From 66eb66ec8f872db3dc12e1d01101772918d69a4a Mon Sep 17 00:00:00 2001 From: Kirill Isakov Date: Sun, 29 May 2022 21:45:28 +0600 Subject: [PATCH 1/1] Remove access checks in tests under root --- test/integration/cmd_fsck.py | 28 ++++++++++++++-------------- test/integration/cmd_import.py | 7 ++++--- test/integration/cmd_join.py | 5 +++-- test/integration/cmd_keys.py | 5 +++-- test/integration/cmd_misc.py | 2 +- test/integration/testlib/const.py | 3 +++ test/unit/test_fs.c | 2 +- 7 files changed, 29 insertions(+), 23 deletions(-) diff --git a/test/integration/cmd_fsck.py b/test/integration/cmd_fsck.py index 4e79ccd5..e3dfa437 100755 --- a/test/integration/cmd_fsck.py +++ b/test/integration/cmd_fsck.py @@ -7,14 +7,14 @@ import sys import typing as T from testlib import check +from testlib.const import RUN_ACCESS_CHECKS from testlib.log import log from testlib.proc import Tinc, Feature from testlib.util import read_text, read_lines, write_lines, append_line, write_text -run_legacy_checks = Feature.LEGACY_PROTOCOL in Tinc().features -run_access_checks = os.name != "nt" and os.geteuid() != 0 -run_executability_checks = os.name != "nt" -run_permission_checks = run_executability_checks +RUN_LEGACY_CHECKS = Feature.LEGACY_PROTOCOL in Tinc().features +RUN_EXECUTABILITY_CHECKS = os.name != "nt" +RUN_PERMISSION_CHECKS = RUN_EXECUTABILITY_CHECKS # Sample RSA key pair (old format). Uses e = 0xFFFF. RSA_N = """ @@ -132,24 +132,24 @@ def test_private_keys(keyfile: str) -> None: keyfile_path = context.node.sub(keyfile) os.truncate(keyfile_path, 0) - if run_legacy_checks: + if RUN_LEGACY_CHECKS: context.expect_msg("no private key is known", code=0) else: context.expect_msg("No Ed25519 private key found") - if run_access_checks: + if RUN_ACCESS_CHECKS: context = test(f"fail on inaccessible {keyfile}") keyfile_path = context.node.sub(keyfile) os.chmod(keyfile_path, 0) - context.expect_msg("Error reading", code=0 if run_legacy_checks else 1) + context.expect_msg("Error reading", code=0 if RUN_LEGACY_CHECKS else 1) - if run_permission_checks: + if RUN_PERMISSION_CHECKS: context = test(f"warn about unsafe permissions on {keyfile}") keyfile_path = context.node.sub(keyfile) os.chmod(keyfile_path, 0o666) context.expect_msg("unsafe file permissions", code=0) - if run_legacy_checks: + if RUN_LEGACY_CHECKS: context = test(f"pass on missing {keyfile} when the other key is present") keyfile_path = context.node.sub(keyfile) os.remove(keyfile_path) @@ -211,7 +211,7 @@ ctx.node.cmd("fsck") ctx = test("fail when all private keys are missing") os.remove(ctx.ec_priv) -if run_legacy_checks: +if RUN_LEGACY_CHECKS: os.remove(ctx.rsa_priv) ctx.expect_msg("Neither RSA or Ed25519 private") else: @@ -262,7 +262,7 @@ test_ec_public_key_file_var(ctx, "tinc.conf") ctx = test("test EC public key in hosts/") test_ec_public_key_file_var(ctx, "hosts", ctx.node.name) -if run_access_checks: +if RUN_ACCESS_CHECKS: ctx = test("fail on inaccessible tinc.conf") os.chmod(ctx.conf, 0) ctx.expect_msg("not running tinc as root") @@ -271,7 +271,7 @@ if run_access_checks: os.chmod(ctx.host, 0) ctx.expect_msg("Cannot open config file") -if run_executability_checks: +if RUN_EXECUTABILITY_CHECKS: ctx = test("non-executable tinc-up MUST be fixed by tinc --force") os.chmod(ctx.tinc_up, 0o644) ctx.expect_msg("cannot read and execute", force=True, code=0) @@ -298,7 +298,7 @@ if run_executability_checks: ############################################################################### # Legacy protocol ############################################################################### -if not run_legacy_checks: +if not RUN_LEGACY_CHECKS: log.info("skipping legacy protocol tests") sys.exit(0) @@ -369,7 +369,7 @@ remove_pem(ctx.host) ctx.expect_msg("No (usable) public RSA key found", force=True, code=0) ctx.node.cmd("fsck") -if run_permission_checks: +if RUN_PERMISSION_CHECKS: ctx = test("warn about unsafe permissions on tinc.conf with PrivateKey") os.remove(ctx.rsa_priv) append_line(ctx.conf, f"PrivateKey = {RSA_D}") diff --git a/test/integration/cmd_import.py b/test/integration/cmd_import.py index 769cf795..5bf37beb 100755 --- a/test/integration/cmd_import.py +++ b/test/integration/cmd_import.py @@ -6,6 +6,7 @@ import os from testlib import check, cmd, util from testlib.log import log +from testlib.const import RUN_ACCESS_CHECKS from testlib.proc import Tinc from testlib.test import Test @@ -73,7 +74,7 @@ def test_import(foo: Tinc) -> None: _, err = foo.cmd("import", stdin="Name = node0", code=1) check.is_in("node0 already exists", err) - if os.name != "nt": + if RUN_ACCESS_CHECKS: log.info("import to inaccessible hosts subdirectory") os.chmod(foo.sub("hosts"), 0) _, err = foo.cmd("import", stdin="Name = vinny", code=1) @@ -153,7 +154,7 @@ def test_export_all(foo: Tinc) -> None: log.info("unexpected number of separators: %s", lines) assert False - if os.name != "nt": + if RUN_ACCESS_CHECKS: os.chmod(foo.sub("hosts"), 0) _, err = foo.cmd("export-all", code=1) check.is_in("Could not open host configuration", err) @@ -168,7 +169,7 @@ with Test("test 'export' command") as context: with Test("test 'exchange' command") as context: test_exchange(init(context)) -if os.name != "nt": +if RUN_ACCESS_CHECKS: with Test("test 'exchange-all' command") as context: test_exchange_all(init(context)) diff --git a/test/integration/cmd_join.py b/test/integration/cmd_join.py index a9bdd52d..bfc1f197 100755 --- a/test/integration/cmd_join.py +++ b/test/integration/cmd_join.py @@ -7,6 +7,7 @@ import shutil from testlib import check, util from testlib.log import log +from testlib.const import RUN_ACCESS_CHECKS from testlib.proc import Tinc from testlib.test import Test @@ -77,7 +78,7 @@ def test_invite_errors(foo: Tinc) -> None: _, err = foo.cmd("invite", foo.name, code=1) check.is_in("already exists", err) - if os.name != "nt": + if RUN_ACCESS_CHECKS: log.info("bad permissions on invitations are fixed") invites = foo.sub("invitations") os.chmod(invites, 0) @@ -121,7 +122,7 @@ def test_join_errors(foo: Tinc) -> None: _, err = foo.cmd("-c", work_dir, "join", FAKE_INVITE, code=1) check.is_in("Could not connect to", err) - if os.name != "nt": + if RUN_ACCESS_CHECKS: log.info("bad permissions on configuration directory are fixed") work_dir = foo.sub("wd_access_test") os.mkdir(work_dir, mode=400) diff --git a/test/integration/cmd_keys.py b/test/integration/cmd_keys.py index d9af1e09..4520154c 100755 --- a/test/integration/cmd_keys.py +++ b/test/integration/cmd_keys.py @@ -7,6 +7,7 @@ import os from testlib import check, util from testlib.log import log +from testlib.const import RUN_ACCESS_CHECKS from testlib.feature import Feature from testlib.proc import Tinc from testlib.test import Test @@ -99,7 +100,7 @@ def test_rsa(foo: Tinc) -> None: key = util.read_text(rsa_priv) check.has_prefix(key, "-----BEGIN RSA PRIVATE KEY-----") - if os.name != "nt": + if RUN_ACCESS_CHECKS: log.info("remove access to private key") os.chmod(rsa_priv, 0) _, err = foo.cmd("generate-rsa-keys", "1024", code=1) @@ -136,7 +137,7 @@ def test_eddsa(foo: Tinc) -> None: check.has_prefix(util.read_text(ec_priv), "-----BEGIN ED25519 PRIVATE KEY-----") check.has_prefix(util.read_text(ec_pub), "Ed25519PublicKey") - if os.name != "nt": + if RUN_ACCESS_CHECKS: log.info("remove access to EC private key file") os.chmod(ec_priv, 0) _, err = foo.cmd("generate-ed25519-keys", code=1) diff --git a/test/integration/cmd_misc.py b/test/integration/cmd_misc.py index 5a8a973d..c24e733c 100755 --- a/test/integration/cmd_misc.py +++ b/test/integration/cmd_misc.py @@ -149,8 +149,8 @@ def test_log(foo: Tinc) -> None: log.info("test correct call") log_client = foo.tinc("log") foo.cmd("reload") - time.sleep(1) foo.cmd("stop") + time.sleep(1) out, _ = log_client.communicate() check.true(out) diff --git a/test/integration/testlib/const.py b/test/integration/testlib/const.py index 36f5f977..b15e7034 100755 --- a/test/integration/testlib/const.py +++ b/test/integration/testlib/const.py @@ -7,3 +7,6 @@ EXIT_SKIP = 77 # Family name for multiprocessing Listener/Connection MPC_FAMILY = "AF_PIPE" if os.name == "nt" else "AF_UNIX" + +# Do access checks on files. Disabled when not available or not applicable. +RUN_ACCESS_CHECKS = os.name != "nt" and os.geteuid() != 0 diff --git a/test/unit/test_fs.c b/test/unit/test_fs.c index 95d2d09e..5b652ed6 100644 --- a/test/unit/test_fs.c +++ b/test/unit/test_fs.c @@ -113,7 +113,7 @@ static void test_makedir(tinc_dir_t dir, bool exists) { } // Deny write access and make sure makedirs() detects that - if(*container) { + if(getuid() && *container) { assert_int_equal(0, chmod(tmp, 0)); assert_false(makedirs(dir)); assert_int_equal(0, chmod(tmp, 0755)); -- 2.20.1