Fix travis to correctly run-as-rootlcg/testing-crazy-fucking-ideas

A spec here was accidentally dropping privs from root which was causing
subsequent chaos with file perms issues in later specs.

Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>

3 files changed, 32 insertions, 8 deletions

diff --git a/.travis.yml b/.travis.yml
index 7f3a518d53..db5edab1ad 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -61,18 +61,18 @@ matrix:
   - env:
       UNIT_SPECS_24: 1
     rvm: 2.4.3
-    sudo: false
+    sudo: true
     script:
-      - bundle exec rake spec:unit;
-      - bundle exec rake component_specs
+      - sudo -E $(which bundle) exec rake spec:unit;
+      - sudo -E $(which bundle) exec rake component_specs
     bundler_args: --without ci docgen guard integration maintenance omnibus_package --frozen
   - env:
       UNIT_SPECS_25: 1
     rvm: 2.5.0
-    sudo: false
+    sudo: true
     script:
-      - bundle exec rake spec:unit;
-      - bundle exec rake component_specs
+      - sudo -E $(which bundle) exec rake spec:unit;
+      - sudo -E $(which bundle) exec rake component_specs
     bundler_args: --without ci docgen guard integration maintenance omnibus_package --frozen
   - env:
       CHEFSTYLE: 1
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 10e9818834..dbefbf29e4 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -1,6 +1,6 @@
 #
 # Author:: Adam Jacob (<adam@chef.io>)
-# Copyright:: Copyright 2008-2017, Chef Software Inc.
+# Copyright:: Copyright 2008-2018, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -254,6 +254,24 @@ RSpec.configure do |config|
     Chef.resource_priority_map.instance_variable_set(:@map, resource_priority_map.dup)
   end
 
+  # This bit of jankiness guards against specs which accidentally drop privs when running as
+  # root -- which are nearly impossible to debug and so we bail out very hard if this
+  # condition ever happens.  If a spec stubs Process.[e]uid this can throw a false positive
+  # which the spec must work around by unmocking Process.[e]uid to and_call_original in its
+  # after block.
+  if Process.euid == 0 && Process.uid == 0
+    config.after(:each) do
+      if Process.uid != 0
+        RSpec.configure { |c| c.fail_fast = true }
+        raise "rspec was invoked as root, but the last test dropped real uid to #{Process.uid}"
+      end
+      if Process.euid != 0
+        RSpec.configure { |c| c.fail_fast = true }
+        raise "rspec was invoked as root, but the last test dropped effective uid to #{Process.euid}"
+      end
+    end
+  end
+
   # raise if anyone commits any test to CI with :focus set on it
   if ENV["CI"]
     config.before(:example, :focus) do
diff --git a/spec/unit/daemon_spec.rb b/spec/unit/daemon_spec.rb
index ae3d626113..9448380c91 100644
--- a/spec/unit/daemon_spec.rb
+++ b/spec/unit/daemon_spec.rb
@@ -1,6 +1,6 @@
 #
 # Author:: AJ Christensen (<aj@junglist.gen.nz>)
-# Copyright:: Copyright 2008-2016, Chef Software Inc.
+# Copyright:: Copyright 2008-2018, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -73,6 +73,7 @@ describe Chef::Daemon do
   describe ".change_privilege" do
 
     before do
+      allow(Chef::Daemon).to receive(:_change_privilege)
       allow(Chef::Application).to receive(:fatal!).and_return(true)
       Chef::Config[:user] = "aj"
       allow(Dir).to receive(:chdir)
@@ -159,6 +160,11 @@ describe Chef::Daemon do
         allow(Process).to receive(:egid).and_return(999)
       end
 
+      after do
+        allow(Process).to receive(:euid).and_call_original
+        allow(Process).to receive(:egid).and_call_original
+      end
+
       it "should log an appropriate error message and fail miserably" do
         allow(Process).to receive(:initgroups).and_raise(Errno::EPERM)
         error = "Operation not permitted"