systemd-stable/test/units/testsuite-22.08.sh

#!/bin/bash
# SPDX-License-Identifier: LGPL-2.1-or-later
#
# Verify tmpfiles can run in a root directory under a path prefix that contains
# directories owned by unprivileged users, for example when a root file system
# is mounted in a regular user's home directory.
#
# https://github.com/systemd/systemd/pull/11820
set -eux
set -o pipefail

rm -fr /tmp/root /tmp/user
mkdir -p /tmp/root /tmp/user/root
chown daemon:daemon /tmp/user

# Verify the command works as expected with no prefix or a root-owned prefix.
echo 'd /tmp/root/test1' | systemd-tmpfiles --create -
test -d /tmp/root/test1
echo 'd /test2' | systemd-tmpfiles --root=/tmp/root --create -
test -d /tmp/root/test2

# Verify the command fails to write to a root-owned subdirectory under an
# unprivileged user's directory when it's not part of the prefix, as expected
# by the unsafe_transition function.
echo 'd /tmp/user/root/test' | systemd-tmpfiles --create - \
    && { echo 'unexpected success'; exit 1; }
test ! -e /tmp/user/root/test
echo 'd /user/root/test' | systemd-tmpfiles --root=/tmp --create - \
    && { echo 'unexpected success'; exit 1; }
test ! -e /tmp/user/root/test

# Verify the above works when all user-owned directories are in the prefix.
echo 'd /test' | systemd-tmpfiles --root=/tmp/user/root --create -
test -d /tmp/user/root/test
test: use set -eux and set -o pipefail everywhere This should make the scripts more robust. 2021-04-09 20:39:41 +03:00			`#!/bin/bash`
tests: add spdx headers to scripts and Makefiles 2021-10-17 19:13:06 +03:00			`# SPDX-License-Identifier: LGPL-2.1-or-later`
TEST-22: add test for unprivileged dirs in root prefixes This verifies the fix for the issue described in: https://github.com/systemd/systemd/pull/11820 2019-02-26 20:25:48 +03:00			`#`
			`# Verify tmpfiles can run in a root directory under a path prefix that contains`
			`# directories owned by unprivileged users, for example when a root file system`
			`# is mounted in a regular user's home directory.`
			`#`
			`# https://github.com/systemd/systemd/pull/11820`
test: use set -eux and set -o pipefail everywhere This should make the scripts more robust. 2021-04-09 20:39:41 +03:00			`set -eux`
			`set -o pipefail`
TEST-22: add test for unprivileged dirs in root prefixes This verifies the fix for the issue described in: https://github.com/systemd/systemd/pull/11820 2019-02-26 20:25:48 +03:00
			`rm -fr /tmp/root /tmp/user`
			`mkdir -p /tmp/root /tmp/user/root`
			`chown daemon:daemon /tmp/user`

			`# Verify the command works as expected with no prefix or a root-owned prefix.`
			`echo 'd /tmp/root/test1' \| systemd-tmpfiles --create -`
			`test -d /tmp/root/test1`
			`echo 'd /test2' \| systemd-tmpfiles --root=/tmp/root --create -`
			`test -d /tmp/root/test2`

			`# Verify the command fails to write to a root-owned subdirectory under an`
			`# unprivileged user's directory when it's not part of the prefix, as expected`
			`# by the unsafe_transition function.`
TEST-*: make failure tests actually fail on failure Here the intent was actually correct, and the tests still pass when the check is made effective. 2021-04-08 02:27:33 +03:00			`echo 'd /tmp/user/root/test' \| systemd-tmpfiles --create - \`
			`&& { echo 'unexpected success'; exit 1; }`
tests: make inverted tests actually count "! test ..." does not cause the script to fail, even with set -e. IIUC, bash treats this command as part of an expression line, as it would if 'test ... && ...' was used. Failing expression lines do not terminate the script. This fixes the obvious cases by changing '! test' → 'test !'. Then the inversion happens internally in test and bash will propagate the failure. 2021-04-08 00:24:25 +03:00			`test ! -e /tmp/user/root/test`
TEST-*: make failure tests actually fail on failure Here the intent was actually correct, and the tests still pass when the check is made effective. 2021-04-08 02:27:33 +03:00			`echo 'd /user/root/test' \| systemd-tmpfiles --root=/tmp --create - \`
			`&& { echo 'unexpected success'; exit 1; }`
tests: make inverted tests actually count "! test ..." does not cause the script to fail, even with set -e. IIUC, bash treats this command as part of an expression line, as it would if 'test ... && ...' was used. Failing expression lines do not terminate the script. This fixes the obvious cases by changing '! test' → 'test !'. Then the inversion happens internally in test and bash will propagate the failure. 2021-04-08 00:24:25 +03:00			`test ! -e /tmp/user/root/test`
TEST-22: add test for unprivileged dirs in root prefixes This verifies the fix for the issue described in: https://github.com/systemd/systemd/pull/11820 2019-02-26 20:25:48 +03:00
			`# Verify the above works when all user-owned directories are in the prefix.`
			`echo 'd /test' \| systemd-tmpfiles --root=/tmp/user/root --create -`
			`test -d /tmp/user/root/test`