1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright (c) International Business Machines Corp., 2001
4 *
5 * Ported by John George
6 */
7
8 /*
9 * Test that setregid() fails and sets the proper errno values when a
10 * non-root user attemps to change the real or effective group id to a
11 * value other than the current gid or the current effective gid.
12 */
13
14 #include <errno.h>
15 #include <pwd.h>
16 #include <grp.h>
17 #include <stdlib.h>
18
19 #include "tst_test.h"
20 #include "compat_tst_16.h"
21
22 static gid_t neg_one = -1;
23
24 static struct passwd *ltpuser;
25
26 static struct group ltpgroup, root, bin;
27
28 /*
29 * The following structure contains all test data. Each structure in the array
30 * is used for a separate test. The tests are executed in the for loop below.
31 */
32
33 static struct tcase {
34 gid_t *real_gid;
35 gid_t *eff_gid;
36 int exp_errno;
37 struct group *exp_real_usr;
38 struct group *exp_eff_usr;
39 char *test_msg;
40 } tcases[] = {
41 {
42 &neg_one, &root.gr_gid, EPERM, <pgroup, <pgroup,
43 "After setregid(-1, root),"}, {
44 &neg_one, &bin.gr_gid, EPERM, <pgroup, <pgroup,
45 "After setregid(-1, bin)"}, {
46 &root.gr_gid, &neg_one, EPERM, <pgroup, <pgroup,
47 "After setregid(root,-1),"}, {
48 &bin.gr_gid, &neg_one, EPERM, <pgroup, <pgroup,
49 "After setregid(bin, -1),"}, {
50 &root.gr_gid, &bin.gr_gid, EPERM, <pgroup, <pgroup,
51 "After setregid(root, bin)"}, {
52 &bin.gr_gid, &root.gr_gid, EPERM, <pgroup, <pgroup,
53 "After setregid(bin, root),"}
54 };
55
get_group_by_name(const char * name)56 static struct group get_group_by_name(const char *name)
57 {
58 struct group *ret = SAFE_GETGRNAM(name);
59
60 GID16_CHECK(ret->gr_gid, setregid);
61
62 return *ret;
63 }
64
get_group_by_gid(gid_t gid)65 static struct group get_group_by_gid(gid_t gid)
66 {
67 struct group *ret = SAFE_GETGRGID(gid);
68
69 GID16_CHECK(ret->gr_gid, setregid);
70
71 return *ret;
72 }
73
gid_verify(struct group * rg,struct group * eg,char * when)74 void gid_verify(struct group *rg, struct group *eg, char *when)
75 {
76 if ((getgid() != rg->gr_gid) || (getegid() != eg->gr_gid)) {
77 tst_res(TFAIL, "ERROR: %s real gid = %d; effective gid = %d",
78 when, getgid(), getegid());
79 tst_res(TINFO, "Expected: real gid = %d; effective gid = %d",
80 rg->gr_gid, eg->gr_gid);
81 return;
82 }
83
84 tst_res(TPASS, "real or effective gid wasn't modified as expected");
85 }
86
run(unsigned int n)87 static void run(unsigned int n)
88 {
89 struct tcase *tc = &tcases[n];
90
91 /* Set the real or effective group id */
92 TEST(SETREGID(*tc->real_gid, *tc->eff_gid));
93
94 if (TST_RET == -1) {
95 if (tc->exp_errno == TST_ERR) {
96 tst_res(TPASS | TTERRNO,
97 "setregid(%d, %d) failed as expected",
98 *tc->real_gid, *tc->eff_gid);
99 } else {
100 tst_res(TFAIL | TTERRNO,
101 "setregid(%d, %d) failed unexpectedly, expected %s",
102 *tc->real_gid, *tc->eff_gid,
103 tst_strerrno(tc->exp_errno));
104 }
105 } else {
106 tst_res(TFAIL,
107 "setregid(%d, %d) did not fail (ret: %ld) as expected (ret: -1).",
108 *tc->real_gid, *tc->eff_gid, TST_RET);
109 }
110 gid_verify(tc->exp_real_usr, tc->exp_eff_usr, tc->test_msg);
111 }
112
setup(void)113 static void setup(void)
114 {
115 ltpuser = SAFE_GETPWNAM("nobody");
116
117 SAFE_SETGID(ltpuser->pw_gid);
118 SAFE_SETUID(ltpuser->pw_uid);
119
120 root = get_group_by_name("root");
121 ltpgroup = get_group_by_gid(ltpuser->pw_gid);
122 bin = get_group_by_name("bin");
123 }
124
125 static struct tst_test test = {
126 .tcnt = ARRAY_SIZE(tcases),
127 .needs_root = 1,
128 .test = run,
129 .setup = setup,
130 };
131