1 /* $NetBSD: t_revoke.c,v 1.2 2017/01/13 21:15:57 christos Exp $ */
2
3 /*-
4 * Copyright (c) 2011 The NetBSD Foundation, Inc.
5 * All rights reserved.
6 *
7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Jukka Ruohonen.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE.
30 */
31 #include <sys/cdefs.h>
32 __RCSID("$NetBSD: t_revoke.c,v 1.2 2017/01/13 21:15:57 christos Exp $");
33
34 #include <sys/resource.h>
35 #include <sys/wait.h>
36
37 #include <atf-c.h>
38 #include <fcntl.h>
39 #include <errno.h>
40 #include <pwd.h>
41 #include <stdio.h>
42 #include <stdlib.h>
43 #include <string.h>
44 #include <unistd.h>
45
46 static const char path[] = "revoke";
47
48 ATF_TC_WITH_CLEANUP(revoke_basic);
ATF_TC_HEAD(revoke_basic,tc)49 ATF_TC_HEAD(revoke_basic, tc)
50 {
51 atf_tc_set_md_var(tc, "descr", "A basic test of revoke(2)");
52 }
53
ATF_TC_BODY(revoke_basic,tc)54 ATF_TC_BODY(revoke_basic, tc)
55 {
56 struct rlimit res;
57 char tmp[10];
58 size_t i, n;
59 int *buf;
60
61 (void)memset(&res, 0, sizeof(struct rlimit));
62 (void)getrlimit(RLIMIT_NOFILE, &res);
63
64 if ((n = res.rlim_cur / 10) == 0)
65 n = 10;
66
67 buf = calloc(n, sizeof(int));
68 ATF_REQUIRE(buf != NULL);
69
70 buf[0] = open(path, O_RDWR | O_CREAT, 0600);
71 ATF_REQUIRE(buf[0] >= 0);
72
73 for (i = 1; i < n; i++) {
74 buf[i] = open(path, O_RDWR);
75 ATF_REQUIRE(buf[i] >= 0);
76 }
77
78 ATF_REQUIRE(revoke(path) == 0);
79
80 for (i = 0; i < n; i++) {
81
82 ATF_REQUIRE(read(buf[i], tmp, sizeof(tmp)) == -1);
83
84 (void)close(buf[i]);
85 }
86
87 free(buf);
88
89 (void)unlink(path);
90 }
91
ATF_TC_CLEANUP(revoke_basic,tc)92 ATF_TC_CLEANUP(revoke_basic, tc)
93 {
94 (void)unlink(path);
95 }
96
97 ATF_TC(revoke_err);
ATF_TC_HEAD(revoke_err,tc)98 ATF_TC_HEAD(revoke_err, tc)
99 {
100 atf_tc_set_md_var(tc, "descr", "Test errors from revoke(2)");
101 atf_tc_set_md_var(tc, "require.user", "unprivileged");
102 }
103
ATF_TC_BODY(revoke_err,tc)104 ATF_TC_BODY(revoke_err, tc)
105 {
106 char buf[1024 + 1]; /* XXX: From the manual page... */
107
108 (void)memset(buf, 'x', sizeof(buf));
109
110 errno = 0;
111 ATF_REQUIRE_ERRNO(EFAULT, revoke((char *)-1) == -1);
112
113 errno = 0;
114 ATF_REQUIRE_ERRNO(ENAMETOOLONG, revoke(buf) == -1);
115
116 errno = 0;
117 ATF_REQUIRE_ERRNO(EPERM, revoke("/etc/passwd") == -1);
118
119 errno = 0;
120 ATF_REQUIRE_ERRNO(ENOENT, revoke("/etc/xxx/yyy") == -1);
121 }
122
123 ATF_TC_WITH_CLEANUP(revoke_perm);
ATF_TC_HEAD(revoke_perm,tc)124 ATF_TC_HEAD(revoke_perm, tc)
125 {
126 atf_tc_set_md_var(tc, "descr", "Test permissions revoke(2)");
127 atf_tc_set_md_var(tc, "require.user", "root");
128 }
129
ATF_TC_BODY(revoke_perm,tc)130 ATF_TC_BODY(revoke_perm, tc)
131 {
132 struct passwd *pw;
133 int fd, sta;
134 pid_t pid;
135
136 pw = getpwnam("nobody");
137 fd = open(path, O_RDWR | O_CREAT, 0600);
138
139 ATF_REQUIRE(fd >= 0);
140 ATF_REQUIRE(pw != NULL);
141 ATF_REQUIRE(revoke(path) == 0);
142
143 pid = fork();
144 ATF_REQUIRE(pid >= 0);
145
146 if (pid == 0) {
147
148 if (setuid(pw->pw_uid) != 0)
149 _exit(EXIT_FAILURE);
150
151 errno = 0;
152
153 if (revoke(path) == 0)
154 _exit(EXIT_FAILURE);
155
156 if (errno != EACCES)
157 _exit(EXIT_FAILURE);
158
159 if (close(fd) != 0)
160 _exit(EXIT_FAILURE);
161
162 _exit(EXIT_SUCCESS);
163 }
164
165 (void)wait(&sta);
166
167 if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
168 atf_tc_fail("revoke(2) did not obey permissions");
169
170 (void)close(fd);
171 ATF_REQUIRE(unlink(path) == 0);
172 }
173
ATF_TC_CLEANUP(revoke_perm,tc)174 ATF_TC_CLEANUP(revoke_perm, tc)
175 {
176 (void)unlink(path);
177 }
178
ATF_TP_ADD_TCS(tp)179 ATF_TP_ADD_TCS(tp)
180 {
181
182 ATF_TP_ADD_TC(tp, revoke_basic);
183 ATF_TP_ADD_TC(tp, revoke_err);
184 ATF_TP_ADD_TC(tp, revoke_perm);
185
186 return atf_no_error();
187 }
188