t_chroot.c revision 313535 
1/* $NetBSD: t_chroot.c,v 1.2 2017/01/10 22:36:29 christos Exp $ */
2
3/*-
4 * Copyright (c) 2011 The NetBSD Foundation, Inc.
5 * All rights reserved.
6 *
7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Jukka Ruohonen.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 *    notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 *    notice, this list of conditions and the following disclaimer in the
17 *    documentation and/or other materials provided with the distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE.
30 */
31#include <sys/cdefs.h>
32__RCSID("$NetBSD: t_chroot.c,v 1.2 2017/01/10 22:36:29 christos Exp $");
33
34#include <sys/wait.h>
35#include <sys/stat.h>
36
37#include <atf-c.h>
38#include <errno.h>
39#include <fcntl.h>
40#include <limits.h>
41#include <pwd.h>
42#include <stdlib.h>
43#include <string.h>
44#include <unistd.h>
45
46ATF_TC(chroot_basic);
47ATF_TC_HEAD(chroot_basic, tc)
48{
49	atf_tc_set_md_var(tc, "descr", "A basic test of chroot(2)");
50	atf_tc_set_md_var(tc, "require.user", "root");
51}
52
53ATF_TC_BODY(chroot_basic, tc)
54{
55	char buf[PATH_MAX];
56	int fd, sta;
57	pid_t pid;
58
59	(void)memset(buf, '\0', sizeof(buf));
60	(void)getcwd(buf, sizeof(buf));
61	(void)strlcat(buf, "/dir", sizeof(buf));
62
63	ATF_REQUIRE(mkdir(buf, 0500) == 0);
64	ATF_REQUIRE(chdir(buf) == 0);
65
66	pid = fork();
67	ATF_REQUIRE(pid >= 0);
68
69	if (pid == 0) {
70
71		if (chroot(buf) != 0)
72			_exit(EXIT_FAILURE);
73
74		errno = 0;
75
76		if (chroot("/root") != -1)
77			_exit(EXIT_FAILURE);
78
79		if (errno != ENOENT)
80			_exit(EXIT_FAILURE);
81
82		fd = open("file", O_RDONLY | O_CREAT, 0600);
83
84		if (fd < 0)
85			_exit(EXIT_FAILURE);
86
87		if (close(fd) != 0)
88			_exit(EXIT_FAILURE);
89
90		_exit(EXIT_SUCCESS);
91	}
92
93	(void)wait(&sta);
94
95	if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
96		atf_tc_fail("chroot(2) failed");
97
98	(void)chdir("/");
99	(void)strlcat(buf, "/file", sizeof(buf));
100
101	fd = open(buf, O_RDONLY);
102
103	if (fd < 0)
104		atf_tc_fail("chroot(2) did not change the root directory");
105
106	ATF_REQUIRE(close(fd) == 0);
107	ATF_REQUIRE(unlink(buf) == 0);
108}
109
110ATF_TC(chroot_err);
111ATF_TC_HEAD(chroot_err, tc)
112{
113	atf_tc_set_md_var(tc, "descr", "Test error conditions of chroot(2)");
114	atf_tc_set_md_var(tc, "require.user", "root");
115}
116
117ATF_TC_BODY(chroot_err, tc)
118{
119	char buf[PATH_MAX + 1];
120
121	(void)memset(buf, 'x', sizeof(buf));
122
123	errno = 0;
124	ATF_REQUIRE_ERRNO(ENAMETOOLONG, chroot(buf) == -1);
125
126	errno = 0;
127	ATF_REQUIRE_ERRNO(EFAULT, chroot((void *)-1) == -1);
128
129	errno = 0;
130	ATF_REQUIRE_ERRNO(ENOENT, chroot("/a/b/c/d/e/f/g/h/i/j") == -1);
131}
132
133ATF_TC(chroot_perm);
134ATF_TC_HEAD(chroot_perm, tc)
135{
136	atf_tc_set_md_var(tc, "descr", "Test permissions with chroot(2)");
137	atf_tc_set_md_var(tc, "require.user", "unprivileged");
138}
139
140ATF_TC_BODY(chroot_perm, tc)
141{
142	static char buf[LINE_MAX];
143	pid_t pid;
144	int sta;
145
146	(void)memset(buf, '\0', sizeof(buf));
147	ATF_REQUIRE(getcwd(buf, sizeof(buf)) != NULL);
148
149	pid = fork();
150	ATF_REQUIRE(pid >= 0);
151
152	if (pid == 0) {
153
154		errno = 0;
155
156		if (chroot(buf) != -1)
157			_exit(EXIT_FAILURE);
158
159		if (errno != EPERM)
160			_exit(EXIT_FAILURE);
161
162		_exit(EXIT_SUCCESS);
163	}
164
165	(void)wait(&sta);
166
167	if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
168		atf_tc_fail("chroot(2) succeeded as unprivileged user");
169}
170
171#ifdef __NetBSD__
172ATF_TC(fchroot_basic);
173ATF_TC_HEAD(fchroot_basic, tc)
174{
175	atf_tc_set_md_var(tc, "descr", "A basic test of fchroot(2)");
176	atf_tc_set_md_var(tc, "require.user", "root");
177}
178
179ATF_TC_BODY(fchroot_basic, tc)
180{
181	char buf[PATH_MAX];
182	int fd, sta;
183	pid_t pid;
184
185	(void)memset(buf, '\0', sizeof(buf));
186	(void)getcwd(buf, sizeof(buf));
187	(void)strlcat(buf, "/dir", sizeof(buf));
188
189	ATF_REQUIRE(mkdir(buf, 0500) == 0);
190	ATF_REQUIRE(chdir(buf) == 0);
191
192	fd = open(buf, O_RDONLY);
193	ATF_REQUIRE(fd >= 0);
194
195	pid = fork();
196	ATF_REQUIRE(pid >= 0);
197
198	if (pid == 0) {
199
200		if (fchroot(fd) != 0)
201			_exit(EXIT_FAILURE);
202
203		if (close(fd) != 0)
204			_exit(EXIT_FAILURE);
205
206		fd = open("file", O_RDONLY | O_CREAT, 0600);
207
208		if (fd < 0)
209			_exit(EXIT_FAILURE);
210
211		if (close(fd) != 0)
212			_exit(EXIT_FAILURE);
213
214		_exit(EXIT_SUCCESS);
215	}
216
217	(void)wait(&sta);
218
219	if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
220		atf_tc_fail("fchroot(2) failed");
221
222	(void)chdir("/");
223	(void)strlcat(buf, "/file", sizeof(buf));
224
225	fd = open(buf, O_RDONLY);
226
227	if (fd < 0)
228		atf_tc_fail("fchroot(2) did not change the root directory");
229
230	ATF_REQUIRE(close(fd) == 0);
231	ATF_REQUIRE(unlink(buf) == 0);
232}
233
234ATF_TC(fchroot_err);
235ATF_TC_HEAD(fchroot_err, tc)
236{
237	atf_tc_set_md_var(tc, "descr", "Test error conditions of fchroot(2)");
238	atf_tc_set_md_var(tc, "require.user", "root");
239}
240
241ATF_TC_BODY(fchroot_err, tc)
242{
243	int fd;
244
245	fd = open("/etc/passwd", O_RDONLY);
246	ATF_REQUIRE(fd >= 0);
247
248	errno = 0;
249	ATF_REQUIRE_ERRNO(EBADF, fchroot(-1) == -1);
250
251	errno = 0;
252	ATF_REQUIRE_ERRNO(ENOTDIR, fchroot(fd) == -1);
253
254	ATF_REQUIRE(close(fd) == 0);
255}
256
257ATF_TC(fchroot_perm);
258ATF_TC_HEAD(fchroot_perm, tc)
259{
260	atf_tc_set_md_var(tc, "descr", "Test permissions with fchroot(2)");
261	atf_tc_set_md_var(tc, "require.user", "root");
262}
263
264ATF_TC_BODY(fchroot_perm, tc)
265{
266	static char buf[LINE_MAX];
267	struct passwd *pw;
268	int fd, sta;
269	pid_t pid;
270
271	(void)memset(buf, '\0', sizeof(buf));
272	ATF_REQUIRE(getcwd(buf, sizeof(buf)) != NULL);
273
274	pw = getpwnam("nobody");
275	fd = open(buf, O_RDONLY);
276
277	ATF_REQUIRE(fd >= 0);
278	ATF_REQUIRE(pw != NULL);
279
280	pid = fork();
281	ATF_REQUIRE(pid >= 0);
282
283	if (pid == 0) {
284
285		(void)setuid(pw->pw_uid);
286
287		errno = 0;
288
289		if (fchroot(fd) != -1)
290			_exit(EXIT_FAILURE);
291
292		if (errno != EPERM)
293			_exit(EXIT_FAILURE);
294
295		_exit(EXIT_SUCCESS);
296	}
297
298	(void)wait(&sta);
299
300	if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
301		atf_tc_fail("fchroot(2) succeeded as unprivileged user");
302}
303#endif
304
305ATF_TP_ADD_TCS(tp)
306{
307
308	ATF_TP_ADD_TC(tp, chroot_basic);
309	ATF_TP_ADD_TC(tp, chroot_err);
310	ATF_TP_ADD_TC(tp, chroot_perm);
311#ifdef __NetBSD__
312	ATF_TP_ADD_TC(tp, fchroot_basic);
313	ATF_TP_ADD_TC(tp, fchroot_err);
314	ATF_TP_ADD_TC(tp, fchroot_perm);
315#endif
316
317	return atf_no_error();
318}
319