/* * Copyright (c) Wipro Technologies Ltd, 2002. All Rights Reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of version 2 of the GNU General Public License as * published by the Free Software Foundation. * * This program is distributed in the hope that it would be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * * You should have received a copy of the GNU General Public License along * with this program; if not, write the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * */ /********************************************************** * * TEST IDENTIFIER : setresgid03 * * EXECUTED BY : root / superuser * * TEST TITLE : Checking error conditions for setresgid(2) * * TEST CASE TOTAL : 4 * * AUTHOR : Madhu T L * * SIGNALS * Uses SIGUSR1 to pause before test if option set. * (See the parse_opts(3) man page). * * DESCRIPTION * Verify that, * 1. setresgid(2) fails with EPERM for unprivileged user in setting * saved group id. * 2. setresgid(2) fails with EPERM for unprivileged user in setting * effective group id. * 3. setresgid(2) fails with EPERM for unprivileged user in setting * real group id. * 4. setresgid(2) fails with EPERM for unprivileged user in setting * real/effective/saved group id. * * Setup: * Setup signal handling. * Test caller is superuser * Check existence of user id's root/bin/nobody * Set real/effective/saved gid to nobody * Set effective uid to nobody * Pause for SIGUSR1 if option specified. * * Test: * Loop if the proper options are given. * Execute system call * Check return value, errno and functionality, if success, * Issue PASS message * Otherwise, * Issue FAIL message * * Cleanup: * Print errno log and/or timing stats if options given * * USAGE: * setresgid03 [-c n] [-e] [-f] [-h] [-i n] [-I x] [-p] [-P x] [-t] * where, -c n : Run n copies concurrently. * -e : Turn on errno logging. * -f : Turn off functional testing * -h : Show help screen * -i n : Execute test n times. * -I x : Execute test for x seconds. * -p : Pause for SIGUSR1 before starting * -P x : Pause for x seconds between iterations. * -t : Turn on syscall timing. * ****************************************************************/ #define _GNU_SOURCE 1 #include #include #include #include #include "test.h" #include "safe_macros.h" #include "compat_16.h" #define EXP_RET_VAL -1 #define EXP_ERRNO EPERM #define TEST_DESC "unprivileged user" struct test_case_t { /* test case structure */ uid_t *rgid; /* real GID */ uid_t *egid; /* effective GID */ uid_t *sgid; /* saved GID */ struct passwd *exp_rgid; /* Expected real GID */ struct passwd *exp_egid; /* Expected effective GID */ struct passwd *exp_sgid; /* Expected saved GID */ }; TCID_DEFINE(setresgid03); static int testno; static struct passwd nobody, bin, root; static uid_t nobody_gid, bin_gid, neg = -1; static int test_functionality(uid_t, uid_t, uid_t); static void setup(void); static void cleanup(void); static struct test_case_t tdat[] = { {&neg, &neg, &bin.pw_gid, &nobody, &nobody, &nobody}, {&neg, &bin.pw_gid, &neg, &nobody, &nobody, &nobody}, {&bin.pw_gid, &neg, &neg, &nobody, &nobody, &nobody}, {&bin.pw_gid, &bin.pw_gid, &bin.pw_gid, &nobody, &nobody, &nobody}, }; int TST_TOTAL = sizeof(tdat) / sizeof(tdat[0]); int main(int argc, char **argv) { int lc; tst_parse_opts(argc, argv, NULL, NULL); setup(); for (lc = 0; TEST_LOOPING(lc); lc++) { /* reset tst_count in case we are looping */ tst_count = 0; for (testno = 0; testno < TST_TOTAL; ++testno) { TEST(SETRESGID(cleanup, *tdat[testno].rgid, *tdat[testno].egid, *tdat[testno].sgid)); if ((TEST_RETURN == EXP_RET_VAL) && (TEST_ERRNO == EXP_ERRNO)) { if (!test_functionality (tdat[testno].exp_rgid->pw_gid, tdat[testno].exp_egid->pw_gid, tdat[testno].exp_sgid->pw_gid)) { tst_resm(TPASS, "setresgid() failed as " "expected for %s : errno %d", TEST_DESC, TEST_ERRNO); } else { tst_resm(TFAIL, "Functionality test " "for setresgid() for %s failed", TEST_DESC); } } else { tst_resm(TFAIL, "setresgid() returned " "unexpected results for %s ; returned" " %ld (expected %d), errno %d (expected" " %d)", TEST_DESC, TEST_RETURN, EXP_RET_VAL, TEST_ERRNO, EXP_ERRNO); } } } cleanup(); tst_exit(); } static int test_functionality(uid_t exp_rgid, uid_t exp_egid, uid_t exp_sgid) { uid_t cur_rgid, cur_egid, cur_sgid; /* Get current real, effective and saved group id */ SAFE_GETRESGID(cleanup, &cur_rgid, &cur_egid, &cur_sgid); if ((cur_rgid == exp_rgid) && (cur_egid == exp_egid) && (cur_sgid == exp_sgid)) { return 0; } return 1; } /* * setup() * performs all ONE TIME setup for this test */ void setup(void) { struct passwd *passwd_p; tst_require_root(); tst_sig(NOFORK, DEF_HANDLER, cleanup); if ((passwd_p = getpwnam("root")) == NULL) { tst_brkm(TBROK, NULL, "getpwnam() failed for root"); } root = *passwd_p; if ((passwd_p = getpwnam("bin")) == NULL) { tst_brkm(TBROK, NULL, "bin user id doesn't exist"); } bin = *passwd_p; GID16_CHECK((bin_gid = bin.pw_gid), "setresgid", cleanup) if ((passwd_p = getpwnam("nobody")) == NULL) { tst_brkm(TBROK, NULL, "nobody user id doesn't exist"); } nobody = *passwd_p; GID16_CHECK((nobody_gid = nobody.pw_gid), "setresgid", cleanup) /* Set real/effective/saved gid to nobody */ if (setresgid(nobody_gid, nobody_gid, nobody_gid) == -1) { tst_brkm(TBROK, NULL, "setup() failed for setting while" " setting real/effective/saved gid"); } /* Set euid to nobody */ SAFE_SETUID(NULL, nobody.pw_uid); /* Pause if that option was specified * TEST_PAUSE contains the code to fork the test with the -c option. */ TEST_PAUSE; } /* * cleanup() * performs all ONE TIME cleanup for this test at * completion or premature exit */ void cleanup(void) { }