t_chroot.c revision 272458 
122347Spst/* $NetBSD: t_chroot.c,v 1.1 2011/07/07 06:57:53 jruoho Exp $ */
222347Spst
322347Spst/*-
429964Sache * Copyright (c) 2011 The NetBSD Foundation, Inc.
592906Smarkm * All rights reserved.
622347Spst *
722347Spst * This code is derived from software contributed to The NetBSD Foundation
822347Spst * by Jukka Ruohonen.
922347Spst *
1022347Spst * Redistribution and use in source and binary forms, with or without
1122347Spst * modification, are permitted provided that the following conditions
1222347Spst * are met:
1322347Spst * 1. Redistributions of source code must retain the above copyright
1422347Spst *    notice, this list of conditions and the following disclaimer.
1522347Spst * 2. Redistributions in binary form must reproduce the above copyright
1622347Spst *    notice, this list of conditions and the following disclaimer in the
1722347Spst *    documentation and/or other materials provided with the distribution.
1829964Sache *
1922347Spst * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
2022347Spst * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
2122347Spst * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
2222347Spst * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
2322347Spst * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
2422347Spst * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
2522347Spst * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
2622347Spst * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
2722347Spst * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
2822347Spst * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
2922347Spst * POSSIBILITY OF SUCH DAMAGE.
3022347Spst */
3122347Spst#include <sys/cdefs.h>
3222347Spst__RCSID("$NetBSD: t_chroot.c,v 1.1 2011/07/07 06:57:53 jruoho Exp $");
3322347Spst
3429964Sache#include <sys/wait.h>
3529964Sache
3629964Sache#include <atf-c.h>
3722347Spst#include <errno.h>
3822347Spst#include <fcntl.h>
3922347Spst#include <limits.h>
4022347Spst#include <pwd.h>
4122347Spst#include <stdlib.h>
4222347Spst#include <string.h>
4322347Spst#include <unistd.h>
4422347Spst
4522347SpstATF_TC(chroot_basic);
4622347SpstATF_TC_HEAD(chroot_basic, tc)
4722347Spst{
4822347Spst	atf_tc_set_md_var(tc, "descr", "A basic test of chroot(2)");
4922347Spst	atf_tc_set_md_var(tc, "require.user", "root");
5022347Spst}
5192906Smarkm
5222347SpstATF_TC_BODY(chroot_basic, tc)
5322347Spst{
5422347Spst	char buf[PATH_MAX];
5522347Spst	int fd, sta;
5622347Spst	pid_t pid;
5722347Spst
5822347Spst	(void)memset(buf, '\0', sizeof(buf));
5922347Spst	(void)getcwd(buf, sizeof(buf));
6022347Spst	(void)strlcat(buf, "/dir", sizeof(buf));
6122347Spst
6222347Spst	ATF_REQUIRE(mkdir(buf, 0500) == 0);
6322347Spst	ATF_REQUIRE(chdir(buf) == 0);
6422347Spst
6522347Spst	pid = fork();
6622347Spst	ATF_REQUIRE(pid >= 0);
6722347Spst
6822347Spst	if (pid == 0) {
6922347Spst
7022347Spst		if (chroot(buf) != 0)
7122347Spst			_exit(EXIT_FAILURE);
7222347Spst
7322347Spst		errno = 0;
7422347Spst
7522347Spst		if (chroot("/root") != -1)
7622347Spst			_exit(EXIT_FAILURE);
7722347Spst
7822347Spst		if (errno != ENOENT)
7922347Spst			_exit(EXIT_FAILURE);
8022347Spst
8122347Spst		fd = open("file", O_RDONLY | O_CREAT, 0600);
8222347Spst
8322347Spst		if (fd < 0)
8422347Spst			_exit(EXIT_FAILURE);
8522347Spst
8622347Spst		if (close(fd) != 0)
8722347Spst			_exit(EXIT_FAILURE);
8822347Spst
8922347Spst		_exit(EXIT_SUCCESS);
9022347Spst	}
9122347Spst
9222347Spst	(void)wait(&sta);
9322347Spst
9422347Spst	if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
9522347Spst		atf_tc_fail("chroot(2) failed");
9622347Spst
9722347Spst	(void)chdir("/");
9822347Spst	(void)strlcat(buf, "/file", sizeof(buf));
9922347Spst
10022347Spst	fd = open(buf, O_RDONLY);
10122347Spst
10222347Spst	if (fd < 0)
10322347Spst		atf_tc_fail("chroot(2) did not change the root directory");
10422347Spst
10522347Spst	ATF_REQUIRE(close(fd) == 0);
10622347Spst	ATF_REQUIRE(unlink(buf) == 0);
10722347Spst}
10822347Spst
10922347SpstATF_TC(chroot_err);
11022347SpstATF_TC_HEAD(chroot_err, tc)
11122347Spst{
11222347Spst	atf_tc_set_md_var(tc, "descr", "Test error conditions of chroot(2)");
11322347Spst	atf_tc_set_md_var(tc, "require.user", "root");
11422347Spst}
11522347Spst
11622347SpstATF_TC_BODY(chroot_err, tc)
11722347Spst{
11822347Spst	char buf[PATH_MAX + 1];
11922347Spst
12022347Spst	(void)memset(buf, 'x', sizeof(buf));
12122347Spst
12222347Spst	errno = 0;
12322347Spst	ATF_REQUIRE_ERRNO(ENAMETOOLONG, chroot(buf) == -1);
12422347Spst
12522347Spst	errno = 0;
12622347Spst	ATF_REQUIRE_ERRNO(EFAULT, chroot((void *)-1) == -1);
12722347Spst
12822347Spst	errno = 0;
12922347Spst	ATF_REQUIRE_ERRNO(ENOENT, chroot("/a/b/c/d/e/f/g/h/i/j") == -1);
13022347Spst}
13122347Spst
13222347SpstATF_TC(chroot_perm);
13322347SpstATF_TC_HEAD(chroot_perm, tc)
13422347Spst{
13522347Spst	atf_tc_set_md_var(tc, "descr", "Test permissions with chroot(2)");
13622347Spst	atf_tc_set_md_var(tc, "require.user", "unprivileged");
13722347Spst}
13822347Spst
13922347SpstATF_TC_BODY(chroot_perm, tc)
14022347Spst{
14122347Spst	static char buf[LINE_MAX];
14222347Spst	pid_t pid;
14322347Spst	int sta;
14422347Spst
14522347Spst	(void)memset(buf, '\0', sizeof(buf));
14622347Spst	ATF_REQUIRE(getcwd(buf, sizeof(buf)) != NULL);
14722347Spst
14822347Spst	pid = fork();
14922347Spst	ATF_REQUIRE(pid >= 0);
15022347Spst
15122347Spst	if (pid == 0) {
15222347Spst
15322347Spst		errno = 0;
15422347Spst
15522347Spst		if (chroot(buf) != -1)
15622347Spst			_exit(EXIT_FAILURE);
15722347Spst
15822347Spst		if (errno != EPERM)
15922347Spst			_exit(EXIT_FAILURE);
16022347Spst
16122347Spst		_exit(EXIT_SUCCESS);
16222347Spst	}
16322347Spst
16422347Spst	(void)wait(&sta);
16522347Spst
16622347Spst	if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
16722347Spst		atf_tc_fail("chroot(2) succeeded as unprivileged user");
168}
169
170ATF_TC(fchroot_basic);
171ATF_TC_HEAD(fchroot_basic, tc)
172{
173	atf_tc_set_md_var(tc, "descr", "A basic test of fchroot(2)");
174	atf_tc_set_md_var(tc, "require.user", "root");
175}
176
177ATF_TC_BODY(fchroot_basic, tc)
178{
179	char buf[PATH_MAX];
180	int fd, sta;
181	pid_t pid;
182
183	(void)memset(buf, '\0', sizeof(buf));
184	(void)getcwd(buf, sizeof(buf));
185	(void)strlcat(buf, "/dir", sizeof(buf));
186
187	ATF_REQUIRE(mkdir(buf, 0500) == 0);
188	ATF_REQUIRE(chdir(buf) == 0);
189
190	fd = open(buf, O_RDONLY);
191	ATF_REQUIRE(fd >= 0);
192
193	pid = fork();
194	ATF_REQUIRE(pid >= 0);
195
196	if (pid == 0) {
197
198		if (fchroot(fd) != 0)
199			_exit(EXIT_FAILURE);
200
201		if (close(fd) != 0)
202			_exit(EXIT_FAILURE);
203
204		fd = open("file", O_RDONLY | O_CREAT, 0600);
205
206		if (fd < 0)
207			_exit(EXIT_FAILURE);
208
209		if (close(fd) != 0)
210			_exit(EXIT_FAILURE);
211
212		_exit(EXIT_SUCCESS);
213	}
214
215	(void)wait(&sta);
216
217	if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
218		atf_tc_fail("fchroot(2) failed");
219
220	(void)chdir("/");
221	(void)strlcat(buf, "/file", sizeof(buf));
222
223	fd = open(buf, O_RDONLY);
224
225	if (fd < 0)
226		atf_tc_fail("fchroot(2) did not change the root directory");
227
228	ATF_REQUIRE(close(fd) == 0);
229	ATF_REQUIRE(unlink(buf) == 0);
230}
231
232ATF_TC(fchroot_err);
233ATF_TC_HEAD(fchroot_err, tc)
234{
235	atf_tc_set_md_var(tc, "descr", "Test error conditions of fchroot(2)");
236	atf_tc_set_md_var(tc, "require.user", "root");
237}
238
239ATF_TC_BODY(fchroot_err, tc)
240{
241	int fd;
242
243	fd = open("/etc/passwd", O_RDONLY);
244	ATF_REQUIRE(fd >= 0);
245
246	errno = 0;
247	ATF_REQUIRE_ERRNO(EBADF, fchroot(-1) == -1);
248
249	errno = 0;
250	ATF_REQUIRE_ERRNO(ENOTDIR, fchroot(fd) == -1);
251
252	ATF_REQUIRE(close(fd) == 0);
253}
254
255ATF_TC(fchroot_perm);
256ATF_TC_HEAD(fchroot_perm, tc)
257{
258	atf_tc_set_md_var(tc, "descr", "Test permissions with fchroot(2)");
259	atf_tc_set_md_var(tc, "require.user", "root");
260}
261
262ATF_TC_BODY(fchroot_perm, tc)
263{
264	static char buf[LINE_MAX];
265	struct passwd *pw;
266	int fd, sta;
267	pid_t pid;
268
269	(void)memset(buf, '\0', sizeof(buf));
270	ATF_REQUIRE(getcwd(buf, sizeof(buf)) != NULL);
271
272	pw = getpwnam("nobody");
273	fd = open(buf, O_RDONLY);
274
275	ATF_REQUIRE(fd >= 0);
276	ATF_REQUIRE(pw != NULL);
277
278	pid = fork();
279	ATF_REQUIRE(pid >= 0);
280
281	if (pid == 0) {
282
283		(void)setuid(pw->pw_uid);
284
285		errno = 0;
286
287		if (fchroot(fd) != -1)
288			_exit(EXIT_FAILURE);
289
290		if (errno != EPERM)
291			_exit(EXIT_FAILURE);
292
293		_exit(EXIT_SUCCESS);
294	}
295
296	(void)wait(&sta);
297
298	if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
299		atf_tc_fail("fchroot(2) succeeded as unprivileged user");
300}
301
302ATF_TP_ADD_TCS(tp)
303{
304
305	ATF_TP_ADD_TC(tp, chroot_basic);
306	ATF_TP_ADD_TC(tp, chroot_err);
307	ATF_TP_ADD_TC(tp, chroot_perm);
308	ATF_TP_ADD_TC(tp, fchroot_basic);
309	ATF_TP_ADD_TC(tp, fchroot_err);
310	ATF_TP_ADD_TC(tp, fchroot_perm);
311
312	return atf_no_error();
313}
314