Age | Commit message (Collapse) | Author |
|
Wrong tests were executed
|
|
|
|
The manpage of seccomp specify that using seccomp with
SECCOMP_SET_MODE_FILTER will return EACCES if the caller do not have
CAP_SYS_ADMIN set, or if the no_new_privileges bit is not set. Hence,
without NoNewPrivilege set, it is impossible to use a SystemCall*
directive with a User directive set in system mode.
Now, NoNewPrivileges is set if we are in user mode, or if we are in
system mode and we don't have CAP_SYS_ADMIN, and SystemCall*
directives are used.
|
|
|
|
+ perl -e 'exit(!(qq{0} eq qq{\x25U}))'
exec-spec-interpolation.service: Main process exited, code=exited, status=1/FAILURE
exec-spec-interpolation.service: Unit entered failed state.
exec-spec-interpolation.service: Failed with result 'exit-code'.
PID: 11270
Start Timestamp: Wed 2016-02-17 22:21:31 UTC
Exit Timestamp: Wed 2016-02-17 22:21:31 UTC
Exit Code: exited
Exit Status: 1
Assertion 'service->main_exec_status.status == status_expected' failed at src/test/test-execute.c:65, function check(). Aborting.
|
|
The ambient capability tests are only run if the kernel has support for
ambient capabilities.
|
|
|
|
We need to check the same thing in multiple tests. Use a shared
macro to make it easier to update the list of errnos.
Change the errno code for "unitialized cgroup fs" for ENOMEDIUM.
Exec format error looks like something more serious.
This fixes test-execute invocation in mock.
|
|
@evverx brought up that test-execute runs under MANAGER_USER which
forwards all its environment variables to the services. It turns out it
only forwards those that were in the environment at the time of manager
creation, so this test was still working.
It was still possible to attack it by running something like:
$ sudo VAR1=a VAR2=b VAR3=c ./test-execute
Prevent that attack by unsetting the three variables explicitly before
creating the manager for the test case.
Also add comments explaining the interactions with MANAGER_USER and,
while it has some caveats, this tests are still valid in that context.
Tested by checking that the test running with the variables set from the
external environment will still pass.
|
|
Check the base case, plus erasing the list, listing the same variable
name more than once and when variables are absent from the manager
execution environment.
Confirmed that `sudo ./test-execute` passes and that modifying the test
cases (or the values of the set variables in test-execute.c) is enough
to make the test cases fail.
|
|
To avoid polluting test/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Introduce personality support for Linux on z Systems to run
particular services with a 64-bit or 31-bit personality.
|
|
When Group is set in the unit, the runtime directories are owned by
this group and not the default group of the user (same for cgroup paths
and standard outputs)
Fix #1231
|
|
|
|
It's primarily just a property of the Manager object after all, and we
try to refer to PID 1 as "manager" instead of "systemd", hence let's to
stick to this here too.
|
|
|
|
- Move to its own file rm-rf.c
- Change parameters into a single flags parameter
- Remove "honour sticky" logic, it's unused these days
|
|
This patch removes includes that are not used. The removals were found with
include-what-you-use which checks if any of the symbols from a header is
in use.
|
|
This reverts commit 68e68ca8106e7cd874682ae425843b48579c6539. We *need*
root access to create cgroups. The only exception is if it is run from
within a cgroup with "Delegate=yes". However, this is not always true and
we really shouldn't rely on this.
If your terminal runs from within a systemd --user instance, you're fine.
Everyone else is not (like running from ssh, VTs, and so on..).
|
|
Only 5 tests cannot be executed if we are not root, so just skip them
but not the whole set.
|
|
|
|
|
|
add tests for the following directives:
- WorkingDirectory
- Personality
- IgnoreSIGPIPE
- PrivateTmp
- SystemCallFilter: It makes test/TEST-04-SECCOMP obsolete, so it has
been removed.
- SystemCallErrorNumber
- User
- Group
- Environment
|