BIND 10 master, updated. 92ebabdbcf6168666b03d7f7fbb31f899be39322 Merge branch 'trac3056'
BIND 10 source code commits
bind10-changes at lists.isc.org
Fri Jul 19 10:36:00 UTC 2013
The branch, master has been updated
via 92ebabdbcf6168666b03d7f7fbb31f899be39322 (commit)
via d7c133c2e26b0174c96ef48781352feec5f9e03b (commit)
via 949a25220c81c7bd4faed53e0434446c18171ec9 (commit)
via 473c1e672ab88928d1f9bda61a1c2690393c018b (commit)
via da1318c5b12541c6a101408e49108b41c2d4aff1 (commit)
via bf471e6c6228edca829deb48f810944ea650a19b (commit)
via 3c1f096e54e42bb79fec8a28abc6528b3c5fc857 (commit)
from 15471a94d7cd89204b1a7de89398255662590458 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 92ebabdbcf6168666b03d7f7fbb31f899be39322
Merge: 15471a9 d7c133c
Author: Mukund Sivaraman <muks at isc.org>
Date: Fri Jul 19 14:45:13 2013 +0530
Merge branch 'trac3056'
-----------------------------------------------------------------------
Summary of changes:
.../auth/tests/datasrc_clients_builder_unittest.cc | 7 +++++++
src/bin/cmdctl/tests/b10-certgen_test.py | 2 ++
src/bin/cmdctl/tests/cmdctl_test.py | 20 +++++++++++++++-----
src/bin/memmgr/tests/memmgr_test.py | 19 +++++++++++++++++--
src/bin/usermgr/tests/b10-cmdctl-usermgr_test.py | 13 +++++++++++++
.../util/tests/memory_segment_mapped_unittest.cc | 9 +++++++++
6 files changed, 63 insertions(+), 7 deletions(-)
-----------------------------------------------------------------------
diff --git a/src/bin/auth/tests/datasrc_clients_builder_unittest.cc b/src/bin/auth/tests/datasrc_clients_builder_unittest.cc
index 16b23dc..48559ad 100644
--- a/src/bin/auth/tests/datasrc_clients_builder_unittest.cc
+++ b/src/bin/auth/tests/datasrc_clients_builder_unittest.cc
@@ -528,6 +528,13 @@ TEST_F(DataSrcClientsBuilderTest, loadBrokenZone) {
}
TEST_F(DataSrcClientsBuilderTest, loadUnreadableZone) {
+ // If the test is run as the root user, it will fail as insufficient
+ // permissions will not stop the root user from using a file.
+ if (getuid() == 0) {
+ std::cerr << "Skipping test as it's run as the root user" << std::endl;
+ return;
+ }
+
configureZones();
// install the zone file as unreadable
diff --git a/src/bin/cmdctl/tests/b10-certgen_test.py b/src/bin/cmdctl/tests/b10-certgen_test.py
index 56630bc..8054aa1 100644
--- a/src/bin/cmdctl/tests/b10-certgen_test.py
+++ b/src/bin/cmdctl/tests/b10-certgen_test.py
@@ -200,6 +200,8 @@ class TestCertGenTool(unittest.TestCase):
# No such file
self.run_check(105, None, None, [self.TOOL, '-c', 'foo'])
+ @unittest.skipIf(os.getuid() == 0,
+ 'test cannot be run as root user')
def test_permissions(self):
"""
Test some combinations of correct and bad permissions.
diff --git a/src/bin/cmdctl/tests/cmdctl_test.py b/src/bin/cmdctl/tests/cmdctl_test.py
index 4a6b0e3..2dd30c8 100644
--- a/src/bin/cmdctl/tests/cmdctl_test.py
+++ b/src/bin/cmdctl/tests/cmdctl_test.py
@@ -680,11 +680,15 @@ class TestSecureHTTPServer(unittest.TestCase):
# Just some file that we know exists
file_name = BUILD_FILE_PATH + 'cmdctl-keyfile.pem'
check_file(file_name)
- with UnreadableFile(file_name):
- self.assertRaises(CmdctlException, check_file, file_name)
self.assertRaises(CmdctlException, check_file, '/local/not-exist')
self.assertRaises(CmdctlException, check_file, '/')
+ @unittest.skipIf(os.getuid() == 0,
+ 'test cannot be run as root user')
+ def test_check_file_for_unreadable(self):
+ file_name = BUILD_FILE_PATH + 'cmdctl-keyfile.pem'
+ with UnreadableFile(file_name):
+ self.assertRaises(CmdctlException, check_file, file_name)
def test_check_key_and_cert(self):
keyfile = BUILD_FILE_PATH + 'cmdctl-keyfile.pem'
@@ -702,6 +706,15 @@ class TestSecureHTTPServer(unittest.TestCase):
self.assertRaises(CmdctlException, self.server._check_key_and_cert,
'/', certfile)
+ # All OK (also happens to check the context code above works)
+ self.server._check_key_and_cert(keyfile, certfile)
+
+ @unittest.skipIf(os.getuid() == 0,
+ 'test cannot be run as root user')
+ def test_check_key_and_cert_for_unreadable(self):
+ keyfile = BUILD_FILE_PATH + 'cmdctl-keyfile.pem'
+ certfile = BUILD_FILE_PATH + 'cmdctl-certfile.pem'
+
# no read permission
with UnreadableFile(certfile):
self.assertRaises(CmdctlException,
@@ -713,9 +726,6 @@ class TestSecureHTTPServer(unittest.TestCase):
self.server._check_key_and_cert,
keyfile, certfile)
- # All OK (also happens to check the context code above works)
- self.server._check_key_and_cert(keyfile, certfile)
-
def test_wrap_sock_in_ssl_context(self):
sock = socket.socket()
diff --git a/src/bin/memmgr/tests/memmgr_test.py b/src/bin/memmgr/tests/memmgr_test.py
index 3a5c175..3dae17f 100755
--- a/src/bin/memmgr/tests/memmgr_test.py
+++ b/src/bin/memmgr/tests/memmgr_test.py
@@ -137,9 +137,24 @@ class TestMemmgr(unittest.TestCase):
self.assertEqual(1, answer[0])
self.assertIsNotNone(re.search('not a directory', answer[1]))
- # Bad update: directory exists but is not readable.
- os.mkdir(self.__test_mapped_file_dir, 0o500) # drop writable bit
+ @unittest.skipIf(os.getuid() == 0,
+ 'test cannot be run as root user')
+ def test_configure_bad_permissions(self):
+ self.__mgr._setup_ccsession()
+
+ # Pretend specified directories exist and writable
+ os.path.isdir = lambda x: True
+ os.access = lambda x, y: True
+
+ # Initial configuration.
+ self.assertEqual((0, None),
+ parse_answer(self.__mgr._config_handler({})))
+
+ os.path.isdir = self.__orig_isdir
os.access = self.__orig_os_access
+
+ # Bad update: directory exists but is not writable.
+ os.mkdir(self.__test_mapped_file_dir, 0o500) # drop writable bit
user_cfg = {'mapped_file_dir': self.__test_mapped_file_dir}
answer = parse_answer(self.__mgr._config_handler(user_cfg))
self.assertEqual(1, answer[0])
diff --git a/src/bin/usermgr/tests/b10-cmdctl-usermgr_test.py b/src/bin/usermgr/tests/b10-cmdctl-usermgr_test.py
index 0766b7c..2da418d 100644
--- a/src/bin/usermgr/tests/b10-cmdctl-usermgr_test.py
+++ b/src/bin/usermgr/tests/b10-cmdctl-usermgr_test.py
@@ -399,6 +399,19 @@ Options:
'add', 'user1', 'pass1'
])
+ @unittest.skipIf(os.getuid() == 0,
+ 'test cannot be run as root user')
+ def test_bad_file_permissions(self):
+ """
+ Check for graceful handling of bad file argument
+ """
+ # Create the test file
+ self.run_check(0, None, None,
+ [ self.TOOL,
+ '-f', self.OUTPUT_FILE,
+ 'add', 'user1', 'pass1'
+ ])
+
# Make it non-writable (don't worry about cleanup, the
# file should be deleted after each test anyway
os.chmod(self.OUTPUT_FILE, stat.S_IRUSR)
diff --git a/src/lib/util/tests/memory_segment_mapped_unittest.cc b/src/lib/util/tests/memory_segment_mapped_unittest.cc
index c22b59e..8ae6fea 100644
--- a/src/lib/util/tests/memory_segment_mapped_unittest.cc
+++ b/src/lib/util/tests/memory_segment_mapped_unittest.cc
@@ -237,6 +237,15 @@ TEST_F(MemorySegmentMappedTest, allocate) {
}
TEST_F(MemorySegmentMappedTest, badAllocate) {
+ // If the test is run as the root user, the following allocate()
+ // call will result in a successful MemorySegmentGrown exception,
+ // instead of an abort (due to insufficient permissions during
+ // reopen).
+ if (getuid() == 0) {
+ std::cerr << "Skipping test as it's run as the root user" << std::endl;
+ return;
+ }
+
// Make the mapped file non-writable; managed_mapped_file::grow() will
// fail, resulting in abort.
const int ret = chmod(mapped_file, 0444);
More information about the bind10-changes
mailing list