1 // SPDX-License-Identifier: GPL-3.0-or-later
2 // Copyright (C) 2021-2024 Simon Ruderich
13 "ruderich.org/simon/safcm"
14 ft "ruderich.org/simon/safcm/remote/sync/filetest"
15 "ruderich.org/simon/safcm/testutil"
18 func chmod(name string, mode fs.FileMode) {
19 err := os.Chmod(name, mode)
25 func TestLoadFiles(t *testing.T) {
26 cwd, err := os.Getwd()
30 defer os.Chdir(cwd) //nolint:errcheck
32 err = os.Chdir("../testdata/project")
37 // Regular users cannot create sticky files
38 skipInvalidSticky := os.Getuid() != 0 &&
39 (runtime.GOOS == "freebsd" || runtime.GOOS == "openbsd")
41 chmod("files-invalid-perm-dir/files", 0500)
42 defer chmod("files-invalid-perm-dir/files", 0700)
43 chmod("files-invalid-perm-dir/files/etc/", 0755)
44 chmod("files-invalid-perm-dir/files/etc/resolv.conf", 0644)
45 chmod("files-invalid-perm-dir-setgid/files", 0755)
46 chmod("files-invalid-perm-dir-setgid/files/etc/", 0755|fs.ModeSetgid)
47 chmod("files-invalid-perm-dir-setgid/files/etc/resolv.conf", 0644)
48 chmod("files-invalid-perm-file/files", 0755)
49 chmod("files-invalid-perm-file/files/etc/", 0755)
50 chmod("files-invalid-perm-file/files/etc/resolv.conf", 0600)
51 chmod("files-invalid-perm-file-executable/files", 0755)
52 chmod("files-invalid-perm-file-executable/files/etc", 0755)
53 chmod("files-invalid-perm-file-executable/files/etc/rc.local", 0750)
54 if !skipInvalidSticky {
55 chmod("files-invalid-perm-file-sticky/files", 0755)
56 chmod("files-invalid-perm-file-sticky/files/etc", 0755)
57 chmod("files-invalid-perm-file-sticky/files/etc/resolv.conf",
61 ft.CreateFifo("files-invalid-type/files/invalid", 0644)
62 defer os.Remove("files-invalid-type/files/invalid")
66 The actual permissions and user/group of files and directories are not used
67 (except for +x on files). 0644/0755 and current remote user/group is used per
68 default. Apply different file permissions via permissions.yaml. To prevent
69 confusion files must be manually chmodded 0644/0755 and directories 0755 or
76 exp map[string]*safcm.File
90 map[string]*safcm.File{
93 Mode: fs.ModeDir | 0755,
99 Mode: fs.ModeDir | 0755,
104 Path: "/etc/.hidden",
115 Data: []byte(`Welcome to
116 {{- if .IsHost "host1.example.org"}} Host ONE
117 {{- else if "host2"}} Host TWO
120 {{if .InGroup "detected_linux"}}
121 This is GNU/Linux host
123 {{if .InGroup "detected_freebsd"}}
127 {{if .InGroup "all"}}
130 {{if .InGroup "host1.example.org"}}
133 {{if .InGroup "host2"}}
136 {{if .InGroup "host3.example.net"}}
142 Path: "/etc/rc.local",
146 Data: []byte("#!/bin/sh\n"),
148 "/etc/resolv.conf": {
149 Path: "/etc/resolv.conf",
153 Data: []byte("nameserver ::1\n"),
157 Mode: fs.ModeSymlink | 0777,
160 Data: []byte("doesnt-exist"),
167 "files-invalid-type",
170 fmt.Errorf("files-invalid-type: \"files-invalid-type/files/invalid\": file type not supported"),
173 "files-invalid-perm-dir",
176 fmt.Errorf("files-invalid-perm-dir: \"files-invalid-perm-dir/files\": invalid permissions 0500" + errMsg),
179 "files-invalid-perm-dir-setgid",
182 fmt.Errorf("files-invalid-perm-dir-setgid: \"files-invalid-perm-dir-setgid/files/etc\": invalid permissions 02755" + errMsg),
185 "files-invalid-perm-file",
188 fmt.Errorf("files-invalid-perm-file: \"files-invalid-perm-file/files/etc/resolv.conf\": invalid permissions 0600" + errMsg),
191 "files-invalid-perm-file-executable",
194 fmt.Errorf("files-invalid-perm-file-executable: \"files-invalid-perm-file-executable/files/etc/rc.local\": invalid permissions 0750" + errMsg),
197 "files-invalid-perm-file-sticky",
200 fmt.Errorf("files-invalid-perm-file-sticky: \"files-invalid-perm-file-sticky/files/etc/resolv.conf\": invalid permissions 01644" + errMsg),
204 for _, tc := range tests {
205 t.Run(tc.group, func(t *testing.T) {
210 res, err := LoadFiles(tc.group)
211 testutil.AssertEqual(t, "res", res, tc.exp)
212 testutil.AssertErrorEqual(t, "err", err, tc.expErr)