search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
git-version-gen: Change suffix.
[gnulib.git] / tests / test-idpriv-droptemp.c
blob1d94ab52c4e304912d19e6a5746e247bedb5a256
1 /* Test of dropping uid/gid privileges of the current process temporarily.
2 Copyright (C) 2009-2025 Free Software Foundation, Inc.
3
4 This program is free software: you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation, either version 3 of the License, or
7 (at your option) any later version.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <https://www.gnu.org/licenses/>. */
16
17 #include <config.h>
18
19 #include "idpriv.h"
20
21 #include <stdio.h>
22 #include <stdlib.h>
23 #include <string.h>
24 #include <unistd.h>
25
26 #include "macros.h"
27
28 static void
29 show_uids ()
30 {
31 #if HAVE_GETRESUID /* glibc, FreeBSD, OpenBSD, HP-UX */
32 uid_t real;
33 uid_t effective;
34 uid_t saved;
35 ASSERT (getresuid (&real, &effective, &saved) >= 0);
36 printf ("uids: real=%d effective=%d saved=%d",
37 (int) real, (int) effective, (int) saved);
38 #elif HAVE_GETEUID
39 printf ("uids: real=%d effective=%d",
40 (int) getuid (), (int) geteuid ());
41 #elif HAVE_GETUID
42 printf ("uids: real=%d",
43 (int) getuid ());
44 #endif
45 }
46
47 static void
48 show_gids ()
49 {
50 #if HAVE_GETRESGID /* glibc, FreeBSD, OpenBSD, HP-UX */
51 gid_t real;
52 gid_t effective;
53 gid_t saved;
54 ASSERT (getresgid (&real, &effective, &saved) >= 0);
55 printf ("gids: real=%d effective=%d saved=%d",
56 (int) real, (int) effective, (int) saved);
57 #elif HAVE_GETEGID
58 printf ("gids: real=%d effective=%d",
59 (int) getgid (), (int) getegid ());
60 #elif HAVE_GETGID
61 printf ("gids: real=%d",
62 (int) getgid ());
63 #endif
64 }
65
66 static void
67 show (const char *prefix)
68 {
69 printf ("%s ", prefix);
70 show_uids ();
71 printf (" ");
72 show_gids ();
73 printf ("\n");
74 }
75
76 int
77 main (int argc, char *argv[])
78 {
79 bool verbose = false;
80 int i;
81
82 #if HAVE_GETUID
83 int uid = getuid ();
84 #endif
85 #if HAVE_GETEUID
86 int privileged_uid = geteuid ();
87 #endif
88 #if HAVE_GETGID
89 int gid = getgid ();
90 #endif
91 #if HAVE_GETEGID
92 int privileged_gid = getegid ();
93 #endif
94
95 /* Parse arguments.
96 -v enables verbose output.
97 */
98 for (i = 1; i < argc; i++)
99 {
100 const char *arg = argv[i];
101 if (strcmp (arg, "-v") == 0)
102 verbose = true;
103 }
104
105 for (i = 0; i < 3; i++)
106 {
107 if (verbose)
108 show ("before droptemp:");
109
110 ASSERT (idpriv_temp_drop () == 0);
111
112 if (verbose)
113 show ("privileged: ");
114
115 /* Verify that the privileges have really been dropped. */
116 #if HAVE_GETEUID
117 if (geteuid () != uid)
118 abort ();
119 #endif
120 #if HAVE_GETUID
121 if (getuid () != uid)
122 abort ();
123 #endif
124 #if HAVE_GETEGID
125 if (getegid () != gid)
126 abort ();
127 #endif
128 #if HAVE_GETGID
129 if (getgid () != gid)
130 abort ();
131 #endif
132
133 ASSERT (idpriv_temp_restore () == 0);
134
135 if (verbose)
136 show ("unprivileged: ");
137
138 /* Verify that the privileges have really been acquired again. */
139 #if HAVE_GETEUID
140 if (geteuid () != privileged_uid)
141 abort ();
142 #endif
143 #if HAVE_GETUID
144 if (getuid () != uid)
145 abort ();
146 #endif
147 #if HAVE_GETEGID
148 if (getegid () != privileged_gid)
149 abort ();
150 #endif
151 #if HAVE_GETGID
152 if (getgid () != gid)
153 abort ();
154 #endif
155 }
156
157
158 return test_exit_status;
159 }
Mirror of the GNU Gnulib repository