cvs commit: httpd-test/perl-framework/Apache-Test Changes

9 Mar 2004 20:43:54 -0000 

stas        2004/03/09 12:43:54

  Modified:    perl-framework/Apache-Test/lib/Apache TestRun.pm
               perl-framework/Apache-Test Changes
  Log:
  When running as 'root' make the client side drop the root permissions
  and run with the same permissions as the server side
  (e.g. nobody). This is needed in case the client side creates any
  files after the initial check (during server side startup and beyond),
  so that the server side could read/write them.
  
  Revision  Changes    Path
  1.157     +21 -0     
httpd-test/perl-framework/Apache-Test/lib/Apache/TestRun.pm
  
  Index: TestRun.pm
  ===================================================================
  RCS file: 
/home/cvs/httpd-test/perl-framework/Apache-Test/lib/Apache/TestRun.pm,v
  retrieving revision 1.156
  retrieving revision 1.157
  diff -u -u -r1.156 -r1.157
  --- TestRun.pm        4 Mar 2004 05:51:31 -0000       1.156
  +++ TestRun.pm        9 Mar 2004 20:43:53 -0000       1.157
  @@ -881,6 +881,7 @@
   
           $self->check_perms($user, $uid, $gid);
   
  +        $self->become_nonroot($user, $uid, $gid);
       }
   }
   
  @@ -986,6 +987,26 @@
           skip_test_suite();
           exit_perl 0;
       }
  +}
  +
  +# in case the client side creates any files after the initial chown
  +# adjustments we want the server side to be able to read/write them, so
  +# they better be with the same permissions. dropping root permissions
  +# and becoming the same user as the server side solves this problem.
  +sub become_nonroot {
  +    my ($self, $user, $uid, $gid) = @_;
  +
  +    warning "the client side drops 'root' permissions and becomes '$user'";
  +
  +    # first must change gid and egid ("$gid $gid" for an empty
  +    # setgroups() call as explained in perlvar.pod)
  +    my $groups = "$gid $gid";
  +    $( = $) = $groups;
  +    die "failed to change gid to $gid" unless $( eq $groups && $) eq $groups;
  +
  +    # only now can change uid and euid
  +    $< = $> = $uid+0;
  +    die "failed to change uid to $uid" unless $< == $uid && $> == $uid;
   }
   
   sub run_request {
  
  
  
  1.108     +6 -0      httpd-test/perl-framework/Apache-Test/Changes
  
  Index: Changes
  ===================================================================
  RCS file: /home/cvs/httpd-test/perl-framework/Apache-Test/Changes,v
  retrieving revision 1.107
  retrieving revision 1.108
  diff -u -u -r1.107 -r1.108
  --- Changes   9 Mar 2004 06:31:05 -0000       1.107
  +++ Changes   9 Mar 2004 20:43:53 -0000       1.108
  @@ -8,6 +8,12 @@
   
   =item 1.10-dev
   
  +When running as 'root' make the client side drop the root permissions
  +and run with the same permissions as the server side
  +(e.g. nobody). This is needed in case the client side creates any
  +files after the initial check (during server side startup and beyond),
  +so that the server side could read/write them. [Stas]
  +
   t_server_log_error_is_expected t_server_log_warn_is_expected
   t_client_log_error_is_expected t_client_log_warn_is_expected
   now support an optional argument, suggesting how many entries

Reply via email to