coreutils/tests/priv-check

93 lines
2.7 KiB
Bash

# -*- sh -*-
# Source this file at the beginning of a test that works
# only when run as root or as non-root.
# Copyright (C) 2001, 2003, 2004 Free Software Foundation, Inc.
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
case "$PRIV_CHECK_ARG" in
require-root) who='as root';;
require-non-root) who='by an unprivileged user';;
*) echo "Usage: PRIV_CHECK_ARG={require-root|require-non-root} . priv-check"\
1>&2; exit 1;;
esac
# Make sure id -u succeeds.
my_uid=`id -u`
test $? = 0 || {
echo "$0: cannot run \`id -u'" 1>&2
(exit 1); exit 1
}
# Make sure it gives valid output.
case $my_uid in
*[!0-9]*)
echo "$0: invalid output (\`$my_uid') from \`id -u'" 1>&2
(exit 1); exit 1
;;
*) ;;
esac
test $my_uid = 0 && \
{
# When running as root, always ensure that we have a valid non-root username.
# As non-root, don't do anything, since we won't be running setuidgid.
: ${NON_ROOT_USERNAME=nobody}
# Ensure that the supplied username is valid and with UID != 0.
coreutils_non_root_uid=`id -u $NON_ROOT_USERNAME`
test $? = 0 || \
{
echo "$0: This command failed: \`id -u $NON_ROOT_USERNAME'" 1>&2
echo "$0: Skipping this test. To enable it, set the envvar" 1>&2
echo "$0: NON_ROOT_USERNAME to a non-root user name." 1>&2
(exit 77); exit 77
}
test "$coreutils_non_root_uid" = 0 && \
{
echo "$0: The specified NON_ROOT_USERNAME ($NON_ROOT_USERNAME)" 1>&2
echo "$0: is invalid because its UID is 0." 1>&2
(exit 1); exit 1
}
}
give_msg=no
case $PRIV_CHECK_ARG:$my_uid in
require-root:0) ;;
require-root:*) give_msg=yes ;;
require-non-root:0)
# `.' must be writable by $NON_ROOT_USERNAME
setuidgid $NON_ROOT_USERNAME test -w . ||
{
echo "$0: `pwd`: not writable by user \`$NON_ROOT_USERNAME'" 1>&2
echo "$0: skipping this test" 1>&2
(exit 77); exit 77
}
exec setuidgid $NON_ROOT_USERNAME env PATH="$PATH" $0
;;
require-non-root:*) ;;
esac
test $give_msg = yes && {
cat <<EOF
***************************
NOTICE:
$0: This test is being skipped, since it works only
when run $who.
***************************
EOF
(exit 77); exit 77
}