git@vger.kernel.org list mirror (unofficial, one of many)
 help / color / mirror / code / Atom feed
a621f1ea5eb12e25d68eed4e605a2d1e8d40e070 blob 1799 bytes (raw)

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
 
#!/bin/sh

test_description='verify safe.directory checks while running as root'

. ./test-lib.sh
. "$TEST_DIRECTORY"/lib-sudo.sh

if [ "$GIT_TEST_ALLOW_SUDO" != "YES" ]
then
	skip_all="You must set env var GIT_TEST_ALLOW_SUDO=YES in order to run this test"
	test_done
fi

if ! test_have_prereq NOT_ROOT
then
	skip_all="These tests do not support running as root"
	test_done
fi

test_lazy_prereq SUDO '
	sudo -n id -u >u &&
	id -u root >r &&
	test_cmp u r &&
	command -v git >u &&
	sudo command -v git >r &&
	test_cmp u r
'

if ! test_have_prereq SUDO
then
	skip_all="Your sudo/system configuration is either too strict or unsupported"
	test_done
fi

test_expect_success SUDO 'setup' '
	sudo rm -rf root &&
	mkdir -p root/r &&
	(
		cd root/r &&
		git init
	)
'

test_expect_success SUDO 'sudo git status as original owner' '
	(
		cd root/r &&
		git status &&
		sudo git status
	)
'

test_expect_success SUDO 'setup root owned repository' '
	sudo mkdir -p root/p &&
	sudo git init root/p
'

test_expect_success 'cannot access if owned by root' '
	(
		cd root/p &&
		test_must_fail git status
	)
'

test_expect_success 'can access if addressed explicitly' '
	(
		cd root/p &&
		GIT_DIR=.git GIT_WORK_TREE=. git status
	)
'

test_expect_failure SUDO 'can access with sudo if root' '
	(
		cd root/p &&
		sudo git status
	)
'

test_expect_success SUDO 'can access with sudo if root by removing SUDO_UID' '
	(
		cd root/p &&
		run_with_sudo <<-END
			unset SUDO_UID &&
			git status
		END
	)
'

test_lazy_prereq SUDO_SUDO '
	sudo sudo id -u >u &&
	id -u root >r &&
	test_cmp u r
'

test_expect_success SUDO_SUDO 'can access with sudo abusing SUDO_UID' '
	(
		cd root/p &&
		sudo sudo git status
	)
'

# this MUST be always the last test
test_expect_success SUDO 'cleanup' '
	sudo rm -rf root
'

test_done
debug log:

solving a621f1ea5eb ...
found a621f1ea5eb in https://80x24.org/mirrors/git.git

Code repositories for project(s) associated with this inbox:

	https://80x24.org/mirrors/git.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).