tests: Add a test for bare-user-only failing to commit suid content

We didn't have coverage of this before, and adding the test infrastructure will help ensure we have coverage for more changes here. Closes: #913 Approved by: alexlarsson
ostreedev · Jun 7, 2017 · e85b9b4 · e85b9b4
1 parent 4418ab7
commit e85b9b4
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 1 deletion.
diff --git a/tests/basic-test.sh b/tests/basic-test.sh
@@ -19,7 +19,7 @@
 
 set -euo pipefail
 
-echo "1..66"
+echo "1..$((66 + ${extra_basic_tests:-0}))"
 
 $CMD_PREFIX ostree --version > version.yaml
 python -c 'import yaml; yaml.safe_load(open("version.yaml"))'

diff --git a/tests/test-basic-user-only.sh b/tests/test-basic-user-only.sh
@@ -22,4 +22,28 @@ set -euo pipefail
 . $(dirname $0)/libtest.sh
 
 setup_test_repository "bare-user-only"
+extra_basic_tests=1
 . $(dirname $0)/basic-test.sh
+
+# Reset things so we don't inherit a lot of state from earlier tests
+cd ${test_tmpdir}
+rm repo files -rf
+ostree --repo=repo init --mode=bare-user-only
+
+# Init an archive repo where we'll store content that can't go into bare-user
+cd ${test_tmpdir}
+rm repo-input -rf
+ostree --repo=repo-input init --mode=archive
+cd ${test_tmpdir}
+cat > statoverride.txt <<EOF
+2048 /some-setuid
+EOF
+mkdir -p files/
+echo "a setuid file" > files/some-setuid
+chmod 0644 files/some-setuid
+$CMD_PREFIX ostree --repo=repo-input commit -b content-with-suid --statoverride=statoverride.txt --tree=dir=files
+if $CMD_PREFIX ostree pull-local --repo=repo repo-input 2>err.txt; then
+    assert_not_reached "copying suid file into bare-user worked?"
+fi
+assert_file_has_content err.txt "Invalid mode.*with bits 040.*in bare-user-only"
+echo "ok failed to commit suid"