summaryrefslogtreecommitdiffstats
path: root/tests/privdrop_common.sh
diff options
context:
space:
mode:
Diffstat (limited to 'tests/privdrop_common.sh')
-rwxr-xr-xtests/privdrop_common.sh110
1 files changed, 110 insertions, 0 deletions
diff --git a/tests/privdrop_common.sh b/tests/privdrop_common.sh
new file mode 100755
index 0000000..dabc088
--- /dev/null
+++ b/tests/privdrop_common.sh
@@ -0,0 +1,110 @@
+#!/bin/bash
+# added 2016-04-15 by Thomas D., released under ASL 2.0
+# Several tests need another user/group to test impersonation.
+# This script can be sourced to prevent duplicated code.
+
+# To support <bash-4.2 which don't support "declare -g" we declare
+# the array outside of the function
+declare -A TESTBENCH_TESTUSER
+
+rsyslog_testbench_setup_testuser() {
+ local has_testuser=
+ local testusername=
+ local testgroupname=
+
+ if [ -z "${EUID}" ]; then
+ # Should never happen
+ echo "FATAL ERROR: \$EUID not set!"
+ exit 1
+ fi
+
+ if [ ${EUID} -eq 0 ]; then
+ # Only root is able to become a different user
+
+ local testusers=("rsyslog" "syslog" "daemon")
+
+ if [ -n "${RSYSLOG_TESTUSER}" ]; then
+ # User has specified an username/uid we should use in testbench
+ testusers=("${RSYSLOG_TESTUSER}" ${testusers[@]})
+ fi
+
+ local testuser=
+ for testuser in "${testusers[@]}"; do
+ testusername=$(id --user --name ${testuser} 2>/dev/null)
+ if [ -z "${testusername}" ]; then
+ echo "'id' did not find user \"${testuser}\" ... skipping, trying next user!"
+ continue
+ fi
+
+ testgroupname=$(id --group --name ${testuser} 2>/dev/null)
+ if [ -z "${testgroupname}" ]; then
+ echo "'id' did not find a primary group for \"${testuser}\" ... skipping, trying next user!"
+ continue
+ fi
+
+ has_testuser="${testuser}"
+ break
+ done
+ if [ -z "${has_testuser}" ]; then
+ echo "ERROR: running as root and no suiteable testuser found - skipping test"
+ echo 'You mas set a testuser via the RSYSLOG_TESTUSER environment variable'
+ exit 77
+ fi
+ echo "WARNING: making work directory world-writable, as we need this to be able to"
+ echo " open and process files after privilege drop. This is NOT automatically"
+ echo " undone."
+ chmod a+w .
+ fi
+
+ if [ -z "${has_testuser}" ]; then
+ testgroupname=$(id --group --name ${EUID} 2>/dev/null)
+ if [ -z "${testgroupname}" ]; then
+ echo "Skipping ... please set RSYSLOG_TESTUSER or make sure the user running the testbench has a primary group!"
+ exit_test
+ exit 0
+ else
+ has_testuser="${EUID}"
+ fi
+ fi
+
+ _rsyslog_testbench_declare_testuser ${has_testuser}
+}
+
+_rsyslog_testbench_declare_testuser() {
+ local testuser=$1
+
+ local testusername=$(id --user --name ${testuser} 2>/dev/null)
+ if [ -z "${testusername}" ]; then
+ # Should never happen
+ echo "FATAL ERROR: Could not get username for user \"${testuser}\"!"
+ exit 1
+ fi
+
+ local testuid=$(id --user ${testuser} 2>/dev/null)
+ if [ -z "${testuid}" ]; then
+ # Should never happen
+ echo "FATAL ERROR: Could not get uid for user \"${testuser}\"!"
+ exit 1
+ fi
+
+ local testgroupname=$(id --group --name ${testuser} 2>/dev/null)
+ if [ -z "${testgroupname}" ]; then
+ # Should never happen
+ echo "FATAL ERROR: Could not get uid of user \"${testuser}\"!"
+ exit 1
+ fi
+
+ local testgid=$(id --group ${testuser} 2>/dev/null)
+ if [ -z "${testgid}" ]; then
+ # Should never happen
+ echo "FATAL ERROR: Could not get primary gid of user \"${testuser}\"!"
+ exit 1
+ fi
+
+ echo "Will use user \"${testusername}\" (#${testuid}) and group \"${testgroupname}\" (#${testgid})"
+
+ TESTBENCH_TESTUSER[username]=${testusername}
+ TESTBENCH_TESTUSER[uid]=${testuid}
+ TESTBENCH_TESTUSER[groupname]=${testgroupname}
+ TESTBENCH_TESTUSER[gid]=${testgid}
+}