID is now acceptable, thus allowing GID lookups to be avoided throughout the tests. * init.cfg (require_root_): Likewise. * tests/misc/truncate-owned-by-other.sh: Avoid looking up the GID. * tests/touch/now-owned-by-other.sh: Likewise. * tests/misc/chroot-credentials.sh: Likewise. Also fix an instance of comparison against NON_ROOT_GROUP which would have given a false failure if a non numeric value was passed in. * tests/id/setgid.sh: Use previously looked up gid as a more accurate base for the subsequent adjustment, and move the uid lookup within chroot, rather than having the overhead of a separate `id` invocation.
2014-05-21tests: use chroot --user rather than internal setuidgid toolPádraig Brady
* init.cfg (require_root_): Adjust to use chroot, and make `require_built_ chroot` implicit when chroot used in the test. * po/POTFILES.in: Remove reference to setuidgid tool. * src/.gitignore: Likewise. * src/local.mk: Likewise. * src/setuidgid.c: Remove. * tests/cp/preserve-gid.sh: s/setuidgid/chroot --user/. * tests/cp/special-bits.sh: Likewise. * tests/id/setgid.sh: Likewise. * tests/misc/truncate-owned-by-other.sh * tests/mv/sticky-to-xpart.sh: Likewise. * tests/rm/fail-2eperm.sh: Likewise. * tests/rm/no-give-up.sh: Likewise. * tests/touch/now-owned-by-other.sh: Likewise. * tests/misc/chroot-fail.sh: Skip if chroot not built.
2014-05-05tests: initial SMACK testsJarkko Sakkinen
* init.cfg (require_smack_): New function. * local.mk: Referenced new tests. * tests/id/smack.sh: SMACK tests (new file). * tests/mkdir/smack-no-root.sh: SMACK tests (new file). * tests/mkdir/smack-root.sh: SMACK tests (new file).
2014-01-13maint: tests: refactor gcc commands for building shared libPádraig Brady
* init.cfg (gcc_shared_): A new function refactored from tests. (require_gcc_shared_): Adjust to call gcc_shared_() to build the test library, and remove that library before the function returns. * tests/cp/nfs-removal-race.sh: Call the new gcc_shared_(). * tests/df/no-mtab-status.sh: Likewise. * tests/df/skip-duplicates.sh: Likewise. * tests/ls/getxattr-speedup.sh: Likewise. * tests/rm/r-root.sh: Likewise.
2014-01-10tests: improve test for a working setfaclBernhard Voelker
Prompted by a test framework failure of tests/mkdir/p-acl.sh on armv7l: The previous test for a working setfacl was not sufficient in some circumstances. * init.cfg (require_setfacl_): Call setfacl twice with conflictive ACL specs, and use ACL specs which can't be mapped into regular file permission bits. Document the reasons.
2014-01-02maint: update all copyright year number rangesBernhard Voelker
Run "make update-copyright", but then also run this, perl -pi -e 's/2\d\d\d-//' tests/sample-test to make that one script use the single most recent year number.
2013-12-05tests: fix false failure with disabled SELinux supportPádraig Brady
This could trigger on SELinux systems where we build --qithout-selinux or where the SELinux development libraries are not installed. * init.cfg (require_selinux_enforcing_): Call require_selinux_() to determine if the current build supports SELinux. This avoids a false failure in tests/mkdir/selinux.sh where only mkdir would determine that SELinux was disabled and thus ignore invalid contexts. (require_selinux_): Refactor a little to distinguish whether it's the build or the (file) system that doesn't support SELinux.
2013-04-25tests: fix usage of require_ulimit_Pádraig Brady
* init.cfg (require_ulimit_v_): Renamed from require_ulimit_ as this only checks for ulimit -v support. Other uses of ulimit -t and ulimit -n in tests shouldn't cause false failures if not supported. * cfg.mk (sc_prohibit_test_ulimit_without_require_): A new syntax check to ensure that require_ulimit_v_() is used iff required. * tests/misc/head-c.sh: Add missing call to require_ulimit_v_. * tests/rm/many-dir-entries-vs-OOM.sh: Likewise. * tests/split/r-chunk.sh: Remove non mandatory require_ulimit_ call. * tests/misc/sort-merge-fdlimit.sh: Likewise. * tests/cp/link-heap.sh: Adjust to renamed require_ulimit_v_. * tests/dd/no-allocate.sh: Likewise. * tests/misc/csplit-heap.sh: Likewise. * tests/misc/cut-huge-to-eol-range.sh: Likewise. * tests/misc/printf-surprise.sh: Likewise.
2013-04-20tail: let -f --retry wait for inaccessible filesBernhard Voelker
The --retry option is indeed useful for both following modes by name and by file descriptor. The difference is that in the latter case, it is effective only during the initial open. As a regression of the implementation of the inotify support, tail -f --retry would immediately exit if the given file is inaccessible. * src/tail.c (usage): Change the description of the --retry option: remove the note that this option would mainly be useful when following by name. (main): Change diagnosing dubios uses of --retry option: when the --retry option is used without following, then issue a warning that this option is ignored; when it is used together with --follow=descriptor, then issue a warning that it is only effective for the initial open. Disable inotify also in the case when the initial open in tail_file() failed (which is the actual bug fix). * init.cfg (retry_delay_): Pass excess arguments to the test function. * tests/tail-2/retry.sh: Add new tests. * tests/local.mk (all_tests): Mention it. * doc/coreutils.texi (tail invocation): Enhance the documentation of the --retry option. Clarify the difference in tail's behavior regarding the --retry option when combined with the following modes name versus descriptor. * NEWS (Bug fixes): Mention the fix. Reported by Noel Morrison in: http://lists.gnu.org/archive/html/coreutils/2013-04/msg00003.html
2013-04-14tests: avoid false failures with non default groupsPádraig Brady
On OS X it was seen that the group ID used for new files, are set to a that of the directory rather than the current user. It's not currently understood when this happens, but it was confirmed that ACLs, extended attributes and setgid bits are _not_ involved. * init.cfg (skip_if_nondefault_group_): A new function to detect and avoid this situation. Document with links to the discussions for hopefully future clarification. * tests/install/install-C-root.sh: Use the new function. * tests/install/install-C-selinux.sh: Likewise. * tests/install/install-C.sh: Likewise.
2013-04-04tests: avoid shared lib tests on unsupported platformsPádraig Brady
* init.cfg (require_gcc_shared_): A new function to check that we can build shared libraries in the particular manner we use in our tests. * tests/cp/nfs-removal-race.sh: Use require_gcc_shared_. Then fail rather than skip, if the actual shared lib build fails. * tests/df/no-mtab-status.sh: Likewise. * tests/df/skip-duplicates.sh: Likewise. * tests/ls/getxattr-speedup.sh: Likewise. Reported in http://bugs.gnu.org/14024
2013-01-01maint: update all copyright year number rangesJim Meyering
Run "make update-copyright", but then also run this, perl -pi -e 's/2\d\d\d-//' tests/sample-test to make that one script use the single most recent year number.
2012-12-21tests: avoid false positive valgrind failuresPádraig Brady
* init.cfg (require_valgrind_): Check the `true` program, which will check more valgrind failure cases as now detailed in the function comments.
2012-11-01tests: fix syntax error in setuidgid_has_perm_Bernhard Voelker
An invalid sed expression lead to the following error: + sed -n 'ls/.* //p' sed: -e expression #1, char 2: extra characters after command Use "one" instead of "el". Bug introduced in v8.19-111-g51a4b04. * init.cfg (setuidgid_has_perm_): s/ls/1s/. * NEWS (Build-related): Mention the fix.
2012-09-07tests: improve checks for setuidgid-using root-only testsJim Meyering
* init.cfg (setuidgid_has_perm_): New function. (require_root_): Use it. Improved-by: Bernhard Voelker * NEWS (Build-related): Mention the improvement.
2012-09-05tests: more resilient about tainted absolute srcdir pathStefano Lattarini
* tests/init.cfg (stty_reversible_init_): Quote '$abs_top_srcdir' properly. (fiemap_capable_): Quote '$abs_srcdir' properly. (require_dirent_d_type_): Likewise.
2012-09-05build: don't use recursive make for tests/ subdirectoryStefano Lattarini
* Makefile.am (SUBDIRS): Remove 'tests'. (include): The '$(top_srcdir)/tests/local.mk' file. (check-root): Remove this convenience target, it's no longer needed now that the "real" check-root target once in 'tests/Makefile' will land in the top-level makefile. * configure.ac (AC_CONFIG_FILES): Remove 'tests/Makefile'. * tests/Makefile.am: Rename ... * tests/local.mk: ... like this, with a lot of adjustments. * tests/init.cfg: Move ... * init.cfg: ... here. This is necessary, for a limitation of the gnulib-provided 'tests/init.sh', which unconditionally look for 'init.cfg' in the $(srcdir) directory. * tests/*/*.sh: Adjust: expect init.sh to be in '$srcdir/tests', not in '$srcdir', and extend $PATH with './src', not with '../src'. * tests/Coreutils.pm: Adjust similarly. * tests/pr/pr-tests.pl ($pfx): Likewise.