`4: files: "file" (group): will create`,
`3: files: "file" (group): creating`,
`4: files: "file" (group): creating temporary file ".file*"`,
- `4: files: "file" (group): renaming "./.fileRND"`,
+ `4: files: "file" (group): renaming ".fileRND"`,
},
nil,
},
`4: files: "file" (group): permission differs -rwxr-xr-x -> urwxr-xr-x`,
`3: files: "file" (group): updating`,
`4: files: "file" (group): creating temporary file ".file*"`,
- `4: files: "file" (group): renaming "./.fileRND"`,
+ `4: files: "file" (group): renaming ".fileRND"`,
},
nil,
},
`4: files: "file" (group): content differs`,
`3: files: "file" (group): updating`,
`4: files: "file" (group): creating temporary file ".file*"`,
- `4: files: "file" (group): renaming "./.fileRND"`,
+ `4: files: "file" (group): renaming ".fileRND"`,
},
nil,
},
`4: files: "path" (group): type differs L--------- -> ----------`,
`3: files: "path" (group): updating`,
`4: files: "path" (group): creating temporary file ".path*"`,
- `4: files: "path" (group): renaming "./.pathRND"`,
+ `4: files: "path" (group): renaming ".pathRND"`,
},
nil,
},
`3: files: "path" (group): updating`,
`4: files: "path" (group): removing (due to type change)`,
`4: files: "path" (group): creating temporary file ".path*"`,
- `4: files: "path" (group): renaming "./.pathRND"`,
+ `4: files: "path" (group): renaming ".pathRND"`,
},
nil,
},
+ {
+ "change: directory to file (non-empty)",
+ safcm.MsgSyncReq{},
+ &safcm.File{
+ Path: "path",
+ Mode: 0666,
+ Uid: -1,
+ Gid: -1,
+ OrigGroup: "group",
+ Data: []byte("content\n"),
+ },
+ func() {
+ ft.CreateDirectory("path", 0777)
+ ft.CreateFile("path/file", "content\n", 0644)
+ },
+ true,
+ []ft.File{
+ root,
+ {
+ Path: "path",
+ Mode: fs.ModeDir | 0777,
+ },
+ {
+ Path: "path/file",
+ Mode: 0644,
+ Data: []byte("content\n"),
+ },
+ },
+ safcm.MsgSyncResp{
+ FileChanges: []safcm.FileChange{
+ {
+ Path: "path",
+ Old: safcm.FileChangeInfo{
+ Mode: fs.ModeDir | 0777,
+ User: user,
+ Uid: uid,
+ Group: group,
+ Gid: gid,
+ },
+ New: safcm.FileChangeInfo{
+ Mode: 0666,
+ User: user,
+ Uid: uid,
+ Group: group,
+ Gid: gid,
+ },
+ },
+ },
+ },
+ []string{
+ `4: files: "path" (group): type differs d--------- -> ----------`,
+ `3: files: "path" (group): updating`,
+ `4: files: "path" (group): removing (due to type change)`,
+ },
+ fmt.Errorf("will not replace non-empty directory, please remove manually"),
+ },
{
"change: directory to symlink",
`4: files: "path" (group): type differs p--------- -> ----------`,
`3: files: "path" (group): updating`,
`4: files: "path" (group): creating temporary file ".path*"`,
- `4: files: "path" (group): renaming "./.pathRND"`,
+ `4: files: "path" (group): renaming ".pathRND"`,
},
nil,
},
nil,
},
+ // Symlink "attacks"
+
+ {
+ "symlink in earlier path component",
+ safcm.MsgSyncReq{},
+ &safcm.File{
+ Path: "dir/file",
+ Mode: 0644,
+ Uid: -1,
+ Gid: -1,
+ OrigGroup: "group",
+ Data: []byte("content"),
+ },
+ func() {
+ ft.CreateDirectory("tmp", 0755)
+ ft.CreateSymlink("dir", "tmp")
+ },
+ false,
+ []ft.File{
+ root,
+ {
+ Path: "dir",
+ Mode: fs.ModeSymlink | 0777,
+ Data: []byte("tmp"),
+ },
+ {
+ Path: "tmp",
+ Mode: fs.ModeDir | 0755,
+ },
+ },
+ safcm.MsgSyncResp{},
+ nil,
+ fmt.Errorf("symlink not permitted in path: \"dir\""),
+ },
+
// Diffs
{
ruderich.org/simon / safcm / safcm.git / blobdiff