Re: [PATCH v2] tests: A SANITY test prereq for testing if we're root

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Aug 9, 2010 at 16:55, Junio C Hamano <gitster@xxxxxxxxx> wrote:
> Ævar Arnfjörð Bjarmason  <avarab@xxxxxxxxx> writes:
>
>> + - SANITY
>> +
>> +   Test is not run by root user, and an attempt to write to an
>> +   unwritable file is expected to fail correctly.
>
> As I said in the previous round, I am indeed in favor of having a single
> "running as root---code that expects that the normal UNIXy permission
> based protection to apply, aka 'running in sane environment', will not
> work correctly" prerequisite token, rather than having separate "can I
> expect an unwritable file to be unwritable?"  "can I expect an unreadble
> file to be unreadable?" bits.

I probably shouldn't have used your docs as-is, you're right. It could
be explained better.

> The name of the token _might_ be subject to debate (I am fine with
> either SANITY or NOROOT), but the explanation should mention this is
> defined to be a bit more broad than "unWRITABLE", I think.

NOROOT is better I think,.

> "test -w /" is a traditional way to approximately check if you are
> running as root (technically, it only checks if you are running with
> unduly high privilege---your sysadm _could_ have done "chmod 2775 /"
> and made it owned by the admin group).

Initially I wrote it as:

     # test whether the filesystem supports symbolic links
     ln -s x y 2>/dev/null && test -h y 2>/dev/null && test_set_prereq SYMLINKS
     rm -f y
    +
    +# test whether we can make read-only files
    +mkdir hla
    +chmod -w hla
    +touch hla/gh >/dev/null 2>&1
    +test -f hla/gh || test_set_prereq SANITY
    +rm -rf hla

But then I saw your old "test -w /" implementation and figured it was
good enough without doing all this work on setup. I can submit another
patch with that fixup if you like, maybe it'll prevent odd failures on
someone's odd system.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]