From 81e1f7761fcab2e0e99f86e9c7751186f0f6731c Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Wed, 7 Jun 2017 13:12:08 -0400 Subject: [PATCH] tests: Add a test for bare-user-only failing to commit suid content We didn't have coverage of this before, and adding the test infrastructure will help ensure we have coverage for more changes here. Closes: #913 Approved by: alexlarsson --- tests/test-basic-user-only.sh | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/tests/test-basic-user-only.sh b/tests/test-basic-user-only.sh index a3e63aac..7184fe94 100755 --- a/tests/test-basic-user-only.sh +++ b/tests/test-basic-user-only.sh @@ -22,4 +22,28 @@ set -euo pipefail . $(dirname $0)/libtest.sh setup_test_repository "bare-user-only" +extra_basic_tests=1 . $(dirname $0)/basic-test.sh + +# Reset things so we don't inherit a lot of state from earlier tests +cd ${test_tmpdir} +rm repo files -rf +ostree_repo_init repo init --mode=bare-user-only + +# Init an archive repo where we'll store content that can't go into bare-user +cd ${test_tmpdir} +rm repo-input -rf +ostree_repo_init repo-input init --mode=archive +cd ${test_tmpdir} +cat > statoverride.txt < files/some-setuid +chmod 0644 files/some-setuid +$CMD_PREFIX ostree --repo=repo-input commit -b content-with-suid --statoverride=statoverride.txt --tree=dir=files +if $CMD_PREFIX ostree pull-local --repo=repo repo-input 2>err.txt; then + assert_not_reached "copying suid file into bare-user worked?" +fi +assert_file_has_content err.txt "Invalid mode.*with bits 040.*in bare-user-only" +echo "ok failed to commit suid"