diff options
author | David Michael <dm0@redhat.com> | 2019-02-26 17:25:48 +0000 |
---|---|---|
committer | David Michael <dm0@redhat.com> | 2019-02-28 13:06:07 -0500 |
commit | 8595c4588c0ed8e61745fc6a4bd0c7798ee6d10f (patch) | |
tree | 5cd2e8ddb839e6195f0a31193409e26f99c35d1f /test/TEST-22-TMPFILES | |
parent | c3aa4adcafa046da7c41ef2e5411fc8dd8feecaa (diff) | |
download | systemd-8595c4588c0ed8e61745fc6a4bd0c7798ee6d10f.tar.gz |
TEST-22: add test for unprivileged dirs in root prefixes
This verifies the fix for the issue described in:
https://github.com/systemd/systemd/pull/11820
Diffstat (limited to 'test/TEST-22-TMPFILES')
-rwxr-xr-x | test/TEST-22-TMPFILES/test-08.sh | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/test/TEST-22-TMPFILES/test-08.sh b/test/TEST-22-TMPFILES/test-08.sh new file mode 100755 index 0000000000..e7bf044783 --- /dev/null +++ b/test/TEST-22-TMPFILES/test-08.sh @@ -0,0 +1,32 @@ +#! /bin/bash +# +# Verify tmpfiles can run in a root directory under a path prefix that contains +# directories owned by unprivileged users, for example when a root file system +# is mounted in a regular user's home directory. +# +# https://github.com/systemd/systemd/pull/11820 +# + +set -e + +rm -fr /tmp/root /tmp/user +mkdir -p /tmp/root /tmp/user/root +chown daemon:daemon /tmp/user + +# Verify the command works as expected with no prefix or a root-owned prefix. +echo 'd /tmp/root/test1' | systemd-tmpfiles --create - +test -d /tmp/root/test1 +echo 'd /test2' | systemd-tmpfiles --root=/tmp/root --create - +test -d /tmp/root/test2 + +# Verify the command fails to write to a root-owned subdirectory under an +# unprivileged user's directory when it's not part of the prefix, as expected +# by the unsafe_transition function. +! echo 'd /tmp/user/root/test' | systemd-tmpfiles --create - +! test -e /tmp/user/root/test +! echo 'd /user/root/test' | systemd-tmpfiles --root=/tmp --create - +! test -e /tmp/user/root/test + +# Verify the above works when all user-owned directories are in the prefix. +echo 'd /test' | systemd-tmpfiles --root=/tmp/user/root --create - +test -d /tmp/user/root/test |