2020-09-26 12:58:24 +03:00
#!/usr/bin/env bash
2021-10-01 14:04:32 +03:00
# SPDX-License-Identifier: LGPL-2.1-or-later
2020-09-26 12:58:24 +03:00
set -e
SYSUSERS = " ${ 1 :- systemd -sysusers } "
[ -e " $( dirname $0 ) /../systemd-runtest.env " ] && . " $( dirname $0 ) /../systemd-runtest.env "
SYSTEMD_TEST_DATA = ${ SYSTEMD_TEST_DATA :- @SYSTEMD_TEST_DATA@ }
SOURCE = $SYSTEMD_TEST_DATA /test-sysusers
TESTDIR = $( mktemp --tmpdir --directory "test-sysusers.XXXXXXXXXX" )
trap " rm -rf ' $TESTDIR ' " EXIT INT QUIT PIPE
prepare_testdir( ) {
mkdir -p $TESTDIR /etc/sysusers.d/
mkdir -p $TESTDIR /usr/lib/sysusers.d/
rm -f $TESTDIR /etc/*{ passwd,group,shadow}
for i in $1 .initial-{ passwd,group,shadow} ; do
test -f $i && cp $i $TESTDIR /etc/${ i #*.initial- }
done
return 0
}
2020-09-25 18:16:06 +03:00
[ @SYSTEM_UID_MAX@ -lt @SYSTEM_GID_MAX@ ] && system_guid_max = @SYSTEM_UID_MAX@ || system_guid_max = @SYSTEM_GID_MAX@
2020-09-26 12:58:24 +03:00
preprocess( ) {
2020-09-25 18:16:06 +03:00
m = ${ 2 :- $system_guid_max }
sed -e " s/SYSTEM_UGID_MAX/ $m /g;
s#NOLOGIN#@NOLOGIN@#g" " $1 "
2020-09-26 12:58:24 +03:00
}
compare( ) {
2020-09-25 18:16:06 +03:00
if ! diff -u $TESTDIR /etc/passwd <( preprocess $1 .expected-passwd $3 ) ; then
test-sysusers: fix how paths are calculated
We were looking at ${f%.*}, i.e. the $f with any suffix starting with a dot removed.
This worked fine for paths like /some/path/test-11.input. It also worked
for paths like /some/path/inline (there were no dots, so we got $f back unscathed).
But in the ubuntu CI the package is built in a temporary directory like
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.UfW/ (yes, it has a dot, even two.).
That still worked for the first case, but in the second case we truncated things
after the first dot, and we would try to get
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build and try to load
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.expected-password, which obviously
didn't work as expected. To avoid this issue, do the suffix removal only when
we know that there really is a suffix.
A second minor issue was that we would try to copy $1.expected-*, and sometimes
$1 would be given, and sometimes not. Effectively we were relying on there
not being any files matching .expected-*. There weren't any such files, but let's
avoid this ugliness and always pass $1.
2020-10-01 15:16:46 +03:00
echo " **** Unexpected output for $f $2 "
2020-09-26 12:58:24 +03:00
exit 1
fi
2020-09-25 18:16:06 +03:00
if ! diff -u $TESTDIR /etc/group <( preprocess $1 .expected-group $3 ) ; then
2020-09-26 12:58:24 +03:00
echo " **** Unexpected output for $f $2 "
exit 1
fi
}
rm -f $TESTDIR /etc/sysusers.d/* $TESTDIR /usr/lib/sysusers.d/*
# happy tests
2020-09-27 12:30:17 +03:00
for f in $( ls -1 $SOURCE /test-*.input | sort -V) ; do
2020-09-26 12:58:24 +03:00
echo " *** Running $f "
prepare_testdir ${ f %.input }
cp $f $TESTDIR /usr/lib/sysusers.d/test.conf
$SYSUSERS --root= $TESTDIR
test-sysusers: fix how paths are calculated
We were looking at ${f%.*}, i.e. the $f with any suffix starting with a dot removed.
This worked fine for paths like /some/path/test-11.input. It also worked
for paths like /some/path/inline (there were no dots, so we got $f back unscathed).
But in the ubuntu CI the package is built in a temporary directory like
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.UfW/ (yes, it has a dot, even two.).
That still worked for the first case, but in the second case we truncated things
after the first dot, and we would try to get
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build and try to load
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.expected-password, which obviously
didn't work as expected. To avoid this issue, do the suffix removal only when
we know that there really is a suffix.
A second minor issue was that we would try to copy $1.expected-*, and sometimes
$1 would be given, and sometimes not. Effectively we were relying on there
not being any files matching .expected-*. There weren't any such files, but let's
avoid this ugliness and always pass $1.
2020-10-01 15:16:46 +03:00
compare ${ f %.* } ""
2020-09-26 12:58:24 +03:00
done
2020-09-27 12:30:17 +03:00
for f in $( ls -1 $SOURCE /test-*.input | sort -V) ; do
2020-09-26 12:58:24 +03:00
echo " *** Running $f on stdin "
prepare_testdir ${ f %.input }
touch $TESTDIR /etc/sysusers.d/test.conf
cat $f | $SYSUSERS --root= $TESTDIR -
test-sysusers: fix how paths are calculated
We were looking at ${f%.*}, i.e. the $f with any suffix starting with a dot removed.
This worked fine for paths like /some/path/test-11.input. It also worked
for paths like /some/path/inline (there were no dots, so we got $f back unscathed).
But in the ubuntu CI the package is built in a temporary directory like
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.UfW/ (yes, it has a dot, even two.).
That still worked for the first case, but in the second case we truncated things
after the first dot, and we would try to get
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build and try to load
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.expected-password, which obviously
didn't work as expected. To avoid this issue, do the suffix removal only when
we know that there really is a suffix.
A second minor issue was that we would try to copy $1.expected-*, and sometimes
$1 would be given, and sometimes not. Effectively we were relying on there
not being any files matching .expected-*. There weren't any such files, but let's
avoid this ugliness and always pass $1.
2020-10-01 15:16:46 +03:00
compare ${ f %.* } "on stdin"
2020-09-26 12:58:24 +03:00
done
2020-09-27 12:30:17 +03:00
for f in $( ls -1 $SOURCE /test-*.input | sort -V) ; do
2020-09-26 12:58:24 +03:00
echo " *** Running $f on stdin with --replace "
prepare_testdir ${ f %.input }
touch $TESTDIR /etc/sysusers.d/test.conf
# this overrides test.conf which is masked on disk
cat $f | $SYSUSERS --root= $TESTDIR --replace= /etc/sysusers.d/test.conf -
# this should be ignored
cat $SOURCE /test-1.input | $SYSUSERS --root= $TESTDIR --replace= /usr/lib/sysusers.d/test.conf -
test-sysusers: fix how paths are calculated
We were looking at ${f%.*}, i.e. the $f with any suffix starting with a dot removed.
This worked fine for paths like /some/path/test-11.input. It also worked
for paths like /some/path/inline (there were no dots, so we got $f back unscathed).
But in the ubuntu CI the package is built in a temporary directory like
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.UfW/ (yes, it has a dot, even two.).
That still worked for the first case, but in the second case we truncated things
after the first dot, and we would try to get
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build and try to load
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.expected-password, which obviously
didn't work as expected. To avoid this issue, do the suffix removal only when
we know that there really is a suffix.
A second minor issue was that we would try to copy $1.expected-*, and sometimes
$1 would be given, and sometimes not. Effectively we were relying on there
not being any files matching .expected-*. There weren't any such files, but let's
avoid this ugliness and always pass $1.
2020-10-01 15:16:46 +03:00
compare ${ f %.* } "on stdin with --replace"
2020-09-26 12:58:24 +03:00
done
# test --inline
echo "*** Testing --inline"
test-sysusers: fix how paths are calculated
We were looking at ${f%.*}, i.e. the $f with any suffix starting with a dot removed.
This worked fine for paths like /some/path/test-11.input. It also worked
for paths like /some/path/inline (there were no dots, so we got $f back unscathed).
But in the ubuntu CI the package is built in a temporary directory like
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.UfW/ (yes, it has a dot, even two.).
That still worked for the first case, but in the second case we truncated things
after the first dot, and we would try to get
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build and try to load
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.expected-password, which obviously
didn't work as expected. To avoid this issue, do the suffix removal only when
we know that there really is a suffix.
A second minor issue was that we would try to copy $1.expected-*, and sometimes
$1 would be given, and sometimes not. Effectively we were relying on there
not being any files matching .expected-*. There weren't any such files, but let's
avoid this ugliness and always pass $1.
2020-10-01 15:16:46 +03:00
prepare_testdir $SOURCE /inline
2020-09-26 12:58:24 +03:00
# copy a random file to make sure it is ignored
cp $f $TESTDIR /etc/sysusers.d/confuse.conf
$SYSUSERS --root= $TESTDIR --inline \
"u u1 222 - - /bin/zsh" \
"g g1 111"
compare $SOURCE /inline "(--inline)"
# test --replace
echo "*** Testing --inline with --replace"
test-sysusers: fix how paths are calculated
We were looking at ${f%.*}, i.e. the $f with any suffix starting with a dot removed.
This worked fine for paths like /some/path/test-11.input. It also worked
for paths like /some/path/inline (there were no dots, so we got $f back unscathed).
But in the ubuntu CI the package is built in a temporary directory like
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.UfW/ (yes, it has a dot, even two.).
That still worked for the first case, but in the second case we truncated things
after the first dot, and we would try to get
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build and try to load
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.expected-password, which obviously
didn't work as expected. To avoid this issue, do the suffix removal only when
we know that there really is a suffix.
A second minor issue was that we would try to copy $1.expected-*, and sometimes
$1 would be given, and sometimes not. Effectively we were relying on there
not being any files matching .expected-*. There weren't any such files, but let's
avoid this ugliness and always pass $1.
2020-10-01 15:16:46 +03:00
prepare_testdir $SOURCE /inline
2020-09-26 12:58:24 +03:00
# copy a random file to make sure it is ignored
cp $f $TESTDIR /etc/sysusers.d/confuse.conf
$SYSUSERS --root= $TESTDIR \
--inline \
--replace= /etc/sysusers.d/confuse.conf \
"u u1 222 - - /bin/zsh" \
"g g1 111"
compare $SOURCE /inline "(--inline --replace=…)"
rm -f $TESTDIR /etc/sysusers.d/* $TESTDIR /usr/lib/sysusers.d/*
2020-09-25 18:16:06 +03:00
cat >$TESTDIR /etc/login.defs <<EOF
SYS_UID_MIN abcd
SYS_UID_MAX abcd
SYS_GID_MIN abcd
SYS_GID_MAX abcd
SYS_UID_MIN 401
SYS_UID_MAX 555
SYS_GID_MIN 405
SYS_GID_MAX 666
SYS_UID_MIN abcd
SYS_UID_MAX abcd
SYS_GID_MIN abcd
SYS_GID_MAX abcd
SYS_UID_MIN999
SYS_UID_MAX999
SYS_GID_MIN999
SYS_GID_MAX999
EOF
for f in $( ls -1 $SOURCE /test-*.input | sort -V) ; do
echo " *** Running $f (with login.defs) "
prepare_testdir ${ f %.input }
cp $f $TESTDIR /usr/lib/sysusers.d/test.conf
$SYSUSERS --root= $TESTDIR
[ @ENABLE_COMPAT_MUTABLE_UID_BOUNDARIES@ = 1 ] && bound = 555 || bound = $system_guid_max
compare ${ f %.* } "(with login.defs)" $bound
done
rm -f $TESTDIR /etc/sysusers.d/* $TESTDIR /usr/lib/sysusers.d/*
mv $TESTDIR /etc/login.defs $TESTDIR /etc/login.defs.moved
ln -s ../../../../../etc/login.defs.moved $TESTDIR /etc/login.defs
for f in $( ls -1 $SOURCE /test-*.input | sort -V) ; do
echo " *** Running $f (with login.defs symlinked) "
prepare_testdir ${ f %.input }
cp $f $TESTDIR /usr/lib/sysusers.d/test.conf
$SYSUSERS --root= $TESTDIR
[ @ENABLE_COMPAT_MUTABLE_UID_BOUNDARIES@ = 1 ] && bound = 555 || bound = $system_guid_max
compare ${ f %.* } "(with login.defs symlinked)" $bound
done
rm -f $TESTDIR /etc/sysusers.d/* $TESTDIR /usr/lib/sysusers.d/*
2020-09-26 12:58:24 +03:00
# tests for error conditions
2020-09-27 12:30:17 +03:00
for f in $( ls -1 $SOURCE /unhappy-*.input | sort -V) ; do
2020-09-26 12:58:24 +03:00
echo " *** Running test $f "
prepare_testdir ${ f %.input }
cp $f $TESTDIR /usr/lib/sysusers.d/test.conf
$SYSUSERS --root= $TESTDIR 2>& 1 | tail -n1 > $TESTDIR /err
if ! diff -u $TESTDIR /err ${ f %.* } .expected-err; then
echo " **** Unexpected error output for $f "
cat $TESTDIR /err
exit 1
fi
done