1 // Copyright (C) 2021 Simon Ruderich
3 // This program is free software: you can redistribute it and/or modify
4 // it under the terms of the GNU General Public License as published by
5 // the Free Software Foundation, either version 3 of the License, or
6 // (at your option) any later version.
8 // This program is distributed in the hope that it will be useful,
9 // but WITHOUT ANY WARRANTY; without even the implied warranty of
10 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 // GNU General Public License for more details.
13 // You should have received a copy of the GNU General Public License
14 // along with this program. If not, see <http://www.gnu.org/licenses/>.
26 "ruderich.org/simon/safcm"
27 "ruderich.org/simon/safcm/testutil"
30 func chmod(name string, perm int) {
31 err := os.Chmod(name, FullPermToFileMode(perm))
37 func TestLoadFiles(t *testing.T) {
38 cwd, err := os.Getwd()
44 err = os.Chdir("../testdata/project")
49 // Regular users cannot create sticky files
50 skipInvalidSticky := runtime.GOOS == "freebsd"
52 chmod("files-invalid-perm-dir/files", 0500)
53 defer chmod("files-invalid-perm-dir/files", 0700)
54 chmod("files-invalid-perm-dir/files/etc/", 0755)
55 chmod("files-invalid-perm-dir/files/etc/resolv.conf", 0644)
56 chmod("files-invalid-perm-dir-setgid/files", 0755)
57 chmod("files-invalid-perm-dir-setgid/files/etc/", 02755)
58 chmod("files-invalid-perm-dir-setgid/files/etc/resolv.conf", 0644)
59 chmod("files-invalid-perm-file/files", 0755)
60 chmod("files-invalid-perm-file/files/etc/", 0755)
61 chmod("files-invalid-perm-file/files/etc/resolv.conf", 0600)
62 chmod("files-invalid-perm-file-executable/files", 0755)
63 chmod("files-invalid-perm-file-executable/files/etc", 0755)
64 chmod("files-invalid-perm-file-executable/files/etc/rc.local", 0750)
65 if !skipInvalidSticky {
66 chmod("files-invalid-perm-file-sticky/files", 0755)
67 chmod("files-invalid-perm-file-sticky/files/etc", 0755)
68 chmod("files-invalid-perm-file-sticky/files/etc/resolv.conf", 01644)
71 err = syscall.Mkfifo("files-invalid-type/files/invalid", 0644)
75 defer os.Remove("files-invalid-type/files/invalid")
79 The actual permissions and user/group of files and directories are not used
80 (except for +x on files). 0644/0755 and current remote user/group is used per
81 default. Apply different file permissions via permissions.yaml. To prevent
82 confusion files must be manually chmodded 0644/0755 and directories 0755 or
89 exp map[string]*safcm.File
103 map[string]*safcm.File{
106 Mode: fs.ModeDir | 0755,
112 Mode: fs.ModeDir | 0755,
117 Path: "/etc/.hidden",
128 Data: []byte(`Welcome to
129 {{- if .IsHost "host1.example.org"}} Host ONE
130 {{- else if "host2"}} Host TWO
133 {{if .InGroup "detected_linux"}}
134 This is GNU/Linux host
136 {{if .InGroup "detected_freebsd"}}
140 {{if .InGroup "all"}}
143 {{if .InGroup "host1.example.org"}}
146 {{if .InGroup "host2"}}
149 {{if .InGroup "host3.example.net"}}
155 Path: "/etc/rc.local",
159 Data: []byte("#!/bin/sh\n"),
161 "/etc/resolv.conf": {
162 Path: "/etc/resolv.conf",
166 Data: []byte("nameserver ::1\n"),
170 Mode: fs.ModeSymlink | 0777,
173 Data: []byte("doesnt-exist"),
180 "files-invalid-type",
183 fmt.Errorf("files-invalid-type: \"files-invalid-type/files/invalid\": file type not supported"),
186 "files-invalid-perm-dir",
189 fmt.Errorf("files-invalid-perm-dir: \"files-invalid-perm-dir/files\": invalid permissions 0500" + errMsg),
192 "files-invalid-perm-dir-setgid",
195 fmt.Errorf("files-invalid-perm-dir-setgid: \"files-invalid-perm-dir-setgid/files/etc\": invalid permissions 02755" + errMsg),
198 "files-invalid-perm-file",
201 fmt.Errorf("files-invalid-perm-file: \"files-invalid-perm-file/files/etc/resolv.conf\": invalid permissions 0600" + errMsg),
204 "files-invalid-perm-file-executable",
207 fmt.Errorf("files-invalid-perm-file-executable: \"files-invalid-perm-file-executable/files/etc/rc.local\": invalid permissions 0750" + errMsg),
210 "files-invalid-perm-file-sticky",
213 fmt.Errorf("files-invalid-perm-file-sticky: \"files-invalid-perm-file-sticky/files/etc/resolv.conf\": invalid permissions 01644" + errMsg),
217 for _, tc := range tests {
218 t.Run(tc.group, func(t *testing.T) {
223 res, err := LoadFiles(tc.group)
224 testutil.AssertEqual(t, "res", res, tc.exp)
225 testutil.AssertErrorEqual(t, "err", err, tc.expErr)
ruderich.org/simon / safcm / safcm.git / blob