summaryrefslogtreecommitdiffstats
path: root/src/test/test-acl-util.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Introduce ASSERT_OK_ERRNO()Daan De Meyer2024-04-101-4/+4
| | | | | | ASSERT_OK() is for functions that return negative errno. Let's introduce ASSERT_OK_ERRNO() for syscalls that return -1 and store the error in errno.
* test: Various build environment fixesDaan De Meyer2024-04-091-1/+17
| | | | | | | | All bets are off in build chroots, so let's handle more cases of files or executables that might not be available in build chroots. Specifically, these are all fixes to allow the unit tests to run in the opensuse build chroot.
* test: use FLAGS_SET() in one more placeFrantisek Sumsal2023-12-251-1/+1
|
* execute: fix credential dir handling for fs which support ACLsLennart Poettering2023-07-041-0/+58
| | | | | | | | | | When the credential dir is backed by an fs that supports ACLs we must be more careful with adjusting the 'x' bit of the directory, as any chmod() call on the dir will reset the mask entry of the ACL entirely which we don't want. Hence, do a manual set of ACL changes, that only add/drop the 'x' bit but otherwise leave the ACL as it is. This matters if we use tmpfs rather than ramfs to store credentials.
* test: use _cleanup_ for temp. filesDavid Tardon2023-04-211-2/+2
|
* tree-wide: use -EBADF for fd initializationZbigniew Jędrzejewski-Szmek2022-12-191-1/+1
| | | | | | | | | | | | | | | | -1 was used everywhere, but -EBADF or -EBADFD started being used in various places. Let's make things consistent in the new style. Note that there are two candidates: EBADF 9 Bad file descriptor EBADFD 77 File descriptor in bad state Since we're initializating the fd, we're just assigning a value that means "no fd yet", so it's just a bad file descriptor, and the first errno fits better. If instead we had a valid file descriptor that became invalid because of some operation or state change, the other errno would fit better. In some places, initialization is dropped if unnecessary.
* test: Convert to TEST/TEST_RET macrosJan Janssen2021-11-281-6/+2
| | | | | Note that test-cgroup-mask, test-cgroup-unit-default and test-unit-name will now report being skipped instead of reporting success if not run under systemd.
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* test-acl-util: skip test if /tmp doesn't do ACLsLennart Poettering2020-09-121-5/+9
| | | | Fixes: #17013
* shared/acl-util: convert rd,wr,ex to a bitmaskZbigniew Jędrzejewski-Szmek2020-08-271-3/+3
| | | | | | | | | I find this version much more readable. Add replacement defines so that when acl/libacl.h is not available, the ACL_{READ,WRITE,EXECUTE} constants are also defined. Those constants were declared in the kernel headers already in 1da177e4c3f41524e886b7f1b8a0c1f, so they should be the same pretty much everywhere.
* acl-util: beef up add_acls_for_user()Lennart Poettering2020-08-251-3/+3
| | | | | | Let's add support for controlling r/w/x bits separetely. This is useful for using it to control access to directories, where r + x shall be enabled.
* test-acl-util: output more debug infoZbigniew Jędrzejewski-Szmek2020-08-201-0/+4
| | | | | | | | | | | For some reason this failed in koji build on s390x: --- command --- 16:12:46 PATH='/builddir/build/BUILD/systemd-stable-246.1/s390x-redhat-linux-gnu:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/sbin' SYSTEMD_LANGUAGE_FALLBACK_MAP='/builddir/build/BUILD/systemd-stable-246.1/src/locale/language-fallback-map' SYSTEMD_KBD_MODEL_MAP='/builddir/build/BUILD/systemd-stable-246.1/src/locale/kbd-model-map' /builddir/build/BUILD/systemd-stable-246.1/s390x-redhat-linux-gnu/test-acl-util --- stdout --- -rw-r-----. 1 mockbuild mock 0 Aug 7 16:12 /tmp/test-empty.7RzmEc other::--- --- stderr --- Assertion 'r >= 0' failed at src/test/test-acl-util.c:42, function test_add_acls_for_user(). Aborting.
* util-lib: split out all temporary file related calls into tmpfiles-util.cLennart Poettering2018-12-021-1/+1
| | | | | | | | This splits out a bunch of functions from fileio.c that have to do with temporary files. Simply to make the header files a bit shorter, and to group things more nicely. No code changes, just some rearranging of source files.
* user-util: rework get_user_creds()Lennart Poettering2018-08-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Let's fold get_user_creds_clean() into get_user_creds(), and introduce a flags argument for it to select "clean" behaviour. This flags parameter also learns to other new flags: - USER_CREDS_SYNTHESIZE_FALLBACK: in this mode the user records for root/nobody are only synthesized as fallback. Normally, the synthesized records take precedence over what is in the user database. With this flag set this is reversed, and the user database takes precedence, and the synthesized records are only used if they are missing there. This flag should be set in cases where doing NSS is deemed safe, and where there's interest in knowing the correct shell, for example if the admin changed root's shell to zsh or suchlike. - USER_CREDS_ALLOW_MISSING: if set, and a UID/GID is specified by numeric value, and there's no user/group record for it accept it anyway. This allows us to fix #9767 This then also ports all users to set the most appropriate flags. Fixes: #9767 [zj: remove one isempty() call]
* Drop my copyright headersZbigniew Jędrzejewski-Szmek2018-06-141-3/+0
| | | | | | | perl -i -0pe 's/\s*Copyright © .... Zbigniew Jędrzejewski.*?\n/\n/gms' man/*xml git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/(#\n)?# +Copyright © [0-9, -]+ Zbigniew Jędrzejewski.*?\n//gms' git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/\s*\/\*\*\*\s+Copyright © [0-9, -]+ Zbigniew Jędrzejewski[^\n]*?\s*\*\*\*\/\s*/\n\n/gms' git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/\s+Copyright © [0-9, -]+ Zbigniew Jędrzejewski[^\n]*//gms'
* tree-wide: beautify remaining copyright statementsLennart Poettering2018-06-141-1/+1
| | | | | | Let's unify an beautify our remaining copyright statements, with a unicode ©. This means our copyright statements are now always formatted the same way. Yay.
* tree-wide: drop 'This file is part of systemd' blurbLennart Poettering2018-06-141-2/+0
| | | | | | | | | | | | | | | | This part of the copyright blurb stems from the GPL use recommendations: https://www.gnu.org/licenses/gpl-howto.en.html The concept appears to originate in times where version control was per file, instead of per tree, and was a way to glue the files together. Ultimately, we nowadays don't live in that world anymore, and this information is entirely useless anyway, as people are very welcome to copy these files into any projects they like, and they shouldn't have to change bits that are part of our copyright header for that. hence, let's just get rid of this old cruft, and shorten our codebase a bit.
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-061-13/+0
| | | | | | | | | | Files which are installed as-is (any .service and other unit files, .conf files, .policy files, etc), are left as is. My assumption is that SPDX identifiers are not yet that well known, so it's better to retain the extended header to avoid any doubt. I also kept any copyright lines. We can probably remove them, but it'd nice to obtain explicit acks from all involved authors before doing that.
* test: use NOBODY_USER_NAME instead of hard-coded string "noody"Yu Watanabe2017-12-071-1/+1
|
* Add SPDX license identifiers to source files under the LGPLZbigniew Jędrzejewski-Szmek2017-11-191-0/+1
| | | | | This follows what the kernel is doing, c.f. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5fd54ace4721fc5ce2bb5aef6318fcf17f421460.
* fileio: simplify mkostemp_safe() (#4090)Topi Miettinen2016-09-131-1/+1
| | | | | | According to its manual page, flags given to mkostemp(3) shouldn't include O_RDWR, O_CREAT or O_EXCL flags as these are always included. Beyond those, the only flag that all callers (except a few tests where it probably doesn't matter) use is O_CLOEXEC, so set that unconditionally.
* tree-wide: remove Emacs lines from all filesDaniel Mack2016-02-101-2/+0
| | | | | This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.
* test-acl-util: fix two issues from reviewZbigniew Jędrzejewski-Szmek2015-11-301-1/+3
| | | | https://github.com/systemd/systemd/pull/2063
* test-acl-util: add new testZbigniew Jędrzejewski-Szmek2015-11-291-0/+85
For now, only add_acls_for_user is tested. When run under root, it actually sets the acls. When run under non-root, it sets the acls for the user, which does nothing, but at least calls the functions.