Merge branch 'pass-tests-if-root' into 'master'

Fix test failures when running as root See merge request dbus/dbus!117
author: Simon McVittie <smcv@collabora.com> 2019-07-03 13:42:07 +0000
committer: Simon McVittie <smcv@collabora.com> 2019-07-03 13:42:07 +0000
commit: f73b40b88355eb895fb0654c85938b3e0925ca98 (patch)
tree: d3c5072d4a9d319eb0406c7a7178ae500139ab5d
parent: b8912cf770410a3b3ea183cd03de950a8f0d5991 (diff)
parent: 8421d887aa696c0ddcf4a8dc8ac8a7886dc2b42a (diff)
7 files changed, 61 insertions, 4 deletions
diff --git a/bus/audit.c b/bus/audit.c
index 91f2c5cf..9bfe456a 100644
--- a/bus/audit.c
+++ b/bus/audit.c
@@ -54,6 +54,9 @@ bus_audit_init (BusContext *context)
 #ifdef HAVE_LIBAUDIT
   int i;
 
+  if (audit_fd >= 0)
+    return;
+
   capng_get_caps_process ();
 
   /* Work around a bug in libcap-ng < 0.7.7: it leaks a fd, which isn't
@@ -105,7 +108,11 @@ void
 bus_audit_shutdown (void)
 {
 #ifdef HAVE_LIBAUDIT
-  audit_close (audit_fd);
+  if (audit_fd >= 0)
+    {
+      audit_close (audit_fd);
+      audit_fd = -1;
+    }
 #endif /* HAVE_LIBAUDIT */
 }
 
diff --git a/test/bus/dispatch-sha1.c b/test/bus/dispatch-sha1.c
index 36430012..a32508bc 100644
--- a/test/bus/dispatch-sha1.c
+++ b/test/bus/dispatch-sha1.c
@@ -27,6 +27,7 @@
 
 #include <dbus/dbus-test-tap.h>
 
+#include "bus/audit.h"
 #include "bus/selinux.h"
 #include "test/test-utils.h"
 
@@ -44,6 +45,8 @@ test_post_hook (void)
 {
   if (_dbus_getenv ("DBUS_TEST_SELINUX"))
     bus_selinux_shutdown ();
+
+  bus_audit_shutdown ();
 }
 
 static DBusTestCase test = { "dispatch-sha1", bus_dispatch_sha1_test };
diff --git a/test/bus/dispatch.c b/test/bus/dispatch.c
index 52bf363d..ad6718fe 100644
--- a/test/bus/dispatch.c
+++ b/test/bus/dispatch.c
@@ -27,6 +27,7 @@
 
 #include <dbus/dbus-test-tap.h>
 
+#include "bus/audit.h"
 #include "bus/selinux.h"
 #include "test/test-utils.h"
 
@@ -44,6 +45,8 @@ test_post_hook (void)
 {
   if (_dbus_getenv ("DBUS_TEST_SELINUX"))
     bus_selinux_shutdown ();
+
+  bus_audit_shutdown ();
 }
 
 static DBusTestCase test = { "dispatch", bus_dispatch_test };
diff --git a/test/bus/main.c b/test/bus/main.c
index 77065430..445e9269 100644
--- a/test/bus/main.c
+++ b/test/bus/main.c
@@ -28,6 +28,7 @@
 
 #include <dbus/dbus-test-tap.h>
 
+#include "bus/audit.h"
 #include "bus/selinux.h"
 #include "test/test-utils.h"
 
@@ -45,6 +46,8 @@ test_post_hook (void)
 {
   if (_dbus_getenv ("DBUS_TEST_SELINUX"))
     bus_selinux_shutdown ();
+
+  bus_audit_shutdown ();
 }
 
 static DBusTestCase tests[] =
diff --git a/test/dbus-daemon.c b/test/dbus-daemon.c
index 66447955..e8bdace3 100644
--- a/test/dbus-daemon.c
+++ b/test/dbus-daemon.c
@@ -2653,7 +2653,7 @@ static Config as_another_user_config = {
     NULL, 1, "valid-config-files/as-another-user.conf",
     /* We start the dbus-daemon as root and drop privileges, like the
      * real system bus does */
-    TEST_USER_ROOT, SPECIFY_ADDRESS
+    TEST_USER_ROOT_DROP_TO_MESSAGEBUS, SPECIFY_ADDRESS
 };
 
 #ifdef ENABLE_TRADITIONAL_ACTIVATION
diff --git a/test/test-utils-glib.c b/test/test-utils-glib.c
index 083c9bfc..cac62e35 100644
--- a/test/test-utils-glib.c
+++ b/test/test-utils-glib.c
@@ -126,6 +126,7 @@ spawn_dbus_daemon (const gchar *binary,
           case TEST_USER_ROOT:
             break;
 
+          case TEST_USER_ROOT_DROP_TO_MESSAGEBUS:
           case TEST_USER_MESSAGEBUS:
             pwd = getpwnam (DBUS_USER);
 
@@ -139,6 +140,13 @@ spawn_dbus_daemon (const gchar *binary,
                 return NULL;
               }
 
+            if (user == TEST_USER_ROOT_DROP_TO_MESSAGEBUS)
+              {
+                /* Let the dbus-daemon start as root and drop privileges
+                 * itself */
+                pwd = NULL;
+              }
+
             break;
 
           case TEST_USER_OTHER:
@@ -201,6 +209,24 @@ spawn_dbus_daemon (const gchar *binary,
       &address_fd,
       NULL, /* child's stderr = our stderr */
       &error);
+
+  /* The other uid might not have access to our build directory if we
+   * are building in /root or something */
+  if (user != TEST_USER_ME &&
+      g_getenv ("DBUS_TEST_UNINSTALLED") != NULL &&
+      error != NULL &&
+      error->domain == G_SPAWN_ERROR &&
+      (error->code == G_SPAWN_ERROR_CHDIR ||
+       error->code == G_SPAWN_ERROR_ACCES ||
+       error->code == G_SPAWN_ERROR_PERM))
+    {
+      g_prefix_error (&error, "Unable to launch %s as other user: ",
+          binary);
+      g_test_skip (error->message);
+      g_clear_error (&error);
+      return NULL;
+    }
+
   g_assert_no_error (error);
 
   g_ptr_array_free (argv, TRUE);
@@ -399,6 +425,11 @@ become_other_user (TestUser user,
         username = DBUS_TEST_USER;
         break;
 
+      /* TEST_USER_ROOT_DROP_TO_MESSAGEBUS is only meaningful for
+       * test_get_dbus_daemon(), not as a client */
+      case TEST_USER_ROOT_DROP_TO_MESSAGEBUS:
+        g_return_val_if_reached (FALSE);
+
       case TEST_USER_ME:
       default:
         g_return_val_if_reached (FALSE);
@@ -445,6 +476,11 @@ become_other_user (TestUser user,
             "credentials-passing semantics on this platform");
         return FALSE;
 
+      /* TEST_USER_ROOT_DROP_TO_MESSAGEBUS is only meaningful for
+       * test_get_dbus_daemon(), not as a client */
+      case TEST_USER_ROOT_DROP_TO_MESSAGEBUS:
+        g_return_val_if_reached (FALSE);
+
       case TEST_USER_ME:
       default:
         g_return_val_if_reached (FALSE);
diff --git a/test/test-utils-glib.h b/test/test-utils-glib.h
index ce8171bd..c4a2c543 100644
--- a/test/test-utils-glib.h
+++ b/test/test-utils-glib.h
@@ -45,8 +45,8 @@
  * be run as an arbitrary non-root user, as above.
  *
  * Certain tests can usefully be run again, as root. When this is done,
- * tests using TEST_USER_ROOT, TEST_USER_MESSAGEBUS and/or TEST_USER_OTHER
- * can exercise situations that only arise when there's more than one uid.
+ * tests using a TestUser other than TEST_USER_ME can exercise situations
+ * that only arise when there's more than one uid.
  */
 typedef enum {
     /* Whatever user happens to be running the regression test;
@@ -58,6 +58,11 @@ typedef enum {
      * from configure.ac, usually 'messagebus' but perhaps 'dbus' or
      * '_dbus'. */
     TEST_USER_MESSAGEBUS,
+    /* Run as uid 0, expecting to drop privileges to the user who would
+     * normally run the system bus (so we must skip the test if that user
+     * doesn't exist). Only valid for test_get_dbus_daemon(), not for
+     * test_connect_to_bus_as_user(). */
+    TEST_USER_ROOT_DROP_TO_MESSAGEBUS,
     /* An unprivileged user who is neither root nor DBUS_USER.
      * This is DBUS_TEST_USER from configure.ac, usually 'nobody'. */
     TEST_USER_OTHER
author	Simon McVittie <smcv@collabora.com>	2019-07-03 13:42:07 +0000
committer	Simon McVittie <smcv@collabora.com>	2019-07-03 13:42:07 +0000
commit	f73b40b88355eb895fb0654c85938b3e0925ca98 (patch)
tree	d3c5072d4a9d319eb0406c7a7178ae500139ab5d
parent	b8912cf770410a3b3ea183cd03de950a8f0d5991 (diff)
parent	8421d887aa696c0ddcf4a8dc8ac8a7886dc2b42a (diff)