X-Git-Url: https://ruderich.org/simon/gitweb/?p=safcm%2Fsafcm.git;a=blobdiff_plain;f=cmd%2Fsafcm%2Fconfig%2Ffiles_test.go;h=6124e8ad93b8a2b48eb59ad658b3689251096eeb;hp=ef31591fe8fdc31de081f4e3cfbe7a07fb6ef021;hb=7c4e5d64e25acec7209a54a15836b4481c450416;hpb=992eaae7fec45c2d58fff89d1bc0ae920a899296 diff --git a/cmd/safcm/config/files_test.go b/cmd/safcm/config/files_test.go index ef31591..6124e8a 100644 --- a/cmd/safcm/config/files_test.go +++ b/cmd/safcm/config/files_test.go @@ -19,13 +19,12 @@ import ( "fmt" "io/fs" "os" - "reflect" + "runtime" "syscall" "testing" - "github.com/google/go-cmp/cmp" - "ruderich.org/simon/safcm" + "ruderich.org/simon/safcm/testutil" ) func chmod(name string, perm int) { @@ -47,6 +46,10 @@ func TestLoadFiles(t *testing.T) { t.Fatal(err) } + // Regular users cannot create sticky files + skipInvalidSticky := runtime.GOOS == "freebsd" || + runtime.GOOS == "openbsd" + chmod("files-invalid-perm-dir/files", 0500) defer chmod("files-invalid-perm-dir/files", 0700) chmod("files-invalid-perm-dir/files/etc/", 0755) @@ -60,9 +63,11 @@ func TestLoadFiles(t *testing.T) { chmod("files-invalid-perm-file-executable/files", 0755) chmod("files-invalid-perm-file-executable/files/etc", 0755) chmod("files-invalid-perm-file-executable/files/etc/rc.local", 0750) - chmod("files-invalid-perm-file-sticky/files", 0755) - chmod("files-invalid-perm-file-sticky/files/etc", 0755) - chmod("files-invalid-perm-file-sticky/files/etc/resolv.conf", 01644) + if !skipInvalidSticky { + chmod("files-invalid-perm-file-sticky/files", 0755) + chmod("files-invalid-perm-file-sticky/files/etc", 0755) + chmod("files-invalid-perm-file-sticky/files/etc/resolv.conf", 01644) + } err = syscall.Mkfifo("files-invalid-type/files/invalid", 0644) if err != nil { @@ -71,6 +76,7 @@ func TestLoadFiles(t *testing.T) { defer os.Remove("files-invalid-type/files/invalid") const errMsg = ` + The actual permissions and user/group of files and directories are not used (except for +x on files). 0644/0755 and current remote user/group is used per default. Apply different file permissions via permissions.yaml. To prevent @@ -80,18 +86,21 @@ via "safcm fixperms". tests := []struct { group string + skip bool exp map[string]*safcm.File expErr error }{ { "empty", + false, nil, nil, }, { "group", + false, map[string]*safcm.File{ "/": { Path: "/", @@ -128,6 +137,19 @@ This is GNU/Linux host {{if .InGroup "detected_freebsd"}} This is FreeBSD host {{end}} + +{{if .InGroup "all"}} +all +{{end}} +{{if .InGroup "host1.example.org"}} +host1.example.org +{{end}} +{{if .InGroup "host2"}} +host2 +{{end}} +{{if .InGroup "host3.example.net"}} +host3.example.net +{{end}} `), }, "/etc/rc.local": { @@ -157,31 +179,37 @@ This is FreeBSD host { "files-invalid-type", + false, nil, fmt.Errorf("files-invalid-type: \"files-invalid-type/files/invalid\": file type not supported"), }, { "files-invalid-perm-dir", + false, nil, fmt.Errorf("files-invalid-perm-dir: \"files-invalid-perm-dir/files\": invalid permissions 0500" + errMsg), }, { "files-invalid-perm-dir-setgid", + false, nil, fmt.Errorf("files-invalid-perm-dir-setgid: \"files-invalid-perm-dir-setgid/files/etc\": invalid permissions 02755" + errMsg), }, { "files-invalid-perm-file", + false, nil, fmt.Errorf("files-invalid-perm-file: \"files-invalid-perm-file/files/etc/resolv.conf\": invalid permissions 0600" + errMsg), }, { "files-invalid-perm-file-executable", + false, nil, fmt.Errorf("files-invalid-perm-file-executable: \"files-invalid-perm-file-executable/files/etc/rc.local\": invalid permissions 0750" + errMsg), }, { "files-invalid-perm-file-sticky", + skipInvalidSticky, nil, fmt.Errorf("files-invalid-perm-file-sticky: \"files-invalid-perm-file-sticky/files/etc/resolv.conf\": invalid permissions 01644" + errMsg), }, @@ -189,17 +217,13 @@ This is FreeBSD host for _, tc := range tests { t.Run(tc.group, func(t *testing.T) { - res, err := LoadFiles(tc.group) - - if !reflect.DeepEqual(tc.exp, res) { - t.Errorf("res: %s", - cmp.Diff(tc.exp, res)) - } - // Ugly but the simplest way to compare errors (including nil) - if fmt.Sprintf("%s", err) != fmt.Sprintf("%s", tc.expErr) { - t.Errorf("err = %#v, want %#v", - err, tc.expErr) - } + if tc.skip { + t.SkipNow() + } + + res, err := LoadFiles(tc.group) + testutil.AssertEqual(t, "res", res, tc.exp) + testutil.AssertErrorEqual(t, "err", err, tc.expErr) }) } }