Commit 92ebabdb authored by Mukund Sivaraman's avatar Mukund Sivaraman
Browse files

Merge branch 'trac3056'

parents 15471a94 d7c133c2
......@@ -528,6 +528,13 @@ TEST_F(DataSrcClientsBuilderTest, loadBrokenZone) {
}
TEST_F(DataSrcClientsBuilderTest, loadUnreadableZone) {
// If the test is run as the root user, it will fail as insufficient
// permissions will not stop the root user from using a file.
if (getuid() == 0) {
std::cerr << "Skipping test as it's run as the root user" << std::endl;
return;
}
configureZones();
// install the zone file as unreadable
......
......@@ -200,6 +200,8 @@ class TestCertGenTool(unittest.TestCase):
# No such file
self.run_check(105, None, None, [self.TOOL, '-c', 'foo'])
@unittest.skipIf(os.getuid() == 0,
'test cannot be run as root user')
def test_permissions(self):
"""
Test some combinations of correct and bad permissions.
......
......@@ -680,11 +680,15 @@ class TestSecureHTTPServer(unittest.TestCase):
# Just some file that we know exists
file_name = BUILD_FILE_PATH + 'cmdctl-keyfile.pem'
check_file(file_name)
with UnreadableFile(file_name):
self.assertRaises(CmdctlException, check_file, file_name)
self.assertRaises(CmdctlException, check_file, '/local/not-exist')
self.assertRaises(CmdctlException, check_file, '/')
@unittest.skipIf(os.getuid() == 0,
'test cannot be run as root user')
def test_check_file_for_unreadable(self):
file_name = BUILD_FILE_PATH + 'cmdctl-keyfile.pem'
with UnreadableFile(file_name):
self.assertRaises(CmdctlException, check_file, file_name)
def test_check_key_and_cert(self):
keyfile = BUILD_FILE_PATH + 'cmdctl-keyfile.pem'
......@@ -702,6 +706,15 @@ class TestSecureHTTPServer(unittest.TestCase):
self.assertRaises(CmdctlException, self.server._check_key_and_cert,
'/', certfile)
# All OK (also happens to check the context code above works)
self.server._check_key_and_cert(keyfile, certfile)
@unittest.skipIf(os.getuid() == 0,
'test cannot be run as root user')
def test_check_key_and_cert_for_unreadable(self):
keyfile = BUILD_FILE_PATH + 'cmdctl-keyfile.pem'
certfile = BUILD_FILE_PATH + 'cmdctl-certfile.pem'
# no read permission
with UnreadableFile(certfile):
self.assertRaises(CmdctlException,
......@@ -713,9 +726,6 @@ class TestSecureHTTPServer(unittest.TestCase):
self.server._check_key_and_cert,
keyfile, certfile)
# All OK (also happens to check the context code above works)
self.server._check_key_and_cert(keyfile, certfile)
def test_wrap_sock_in_ssl_context(self):
sock = socket.socket()
......
......@@ -137,9 +137,24 @@ class TestMemmgr(unittest.TestCase):
self.assertEqual(1, answer[0])
self.assertIsNotNone(re.search('not a directory', answer[1]))
# Bad update: directory exists but is not readable.
os.mkdir(self.__test_mapped_file_dir, 0o500) # drop writable bit
@unittest.skipIf(os.getuid() == 0,
'test cannot be run as root user')
def test_configure_bad_permissions(self):
self.__mgr._setup_ccsession()
# Pretend specified directories exist and writable
os.path.isdir = lambda x: True
os.access = lambda x, y: True
# Initial configuration.
self.assertEqual((0, None),
parse_answer(self.__mgr._config_handler({})))
os.path.isdir = self.__orig_isdir
os.access = self.__orig_os_access
# Bad update: directory exists but is not writable.
os.mkdir(self.__test_mapped_file_dir, 0o500) # drop writable bit
user_cfg = {'mapped_file_dir': self.__test_mapped_file_dir}
answer = parse_answer(self.__mgr._config_handler(user_cfg))
self.assertEqual(1, answer[0])
......
......@@ -399,6 +399,19 @@ Options:
'add', 'user1', 'pass1'
])
@unittest.skipIf(os.getuid() == 0,
'test cannot be run as root user')
def test_bad_file_permissions(self):
"""
Check for graceful handling of bad file argument
"""
# Create the test file
self.run_check(0, None, None,
[ self.TOOL,
'-f', self.OUTPUT_FILE,
'add', 'user1', 'pass1'
])
# Make it non-writable (don't worry about cleanup, the
# file should be deleted after each test anyway
os.chmod(self.OUTPUT_FILE, stat.S_IRUSR)
......
......@@ -237,6 +237,15 @@ TEST_F(MemorySegmentMappedTest, allocate) {
}
TEST_F(MemorySegmentMappedTest, badAllocate) {
// If the test is run as the root user, the following allocate()
// call will result in a successful MemorySegmentGrown exception,
// instead of an abort (due to insufficient permissions during
// reopen).
if (getuid() == 0) {
std::cerr << "Skipping test as it's run as the root user" << std::endl;
return;
}
// Make the mapped file non-writable; managed_mapped_file::grow() will
// fail, resulting in abort.
const int ret = chmod(mapped_file, 0444);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment