[systemd.git] / src / test / test-cap-list.c

/* SPDX-License-Identifier: LGPL-2.1+ */
/***
  This file is part of systemd.

  Copyright 2014 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <sys/prctl.h>

#include "alloc-util.h"
#include "cap-list.h"
#include "capability-util.h"
#include "parse-util.h"
#include "string-util.h"
#include "util.h"

/* verify the capability parser */
static void test_cap_list(void) {
        int i;

        assert_se(!capability_to_name(-1));
        assert_se(!capability_to_name(capability_list_length()));

        for (i = 0; i < capability_list_length(); i++) {
                const char *n;

                assert_se(n = capability_to_name(i));
                assert_se(capability_from_name(n) == i);
                printf("%s = %i\n", n, i);
        }

        assert_se(capability_from_name("asdfbsd") == -EINVAL);
        assert_se(capability_from_name("CAP_AUDIT_READ") == CAP_AUDIT_READ);
        assert_se(capability_from_name("cap_audit_read") == CAP_AUDIT_READ);
        assert_se(capability_from_name("cAp_aUdIt_rEAd") == CAP_AUDIT_READ);
        assert_se(capability_from_name("0") == 0);
        assert_se(capability_from_name("15") == 15);
        assert_se(capability_from_name("-1") == -EINVAL);

        for (i = 0; i < capability_list_length(); i++) {
                _cleanup_cap_free_charp_ char *a = NULL;
                const char *b;
                unsigned u;

                assert_se(a = cap_to_name(i));

                /* quit the loop as soon as libcap starts returning
                 * numeric ids, formatted as strings */
                if (safe_atou(a, &u) >= 0)
                        break;

                assert_se(b = capability_to_name(i));

                printf("%s vs. %s\n", a, b);

                assert_se(strcasecmp(a, b) == 0);
        }
}

static void test_capability_set_one(uint64_t c, const char *t) {
        _cleanup_free_ char *t1 = NULL;
        uint64_t c1, c_masked = c & ((UINT64_C(1) << capability_list_length()) - 1);

        assert_se(capability_set_to_string_alloc(c, &t1) == 0);
        assert_se(streq(t1, t));

        assert_se(capability_set_from_string(t1, &c1) == 0);
        assert_se(c1 == c_masked);

        free(t1);
        assert_se(t1 = strjoin("'cap_chown cap_dac_override' \"cap_setgid cap_setuid\"", t,
                               " hogehoge foobar 12345 3.14 -3 ", t));
        assert_se(capability_set_from_string(t1, &c1) == 0);
        assert_se(c1 == c_masked);
}

static void test_capability_set(void) {
        uint64_t c;

        assert_se(capability_set_from_string(NULL, &c) == 0);
        assert_se(c == 0);

        assert_se(capability_set_from_string("", &c) == 0);
        assert_se(c == 0);

        assert_se(capability_set_from_string("0", &c) == 0);
        assert_se(c == UINT64_C(1));

        assert_se(capability_set_from_string("1", &c) == 0);
        assert_se(c == UINT64_C(1) << 1);

        assert_se(capability_set_from_string("0 1 2 3", &c) == 0);
        assert_se(c == (UINT64_C(1) << 4) - 1);

        test_capability_set_one(0, "");
        test_capability_set_one(
                UINT64_C(1) << CAP_DAC_OVERRIDE,
                "cap_dac_override");
        test_capability_set_one(
                UINT64_C(1) << CAP_DAC_OVERRIDE |
                UINT64_C(1) << capability_list_length(),
                "cap_dac_override");
        test_capability_set_one(
                UINT64_C(1) << capability_list_length(), "");
        test_capability_set_one(
                UINT64_C(1) << CAP_CHOWN |
                UINT64_C(1) << CAP_DAC_OVERRIDE |
                UINT64_C(1) << CAP_DAC_READ_SEARCH |
                UINT64_C(1) << CAP_FOWNER |
                UINT64_C(1) << CAP_SETGID |
                UINT64_C(1) << CAP_SETUID |
                UINT64_C(1) << CAP_SYS_PTRACE |
                UINT64_C(1) << CAP_SYS_ADMIN |
                UINT64_C(1) << CAP_AUDIT_CONTROL |
                UINT64_C(1) << CAP_MAC_OVERRIDE |
                UINT64_C(1) << CAP_SYSLOG |
                UINT64_C(1) << (capability_list_length() + 1),
                "cap_chown cap_dac_override cap_dac_read_search cap_fowner "
                "cap_setgid cap_setuid cap_sys_ptrace cap_sys_admin "
                "cap_audit_control cap_mac_override cap_syslog");
}

int main(int argc, char *argv[]) {
        test_cap_list();
        test_capability_set();

        return 0;
}
Commit	Line	Data
52ad194e	1	/* SPDX-License-Identifier: LGPL-2.1+ */
f47781d8 MP	2	/***
	3	This file is part of systemd.
	4
	5	Copyright 2014 Lennart Poettering
	6
	7	systemd is free software; you can redistribute it and/or modify it
	8	under the terms of the GNU Lesser General Public License as published by
	9	the Free Software Foundation; either version 2.1 of the License, or
	10	(at your option) any later version.
	11
	12	systemd is distributed in the hope that it will be useful, but
	13	WITHOUT ANY WARRANTY; without even the implied warranty of
	14	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	15	Lesser General Public License for more details.
	16
	17	You should have received a copy of the GNU Lesser General Public License
	18	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	19	***/
	20
e735f4d4	21	#include <sys/prctl.h>
f47781d8	22
db2df898 MP	23	#include "alloc-util.h"
	24	#include "cap-list.h"
	25	#include "capability-util.h"
db2df898	26	#include "parse-util.h"
f5e65279	27	#include "string-util.h"
db2df898 MP	28	#include "util.h"
db2df898 MP	29
e735f4d4 MP	30	/* verify the capability parser */
e735f4d4 MP	31	static void test_cap_list(void) {
f47781d8 MP	32	int i;
	33
	34	assert_se(!capability_to_name(-1));
e735f4d4	35	assert_se(!capability_to_name(capability_list_length()));
f47781d8	36
e735f4d4	37	for (i = 0; i < capability_list_length(); i++) {
f47781d8 MP	38	const char *n;
	39
	40	assert_se(n = capability_to_name(i));
	41	assert_se(capability_from_name(n) == i);
	42	printf("%s = %i\n", n, i);
	43	}
	44
	45	assert_se(capability_from_name("asdfbsd") == -EINVAL);
	46	assert_se(capability_from_name("CAP_AUDIT_READ") == CAP_AUDIT_READ);
e735f4d4 MP	47	assert_se(capability_from_name("cap_audit_read") == CAP_AUDIT_READ);
e735f4d4 MP	48	assert_se(capability_from_name("cAp_aUdIt_rEAd") == CAP_AUDIT_READ);
f47781d8 MP	49	assert_se(capability_from_name("0") == 0);
	50	assert_se(capability_from_name("15") == 15);
	51	assert_se(capability_from_name("-1") == -EINVAL);
	52
e735f4d4 MP	53	for (i = 0; i < capability_list_length(); i++) {
	54	_cleanup_cap_free_charp_ char *a = NULL;
	55	const char *b;
	56	unsigned u;
	57
	58	assert_se(a = cap_to_name(i));
	59
	60	/* quit the loop as soon as libcap starts returning
	61	* numeric ids, formatted as strings */
	62	if (safe_atou(a, &u) >= 0)
	63	break;
	64
	65	assert_se(b = capability_to_name(i));
	66
	67	printf("%s vs. %s\n", a, b);
	68
	69	assert_se(strcasecmp(a, b) == 0);
	70	}
	71	}
	72
52ad194e MB	73	static void test_capability_set_one(uint64_t c, const char *t) {
	74	_cleanup_free_ char *t1 = NULL;
	75	uint64_t c1, c_masked = c & ((UINT64_C(1) << capability_list_length()) - 1);
e735f4d4	76
52ad194e MB	77	assert_se(capability_set_to_string_alloc(c, &t1) == 0);
52ad194e MB	78	assert_se(streq(t1, t));
e735f4d4	79
52ad194e MB	80	assert_se(capability_set_from_string(t1, &c1) == 0);
52ad194e MB	81	assert_se(c1 == c_masked);
e735f4d4	82
52ad194e MB	83	free(t1);
	84	assert_se(t1 = strjoin("'cap_chown cap_dac_override' \"cap_setgid cap_setuid\"", t,
	85	" hogehoge foobar 12345 3.14 -3 ", t));
	86	assert_se(capability_set_from_string(t1, &c1) == 0);
	87	assert_se(c1 == c_masked);
e735f4d4 MP	88	}
e735f4d4 MP	89
52ad194e MB	90	static void test_capability_set(void) {
	91	uint64_t c;
	92
	93	assert_se(capability_set_from_string(NULL, &c) == 0);
	94	assert_se(c == 0);
	95
	96	assert_se(capability_set_from_string("", &c) == 0);
	97	assert_se(c == 0);
	98
	99	assert_se(capability_set_from_string("0", &c) == 0);
	100	assert_se(c == UINT64_C(1));
	101
	102	assert_se(capability_set_from_string("1", &c) == 0);
	103	assert_se(c == UINT64_C(1) << 1);
	104
	105	assert_se(capability_set_from_string("0 1 2 3", &c) == 0);
	106	assert_se(c == (UINT64_C(1) << 4) - 1);
	107
	108	test_capability_set_one(0, "");
	109	test_capability_set_one(
	110	UINT64_C(1) << CAP_DAC_OVERRIDE,
	111	"cap_dac_override");
	112	test_capability_set_one(
	113	UINT64_C(1) << CAP_DAC_OVERRIDE \|
	114	UINT64_C(1) << capability_list_length(),
	115	"cap_dac_override");
	116	test_capability_set_one(
	117	UINT64_C(1) << capability_list_length(), "");
	118	test_capability_set_one(
	119	UINT64_C(1) << CAP_CHOWN \|
	120	UINT64_C(1) << CAP_DAC_OVERRIDE \|
	121	UINT64_C(1) << CAP_DAC_READ_SEARCH \|
	122	UINT64_C(1) << CAP_FOWNER \|
	123	UINT64_C(1) << CAP_SETGID \|
	124	UINT64_C(1) << CAP_SETUID \|
	125	UINT64_C(1) << CAP_SYS_PTRACE \|
	126	UINT64_C(1) << CAP_SYS_ADMIN \|
	127	UINT64_C(1) << CAP_AUDIT_CONTROL \|
	128	UINT64_C(1) << CAP_MAC_OVERRIDE \|
	129	UINT64_C(1) << CAP_SYSLOG \|
	130	UINT64_C(1) << (capability_list_length() + 1),
	131	"cap_chown cap_dac_override cap_dac_read_search cap_fowner "
	132	"cap_setgid cap_setuid cap_sys_ptrace cap_sys_admin "
	133	"cap_audit_control cap_mac_override cap_syslog");
f5e65279 MB	134	}
f5e65279 MB	135
e735f4d4 MP	136	int main(int argc, char *argv[]) {
e735f4d4 MP	137	test_cap_list();
52ad194e	138	test_capability_set();
e735f4d4	139
f47781d8 MP	140	return 0;
f47781d8 MP	141	}