-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathintegration_test.sh
executable file
·168 lines (140 loc) · 4.07 KB
/
integration_test.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
#!/bin/bash
sourcedir=/tmp/addfs
mountp=/tmp/appendmount
origdir=`pwd`
cleanup(){
cd /
sudo killall -q addfs
sudo umount $mountp
sudo rm -rf $sourcedir
sudo rm -rf $mountp
sudo rm /tmp/lastcmd
}
fail(){
echo Tests failed
exit 1
}
expect_denied(){
`eval $@ &> /tmp/lastcmd`
if [ $? == 0 ]; then
echo "Command \"$@\" should have failed but did not."
cat /tmp/lastcmd
fail
fi
}
expect_allowed(){
`eval $@ &> /tmp/lastcmd`
if [ $? -ne 0 ]; then
echo "Command \"$@\" should have worked but did not."
cat /tmp/lastcmd
fail
fi
}
setup(){
echo "Testing ./addfs $sourcedir $mountp $@"
sudo mkdir -p $sourcedir
mkdir -p $mountp
cd $origdir
sudo ./addfs $@ $sourcedir $mountp &
disown
sleep 1
sudo chmod 777 $mountp
cd $mountp
echo "test" > testfile
echo "test123" > testfileb
mkdir testdir
echo "test123" > testdir/testfileb
echo "test" > permtest
}
go build && chmod +x addfs
cleanup &> /dev/null
setup
expect_denied rm testfile
expect_denied rm testfileb
expect_denied rm -rf testdir
expect_denied rm testdir/testfileb
expect_denied 'echo "123" | tee testfile'
expect_denied 'echo "123" | tee -a testfile'
expect_denied 'echo "123" > testdir/testfileb'
expect_denied truncate testfile
expect_denied mv testfile other
expect_denied chown root:root testfile
expect_allowed chmod 777 testfile
expect_allowed cat testfile
expect_allowed cat testdir/testfileb
expect_denied sudo rm testfile
expect_denied sudo rm testfileb
expect_denied sudo rm -rf testdir
expect_denied sudo rm testdir/testfileb
expect_denied sudo 'echo "123" | sudo tee testfile'
expect_denied sudo 'echo "123" | sudo tee -a testfile'
expect_denied sudo truncate testfile
expect_denied sudo mv testfile other
expect_allowed sudo chown root:root testfile
expect_allowed sudo chmod 777 testfile
expect_allowed sudo cat testfile
expect_allowed sudo cat testdir/testfileb
expect_allowed chmod 000 permtest
expect_denied cat permtest
cleanup
setup --allowRootMutation
expect_denied rm testfile
expect_denied rm testfileb
expect_denied rm -rf testdir
expect_denied rm testdir/testfileb
expect_denied 'echo "123" > testfile'
expect_denied 'echo "123" >> testfile'
expect_denied 'echo "123" > testdir/testfileb'
expect_denied chown root:root testfile
expect_allowed ls
expect_allowed chmod 777 testfile
expect_allowed cat testfile
expect_allowed cat testdir/testfileb
expect_allowed sudo 'echo "123" | sudo tee testfile'
expect_allowed sudo 'echo "123" | sudo tee -a testfile'
expect_allowed sudo chown root:root testfile
expect_allowed sudo chmod 777 testfile
expect_allowed sudo cat testfile
expect_allowed sudo cat testdir/testfileb
expect_allowed sudo truncate testfile --size 0
expect_allowed sudo rm testfile
expect_allowed sudo rm testdir/testfileb
expect_allowed sudo rm -rf testdir
expect_allowed sudo mv testfileb other
cleanup
setup --mutableFiles '.*\.tmp$'
expect_denied rm testfile
expect_denied rm testfileb
expect_denied rm -rf testdir
expect_denied rm testdir/testfileb
expect_denied 'echo "123" | tee testfile'
expect_denied 'echo "123" | tee -a testfile'
expect_denied 'echo "123" > testdir/testfileb'
expect_denied truncate testfile
expect_denied mv testfile other
expect_denied chown root:root testfile
expect_allowed chmod 777 testfile
expect_allowed cat testfile
expect_allowed cat testdir/testfileb
expect_allowed 'echo "123aaaa" | tee foo.tmp'
expect_allowed 'echo "123aaaa" | tee foo.tmp'
expect_allowed 'echo "123aaaa" | tee -a foo.tmp'
expect_allowed truncate foo.tmp --size 2
expect_allowed mv foo.tmp bar.tmp
expect_allowed cp bar.tmp bar
expect_allowed rm bar.tmp
expect_denied rm bar
expect_denied sudo rm testfile
expect_denied sudo rm testfileb
expect_denied sudo rm -rf testdir
expect_denied sudo rm testdir/testfileb
expect_denied sudo 'echo "123" | sudo tee testfile'
expect_denied sudo 'echo "123" | sudo tee -a testfile'
expect_denied sudo truncate testfile
expect_denied sudo mv testfile other
expect_allowed sudo chown root:root testfile
expect_allowed sudo chmod 777 testfile
expect_allowed sudo cat testfile
expect_allowed sudo cat testdir/testfileb
cleanup
echo "Tests OK! Cleaning up..."