libamxrt  0.4.2
Ambiorix Run Time Library
Functions
test_amxrt_caps.h File Reference
#include <amxrt/amxrt.h>
#include <amxc/amxc.h>
#include <amxp/amxp.h>
#include <amxd/amxd_object.h>
#include <amxo/amxo.h>

Go to the source code of this file.

Functions

int test_caps_setup (UNUSED void **state)
 
int test_caps_teardown (UNUSED void **state)
 
void test_caps_switch_user_group (UNUSED void **state)
 
void test_caps_use_null_user_group (UNUSED void **state)
 
void test_caps_use_non_existing_user_group (UNUSED void **state)
 
void test_caps_use_user_and_group_id (UNUSED void **state)
 
void test_caps_can_keep_capabilities (UNUSED void **state)
 
void test_caps_unknown_capabilities_are_ignored (UNUSED void **state)
 
void test_caps_can_use_capability_ids (UNUSED void **state)
 
void test_caps_invalid_capability_ids_are_ignored (UNUSED void **state)
 
void test_caps_update_capability_can_fail (UNUSED void **state)
 
void test_caps_apply_can_fail (UNUSED void **state)
 
void test_caps_can_dump_capabilities (UNUSED void **state)
 

Function Documentation

◆ test_caps_apply_can_fail()

void test_caps_apply_can_fail ( UNUSED void **  state)

Definition at line 277 of file test_amxrt_caps.c.

277  {
278  amxc_var_t* config = amxrt_get_config();
279  amxc_var_t* privileges = amxc_var_add_key(amxc_htable_t, config, "privileges", NULL);
280  amxc_var_t* capabilities = amxc_var_add_key(amxc_llist_t, privileges, "capabilities", NULL);
281 
282  amxc_var_add(cstring_t, capabilities, "CAP_CHOWN");
283  amxc_var_add(cstring_t, capabilities, "CAP_KILL");
284 
285  will_return_always(__wrap_capng_update, 0);
286  will_return_always(__wrap_capng_apply, -1);
287 
288  assert_int_not_equal(amxrt_caps_apply(), 0);
289 
290  amxc_var_delete(&privileges);
291 }
amxrt_caps_apply
int amxrt_caps_apply(void)
Apply the user, group and capabilities as defined in the configuration.
Definition: amxrt_cap.c:101
amxrt_get_config
amxc_var_t * amxrt_get_config(void)
Gets the htable variant containing the configuration options.
Definition: amxrt.c:301
__wrap_capng_update
int __wrap_capng_update(capng_act_t action, capng_type_t type, unsigned int capability)
__wrap_capng_apply
int __wrap_capng_apply(capng_select_t set)
config
config
Definition: test.odl:54

◆ test_caps_can_dump_capabilities()

void test_caps_can_dump_capabilities ( UNUSED void **  state)

Definition at line 293 of file test_amxrt_caps.c.

293  {
294  assert_int_equal(__real_capng_get_caps_process(), 0);
295 
296  amxrt_caps_dump();
297 }
amxrt_caps_dump
void amxrt_caps_dump(void)
Dumps the capabilities of the process.
Definition: amxrt_cap.c:180
__real_capng_get_caps_process
int __real_capng_get_caps_process(void)

◆ test_caps_can_keep_capabilities()

void test_caps_can_keep_capabilities ( UNUSED void **  state)

Definition at line 190 of file test_amxrt_caps.c.

190  {
191  amxc_var_t* config = amxrt_get_config();
192  amxc_var_t* privileges = amxc_var_add_key(amxc_htable_t, config, "privileges", NULL);
193  amxc_var_t* capabilities = amxc_var_add_key(amxc_llist_t, privileges, "capabilities", NULL);
194 
195  amxc_var_add(cstring_t, capabilities, "CAP_CHOWN");
196  amxc_var_add(cstring_t, capabilities, "CAP_KILL");
197 
198  will_return_always(__wrap_capng_update, 0);
199  will_return_always(__wrap_capng_apply, 0);
200 
201  assert_int_equal(amxrt_caps_apply(), 0);
202 
203  amxc_var_set_type(capabilities, AMXC_VAR_ID_LIST);
204  amxc_var_add(cstring_t, capabilities, "chown");
205  amxc_var_add(cstring_t, capabilities, "KILL");
206 
207  assert_int_equal(amxrt_caps_apply(), 0);
208 
209  amxc_var_delete(&privileges);
210 }

◆ test_caps_can_use_capability_ids()

void test_caps_can_use_capability_ids ( UNUSED void **  state)

Definition at line 229 of file test_amxrt_caps.c.

229  {
230  amxc_var_t* config = amxrt_get_config();
231  amxc_var_t* privileges = amxc_var_add_key(amxc_htable_t, config, "privileges", NULL);
232  amxc_var_t* capabilities = amxc_var_add_key(amxc_llist_t, privileges, "capabilities", NULL);
233 
234  amxc_var_add(uint32_t, capabilities, 0);
235  amxc_var_add(uint32_t, capabilities, 10);
236 
237  will_return_always(__wrap_capng_apply, 0);
238 
239  will_return_always(__wrap_capng_update, 0);
240 
241  assert_int_equal(amxrt_caps_apply(), 0);
242 
243  amxc_var_delete(&privileges);
244 }

◆ test_caps_invalid_capability_ids_are_ignored()

void test_caps_invalid_capability_ids_are_ignored ( UNUSED void **  state)

Definition at line 246 of file test_amxrt_caps.c.

246  {
247  amxc_var_t* config = amxrt_get_config();
248  amxc_var_t* privileges = amxc_var_add_key(amxc_htable_t, config, "privileges", NULL);
249  amxc_var_t* capabilities = amxc_var_add_key(amxc_llist_t, privileges, "capabilities", NULL);
250 
251  amxc_var_add(int32_t, capabilities, -1);
252  amxc_var_add(int32_t, capabilities, 25000);
253 
254  will_return_always(__wrap_capng_apply, 0);
255 
256  assert_int_equal(amxrt_caps_apply(), 0);
257 
258  amxc_var_delete(&privileges);
259 }

◆ test_caps_setup()

int test_caps_setup ( UNUSED void **  state)

Definition at line 121 of file test_amxrt_caps.c.

121  {
122  amxrt_new();
123  return 0;
124 }
amxrt_new
void amxrt_new(void)
Create the ambiorix runtime.
Definition: amxrt.c:313

◆ test_caps_switch_user_group()

void test_caps_switch_user_group ( UNUSED void **  state)

Definition at line 131 of file test_amxrt_caps.c.

131  {
132  amxc_var_t* config = amxrt_get_config();
133  amxc_var_t* privileges = amxc_var_add_key(amxc_htable_t, config, "privileges", NULL);
134 
135  amxc_var_add_key(cstring_t, privileges, "user", "webadmin");
136  amxc_var_add_key(cstring_t, privileges, "group", "webui");
137 
138  expect_string(__wrap_getpwnam, name, "webadmin");
139  expect_string(__wrap_getgrnam, name, "webui");
140 
141  assert_int_equal(amxrt_caps_apply(), 0);
142 
143  amxc_var_delete(&privileges);
144 }
__wrap_getpwnam
struct passwd * __wrap_getpwnam(const char *__name)
Definition: test_amxrt_caps.c:95
__wrap_getgrnam
struct group * __wrap_getgrnam(const char *__name)
Definition: test_amxrt_caps.c:108

◆ test_caps_teardown()

int test_caps_teardown ( UNUSED void **  state)

Definition at line 126 of file test_amxrt_caps.c.

126  {
127  amxrt_delete();
128  return 0;
129 }
amxrt_delete
void amxrt_delete(void)
Clean-up ambiorix runtime.
Definition: amxrt.c:378

◆ test_caps_unknown_capabilities_are_ignored()

void test_caps_unknown_capabilities_are_ignored ( UNUSED void **  state)

Definition at line 212 of file test_amxrt_caps.c.

212  {
213  amxc_var_t* config = amxrt_get_config();
214  amxc_var_t* privileges = amxc_var_add_key(amxc_htable_t, config, "privileges", NULL);
215  amxc_var_t* capabilities = amxc_var_add_key(amxc_llist_t, privileges, "capabilities", NULL);
216 
217  amxc_var_add(cstring_t, capabilities, "CAP_DUMMY");
218 
219  amxc_var_set_type(capabilities, AMXC_VAR_ID_LIST);
220  amxc_var_add(cstring_t, capabilities, "dummy");
221 
222  will_return_always(__wrap_capng_apply, 0);
223 
224  assert_int_equal(amxrt_caps_apply(), 0);
225 
226  amxc_var_delete(&privileges);
227 }

◆ test_caps_update_capability_can_fail()

void test_caps_update_capability_can_fail ( UNUSED void **  state)

Definition at line 261 of file test_amxrt_caps.c.

261  {
262  amxc_var_t* config = amxrt_get_config();
263  amxc_var_t* privileges = amxc_var_add_key(amxc_htable_t, config, "privileges", NULL);
264  amxc_var_t* capabilities = amxc_var_add_key(amxc_llist_t, privileges, "capabilities", NULL);
265 
266  amxc_var_add(cstring_t, capabilities, "CAP_KILL");
267 
268  will_return_always(__wrap_capng_update, -1);
269 
270  will_return_always(__wrap_capng_apply, 0);
271 
272  assert_int_equal(amxrt_caps_apply(), 0);
273 
274  amxc_var_delete(&privileges);
275 }

◆ test_caps_use_non_existing_user_group()

void test_caps_use_non_existing_user_group ( UNUSED void **  state)

Definition at line 163 of file test_amxrt_caps.c.

163  {
164  amxc_var_t* config = amxrt_get_config();
165  amxc_var_t* privileges = amxc_var_add_key(amxc_htable_t, config, "privileges", NULL);
166 
167  amxc_var_add_key(cstring_t, privileges, "user", "non-existing");
168  amxc_var_add_key(cstring_t, privileges, "group", "fake-group");
169 
170  expect_string(__wrap_getpwnam, name, "non-existing");
171  expect_string(__wrap_getgrnam, name, "fake-group");
172 
173  assert_int_equal(amxrt_caps_apply(), 0);
174 
175  amxc_var_delete(&privileges);
176 }

◆ test_caps_use_null_user_group()

void test_caps_use_null_user_group ( UNUSED void **  state)

Definition at line 146 of file test_amxrt_caps.c.

146  {
147  amxc_var_t* config = amxrt_get_config();
148  amxc_var_t* privileges = amxc_var_add_key(amxc_htable_t, config, "privileges", NULL);
149  amxc_var_t* group = amxc_var_add_new_key(privileges, "group");
150 
151  amxc_var_add_new_key(privileges, "user");
152 
153  assert_int_equal(amxrt_caps_apply(), 0);
154 
155  amxc_var_set(cstring_t, group, "webui");
156  expect_string(__wrap_getgrnam, name, "webui");
157 
158  assert_int_equal(amxrt_caps_apply(), 0);
159 
160  amxc_var_delete(&privileges);
161 }

◆ test_caps_use_user_and_group_id()

void test_caps_use_user_and_group_id ( UNUSED void **  state)

Definition at line 178 of file test_amxrt_caps.c.

178  {
179  amxc_var_t* config = amxrt_get_config();
180  amxc_var_t* privileges = amxc_var_add_key(amxc_htable_t, config, "privileges", NULL);
181 
182  amxc_var_add_key(uint32_t, privileges, "user", 100);
183  amxc_var_add_key(uint32_t, privileges, "group", 100);
184 
185  assert_int_equal(amxrt_caps_apply(), 0);
186 
187  amxc_var_delete(&privileges);
188 }