Initial commit: Go 1.23 release state
This commit is contained in:
Vorapol Rinsatitnon
187
src/syscall/exec_pdeathsig_test.go
Normal file
187
src/syscall/exec_pdeathsig_test.go
Normal file
@@ -0,0 +1,187 @@
|
||||
// Copyright 2015 The Go Authors. All rights reserved.
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
//go:build freebsd || linux
|
||||
|
||||
package syscall_test
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"fmt"
|
||||
"internal/testenv"
|
||||
"io"
|
||||
"os"
|
||||
"os/exec"
|
||||
"os/signal"
|
||||
"os/user"
|
||||
"path/filepath"
|
||||
"strconv"
|
||||
"strings"
|
||||
"syscall"
|
||||
"testing"
|
||||
)
|
||||
|
||||
// TestDeathSignalSetuid verifies that a command run with a different UID still
|
||||
// receives PDeathsig; it is a regression test for https://go.dev/issue/9686.
|
||||
func TestDeathSignalSetuid(t *testing.T) {
|
||||
if testing.Short() {
|
||||
t.Skipf("skipping test that copies its binary into temp dir")
|
||||
}
|
||||
|
||||
// Copy the test binary to a location that another user can read/execute
|
||||
// after we drop privileges.
|
||||
//
|
||||
// TODO(bcmills): Why do we believe that another users will be able to
|
||||
// execute a binary in this directory? (It could be mounted noexec.)
|
||||
tempDir, err := os.MkdirTemp("", "TestDeathSignal")
|
||||
if err != nil {
|
||||
t.Fatalf("cannot create temporary directory: %v", err)
|
||||
}
|
||||
defer os.RemoveAll(tempDir)
|
||||
os.Chmod(tempDir, 0755)
|
||||
|
||||
tmpBinary := filepath.Join(tempDir, filepath.Base(os.Args[0]))
|
||||
|
||||
src, err := os.Open(os.Args[0])
|
||||
if err != nil {
|
||||
t.Fatalf("cannot open binary %q, %v", os.Args[0], err)
|
||||
}
|
||||
defer src.Close()
|
||||
|
||||
dst, err := os.OpenFile(tmpBinary, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0755)
|
||||
if err != nil {
|
||||
t.Fatalf("cannot create temporary binary %q, %v", tmpBinary, err)
|
||||
}
|
||||
if _, err := io.Copy(dst, src); err != nil {
|
||||
t.Fatalf("failed to copy test binary to %q, %v", tmpBinary, err)
|
||||
}
|
||||
err = dst.Close()
|
||||
if err != nil {
|
||||
t.Fatalf("failed to close test binary %q, %v", tmpBinary, err)
|
||||
}
|
||||
|
||||
cmd := testenv.Command(t, tmpBinary)
|
||||
cmd.Env = append(cmd.Environ(), "GO_DEATHSIG_PARENT=1")
|
||||
chldStdin, err := cmd.StdinPipe()
|
||||
if err != nil {
|
||||
t.Fatalf("failed to create new stdin pipe: %v", err)
|
||||
}
|
||||
chldStdout, err := cmd.StdoutPipe()
|
||||
if err != nil {
|
||||
t.Fatalf("failed to create new stdout pipe: %v", err)
|
||||
}
|
||||
stderr := new(strings.Builder)
|
||||
cmd.Stderr = stderr
|
||||
|
||||
err = cmd.Start()
|
||||
defer func() {
|
||||
chldStdin.Close()
|
||||
cmd.Wait()
|
||||
if stderr.Len() > 0 {
|
||||
t.Logf("stderr:\n%s", stderr)
|
||||
}
|
||||
}()
|
||||
if err != nil {
|
||||
t.Fatalf("failed to start first child process: %v", err)
|
||||
}
|
||||
|
||||
chldPipe := bufio.NewReader(chldStdout)
|
||||
|
||||
if got, err := chldPipe.ReadString('\n'); got == "start\n" {
|
||||
syscall.Kill(cmd.Process.Pid, syscall.SIGTERM)
|
||||
|
||||
want := "ok\n"
|
||||
if got, err = chldPipe.ReadString('\n'); got != want {
|
||||
t.Fatalf("expected %q, received %q, %v", want, got, err)
|
||||
}
|
||||
} else if got == "skip\n" {
|
||||
t.Skipf("skipping: parent could not run child program as selected user")
|
||||
} else {
|
||||
t.Fatalf("did not receive start from child, received %q, %v", got, err)
|
||||
}
|
||||
}
|
||||
|
||||
func deathSignalParent() {
|
||||
var (
|
||||
u *user.User
|
||||
err error
|
||||
)
|
||||
if os.Getuid() == 0 {
|
||||
tryUsers := []string{"nobody"}
|
||||
if testenv.Builder() != "" {
|
||||
tryUsers = append(tryUsers, "gopher")
|
||||
}
|
||||
for _, name := range tryUsers {
|
||||
u, err = user.Lookup(name)
|
||||
if err == nil {
|
||||
break
|
||||
}
|
||||
fmt.Fprintf(os.Stderr, "Lookup(%q): %v\n", name, err)
|
||||
}
|
||||
}
|
||||
if u == nil {
|
||||
// If we couldn't find an unprivileged user to run as, try running as
|
||||
// the current user. (Empirically this still causes the call to Start to
|
||||
// fail with a permission error if running as a non-root user on Linux.)
|
||||
u, err = user.Current()
|
||||
if err != nil {
|
||||
fmt.Fprintln(os.Stderr, err)
|
||||
os.Exit(1)
|
||||
}
|
||||
}
|
||||
|
||||
uid, err := strconv.ParseUint(u.Uid, 10, 32)
|
||||
if err != nil {
|
||||
fmt.Fprintf(os.Stderr, "invalid UID: %v\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
gid, err := strconv.ParseUint(u.Gid, 10, 32)
|
||||
if err != nil {
|
||||
fmt.Fprintf(os.Stderr, "invalid GID: %v\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
cmd := exec.Command(os.Args[0])
|
||||
cmd.Env = append(os.Environ(),
|
||||
"GO_DEATHSIG_PARENT=",
|
||||
"GO_DEATHSIG_CHILD=1",
|
||||
)
|
||||
cmd.Stdin = os.Stdin
|
||||
cmd.Stdout = os.Stdout
|
||||
attrs := syscall.SysProcAttr{
|
||||
Pdeathsig: syscall.SIGUSR1,
|
||||
Credential: &syscall.Credential{Uid: uint32(uid), Gid: uint32(gid)},
|
||||
}
|
||||
cmd.SysProcAttr = &attrs
|
||||
|
||||
fmt.Fprintf(os.Stderr, "starting process as user %q\n", u.Username)
|
||||
if err := cmd.Start(); err != nil {
|
||||
fmt.Fprintln(os.Stderr, err)
|
||||
if testenv.SyscallIsNotSupported(err) {
|
||||
fmt.Println("skip")
|
||||
os.Exit(0)
|
||||
}
|
||||
os.Exit(1)
|
||||
}
|
||||
cmd.Wait()
|
||||
os.Exit(0)
|
||||
}
|
||||
|
||||
func deathSignalChild() {
|
||||
c := make(chan os.Signal, 1)
|
||||
signal.Notify(c, syscall.SIGUSR1)
|
||||
go func() {
|
||||
<-c
|
||||
fmt.Println("ok")
|
||||
os.Exit(0)
|
||||
}()
|
||||
fmt.Println("start")
|
||||
|
||||
buf := make([]byte, 32)
|
||||
os.Stdin.Read(buf)
|
||||
|
||||
// We expected to be signaled before stdin closed
|
||||
fmt.Println("not ok")
|
||||
os.Exit(1)
|
||||
}
|
||||
Reference in New Issue
Block a user