1 /* $NetBSD: t_chroot.c,v 1.1 2011/07/07 06:57:53 jruoho Exp $ */
4 * Copyright (c) 2011 The NetBSD Foundation, Inc.
7 * This code is derived from software contributed to The NetBSD Foundation
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE.
31 #include <sys/cdefs.h>
32 __RCSID("$NetBSD: t_chroot.c,v 1.1 2011/07/07 06:57:53 jruoho Exp $");
46 ATF_TC_HEAD(chroot_basic
, tc
)
48 atf_tc_set_md_var(tc
, "descr", "A basic test of chroot(2)");
49 atf_tc_set_md_var(tc
, "require.user", "root");
52 ATF_TC_BODY(chroot_basic
, tc
)
58 (void)memset(buf
, '\0', sizeof(buf
));
59 (void)getcwd(buf
, sizeof(buf
));
60 (void)strlcat(buf
, "/dir", sizeof(buf
));
62 ATF_REQUIRE(mkdir(buf
, 0500) == 0);
63 ATF_REQUIRE(chdir(buf
) == 0);
66 ATF_REQUIRE(pid
>= 0);
75 if (chroot("/root") != -1)
81 fd
= open("file", O_RDONLY
| O_CREAT
, 0600);
94 if (WIFEXITED(sta
) == 0 || WEXITSTATUS(sta
) != EXIT_SUCCESS
)
95 atf_tc_fail("chroot(2) failed");
98 (void)strlcat(buf
, "/file", sizeof(buf
));
100 fd
= open(buf
, O_RDONLY
);
103 atf_tc_fail("chroot(2) did not change the root directory");
105 ATF_REQUIRE(close(fd
) == 0);
106 ATF_REQUIRE(unlink(buf
) == 0);
110 ATF_TC_HEAD(chroot_err
, tc
)
112 atf_tc_set_md_var(tc
, "descr", "Test error conditions of chroot(2)");
113 atf_tc_set_md_var(tc
, "require.user", "root");
116 ATF_TC_BODY(chroot_err
, tc
)
118 char buf
[PATH_MAX
+ 1];
120 (void)memset(buf
, 'x', sizeof(buf
));
123 ATF_REQUIRE_ERRNO(ENAMETOOLONG
, chroot(buf
) == -1);
126 ATF_REQUIRE_ERRNO(EFAULT
, chroot((void *)-1) == -1);
129 ATF_REQUIRE_ERRNO(ENOENT
, chroot("/a/b/c/d/e/f/g/h/i/j") == -1);
133 ATF_TC_HEAD(chroot_perm
, tc
)
135 atf_tc_set_md_var(tc
, "descr", "Test permissions with chroot(2)");
136 atf_tc_set_md_var(tc
, "require.user", "unprivileged");
139 ATF_TC_BODY(chroot_perm
, tc
)
141 static char buf
[LINE_MAX
];
145 (void)memset(buf
, '\0', sizeof(buf
));
146 ATF_REQUIRE(getcwd(buf
, sizeof(buf
)) != NULL
);
149 ATF_REQUIRE(pid
>= 0);
155 if (chroot(buf
) != -1)
166 if (WIFEXITED(sta
) == 0 || WEXITSTATUS(sta
) != EXIT_SUCCESS
)
167 atf_tc_fail("chroot(2) succeeded as unprivileged user");
170 ATF_TC(fchroot_basic
);
171 ATF_TC_HEAD(fchroot_basic
, tc
)
173 atf_tc_set_md_var(tc
, "descr", "A basic test of fchroot(2)");
174 atf_tc_set_md_var(tc
, "require.user", "root");
177 ATF_TC_BODY(fchroot_basic
, tc
)
183 (void)memset(buf
, '\0', sizeof(buf
));
184 (void)getcwd(buf
, sizeof(buf
));
185 (void)strlcat(buf
, "/dir", sizeof(buf
));
187 ATF_REQUIRE(mkdir(buf
, 0500) == 0);
188 ATF_REQUIRE(chdir(buf
) == 0);
190 fd
= open(buf
, O_RDONLY
);
191 ATF_REQUIRE(fd
>= 0);
194 ATF_REQUIRE(pid
>= 0);
198 if (fchroot(fd
) != 0)
204 fd
= open("file", O_RDONLY
| O_CREAT
, 0600);
217 if (WIFEXITED(sta
) == 0 || WEXITSTATUS(sta
) != EXIT_SUCCESS
)
218 atf_tc_fail("fchroot(2) failed");
221 (void)strlcat(buf
, "/file", sizeof(buf
));
223 fd
= open(buf
, O_RDONLY
);
226 atf_tc_fail("fchroot(2) did not change the root directory");
228 ATF_REQUIRE(close(fd
) == 0);
229 ATF_REQUIRE(unlink(buf
) == 0);
233 ATF_TC_HEAD(fchroot_err
, tc
)
235 atf_tc_set_md_var(tc
, "descr", "Test error conditions of fchroot(2)");
236 atf_tc_set_md_var(tc
, "require.user", "root");
239 ATF_TC_BODY(fchroot_err
, tc
)
243 fd
= open("/etc/passwd", O_RDONLY
);
244 ATF_REQUIRE(fd
>= 0);
247 ATF_REQUIRE_ERRNO(EBADF
, fchroot(-1) == -1);
250 ATF_REQUIRE_ERRNO(ENOTDIR
, fchroot(fd
) == -1);
252 ATF_REQUIRE(close(fd
) == 0);
255 ATF_TC(fchroot_perm
);
256 ATF_TC_HEAD(fchroot_perm
, tc
)
258 atf_tc_set_md_var(tc
, "descr", "Test permissions with fchroot(2)");
259 atf_tc_set_md_var(tc
, "require.user", "root");
262 ATF_TC_BODY(fchroot_perm
, tc
)
264 static char buf
[LINE_MAX
];
269 (void)memset(buf
, '\0', sizeof(buf
));
270 ATF_REQUIRE(getcwd(buf
, sizeof(buf
)) != NULL
);
272 pw
= getpwnam("nobody");
273 fd
= open(buf
, O_RDONLY
);
275 ATF_REQUIRE(fd
>= 0);
276 ATF_REQUIRE(pw
!= NULL
);
279 ATF_REQUIRE(pid
>= 0);
283 (void)setuid(pw
->pw_uid
);
287 if (fchroot(fd
) != -1)
298 if (WIFEXITED(sta
) == 0 || WEXITSTATUS(sta
) != EXIT_SUCCESS
)
299 atf_tc_fail("fchroot(2) succeeded as unprivileged user");
305 ATF_TP_ADD_TC(tp
, chroot_basic
);
306 ATF_TP_ADD_TC(tp
, chroot_err
);
307 ATF_TP_ADD_TC(tp
, chroot_perm
);
308 ATF_TP_ADD_TC(tp
, fchroot_basic
);
309 ATF_TP_ADD_TC(tp
, fchroot_err
);
310 ATF_TP_ADD_TC(tp
, fchroot_perm
);
312 return atf_no_error();