snap-confine

Merge lp://qastaging/~mterry/snap-confine/fix-tests into lp://qastaging/~snappy-dev/snap-confine/trunk

  1. fix-tests
  2. Merge into trunk
Proposed by Michael Terry
Status: Merged
Approved by: John Lenton
Approved revision: 69
Merged at revision: 67
Proposed branch: lp://qastaging/~mterry/snap-confine/fix-tests
Merge into: lp://qastaging/~snappy-dev/snap-confine/trunk
Diff against target: 55 lines (+15/-13)
2 files modified
Makefile (+2/-0)
src/main.c (+13/-13)
To merge this branch: bzr merge lp://qastaging/~mterry/snap-confine/fix-tests
Reviewer Review Type Date Requested Status
Michael Vogt (community) Approve
Tyler Hicks (community) Approve
Review via email: mp+260618@code.qastaging.launchpad.net

Commit message

Fix tests to work again.

Description of the change

Fix tests to work again.

They all rely on passing a command like /bin/true or similar in. But these fail the check that the executable must be in /apps, /frameworks, or /oem.

I fixed the tests by ignoring that check when SNAPPY_LAUNCHER_INSIDE_TESTS is defined. Is doing so a security issue? (i.e. is that check actually important, or just a helpful sanity check?)

I've also enabled tests/test_whitelist to actually run by making it executable. And added a quick 'check' target to the top Makefile.

To post a comment you must log in.
Revision history for this message
Tyler Hicks (tyhicks) wrote :

How about moving the original strstr() tests inside of the if(geteuid() == 0) { ... } block? That will result in the binary path restrictions being in place when the launcher is installed as a setuid root binary. Those restrictions will not be in place during test runs.

Revision history for this message
Michael Terry (mterry) wrote :

That doesn't help with the security side of things (since a malicious user can also skip that block with UBUNTU_CORE_LAUNCHER_NO_ROOT=1).

And checking the binary path isn't otherwise a root-user-thing, right?. So I'm leery of throwing it in that block just to avoid a check for SNAPPY_LAUNCHER_INSIDE_TESTS.

Revision history for this message
Tyler Hicks (tyhicks) wrote :

That does help with the security side of things. A malicious user cannot bypass that block because the binary will be setuid root. geteuid() will always return 0 in production.

lp://qastaging/~mterry/snap-confine/fix-tests updated
67. By Michael Terry

And add test target, so that debuild will automatically run tests

68. By Michael Terry

Undo test target addition, move path-check block inside uid==0 check

Revision history for this message
Michael Terry (mterry) wrote :

Right you are, of course. :)

This setup means that we can't run the tests during build, though, right? Because aren't packages built as root in the buildd?

But anyway, this branch should be suitable now.

lp://qastaging/~mterry/snap-confine/fix-tests updated
69. By Michael Terry

And move related setup code

Revision history for this message
Tyler Hicks (tyhicks) wrote :

Looks good to me!

review: Approve
Revision history for this message
Michael Vogt (mvo) wrote :

Yay!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
The diff is not available at this time. You can reload the page or download it.

Subscribers

People subscribed via source and target branches