[Buildroot] [PATCH] support/testing: add sudo package test

All of lore.kernel.org
 help / color / mirror / Atom feed

* [Buildroot] [PATCH] support/testing: add sudo package test
@ 2021-05-05 19:13 Arnout Vandecappelle
  2021-05-10 20:14 ` Peter Korsgaard
  0 siblings, 1 reply; 4+ messages in thread
From: Arnout Vandecappelle @ 2021-05-05 19:13 UTC (permalink / raw)
  To: buildroot

Create a new user 'sudotest' to validate that sudo really works (i.e.
properly has setuid).

Creating the user and adding it to sudoers is done at runtime, otherwise
we'd need to add extra files to the config which complicates things a
little bit.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
---
 support/testing/tests/package/test_sudo.py | 36 ++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 support/testing/tests/package/test_sudo.py

diff --git a/support/testing/tests/package/test_sudo.py b/support/testing/tests/package/test_sudo.py
new file mode 100644
index 0000000000..f9d0a6f301
--- /dev/null
+++ b/support/testing/tests/package/test_sudo.py
@@ -0,0 +1,36 @@
+import os
+
+import infra.basetest
+
+
+class TestSudo(infra.basetest.BRTest):
+    config = infra.basetest.BASIC_TOOLCHAIN_CONFIG + \
+        """
+        BR2_PACKAGE_SUDO=y
+        BR2_TARGET_ROOTFS_CPIO=y
+        # BR2_TARGET_ROOTFS_TAR is not set
+        """
+
+    def test_run(self):
+        img = os.path.join(self.builddir, "images", "rootfs.cpio")
+        self.emulator.boot(arch="armv5",
+                           kernel="builtin",
+                           options=["-initrd", img])
+        self.emulator.login()
+
+        # -D    don't set a password
+        # -h    set home directory
+        # -H    don't create home directory
+        # -s    set shell
+        _, exit_code = self.emulator.run("adduser -D -h /tmp -H -s /bin/sh sudotest")
+        self.assertEqual(exit_code, 0)
+
+        _, exit_code = self.emulator.run("echo 'sudotest ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers")
+        self.assertEqual(exit_code, 0)
+
+        output, exit_code = self.emulator.run("su - sudotest -c 'echo hello world'")
+        self.assertEqual(output, ["hello world"])
+
+        output, exit_code = self.emulator.run("su - sudotest -c 'sudo echo hello world'")
+        self.assertEqual(exit_code, 0)
+        self.assertEqual(output, ["hello world"])
-- 
2.30.2

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [Buildroot] [PATCH] support/testing: add sudo package test
  2021-05-05 19:13 [Buildroot] [PATCH] support/testing: add sudo package test Arnout Vandecappelle
@ 2021-05-10 20:14 ` Peter Korsgaard
  2021-05-11  7:17   ` Arnout Vandecappelle
  0 siblings, 1 reply; 4+ messages in thread
From: Peter Korsgaard @ 2021-05-10 20:14 UTC (permalink / raw)
  To: buildroot

>>>>> "Arnout" == Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> writes:

 > Create a new user 'sudotest' to validate that sudo really works (i.e.
 > properly has setuid).

 > Creating the user and adding it to sudoers is done at runtime, otherwise
 > we'd need to add extra files to the config which complicates things a
 > little bit.

 > Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
 > ---
 >  support/testing/tests/package/test_sudo.py | 36 ++++++++++++++++++++++
 >  1 file changed, 36 insertions(+)
 >  create mode 100644 support/testing/tests/package/test_sudo.py

 > diff --git a/support/testing/tests/package/test_sudo.py b/support/testing/tests/package/test_sudo.py
 > new file mode 100644
 > index 0000000000..f9d0a6f301
 > --- /dev/null
 > +++ b/support/testing/tests/package/test_sudo.py
 > @@ -0,0 +1,36 @@
 > +import os
 > +
 > +import infra.basetest
 > +
 > +
 > +class TestSudo(infra.basetest.BRTest):
 > +    config = infra.basetest.BASIC_TOOLCHAIN_CONFIG + \
 > +        """
 > +        BR2_PACKAGE_SUDO=y
 > +        BR2_TARGET_ROOTFS_CPIO=y
 > +        # BR2_TARGET_ROOTFS_TAR is not set
 > +        """

initrd, so that implies writable rootfs - So we don't really need those
special adduser flags, but OK.

Committed, thanks.

-- 
Bye, Peter Korsgaard

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Buildroot] [PATCH] support/testing: add sudo package test
  2021-05-10 20:14 ` Peter Korsgaard
@ 2021-05-11  7:17   ` Arnout Vandecappelle
  2021-05-11  7:31     ` Peter Korsgaard
  0 siblings, 1 reply; 4+ messages in thread
From: Arnout Vandecappelle @ 2021-05-11  7:17 UTC (permalink / raw)
  To: buildroot



On 10/05/2021 22:14, Peter Korsgaard wrote:
>>>>>> "Arnout" == Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> writes:
> 
>  > Create a new user 'sudotest' to validate that sudo really works (i.e.
>  > properly has setuid).
> 
>  > Creating the user and adding it to sudoers is done at runtime, otherwise
>  > we'd need to add extra files to the config which complicates things a
>  > little bit.
> 
>  > Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
>  > ---
>  >  support/testing/tests/package/test_sudo.py | 36 ++++++++++++++++++++++
>  >  1 file changed, 36 insertions(+)
>  >  create mode 100644 support/testing/tests/package/test_sudo.py
> 
>  > diff --git a/support/testing/tests/package/test_sudo.py b/support/testing/tests/package/test_sudo.py
>  > new file mode 100644
>  > index 0000000000..f9d0a6f301
>  > --- /dev/null
>  > +++ b/support/testing/tests/package/test_sudo.py
>  > @@ -0,0 +1,36 @@
>  > +import os
>  > +
>  > +import infra.basetest
>  > +
>  > +
>  > +class TestSudo(infra.basetest.BRTest):
>  > +    config = infra.basetest.BASIC_TOOLCHAIN_CONFIG + \
>  > +        """
>  > +        BR2_PACKAGE_SUDO=y
>  > +        BR2_TARGET_ROOTFS_CPIO=y
>  > +        # BR2_TARGET_ROOTFS_TAR is not set
>  > +        """
> 
> initrd, so that implies writable rootfs - So we don't really need those
> special adduser flags, but OK.

 I'm not sure what you mean. Do you mean the flags to use /tmp as a home
directory? There was a reason I added those for a reason I think, but I forgot
why :-(

 Regards,
 Arnout

> 
> Committed, thanks.
> 

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Buildroot] [PATCH] support/testing: add sudo package test
  2021-05-11  7:17   ` Arnout Vandecappelle
@ 2021-05-11  7:31     ` Peter Korsgaard
  0 siblings, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2021-05-11  7:31 UTC (permalink / raw)
  To: buildroot

>>>>> "Arnout" == Arnout Vandecappelle <arnout@mind.be> writes:

Hi,

 >> initrd, so that implies writable rootfs - So we don't really need those
 >> special adduser flags, but OK.

 >  I'm not sure what you mean. Do you mean the flags to use /tmp as a home
 > directory? There was a reason I added those for a reason I think, but I forgot
 > why :-(

Yes, exactly. When I saw those flags I thought you were trying to make
it work with a read only rootfs, but given the cpio that cannot have
been it.

Anyway, this works.

-- 
Bye, Peter Korsgaard

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2021-05-11  7:31 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-05-05 19:13 [Buildroot] [PATCH] support/testing: add sudo package test Arnout Vandecappelle
2021-05-10 20:14 ` Peter Korsgaard
2021-05-11  7:17   ` Arnout Vandecappelle
2021-05-11  7:31     ` Peter Korsgaard

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.