summaryrefslogtreecommitdiffstats
path: root/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/debian/control.in27
-rw-r--r--t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/debian/systemd-service-file-uses-nobody-or-nogroup-bad.service12
-rw-r--r--t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/debian/systemd-service-file-uses-nobody-or-nogroup-good.service12
-rw-r--r--t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/fill-values3
-rw-r--r--t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/eval/desc2
-rw-r--r--t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/eval/hints4
6 files changed, 60 insertions, 0 deletions
diff --git a/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/debian/control.in b/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/debian/control.in
new file mode 100644
index 0000000..d42ecbb
--- /dev/null
+++ b/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/debian/control.in
@@ -0,0 +1,27 @@
+Source: [% $source %]
+Priority: optional
+Section: misc
+Maintainer: [% $author %]
+Standards-Version: [% $standards_version %]
+Build-Depends: [% $build_depends %]
+Rules-Requires-Root: no
+
+Package: [% $source %]-good
+Architecture: all
+Depends: ${misc:Depends}
+Description: [% $description %] (good)
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package.
+ .
+ Good case.
+
+Package: [% $source %]-bad
+Architecture: all
+Depends: ${misc:Depends}
+Description: [% $description %] (bad)
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package.
+ .
+ Bad case.
diff --git a/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/debian/systemd-service-file-uses-nobody-or-nogroup-bad.service b/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/debian/systemd-service-file-uses-nobody-or-nogroup-bad.service
new file mode 100644
index 0000000..96ada25
--- /dev/null
+++ b/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/debian/systemd-service-file-uses-nobody-or-nogroup-bad.service
@@ -0,0 +1,12 @@
+[Unit]
+After=network.target
+Documentation=https://example.com/
+
+[Service]
+ExecStart=/bin/test
+PIDFile=/run/$NAME.pid
+User=nobody
+Group=nogroup
+
+[Install]
+WantedBy=multi-user.target
diff --git a/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/debian/systemd-service-file-uses-nobody-or-nogroup-good.service b/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/debian/systemd-service-file-uses-nobody-or-nogroup-good.service
new file mode 100644
index 0000000..461e14b
--- /dev/null
+++ b/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/debian/systemd-service-file-uses-nobody-or-nogroup-good.service
@@ -0,0 +1,12 @@
+[Unit]
+After=network.target
+Documentation=https://example.com/
+
+[Service]
+ExecStart=/bin/test
+PIDFile=/run/$NAME.pid
+User=gooduser
+Group=goodgroup
+
+[Install]
+WantedBy=multi-user.target
diff --git a/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/fill-values b/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/fill-values
new file mode 100644
index 0000000..1b65cfa
--- /dev/null
+++ b/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/build-spec/fill-values
@@ -0,0 +1,3 @@
+Skeleton: upload-native
+Testname: systemd-service-file-uses-nobody-or-nogroup
+Description: Check for User=nobody or Group=nogroup
diff --git a/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/eval/desc b/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/eval/desc
new file mode 100644
index 0000000..3e687ed
--- /dev/null
+++ b/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/eval/desc
@@ -0,0 +1,2 @@
+Testname: systemd-service-file-uses-nobody-or-nogroup
+Check: systemd
diff --git a/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/eval/hints b/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/eval/hints
new file mode 100644
index 0000000..f569899
--- /dev/null
+++ b/t/recipes/checks/systemd/systemd-service-file-uses-nobody-or-nogroup/eval/hints
@@ -0,0 +1,4 @@
+systemd-service-file-uses-nobody-or-nogroup-good (binary): systemd-service-file-missing-hardening-features [usr/lib/systemd/system/systemd-service-file-uses-nobody-or-nogroup-good.service]
+systemd-service-file-uses-nobody-or-nogroup-bad (binary): systemd-service-file-uses-nobody-or-nogroup User=nobody [usr/lib/systemd/system/systemd-service-file-uses-nobody-or-nogroup-bad.service]
+systemd-service-file-uses-nobody-or-nogroup-bad (binary): systemd-service-file-uses-nobody-or-nogroup Group=nogroup [usr/lib/systemd/system/systemd-service-file-uses-nobody-or-nogroup-bad.service]
+systemd-service-file-uses-nobody-or-nogroup-bad (binary): systemd-service-file-missing-hardening-features [usr/lib/systemd/system/systemd-service-file-uses-nobody-or-nogroup-bad.service]
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-17 09:58:55 +0000