PERFORCE change 137394 for review
Zhouyi ZHOU
zhouzhouyi at FreeBSD.org
Tue Mar 11 14:01:47 UTC 2008
http://perforce.freebsd.org/chv.cgi?CH=137394
Change 137394 by zhouzhouyi at zhouzhouyi_mactest on 2008/03/11 14:01:06
add setuid and setgid test for MAC Framework follows the example of fstest/fstest.c
Affected files ...
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mactest.c#15 edit
Differences ...
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mactest.c#15 (text+ko) ====
@@ -230,7 +230,7 @@
usage(void)
{
- fprintf(stderr, "usage: mactest -m label_string -f macconf_file syscall args ...\n");
+ fprintf(stderr, "usage: mactest [-u uid] [-g gid1[,gid2[...]]] -m label_string -f macconf_file syscall args ...\n");
exit(1);
}
@@ -549,6 +549,42 @@
return (i);
}
+
+static void
+set_gids(char *gids)
+{
+ gid_t *gidset;
+ long ngroups;
+ char *g, *endp;
+ unsigned i;
+
+ ngroups = sysconf(_SC_NGROUPS_MAX);
+ assert(ngroups > 0);
+ gidset = malloc(sizeof(*gidset) * ngroups);
+ assert(gidset != NULL);
+ for (i = 0, g = strtok(gids, ","); g != NULL; g = strtok(NULL, ","), i++) {
+ if (i >= ngroups) {
+ fprintf(stderr, "too many gids\n");
+ exit(1);
+ }
+ gidset[i] = strtol(g, &endp, 0);
+ if (*endp != '\0' && !isspace((unsigned char)*endp)) {
+ fprintf(stderr, "invalid gid '%s' - number expected\n",
+ g);
+ exit(1);
+ }
+ }
+ if (setgroups(i, gidset) < 0) {
+ fprintf(stderr, "cannot change groups: %s\n", strerror(errno));
+ exit(1);
+ }
+ if (setegid(gidset[0]) < 0) {
+ fprintf(stderr, "cannot change effective gid: %s\n", strerror(errno));
+ exit(1);
+ }
+ free(gidset);
+}
+
int
main(int argc, char *argv[])
{
@@ -560,10 +596,13 @@
int error;
int mactestpipefd;
char buf[2048];
- int ch;
+ char *gids, *endp;
+ int uid, ch;
+ uid = -1;
+ gids = NULL;
- while ((ch = getopt(argc, argv, "m:f:")) != -1) {
+ while ((ch = getopt(argc, argv, "m:f:g:u:")) != -1) {
switch(ch) {
case 'm':
label_string = optarg;
@@ -571,6 +610,17 @@
case 'f':
macconf_file = optarg;
break;
+ case 'g':
+ gids = optarg;
+ break;
+ case 'u':
+ uid = (int)strtol(optarg, &endp, 0);
+ if (*endp != '\0' && !isspace((unsigned char)*endp)) {
+ fprintf(stderr, "invalid uid '%s' - number "
+ "expected\n", optarg);
+ exit(1);
+ }
+ break;
default:
usage();
}
@@ -611,6 +661,18 @@
logfd = open(LOGDEV, O_RDWR);
+ if (gids != NULL) {
+ set_gids(gids);
+ }
+
+ if (uid != -1) {
+ if (setuid(uid) < 0) {
+ fprintf(stderr, "cannot change uid: %s\n",
+ strerror(errno));
+ exit(1);
+ }
+ }
+
/*Begin to log
*/
ioctl(logfd, BEGINLOG, NULL);
More information about the p4-projects
mailing list