X-Git-Url: https://ruderich.org/simon/gitweb/?a=blobdiff_plain;f=cmd%2Fsafcm%2Fconfig%2Ffiles_test.go;h=bbd4ff5979089d7eefe2e331b3b86b51c5c60c41;hb=HEAD;hp=9f226cd7b502e17e28f8db54527e693241753923;hpb=cc1ca940efef242decfa8bd4adc2e0d9cbf6a210;p=safcm%2Fsafcm.git diff --git a/cmd/safcm/config/files_test.go b/cmd/safcm/config/files_test.go index 9f226cd..bbd4ff5 100644 --- a/cmd/safcm/config/files_test.go +++ b/cmd/safcm/config/files_test.go @@ -1,17 +1,5 @@ -// Copyright (C) 2021 Simon Ruderich -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see . +// SPDX-License-Identifier: GPL-3.0-or-later +// Copyright (C) 2021-2024 Simon Ruderich package config @@ -19,15 +7,16 @@ import ( "fmt" "io/fs" "os" - "syscall" + "runtime" "testing" "ruderich.org/simon/safcm" + ft "ruderich.org/simon/safcm/remote/sync/filetest" "ruderich.org/simon/safcm/testutil" ) -func chmod(name string, perm int) { - err := os.Chmod(name, FullPermToFileMode(perm)) +func chmod(name string, mode fs.FileMode) { + err := os.Chmod(name, mode) if err != nil { panic(err) } @@ -38,19 +27,23 @@ func TestLoadFiles(t *testing.T) { if err != nil { t.Fatal(err) } - defer os.Chdir(cwd) + defer os.Chdir(cwd) //nolint:errcheck err = os.Chdir("../testdata/project") if err != nil { t.Fatal(err) } + // Regular users cannot create sticky files + skipInvalidSticky := os.Getuid() != 0 && + (runtime.GOOS == "freebsd" || runtime.GOOS == "openbsd") + chmod("files-invalid-perm-dir/files", 0500) defer chmod("files-invalid-perm-dir/files", 0700) chmod("files-invalid-perm-dir/files/etc/", 0755) chmod("files-invalid-perm-dir/files/etc/resolv.conf", 0644) chmod("files-invalid-perm-dir-setgid/files", 0755) - chmod("files-invalid-perm-dir-setgid/files/etc/", 02755) + chmod("files-invalid-perm-dir-setgid/files/etc/", 0755|fs.ModeSetgid) chmod("files-invalid-perm-dir-setgid/files/etc/resolv.conf", 0644) chmod("files-invalid-perm-file/files", 0755) chmod("files-invalid-perm-file/files/etc/", 0755) @@ -58,14 +51,14 @@ func TestLoadFiles(t *testing.T) { chmod("files-invalid-perm-file-executable/files", 0755) chmod("files-invalid-perm-file-executable/files/etc", 0755) chmod("files-invalid-perm-file-executable/files/etc/rc.local", 0750) - chmod("files-invalid-perm-file-sticky/files", 0755) - chmod("files-invalid-perm-file-sticky/files/etc", 0755) - chmod("files-invalid-perm-file-sticky/files/etc/resolv.conf", 01644) - - err = syscall.Mkfifo("files-invalid-type/files/invalid", 0644) - if err != nil { - t.Fatal(err) + if !skipInvalidSticky { + chmod("files-invalid-perm-file-sticky/files", 0755) + chmod("files-invalid-perm-file-sticky/files/etc", 0755) + chmod("files-invalid-perm-file-sticky/files/etc/resolv.conf", + 0644|fs.ModeSticky) } + + ft.CreateFifo("files-invalid-type/files/invalid", 0644) defer os.Remove("files-invalid-type/files/invalid") const errMsg = ` @@ -79,18 +72,21 @@ via "safcm fixperms". tests := []struct { group string + skip bool exp map[string]*safcm.File expErr error }{ { "empty", + false, nil, nil, }, { "group", + false, map[string]*safcm.File{ "/": { Path: "/", @@ -169,31 +165,37 @@ host3.example.net { "files-invalid-type", + false, nil, fmt.Errorf("files-invalid-type: \"files-invalid-type/files/invalid\": file type not supported"), }, { "files-invalid-perm-dir", + false, nil, fmt.Errorf("files-invalid-perm-dir: \"files-invalid-perm-dir/files\": invalid permissions 0500" + errMsg), }, { "files-invalid-perm-dir-setgid", + false, nil, fmt.Errorf("files-invalid-perm-dir-setgid: \"files-invalid-perm-dir-setgid/files/etc\": invalid permissions 02755" + errMsg), }, { "files-invalid-perm-file", + false, nil, fmt.Errorf("files-invalid-perm-file: \"files-invalid-perm-file/files/etc/resolv.conf\": invalid permissions 0600" + errMsg), }, { "files-invalid-perm-file-executable", + false, nil, fmt.Errorf("files-invalid-perm-file-executable: \"files-invalid-perm-file-executable/files/etc/rc.local\": invalid permissions 0750" + errMsg), }, { "files-invalid-perm-file-sticky", + skipInvalidSticky, nil, fmt.Errorf("files-invalid-perm-file-sticky: \"files-invalid-perm-file-sticky/files/etc/resolv.conf\": invalid permissions 01644" + errMsg), }, @@ -201,6 +203,10 @@ host3.example.net for _, tc := range tests { t.Run(tc.group, func(t *testing.T) { + if tc.skip { + t.SkipNow() + } + res, err := LoadFiles(tc.group) testutil.AssertEqual(t, "res", res, tc.exp) testutil.AssertErrorEqual(t, "err", err, tc.expErr)