[systemd.git] / src / test / test-cap-list.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2014 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include "util.h"
#include "log.h"
#include "fileio.h"
#include "cap-list.h"
#include "capability.h"
#include <sys/prctl.h>

/* verify the capability parser */
static void test_cap_list(void) {
        int i;

        assert_se(!capability_to_name(-1));
        assert_se(!capability_to_name(capability_list_length()));

        for (i = 0; i < capability_list_length(); i++) {
                const char *n;

                assert_se(n = capability_to_name(i));
                assert_se(capability_from_name(n) == i);
                printf("%s = %i\n", n, i);
        }

        assert_se(capability_from_name("asdfbsd") == -EINVAL);
        assert_se(capability_from_name("CAP_AUDIT_READ") == CAP_AUDIT_READ);
        assert_se(capability_from_name("cap_audit_read") == CAP_AUDIT_READ);
        assert_se(capability_from_name("cAp_aUdIt_rEAd") == CAP_AUDIT_READ);
        assert_se(capability_from_name("0") == 0);
        assert_se(capability_from_name("15") == 15);
        assert_se(capability_from_name("-1") == -EINVAL);

        for (i = 0; i < capability_list_length(); i++) {
                _cleanup_cap_free_charp_ char *a = NULL;
                const char *b;
                unsigned u;

                assert_se(a = cap_to_name(i));

                /* quit the loop as soon as libcap starts returning
                 * numeric ids, formatted as strings */
                if (safe_atou(a, &u) >= 0)
                        break;

                assert_se(b = capability_to_name(i));

                printf("%s vs. %s\n", a, b);

                assert_se(strcasecmp(a, b) == 0);
        }
}

/* verify cap_last_cap() against /proc/sys/kernel/cap_last_cap */
static void test_last_cap_file(void) {
        _cleanup_free_ char *content = NULL;
        unsigned long val = 0;
        int r;

        r = read_one_line_file("/proc/sys/kernel/cap_last_cap", &content);
        assert_se(r >= 0);

        r = safe_atolu(content, &val);
        assert_se(r >= 0);
        assert_se(val != 0);
        assert_se(val == cap_last_cap());
}

/* verify cap_last_cap() against syscall probing */
static void test_last_cap_probe(void) {
        unsigned long p = (unsigned long)CAP_LAST_CAP;

        if (prctl(PR_CAPBSET_READ, p) < 0) {
                for (p--; p > 0; p --)
                        if (prctl(PR_CAPBSET_READ, p) >= 0)
                                break;
        } else {
                for (;; p++)
                        if (prctl(PR_CAPBSET_READ, p+1) < 0)
                                break;
        }

        assert_se(p != 0);
        assert_se(p == cap_last_cap());
}

int main(int argc, char *argv[]) {
        test_cap_list();
        test_last_cap_file();
        test_last_cap_probe();

        return 0;
}
Commit	Line	Data
f47781d8 MP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2014 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU Lesser General Public License as published by
	10	the Free Software Foundation; either version 2.1 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	Lesser General Public License for more details.
	17
	18	You should have received a copy of the GNU Lesser General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
e735f4d4	22	#include "util.h"
f47781d8	23	#include "log.h"
e735f4d4	24	#include "fileio.h"
f47781d8 MP	25	#include "cap-list.h"
f47781d8 MP	26	#include "capability.h"
e735f4d4	27	#include <sys/prctl.h>
f47781d8	28
e735f4d4 MP	29	/* verify the capability parser */
e735f4d4 MP	30	static void test_cap_list(void) {
f47781d8 MP	31	int i;
	32
	33	assert_se(!capability_to_name(-1));
e735f4d4	34	assert_se(!capability_to_name(capability_list_length()));
f47781d8	35
e735f4d4	36	for (i = 0; i < capability_list_length(); i++) {
f47781d8 MP	37	const char *n;
	38
	39	assert_se(n = capability_to_name(i));
	40	assert_se(capability_from_name(n) == i);
	41	printf("%s = %i\n", n, i);
	42	}
	43
	44	assert_se(capability_from_name("asdfbsd") == -EINVAL);
	45	assert_se(capability_from_name("CAP_AUDIT_READ") == CAP_AUDIT_READ);
e735f4d4 MP	46	assert_se(capability_from_name("cap_audit_read") == CAP_AUDIT_READ);
e735f4d4 MP	47	assert_se(capability_from_name("cAp_aUdIt_rEAd") == CAP_AUDIT_READ);
f47781d8 MP	48	assert_se(capability_from_name("0") == 0);
	49	assert_se(capability_from_name("15") == 15);
	50	assert_se(capability_from_name("-1") == -EINVAL);
	51
e735f4d4 MP	52	for (i = 0; i < capability_list_length(); i++) {
	53	_cleanup_cap_free_charp_ char *a = NULL;
	54	const char *b;
	55	unsigned u;
	56
	57	assert_se(a = cap_to_name(i));
	58
	59	/* quit the loop as soon as libcap starts returning
	60	* numeric ids, formatted as strings */
	61	if (safe_atou(a, &u) >= 0)
	62	break;
	63
	64	assert_se(b = capability_to_name(i));
	65
	66	printf("%s vs. %s\n", a, b);
	67
	68	assert_se(strcasecmp(a, b) == 0);
	69	}
	70	}
	71
	72	/* verify cap_last_cap() against /proc/sys/kernel/cap_last_cap */
	73	static void test_last_cap_file(void) {
	74	_cleanup_free_ char *content = NULL;
	75	unsigned long val = 0;
	76	int r;
	77
	78	r = read_one_line_file("/proc/sys/kernel/cap_last_cap", &content);
	79	assert_se(r >= 0);
	80
	81	r = safe_atolu(content, &val);
	82	assert_se(r >= 0);
	83	assert_se(val != 0);
	84	assert_se(val == cap_last_cap());
	85	}
	86
	87	/* verify cap_last_cap() against syscall probing */
	88	static void test_last_cap_probe(void) {
	89	unsigned long p = (unsigned long)CAP_LAST_CAP;
	90
	91	if (prctl(PR_CAPBSET_READ, p) < 0) {
	92	for (p--; p > 0; p --)
	93	if (prctl(PR_CAPBSET_READ, p) >= 0)
	94	break;
	95	} else {
	96	for (;; p++)
	97	if (prctl(PR_CAPBSET_READ, p+1) < 0)
	98	break;
	99	}
	100
	101	assert_se(p != 0);
	102	assert_se(p == cap_last_cap());
	103	}
	104
	105	int main(int argc, char *argv[]) {
	106	test_cap_list();
	107	test_last_cap_file();
	108	test_last_cap_probe();
	109
f47781d8 MP	110	return 0;
f47781d8 MP	111	}