cap_test_capmode.c (221431) | cap_test_capmode.c (224651) |
---|---|
1/*- 2 * Copyright (c) 2008-2009 Robert N. M. Watson | 1/*- 2 * Copyright (c) 2008-2009 Robert N. M. Watson |
3 * Copyright (c) 2011 Jonathan Anderson |
|
3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright --- 7 unchanged lines hidden (view full) --- 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * | 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright --- 7 unchanged lines hidden (view full) --- 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 * |
26 * $FreeBSD: head/tools/regression/security/cap_test/cap_test_capmode.c 221431 2011-05-04 12:44:46Z jonathan $ | 27 * $FreeBSD: head/tools/regression/security/cap_test/cap_test_capmode.c 224651 2011-08-04 14:20:13Z jonathan $ |
27 */ 28 29/* 30 * Test routines to make sure a variety of system calls are or are not 31 * available in capability mode. The goal is not to see if they work, just 32 * whether or not they return the expected ECAPMODE. 33 */ 34 35#include <sys/cdefs.h> | 28 */ 29 30/* 31 * Test routines to make sure a variety of system calls are or are not 32 * available in capability mode. The goal is not to see if they work, just 33 * whether or not they return the expected ECAPMODE. 34 */ 35 36#include <sys/cdefs.h> |
36__FBSDID("$FreeBSD: head/tools/regression/security/cap_test/cap_test_capmode.c 221431 2011-05-04 12:44:46Z jonathan $"); | 37__FBSDID("$FreeBSD: head/tools/regression/security/cap_test/cap_test_capmode.c 224651 2011-08-04 14:20:13Z jonathan $"); |
37 38#include <sys/param.h> 39#include <sys/capability.h> | 38 39#include <sys/param.h> 40#include <sys/capability.h> |
41#include <sys/errno.h> |
|
40#include <sys/mman.h> 41#include <sys/mount.h> | 42#include <sys/mman.h> 43#include <sys/mount.h> |
42#include <sys/poll.h> | |
43#include <sys/socket.h> 44#include <sys/stat.h> 45#include <sys/wait.h> 46 47#include <machine/sysarch.h> | 44#include <sys/socket.h> 45#include <sys/stat.h> 46#include <sys/wait.h> 47 48#include <machine/sysarch.h> |
48#include <netinet/in.h> | |
49 50#include <err.h> | 49 50#include <err.h> |
51#include <errno.h> | |
52#include <fcntl.h> 53#include <stdlib.h> 54#include <string.h> 55#include <unistd.h> 56 | 51#include <fcntl.h> 52#include <stdlib.h> 53#include <string.h> 54#include <unistd.h> 55 |
57/* Need to check machine-dependent sysarch(). */ 58#define ARCH_IS(s) (!strncmp(s, MACHINE, sizeof(s) + 1)) 59 | |
60#include "cap_test.h" 61 | 56#include "cap_test.h" 57 |
62void | 58#define CHECK_SYSCALL_VOID_NOT_ECAPMODE(syscall, ...) do { \ 59 errno = 0; \ 60 (void)syscall(__VA_ARGS__); \ 61 if (errno == ECAPMODE) \ 62 FAIL("capmode: %s failed with ECAPMODE", #syscall); \ 63} while (0) 64 65int |
63test_capmode(void) 64{ | 66test_capmode(void) 67{ |
65 struct sockaddr_in sin; | |
66 struct statfs statfs; 67 struct stat sb; | 68 struct statfs statfs; 69 struct stat sb; |
68 ssize_t len; | |
69 long sysarch_arg = 0; | 70 long sysarch_arg = 0; |
70 int fd, fd_close, fd_dir, fd_file, fd_socket, fd2[2], ret; | 71 int fd_close, fd_dir, fd_file, fd_socket, fd2[2]; 72 int success = PASSED; |
71 pid_t pid, wpid; 72 char ch; 73 | 73 pid_t pid, wpid; 74 char ch; 75 |
74 fd_file = open("/tmp/cap_test_syscalls", O_RDWR|O_CREAT, 0644); 75 if (fd_file < 0) 76 err(-1, "test_syscalls:prep: open cap_test_syscalls"); | 76 /* Open some files to play with. */ 77 REQUIRE(fd_file = open("/tmp/cap_capmode", O_RDWR|O_CREAT, 0644)); 78 REQUIRE(fd_close = open("/dev/null", O_RDWR)); 79 REQUIRE(fd_dir = open("/tmp", O_RDONLY)); 80 REQUIRE(fd_socket = socket(PF_INET, SOCK_DGRAM, 0)); |
77 | 81 |
78 fd_close = open("/dev/null", O_RDWR); 79 if (fd_close < 0) 80 err(-1, "test_syscalls:prep: open /dev/null"); | 82 /* Enter capability mode. */ 83 REQUIRE(cap_enter()); |
81 | 84 |
82 fd_dir = open("/tmp", O_RDONLY); 83 if (fd_dir < 0) 84 err(-1, "test_syscalls:prep: open /tmp"); | 85 /* 86 * System calls that are not permitted in capability mode. 87 */ 88 CHECK_CAPMODE(access, "/tmp/cap_capmode_access", F_OK); 89 CHECK_CAPMODE(acct, "/tmp/cap_capmode_acct"); 90 CHECK_CAPMODE(bind, PF_INET, NULL, 0); 91 CHECK_CAPMODE(chdir, "/tmp/cap_capmode_chdir"); 92 CHECK_CAPMODE(chflags, "/tmp/cap_capmode_chflags", UF_NODUMP); 93 CHECK_CAPMODE(chmod, "/tmp/cap_capmode_chmod", 0644); 94 CHECK_CAPMODE(chown, "/tmp/cap_capmode_chown", -1, -1); 95 CHECK_CAPMODE(chroot, "/tmp/cap_capmode_chroot"); 96 CHECK_CAPMODE(connect, PF_INET, NULL, 0); 97 CHECK_CAPMODE(creat, "/tmp/cap_capmode_creat", 0644); 98 CHECK_CAPMODE(fchdir, fd_dir); 99 CHECK_CAPMODE(getfsstat, &statfs, sizeof(statfs), MNT_NOWAIT); 100 CHECK_CAPMODE(link, "/tmp/foo", "/tmp/bar"); 101 CHECK_CAPMODE(lstat, "/tmp/cap_capmode_lstat", &sb); 102 CHECK_CAPMODE(mknod, "/tmp/capmode_mknod", 06440, 0); 103 CHECK_CAPMODE(mount, "procfs", "/not_mounted", 0, NULL); 104 CHECK_CAPMODE(open, "/dev/null", O_RDWR); 105 CHECK_CAPMODE(readlink, "/tmp/cap_capmode_readlink", NULL, 0); 106 CHECK_CAPMODE(revoke, "/tmp/cap_capmode_revoke"); 107 CHECK_CAPMODE(stat, "/tmp/cap_capmode_stat", &sb); 108 CHECK_CAPMODE(symlink, 109 "/tmp/cap_capmode_symlink_from", 110 "/tmp/cap_capmode_symlink_to"); 111 CHECK_CAPMODE(unlink, "/tmp/cap_capmode_unlink"); 112 CHECK_CAPMODE(unmount, "/not_mounted", 0); |
85 | 113 |
86 fd_socket = socket(PF_INET, SOCK_DGRAM, 0); 87 if (fd_socket < 0) 88 err(-1, "test_syscalls:prep: socket"); | 114 /* 115 * System calls that are permitted in capability mode. 116 */ 117 CHECK_SYSCALL_SUCCEEDS(close, fd_close); 118 CHECK_SYSCALL_SUCCEEDS(dup, fd_file); 119 CHECK_SYSCALL_SUCCEEDS(fstat, fd_file, &sb); 120 CHECK_SYSCALL_SUCCEEDS(lseek, fd_file, SEEK_SET, 0); 121 CHECK_SYSCALL_SUCCEEDS(msync, &fd_file, 8192, MS_ASYNC); 122 CHECK_SYSCALL_SUCCEEDS(profil, NULL, 0, 0, 0); 123 CHECK_SYSCALL_SUCCEEDS(read, fd_file, &ch, sizeof(ch)); 124 CHECK_SYSCALL_SUCCEEDS(recvfrom, fd_socket, NULL, 0, 0, NULL, NULL); 125 CHECK_SYSCALL_SUCCEEDS(setuid, getuid()); 126 CHECK_SYSCALL_SUCCEEDS(write, fd_file, &ch, sizeof(ch)); |
89 | 127 |
90 if (cap_enter() < 0) 91 err(-1, "test_syscalls:prep: cap_enter"); | 128 /* 129 * These calls will fail for lack of e.g. a proper name to send to, 130 * but they are allowed in capability mode, so errno != ECAPMODE. 131 */ 132 CHECK_NOT_CAPMODE(accept, fd_socket, NULL, NULL); 133 CHECK_NOT_CAPMODE(getpeername, fd_socket, NULL, NULL); 134 CHECK_NOT_CAPMODE(getsockname, fd_socket, NULL, NULL); 135 CHECK_NOT_CAPMODE(fchflags, fd_file, UF_NODUMP); 136 CHECK_NOT_CAPMODE(recvmsg, fd_socket, NULL, 0); 137 CHECK_NOT_CAPMODE(sendmsg, fd_socket, NULL, 0); 138 CHECK_NOT_CAPMODE(sendto, fd_socket, NULL, 0, 0, NULL, 0); |
92 | 139 |
93 94 bzero(&sin, sizeof(sin)); 95 sin.sin_len = sizeof(sin); 96 sin.sin_family = AF_INET; 97 | |
98 /* | 140 /* |
99 * Here begin the tests, sorted roughly alphabetically by system call 100 * name. | 141 * System calls which should be allowed in capability mode, but which 142 * don't return errors, and are thus difficult to check. 143 * 144 * We will try anyway, by checking errno. |
101 */ | 145 */ |
102 fd = accept(fd_socket, NULL, NULL); 103 if (fd < 0) { 104 if (errno == ECAPMODE) 105 warnx("test_syscalls:accept"); 106 } else { 107 warnx("test_syscalls:accept succeeded"); 108 close(fd); 109 } | 146 CHECK_SYSCALL_VOID_NOT_ECAPMODE(getegid); 147 CHECK_SYSCALL_VOID_NOT_ECAPMODE(geteuid); 148 CHECK_SYSCALL_VOID_NOT_ECAPMODE(getgid); 149 CHECK_SYSCALL_VOID_NOT_ECAPMODE(getpid); 150 CHECK_SYSCALL_VOID_NOT_ECAPMODE(getppid); 151 CHECK_SYSCALL_VOID_NOT_ECAPMODE(getuid); |
110 | 152 |
111 if (access("/tmp/cap_test_syscalls_access", F_OK) < 0) { 112 if (errno != ECAPMODE) 113 warn("test_syscalls:access"); 114 } else 115 warnx("test_syscalls:access succeeded"); 116 117 if (acct("/tmp/cap_test_syscalls_acct") < 0) { 118 if (errno != ECAPMODE) 119 warn("test_syscalls:acct"); 120 } else 121 warnx("test_syscalls:acct succeeded"); 122 123 if (bind(PF_INET, (struct sockaddr *)&sin, sizeof(sin)) < 0) { 124 if (errno != ECAPMODE) 125 warn("test_syscall:bind"); 126 } else 127 warnx("test_syscall:bind succeeded"); 128 129 if (chdir("/tmp/cap_test_syscalls_chdir") < 0) { 130 if (errno != ECAPMODE) 131 warn("test_syscalls:chdir"); 132 } else 133 warnx("test_syscalls:chdir succeeded"); 134 135 if (chflags("/tmp/cap_test_syscalls_chflags", UF_NODUMP) < 0) { 136 if (errno != ECAPMODE) 137 warn("test_syscalls:chflags"); 138 } else 139 warnx("test_syscalls:chflags succeeded"); 140 141 if (chmod("/tmp/cap_test_syscalls_chmod", 0644) < 0) { 142 if (errno != ECAPMODE) 143 warn("test_syscalls:chmod"); 144 } else 145 warnx("test_syscalls:chmod succeeded"); 146 147 if (chown("/tmp/cap_test_syscalls_chown", -1, -1) < 0) { 148 if (errno != ECAPMODE) 149 warn("test_syscalls:chown"); 150 } else 151 warnx("test_syscalls:chown succeeded"); 152 153 if (chroot("/tmp/cap_test_syscalls_chroot") < 0) { 154 if (errno != ECAPMODE) 155 warn("test_syscalls:chroot"); 156 } else 157 warnx("test_syscalls:chroot succeeded"); 158 159 if (close(fd_close)) { 160 if (errno == ECAPMODE) 161 warnx("test_syscalls:close"); 162 else 163 warn("test_syscalls:close"); 164 } 165 166 if (connect(PF_INET, (struct sockaddr *)&sin, sizeof(sin)) < 0) { 167 if (errno != ECAPMODE) 168 warn("test_syscall:connect"); 169 } else 170 warnx("test_syscall:connect succeeded"); 171 172 fd = creat("/tmp/cap_test_syscalls_creat", 0644); 173 if (fd >= 0) { 174 warnx("test_syscalls:creat succeeded"); 175 close(fd); 176 } else if (errno != ECAPMODE) 177 warn("test_syscalls:creat"); 178 179 fd = dup(fd_file); 180 if (fd < 0) { 181 if (errno == ECAPMODE) 182 warnx("test_syscalls:dup"); 183 } else 184 close(fd); 185 186 if (fchdir(fd_dir) < 0) { 187 if (errno != ECAPMODE) 188 warn("test_syscall:fchdir"); 189 } else 190 warnx("test_syscalls:fchdir succeeded"); 191 192 if (fchflags(fd_file, UF_NODUMP) < 0) { 193 if (errno == ECAPMODE) 194 warnx("test_syscall:fchflags"); 195 } 196 | 153 /* 154 * Finally, tests for system calls that don't fit the pattern very well. 155 */ |
197 pid = fork(); 198 if (pid >= 0) { 199 if (pid == 0) { 200 exit(0); 201 } else if (pid > 0) { 202 wpid = waitpid(pid, NULL, 0); 203 if (wpid < 0) { 204 if (errno != ECAPMODE) | 156 pid = fork(); 157 if (pid >= 0) { 158 if (pid == 0) { 159 exit(0); 160 } else if (pid > 0) { 161 wpid = waitpid(pid, NULL, 0); 162 if (wpid < 0) { 163 if (errno != ECAPMODE) |
205 warn("test_syscalls:waitpid"); | 164 FAIL("capmode:waitpid"); |
206 } else | 165 } else |
207 warnx("test_syscalls:waitpid succeeded"); | 166 FAIL("capmode:waitpid succeeded"); |
208 } 209 } else | 167 } 168 } else |
210 warn("test_syscalls:fork"); | 169 FAIL("capmode:fork"); |
211 | 170 |
212 if (fstat(fd_file, &sb) < 0) { 213 if (errno == ECAPMODE) 214 warnx("test_syscalls:fstat"); 215 } 216 217 /* 218 * getegid() can't return an error but check for it anyway. 219 */ 220 errno = 0; 221 (void)getegid(); 222 if (errno == ECAPMODE) 223 warnx("test_syscalls:getegid"); 224 225 /* 226 * geteuid() can't return an error but check for it anyway. 227 */ 228 errno = 0; 229 geteuid(); 230 if (errno == ECAPMODE) 231 warnx("test_syscalls:geteuid"); 232 233 if (getfsstat(&statfs, sizeof(statfs), MNT_NOWAIT) < 0) { 234 if (errno != ECAPMODE) 235 warn("test_syscalls:getfsstat"); 236 } else 237 warnx("test_syscalls:getfsstat succeeded"); 238 239 /* 240 * getgid() can't return an error but check for it anyway. 241 */ 242 errno = 0; 243 getgid(); 244 if (errno == ECAPMODE) 245 warnx("test_syscalls:getgid"); 246 247 if (getpeername(fd_socket, NULL, NULL) < 0) { 248 if (errno == ECAPMODE) 249 warnx("test_syscalls:getpeername"); 250 } 251 | |
252 if (getlogin() == NULL) | 171 if (getlogin() == NULL) |
253 warn("test_sycalls:getlogin %d", errno); | 172 FAIL("test_sycalls:getlogin %d", errno); |
254 | 173 |
255 /* 256 * getpid() can't return an error but check for it anyway. 257 */ 258 errno = 0; 259 (void)getpid(); 260 if (errno == ECAPMODE) 261 warnx("test_syscalls:getpid"); 262 263 /* 264 * getppid() can't return an error but check for it anyway. 265 */ 266 errno = 0; 267 (void)getppid(); 268 if (errno == ECAPMODE) 269 warnx("test_syscalls:getppid"); 270 | |
271 if (getsockname(fd_socket, NULL, NULL) < 0) { 272 if (errno == ECAPMODE) | 174 if (getsockname(fd_socket, NULL, NULL) < 0) { 175 if (errno == ECAPMODE) |
273 warnx("test_syscalls:getsockname"); | 176 FAIL("capmode:getsockname"); |
274 } 275 | 177 } 178 |
276 /* 277 * getuid() can't return an error but check for it anyway. 278 */ 279 errno = 0; 280 (void)getuid(); 281 if (errno == ECAPMODE) 282 warnx("test_syscalls:getuid"); 283 | |
284 /* XXXRW: ktrace */ 285 | 179 /* XXXRW: ktrace */ 180 |
286 if (link("/tmp/foo", "/tmp/bar") < 0) { 287 if (errno != ECAPMODE) 288 warn("test_syscalls:link"); 289 } else 290 warnx("test_syscalls:link succeeded"); 291 292 ret = lseek(fd_file, SEEK_SET, 0); 293 if (ret < 0) { 294 if (errno == ECAPMODE) 295 warnx("test_syscalls:lseek"); 296 else 297 warn("test_syscalls:lseek"); 298 } 299 300 if (lstat("/tmp/cap_test_syscalls_lstat", &sb) < 0) { 301 if (errno != ECAPMODE) 302 warn("test_syscalls:lstat"); 303 } else 304 warnx("test_syscalls:lstat succeeded"); 305 306 if (mknod("/tmp/test_syscalls_mknod", 06440, 0) < 0) { 307 if (errno != ECAPMODE) 308 warn("test_syscalls:mknod"); 309 } else 310 warnx("test_syscalls:mknod succeeded"); 311 312 /* 313 * mount() is a bit tricky but do our best. 314 */ 315 if (mount("procfs", "/not_mounted", 0, NULL) < 0) { 316 if (errno != ECAPMODE) 317 warn("test_syscalls:mount"); 318 } else 319 warnx("test_syscalls:mount succeeded"); 320 321 if (msync(&fd_file, 8192, MS_ASYNC) < 0) { 322 if (errno == ECAPMODE) 323 warnx("test_syscalls:msync"); 324 } 325 326 fd = open("/dev/null", O_RDWR); 327 if (fd >= 0) { 328 warnx("test_syscalls:open succeeded"); 329 close(fd); 330 } 331 | |
332 if (pipe(fd2) == 0) { 333 close(fd2[0]); 334 close(fd2[1]); 335 } else if (errno == ECAPMODE) | 181 if (pipe(fd2) == 0) { 182 close(fd2[0]); 183 close(fd2[1]); 184 } else if (errno == ECAPMODE) |
336 warnx("test_syscalls:pipe"); | 185 FAIL("capmode:pipe"); |
337 | 186 |
338 if (profil(NULL, 0, 0, 0) < 0) { 339 if (errno == ECAPMODE) 340 warnx("test_syscalls:profile"); 341 } 342 | |
343 /* XXXRW: ptrace. */ 344 | 187 /* XXXRW: ptrace. */ 188 |
345 len = read(fd_file, &ch, sizeof(ch)); 346 if (len < 0 && errno == ECAPMODE) 347 warnx("test_syscalls:read"); 348 349 if (readlink("/tmp/cap_test_syscalls_readlink", NULL, 0) < 0) { 350 if (errno != ECAPMODE) 351 warn("test_syscalls:readlink"); 352 } else 353 warnx("test_syscalls:readlink succeeded"); 354 355 len = recvfrom(fd_socket, NULL, 0, 0, NULL, NULL); 356 if (len < 0 && errno == ECAPMODE) 357 warnx("test_syscalls:recvfrom"); 358 359 len = recvmsg(fd_socket, NULL, 0); 360 if (len < 0 && errno == ECAPMODE) 361 warnx("test_syscalls:recvmsg"); 362 363 if (revoke("/tmp/cap_test_syscalls_revoke") < 0) { 364 if (errno != ECAPMODE) 365 warn("test_syscalls:revoke"); 366 } else 367 warnx("test_syscalls:revoke succeeded"); 368 369 len = sendmsg(fd_socket, NULL, 0); 370 if (len < 0 && errno == ECAPMODE) 371 warnx("test_syscalls:sendmsg"); 372 373 len = sendto(fd_socket, NULL, 0, 0, NULL, 0); 374 if (len < 0 && errno == ECAPMODE) 375 warn("test_syscalls:sendto(NULL)"); 376 377 if (setuid(getuid()) < 0) { 378 if (errno == ECAPMODE) 379 warnx("test_syscalls:setuid"); 380 } 381 382 if (stat("/tmp/cap_test_syscalls_stat", &sb) < 0) { 383 if (errno != ECAPMODE) 384 warn("test_syscalls:stat"); 385 } else 386 warnx("test_syscalls:stat succeeded"); 387 388 if (symlink("/tmp/cap_test_syscalls_symlink_from", 389 "/tmp/cap_test_syscalls_symlink_to") < 0) { 390 if (errno != ECAPMODE) 391 warn("test_syscalls:symlink"); 392 } else 393 warnx("test_syscalls:symlink succeeded"); 394 | |
395 /* sysarch() is, by definition, architecture-dependent */ | 189 /* sysarch() is, by definition, architecture-dependent */ |
396 if (ARCH_IS("i386") || ARCH_IS("amd64")) { 397 if (sysarch(I386_SET_IOPERM, &sysarch_arg) != -1) 398 warnx("test_syscalls:sysarch succeeded"); 399 else if (errno != ECAPMODE) 400 warn("test_syscalls:sysarch errno != ECAPMODE"); | 190#if defined (__amd64__) || defined (__i386__) 191 CHECK_CAPMODE(sysarch, I386_SET_IOPERM, &sysarch_arg); 192#else 193 /* XXXJA: write a test for arm */ 194 FAIL("capmode:no sysarch() test for current architecture"); 195#endif |
401 | 196 |
402 /* XXXJA: write a test for arm */ 403 } else { 404 warnx("test_syscalls:no sysarch() test for architecture '%s'", MACHINE); 405 } 406 | |
407 /* XXXRW: No error return from sync(2) to test. */ 408 | 197 /* XXXRW: No error return from sync(2) to test. */ 198 |
409 if (unlink("/tmp/cap_test_syscalls_unlink") < 0) { 410 if (errno != ECAPMODE) 411 warn("test_syscalls:unlink"); 412 } else 413 warnx("test_syscalls:unlink succeeded"); 414 415 if (unmount("/not_mounted", 0) < 0) { 416 if (errno != ECAPMODE) 417 warn("test_syscalls:unmount"); 418 } else 419 warnx("test_syscalls:unmount succeeded"); 420 421 len = write(fd_file, &ch, sizeof(ch)); 422 if (len < 0 && errno == ECAPMODE) 423 warnx("test_syscalls:write"); 424 425 exit(0); | 199 return (success); |
426} | 200} |