Date: Tue, 11 Mar 2008 14:01:46 GMT From: Zhouyi ZHOU <zhouzhouyi@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 137394 for review Message-ID: <200803111401.m2BE1k8q030755@repoman.freebsd.org>
index | next in thread | raw e-mail
http://perforce.freebsd.org/chv.cgi?CH=137394 Change 137394 by zhouzhouyi@zhouzhouyi_mactest on 2008/03/11 14:01:06 add setuid and setgid test for MAC Framework follows the example of fstest/fstest.c Affected files ... .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mactest.c#15 edit Differences ... ==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mactest.c#15 (text+ko) ==== @@ -230,7 +230,7 @@ usage(void) { - fprintf(stderr, "usage: mactest -m label_string -f macconf_file syscall args ...\n"); + fprintf(stderr, "usage: mactest [-u uid] [-g gid1[,gid2[...]]] -m label_string -f macconf_file syscall args ...\n"); exit(1); } @@ -549,6 +549,42 @@ return (i); } + +static void +set_gids(char *gids) +{ + gid_t *gidset; + long ngroups; + char *g, *endp; + unsigned i; + + ngroups = sysconf(_SC_NGROUPS_MAX); + assert(ngroups > 0); + gidset = malloc(sizeof(*gidset) * ngroups); + assert(gidset != NULL); + for (i = 0, g = strtok(gids, ","); g != NULL; g = strtok(NULL, ","), i++) { + if (i >= ngroups) { + fprintf(stderr, "too many gids\n"); + exit(1); + } + gidset[i] = strtol(g, &endp, 0); + if (*endp != '\0' && !isspace((unsigned char)*endp)) { + fprintf(stderr, "invalid gid '%s' - number expected\n", + g); + exit(1); + } + } + if (setgroups(i, gidset) < 0) { + fprintf(stderr, "cannot change groups: %s\n", strerror(errno)); + exit(1); + } + if (setegid(gidset[0]) < 0) { + fprintf(stderr, "cannot change effective gid: %s\n", strerror(errno)); + exit(1); + } + free(gidset); +} + int main(int argc, char *argv[]) { @@ -560,10 +596,13 @@ int error; int mactestpipefd; char buf[2048]; - int ch; + char *gids, *endp; + int uid, ch; + uid = -1; + gids = NULL; - while ((ch = getopt(argc, argv, "m:f:")) != -1) { + while ((ch = getopt(argc, argv, "m:f:g:u:")) != -1) { switch(ch) { case 'm': label_string = optarg; @@ -571,6 +610,17 @@ case 'f': macconf_file = optarg; break; + case 'g': + gids = optarg; + break; + case 'u': + uid = (int)strtol(optarg, &endp, 0); + if (*endp != '\0' && !isspace((unsigned char)*endp)) { + fprintf(stderr, "invalid uid '%s' - number " + "expected\n", optarg); + exit(1); + } + break; default: usage(); } @@ -611,6 +661,18 @@ logfd = open(LOGDEV, O_RDWR); + if (gids != NULL) { + set_gids(gids); + } + + if (uid != -1) { + if (setuid(uid) < 0) { + fprintf(stderr, "cannot change uid: %s\n", + strerror(errno)); + exit(1); + } + } + /*Begin to log */ ioctl(logfd, BEGINLOG, NULL);help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200803111401.m2BE1k8q030755>