ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Merge branch 'mnowak/537_Add_CI_step_to_test_named_-u' into 'master'

Browse Source 
Verifying that named switches UID

Closes #537

See merge request isc-projects/bind9!2374
This commit is contained in:
Michal Nowak
2019-11-20 10:37:24 +00:00
parent 584c1da066 b00360537e
commit 081326929f
5 changed files with 51 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
bin/tests/system/conf.sh.common
View File

@@ -562,5 +562,6 @@ export RRCHECKER
export SAMPLEUPDATE export SAMPLEUPDATE
export SIGNER export SIGNER
export SUBDIRS export SUBDIRS
export TMPDIR
export TSIGKEYGEN export TSIGKEYGEN
export WIRETEST export WIRETEST

3
bin/tests/system/conf.sh.in
View File

@@ -17,6 +17,9 @@
# Find the top of the BIND9 tree. # Find the top of the BIND9 tree.
TOP=@abs_top_builddir@ TOP=@abs_top_builddir@
# Provide TMPDIR variable for tests that need it.
TMPDIR=${TMPDIR:-/tmp}
# This is not the windows build. # This is not the windows build.
CYGWIN="" CYGWIN=""

1
bin/tests/system/runtime/clean.sh
View File

@@ -17,6 +17,7 @@ rm -f *.pid
rm -f rndc.out* rm -f rndc.out*
[ -d ns2/nope ] && chmod 755 ns2/nope [ -d ns2/nope ] && chmod 755 ns2/nope
rm -rf ns2/nope rm -rf ns2/nope
rm -rf ns2/tmp.*
rm -f ns*/managed-keys.bind* rm -f ns*/managed-keys.bind*
rm -rf "ns2/`cat ctrl-char-dir-name`" rm -rf "ns2/`cat ctrl-char-dir-name`"
rm -rf "ns2/$;" rm -rf "ns2/$;"

18
bin/tests/system/runtime/ns2/named-alt9.conf.in Normal file
View File

@@ -0,0 +1,18 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
options {
port @PORT@;
pid-file "named9.pid";
listen-on { 127.0.0.1; };
listen-on-v6 { none; };
recursion no;
};

28
bin/tests/system/runtime/tests.sh
View File

@@ -1,3 +1,5 @@
#!/bin/sh
#
# Copyright (C) Internet Systems Consortium, Inc. ("ISC") # Copyright (C) Internet Systems Consortium, Inc. ("ISC")
# #
# This Source Code Form is subject to the terms of the Mozilla Public # This Source Code Form is subject to the terms of the Mozilla Public
@@ -159,5 +161,31 @@ cd ..
if [ $ret != 0 ]; then echo_i "failed"; fi if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret` status=`expr $status + $ret`
n=`expr $n + 1`
echo_i "verifying that named switches UID ($n)"
if [ "`id -u`" = 0 ] && [ ! "$CYGWIN" ]; then
ret=0
TEMP_NAMED_DIR=`mktemp -d`
if [ -d "${TEMP_NAMED_DIR}" ]; then
copy_setports ns2/named-alt9.conf.in "${TEMP_NAMED_DIR}/named-alt9.conf"
chown -R nobody "${TEMP_NAMED_DIR}"
chmod 0700 "${TEMP_NAMED_DIR}"
( cd "${TEMP_NAMED_DIR}" && $NAMED -u nobody -c named-alt9.conf -d 99 -g -U 4 >> named9.run 2>&1 & )
sleep 2
[ -s "${TEMP_NAMED_DIR}/named9.pid" ] || ret=1
grep "loading configuration: permission denied" "${TEMP_NAMED_DIR}/named9.run" > /dev/null && ret=1
pid=`cat "${TEMP_NAMED_DIR}/named9.pid" 2>/dev/null`
test "${pid:+set}" = set && $KILL -15 "${pid}" >/dev/null 2>&1
mv "${TEMP_NAMED_DIR}" ns2/
else
echo_i "mktemp failed"
ret=1
fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
else
echo_i "skipped, not running as root or running on Windows"
fi
echo_i "exit status: $status" echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1 [ $status -eq 0 ] || exit 1