[LTP] [PATCH] userns01: add capability verification

public inbox for ltp@lists.linux.it
 help / color / mirror / Atom feed

* [LTP] [PATCH] userns01: add capability verification
@ 2015-06-25 11:54 Yuan Sun
  2015-06-30  9:31 ` Jan Stancek
  0 siblings, 1 reply; 2+ messages in thread
From: Yuan Sun @ 2015-06-25 11:54 UTC (permalink / raw)
  To: jstancek; +Cc: ltp-list

A child process has a full set of permitted and effective capabilities,
even though the program was run from an unprivileged account.

Signed-off-by: Yuan Sun <sunyuan3@huawei.com>
---
 testcases/kernel/containers/userns/Makefile   |  2 +-
 testcases/kernel/containers/userns/userns01.c | 18 ++++++++++++------
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/testcases/kernel/containers/userns/Makefile b/testcases/kernel/containers/userns/Makefile
index 9f67216..20a0677 100644
--- a/testcases/kernel/containers/userns/Makefile
+++ b/testcases/kernel/containers/userns/Makefile
@@ -21,6 +21,6 @@ top_srcdir		?= ../../../..
 include $(top_srcdir)/include/mk/testcases.mk
 include $(abs_srcdir)/../Makefile.inc
 
-LDLIBS			:= -lclone -lltp
+LDLIBS			:= -lclone -lltp -lcap
 
 include $(top_srcdir)/include/mk/generic_leaf_target.mk
diff --git a/testcases/kernel/containers/userns/userns01.c b/testcases/kernel/containers/userns/userns01.c
index 9cada5e..ca4815a 100644
--- a/testcases/kernel/containers/userns/userns01.c
+++ b/testcases/kernel/containers/userns/userns01.c
@@ -15,7 +15,9 @@
  * Verify that:
  *  If a user ID has no mapping inside the namespace, user ID and group
  * ID will be the value defined in the file /proc/sys/kernel/overflowuid(65534)
- * and /proc/sys/kernel/overflowgid(65534).
+ * and /proc/sys/kernel/overflowgid(65534). A child process has a full set
+ * of permitted and effective capabilities, even though the program was
+ * run from an unprivileged account.
  */
 
 #define _GNU_SOURCE
@@ -29,6 +31,7 @@
 #include "test.h"
 #include "libclone.h"
 #include "userns_helper.h"
+#include <sys/capability.h>
 #define OVERFLOWUIDPATH "/proc/sys/kernel/overflowuid"
 #define OVERFLOWGIDPATH "/proc/sys/kernel/overflowgid"
 
@@ -43,21 +46,24 @@ static long overflowgid;
  */
 static int child_fn1(void *arg LTP_ATTRIBUTE_UNUSED)
 {
-	int exit_val;
+	int exit_val = 0;
 	int uid, gid;
+	cap_t caps;
 
 	uid = geteuid();
 	gid = getegid();
 
 	tst_resm(TINFO, "USERNS test is running in a new user namespace.");
-	if (uid == overflowuid && gid == overflowgid) {
-		printf("Got expected uid and gid\n");
-		exit_val = 0;
-	} else {
+
+	if (uid != overflowuid || gid != overflowgid) {
 		printf("Got unexpected result of uid=%d gid=%d\n", uid, gid);
 		exit_val = 1;
 	}
 
+	caps = cap_get_proc();
+	if (strcmp(cap_to_text(caps, NULL), "=ep") != 0)
+		exit_val = 1;
+
 	return exit_val;
 }
 
-- 
1.9.1


------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [LTP] [PATCH] userns01: add capability verification
  2015-06-25 11:54 [LTP] [PATCH] userns01: add capability verification Yuan Sun
@ 2015-06-30  9:31 ` Jan Stancek
  0 siblings, 0 replies; 2+ messages in thread
From: Jan Stancek @ 2015-06-30  9:31 UTC (permalink / raw)
  To: Yuan Sun; +Cc: ltp-list



----- Original Message -----
> From: "Yuan Sun" <sunyuan3@huawei.com>
> To: jstancek@redhat.com
> Cc: ltp-list@lists.sourceforge.net
> Sent: Thursday, 25 June, 2015 1:54:37 PM
> Subject: [PATCH] userns01: add capability verification
> 
> A child process has a full set of permitted and effective capabilities,
> even though the program was run from an unprivileged account.
> 
> Signed-off-by: Yuan Sun <sunyuan3@huawei.com>
> ---
>  testcases/kernel/containers/userns/Makefile   |  2 +-
>  testcases/kernel/containers/userns/userns01.c | 18 ++++++++++++------
>  2 files changed, 13 insertions(+), 7 deletions(-)
> 
> diff --git a/testcases/kernel/containers/userns/Makefile
> b/testcases/kernel/containers/userns/Makefile
> index 9f67216..20a0677 100644
> --- a/testcases/kernel/containers/userns/Makefile
> +++ b/testcases/kernel/containers/userns/Makefile
> @@ -21,6 +21,6 @@ top_srcdir		?= ../../../..
>  include $(top_srcdir)/include/mk/testcases.mk
>  include $(abs_srcdir)/../Makefile.inc
>  
> -LDLIBS			:= -lclone -lltp
> +LDLIBS			:= -lclone -lltp -lcap

We have m4 check for libcap, for the cases when libcap is not installed,
see m4/ltp-cap.m4.

>  
>  include $(top_srcdir)/include/mk/generic_leaf_target.mk
> diff --git a/testcases/kernel/containers/userns/userns01.c
> b/testcases/kernel/containers/userns/userns01.c
> index 9cada5e..ca4815a 100644
> --- a/testcases/kernel/containers/userns/userns01.c
> +++ b/testcases/kernel/containers/userns/userns01.c
> @@ -15,7 +15,9 @@
>   * Verify that:
>   *  If a user ID has no mapping inside the namespace, user ID and group
>   * ID will be the value defined in the file
>   /proc/sys/kernel/overflowuid(65534)
> - * and /proc/sys/kernel/overflowgid(65534).
> + * and /proc/sys/kernel/overflowgid(65534). A child process has a full set
> + * of permitted and effective capabilities, even though the program was
> + * run from an unprivileged account.
>   */
>  
>  #define _GNU_SOURCE
> @@ -29,6 +31,7 @@
>  #include "test.h"
>  #include "libclone.h"
>  #include "userns_helper.h"
> +#include <sys/capability.h>

You should use HAVE_LIBCAP and $(CAP_LIBS).

>  #define OVERFLOWUIDPATH "/proc/sys/kernel/overflowuid"
>  #define OVERFLOWGIDPATH "/proc/sys/kernel/overflowgid"
>  
> @@ -43,21 +46,24 @@ static long overflowgid;
>   */
>  static int child_fn1(void *arg LTP_ATTRIBUTE_UNUSED)
>  {
> -	int exit_val;
> +	int exit_val = 0;
>  	int uid, gid;
> +	cap_t caps;
>  
>  	uid = geteuid();
>  	gid = getegid();
>  
>  	tst_resm(TINFO, "USERNS test is running in a new user namespace.");
> -	if (uid == overflowuid && gid == overflowgid) {
> -		printf("Got expected uid and gid\n");
> -		exit_val = 0;
> -	} else {
> +
> +	if (uid != overflowuid || gid != overflowgid) {
>  		printf("Got unexpected result of uid=%d gid=%d\n", uid, gid);
>  		exit_val = 1;
>  	}
>  
> +	caps = cap_get_proc();
> +	if (strcmp(cap_to_text(caps, NULL), "=ep") != 0)

I'd suggest cap_compare, comparing strings seems error-prone,
when same set of capabilities can have multiple string representation,
e.g. "all=" and "=".

Regards,
Jan

> +		exit_val = 1;
> +
>  	return exit_val;
>  }
>  
> --
> 1.9.1
> 
> 

------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2015-06-30  9:32 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-06-25 11:54 [LTP] [PATCH] userns01: add capability verification Yuan Sun
2015-06-30  9:31 ` Jan Stancek

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox