Gotweb

Blame

Date:: Sun Dec 11 12:58:14 2022 UTC
Message:: in gotd regress, use USER instead of USERNAME and check for sudo/doas users Problem where USERNAME is not usually set on OpenBSD reported by Mikhail ok jamsek
Actions:: History | Blob | Raw File
  1 ead70407 2022-11-17 thomas REGRESS_TARGETS=test_repo_read test_repo_read_group \
  2 5667a3a5 2022-11-17 thomas 	test_repo_read_denied_user test_repo_read_denied_group \
  3 ead70407 2022-11-17 thomas 	test_repo_read_bad_user test_repo_read_bad_group \
  4 ff260661 2022-11-17 thomas 	test_repo_write test_repo_write_empty
  5 f2900386 2022-10-31 thomas NOOBJ=Yes
  6 f2900386 2022-10-31 thomas 
  7 f2900386 2022-10-31 thomas .PHONY: ensure_root prepare_test_repo check_test_repo start_gotd
  8 f2900386 2022-10-31 thomas 
  9 f2900386 2022-10-31 thomas GOTD_TEST_ROOT=/tmp
 10 f2900386 2022-10-31 thomas GOTD_DEVUSER?=gotdev
 11 a0934206 2022-10-31 thomas GOTD_DEVUSER_HOME!=userinfo $(GOTD_DEVUSER) | awk '/^dir/ {print $$2}'
 12 f2900386 2022-10-31 thomas GOTD_TEST_REPO!?=mktemp -d "$(GOTD_TEST_ROOT)/gotd-test-repo-XXXXXXXXX"
 13 f2900386 2022-10-31 thomas GOTD_TEST_REPO_URL=ssh://${GOTD_DEVUSER}@127.0.0.1/test-repo
 14 f2900386 2022-10-31 thomas 
 15 2bf2e644 2022-12-11 thomas GOTD_TEST_USER?=${DOAS_USER}
 16 2bf2e644 2022-12-11 thomas .if empty(GOTD_TEST_USER)
 17 2bf2e644 2022-12-11 thomas GOTD_TEST_USER=${SUDO_USER}
 18 2bf2e644 2022-12-11 thomas .endif
 19 2bf2e644 2022-12-11 thomas .if empty(GOTD_TEST_USER)
 20 2bf2e644 2022-12-11 thomas GOTD_TEST_USER=${USER}
 21 2bf2e644 2022-12-11 thomas .endif
 22 a0934206 2022-10-31 thomas GOTD_TEST_USER_HOME!=userinfo $(GOTD_TEST_USER) | awk '/^dir/ {print $$2}'
 23 f2900386 2022-10-31 thomas 
 24 f2900386 2022-10-31 thomas # gotd.conf parameters
 25 f2900386 2022-10-31 thomas GOTD_USER?=got
 26 f2900386 2022-10-31 thomas GOTD_GROUP?=gotsh
 27 f2900386 2022-10-31 thomas GOTD_SOCK=${GOTD_DEVUSER_HOME}/gotd.sock
 28 f2900386 2022-10-31 thomas 
 29 f2900386 2022-10-31 thomas GOTD_START_CMD=../../gotd/obj/gotd -vv -f $(PWD)/gotd.conf
 30 f2900386 2022-10-31 thomas GOTD_STOP_CMD=../../gotctl/obj/gotctl -f $(GOTD_SOCK) stop
 31 f2900386 2022-10-31 thomas GOTD_TRAP=trap "$(GOTD_STOP_CMD)" HUP INT QUIT PIPE TERM
 32 f2900386 2022-10-31 thomas 
 33 f2900386 2022-10-31 thomas GOTD_TEST_ENV=GOTD_TEST_ROOT=$(GOTD_TEST_ROOT) \
 34 f2900386 2022-10-31 thomas 	GOTD_TEST_REPO_URL=$(GOTD_TEST_REPO_URL) \
 35 f2900386 2022-10-31 thomas 	GOTD_TEST_REPO=$(GOTD_TEST_REPO) \
 36 f2900386 2022-10-31 thomas 	GOTD_SOCK=$(GOTD_SOCK) \
 37 a07c01e0 2022-11-08 thomas 	GOTD_DEVUSER=$(GOTD_DEVUSER) \
 38 f2900386 2022-10-31 thomas 	HOME=$(GOTD_TEST_USER_HOME) \
 39 f2900386 2022-10-31 thomas 	PATH=$(GOTD_TEST_USER_HOME)/bin:$(PATH)
 40 f2900386 2022-10-31 thomas 
 41 f2900386 2022-10-31 thomas ensure_root:
 42 f2900386 2022-10-31 thomas 	@if [[ `id -u` -ne 0 ]]; then \
 43 69e99a59 2022-12-08 thomas 		echo gotd test suite must be started by root >&2; \
 44 f2900386 2022-10-31 thomas 		false; \
 45 69e99a59 2022-12-08 thomas 	fi ; \
 46 69e99a59 2022-12-08 thomas 	if [[ "$(GOTD_TEST_USER)" = "root" ]]; then \
 47 69e99a59 2022-12-08 thomas 		echo GOTD_TEST_USER must be a non-root user >&2; \
 48 69e99a59 2022-12-08 thomas 		false; \
 49 f2900386 2022-10-31 thomas 	fi
 50 f2900386 2022-10-31 thomas 
 51 729a7e24 2022-11-17 thomas start_gotd_ro: ensure_root
 52 f2900386 2022-10-31 thomas 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
 53 f2900386 2022-10-31 thomas 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
 54 f2900386 2022-10-31 thomas 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
 55 f2900386 2022-10-31 thomas 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
 56 f2900386 2022-10-31 thomas 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
 57 729a7e24 2022-11-17 thomas 	@echo '    permit ro $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
 58 f2900386 2022-10-31 thomas 	@echo "}" >> $(PWD)/gotd.conf
 59 f2900386 2022-10-31 thomas 	@$(GOTD_TRAP); $(GOTD_START_CMD)
 60 f2900386 2022-10-31 thomas 	@$(GOTD_TRAP); sleep .5
 61 f2900386 2022-10-31 thomas 
 62 ff260661 2022-11-17 thomas start_gotd_ro_group: ensure_root
 63 ff260661 2022-11-17 thomas 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
 64 ff260661 2022-11-17 thomas 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
 65 ff260661 2022-11-17 thomas 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
 66 ff260661 2022-11-17 thomas 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
 67 ff260661 2022-11-17 thomas 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
 68 ff260661 2022-11-17 thomas 	@echo '    permit ro :$(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
 69 ff260661 2022-11-17 thomas 	@echo "}" >> $(PWD)/gotd.conf
 70 ff260661 2022-11-17 thomas 	@$(GOTD_TRAP); $(GOTD_START_CMD)
 71 ff260661 2022-11-17 thomas 	@$(GOTD_TRAP); sleep .5
 72 ff260661 2022-11-17 thomas 
 73 b40156b3 2022-11-17 thomas # try a permit rule followed by a deny rule; last matched rule wins
 74 b40156b3 2022-11-17 thomas start_gotd_ro_denied_user: ensure_root
 75 b40156b3 2022-11-17 thomas 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
 76 b40156b3 2022-11-17 thomas 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
 77 b40156b3 2022-11-17 thomas 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
 78 b40156b3 2022-11-17 thomas 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
 79 b40156b3 2022-11-17 thomas 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
 80 b40156b3 2022-11-17 thomas 	@echo '    permit ro $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
 81 b40156b3 2022-11-17 thomas 	@echo '    deny $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
 82 b40156b3 2022-11-17 thomas 	@echo "}" >> $(PWD)/gotd.conf
 83 b40156b3 2022-11-17 thomas 	@$(GOTD_TRAP); $(GOTD_START_CMD)
 84 b40156b3 2022-11-17 thomas 	@$(GOTD_TRAP); sleep .5
 85 b40156b3 2022-11-17 thomas 
 86 5667a3a5 2022-11-17 thomas # try a permit rule followed by a deny rule; last matched rule wins
 87 5667a3a5 2022-11-17 thomas start_gotd_ro_denied_group: ensure_root
 88 5667a3a5 2022-11-17 thomas 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
 89 5667a3a5 2022-11-17 thomas 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
 90 5667a3a5 2022-11-17 thomas 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
 91 5667a3a5 2022-11-17 thomas 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
 92 5667a3a5 2022-11-17 thomas 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
 93 5667a3a5 2022-11-17 thomas 	@echo '    permit ro $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
 94 5667a3a5 2022-11-17 thomas 	@echo '    deny :$(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
 95 5667a3a5 2022-11-17 thomas 	@echo "}" >> $(PWD)/gotd.conf
 96 5667a3a5 2022-11-17 thomas 	@$(GOTD_TRAP); $(GOTD_START_CMD)
 97 5667a3a5 2022-11-17 thomas 	@$(GOTD_TRAP); sleep .5
 98 5667a3a5 2022-11-17 thomas 
 99 ead70407 2022-11-17 thomas # $GOTD_DEVUSER should not equal $GOTD_USER
100 ead70407 2022-11-17 thomas start_gotd_ro_bad_user: ensure_root
101 ead70407 2022-11-17 thomas 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
102 ead70407 2022-11-17 thomas 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
103 ead70407 2022-11-17 thomas 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
104 ead70407 2022-11-17 thomas 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
105 ead70407 2022-11-17 thomas 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
106 ead70407 2022-11-17 thomas 	@echo '    permit ro $(GOTD_USER)' >> $(PWD)/gotd.conf
107 ead70407 2022-11-17 thomas 	@echo "}" >> $(PWD)/gotd.conf
108 ead70407 2022-11-17 thomas 	@$(GOTD_TRAP); $(GOTD_START_CMD)
109 ead70407 2022-11-17 thomas 	@$(GOTD_TRAP); sleep .5
110 ead70407 2022-11-17 thomas 
111 ff260661 2022-11-17 thomas # $GOTD_DEVUSER should not be in group wheel
112 ff260661 2022-11-17 thomas start_gotd_ro_bad_group: ensure_root
113 ff260661 2022-11-17 thomas 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
114 ff260661 2022-11-17 thomas 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
115 ff260661 2022-11-17 thomas 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
116 ff260661 2022-11-17 thomas 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
117 ff260661 2022-11-17 thomas 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
118 ff260661 2022-11-17 thomas 	@echo '    permit ro :wheel' >> $(PWD)/gotd.conf
119 ff260661 2022-11-17 thomas 	@echo "}" >> $(PWD)/gotd.conf
120 ff260661 2022-11-17 thomas 	@$(GOTD_TRAP); $(GOTD_START_CMD)
121 ff260661 2022-11-17 thomas 	@$(GOTD_TRAP); sleep .5
122 ff260661 2022-11-17 thomas 
123 729a7e24 2022-11-17 thomas start_gotd_rw: ensure_root
124 729a7e24 2022-11-17 thomas 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
125 729a7e24 2022-11-17 thomas 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
126 729a7e24 2022-11-17 thomas 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
127 729a7e24 2022-11-17 thomas 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
128 729a7e24 2022-11-17 thomas 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
129 729a7e24 2022-11-17 thomas 	@echo '    permit rw $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
130 729a7e24 2022-11-17 thomas 	@echo "}" >> $(PWD)/gotd.conf
131 729a7e24 2022-11-17 thomas 	@$(GOTD_TRAP); $(GOTD_START_CMD)
132 729a7e24 2022-11-17 thomas 	@$(GOTD_TRAP); sleep .5
133 729a7e24 2022-11-17 thomas 
134 f2900386 2022-10-31 thomas prepare_test_repo: ensure_root
135 f2900386 2022-10-31 thomas 	@chown ${GOTD_USER} "${GOTD_TEST_REPO}"
136 f2900386 2022-10-31 thomas 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./prepare_test_repo.sh'
137 f2900386 2022-10-31 thomas 
138 a07c01e0 2022-11-08 thomas prepare_test_repo_empty: ensure_root
139 a07c01e0 2022-11-08 thomas 	@chown ${GOTD_USER} "${GOTD_TEST_REPO}"
140 a07c01e0 2022-11-08 thomas 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./prepare_test_repo.sh 1'
141 a07c01e0 2022-11-08 thomas 
142 729a7e24 2022-11-17 thomas test_repo_read: prepare_test_repo start_gotd_ro
143 f2900386 2022-10-31 thomas 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
144 f2900386 2022-10-31 thomas 		'env $(GOTD_TEST_ENV) sh ./repo_read.sh'
145 f2900386 2022-10-31 thomas 	@$(GOTD_STOP_CMD) 2>/dev/null
146 f2900386 2022-10-31 thomas 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
147 f2900386 2022-10-31 thomas 
148 ff260661 2022-11-17 thomas test_repo_read_group: prepare_test_repo start_gotd_ro_group
149 ff260661 2022-11-17 thomas 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
150 ff260661 2022-11-17 thomas 		'env $(GOTD_TEST_ENV) sh ./repo_read.sh'
151 ff260661 2022-11-17 thomas 	@$(GOTD_STOP_CMD) 2>/dev/null
152 ff260661 2022-11-17 thomas 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
153 ff260661 2022-11-17 thomas 
154 b40156b3 2022-11-17 thomas test_repo_read_denied_user: prepare_test_repo start_gotd_ro_denied_user
155 b40156b3 2022-11-17 thomas 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
156 b40156b3 2022-11-17 thomas 		'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
157 b40156b3 2022-11-17 thomas 	@$(GOTD_STOP_CMD) 2>/dev/null
158 b40156b3 2022-11-17 thomas 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
159 b40156b3 2022-11-17 thomas 
160 5667a3a5 2022-11-17 thomas test_repo_read_denied_group: prepare_test_repo start_gotd_ro_denied_group
161 5667a3a5 2022-11-17 thomas 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
162 5667a3a5 2022-11-17 thomas 		'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
163 5667a3a5 2022-11-17 thomas 	@$(GOTD_STOP_CMD) 2>/dev/null
164 5667a3a5 2022-11-17 thomas 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
165 5667a3a5 2022-11-17 thomas 
166 ead70407 2022-11-17 thomas test_repo_read_bad_user: prepare_test_repo start_gotd_ro_bad_user
167 ead70407 2022-11-17 thomas 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
168 ead70407 2022-11-17 thomas 		'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
169 ead70407 2022-11-17 thomas 	@$(GOTD_STOP_CMD) 2>/dev/null
170 ead70407 2022-11-17 thomas 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
171 ead70407 2022-11-17 thomas 
172 ff260661 2022-11-17 thomas test_repo_read_bad_group: prepare_test_repo start_gotd_ro_bad_group
173 ff260661 2022-11-17 thomas 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
174 ff260661 2022-11-17 thomas 		'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
175 ff260661 2022-11-17 thomas 	@$(GOTD_STOP_CMD) 2>/dev/null
176 ff260661 2022-11-17 thomas 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
177 ff260661 2022-11-17 thomas 
178 729a7e24 2022-11-17 thomas test_repo_write: prepare_test_repo start_gotd_rw
179 f2900386 2022-10-31 thomas 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
180 f2900386 2022-10-31 thomas 		'env $(GOTD_TEST_ENV) sh ./repo_write.sh'
181 f2900386 2022-10-31 thomas 	@$(GOTD_STOP_CMD) 2>/dev/null
182 f2900386 2022-10-31 thomas 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
183 a07c01e0 2022-11-08 thomas 
184 729a7e24 2022-11-17 thomas test_repo_write_empty: prepare_test_repo_empty start_gotd_rw
185 a07c01e0 2022-11-08 thomas 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
186 a07c01e0 2022-11-08 thomas 		'env $(GOTD_TEST_ENV) sh ./repo_write_empty.sh'
187 a07c01e0 2022-11-08 thomas 	@$(GOTD_STOP_CMD) 2>/dev/null
188 a07c01e0 2022-11-08 thomas 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
189 f2900386 2022-10-31 thomas 	
190 f2900386 2022-10-31 thomas .include <bsd.regress.mk>