From patchwork Wed May  5 19:13:44 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Arnout Vandecappelle <arnout@mind.be>
X-Patchwork-Id: 1474525
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net
 (client-ip=2605:bc80:3010::137; helo=smtp4.osuosl.org;
 envelope-from=buildroot-bounces@busybox.net; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=mind.be header.i=@mind.be header.a=rsa-sha256
 header.s=google header.b=YjdspOMz;
	dkim-atps=neutral
Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 4Fb5wr1FPkz9sPf
	for <incoming-buildroot@patchwork.ozlabs.org>;
 Thu,  6 May 2021 05:14:02 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by smtp4.osuosl.org (Postfix) with ESMTP id 72FEA402C6;
	Wed,  5 May 2021 19:13:59 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp4.osuosl.org ([127.0.0.1])
	by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id mcvAZ1P8nm2B; Wed,  5 May 2021 19:13:58 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by smtp4.osuosl.org (Postfix) with ESMTP id 84650402C8;
	Wed,  5 May 2021 19:13:57 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137])
 by ash.osuosl.org (Postfix) with ESMTP id 3EA671BF5A1
 for <buildroot@lists.busybox.net>; Wed,  5 May 2021 19:13:56 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp4.osuosl.org (Postfix) with ESMTP id 2DABA40286
 for <buildroot@lists.busybox.net>; Wed,  5 May 2021 19:13:56 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp4.osuosl.org ([127.0.0.1])
 by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 3qIYn4HG6DDV for <buildroot@lists.busybox.net>;
 Wed,  5 May 2021 19:13:55 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.8.0
Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com
 [IPv6:2a00:1450:4864:20::632])
 by smtp4.osuosl.org (Postfix) with ESMTPS id F3E0140280
 for <buildroot@buildroot.org>; Wed,  5 May 2021 19:13:54 +0000 (UTC)
Received: by mail-ej1-x632.google.com with SMTP id u21so4515876ejo.13
 for <buildroot@buildroot.org>; Wed, 05 May 2021 12:13:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mind.be; s=google;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=afAEvhlIeWYGAEKLMIdGGCCfT5W5NhwQYy9624G6YnA=;
 b=YjdspOMzTRc2Vzik6aDK4Aev2yBWpP/UCSSulEcF+SkuWn0UwTsZ0AEOrZuYLLVnpM
 M/EJVx49FCb2r0c3kjxpngXaWu4DJWXZf2EbpFQL4fJhh3dR18vWNPjKu36ElQj97FCL
 Ml+5hp4vY1fSnvQiCSunhS8SfKN0FMKul3qPDOJDKUCHqnPZAN1JatTiRQD77AU3KN+v
 dMIxCjv4xgJeiiYvx1ToObDGJ45LJgVnA5k7+nzOZYxGzsZEA8h42RuDZaFKMkJ89Dd2
 NEdnVuPKW6H2SRRPV6uOwX9mVYAcdzyQ2Qq8mwDA48e91GjIqUfRSgFj3sEdfUYuwryJ
 91Xg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=afAEvhlIeWYGAEKLMIdGGCCfT5W5NhwQYy9624G6YnA=;
 b=Yi13RHbRAg+f0TQldwMErc4O1pB4jydzxnXN0BGXt8igqSIDm2FIRUwgxht++7y8y2
 Dr0j0WuVa3BdDKxbwZKJ7ENJcfjUKw5bc1Fj8wMl9EbwpPwCbHo0kEsC6VxvDxvgunMl
 OtJ8tht6JPnjmLBSqYX9M9bs9ya31cIeRGpy2B54oai0xGymCYG/d7oEkolEuatznzpW
 /Bdoaz+TblMBML3gpZjx+G9RTn3T5JE45aZf7iGMkR7j0lCzILEBHME8H5ojh8FXgfmS
 6pOihUhmzr7S0hQil0zhKkY+2IKpvzTlLp6LsvWBzV7LIU6JXBKmkXHZz03Bd8GE6aPZ
 cxEQ==
X-Gm-Message-State: AOAM530K0SVefW0b9pFNvRxv9J5ASTRYwsW3mKKTk962DB0m5yGCtM2L
 Op4X+QlysEzAGuj8UyZW1ni6YTWkjJQAnMEM
X-Google-Smtp-Source: 
 ABdhPJwKPjGJlXEiL0H5tEps6liks0NfjVPKqR2esaIxhNX+XpUDZt2pr2dg004/9Pyyc6ka5uojHg==
X-Received: by 2002:a17:906:26d4:: with SMTP id
 u20mr332239ejc.114.1620242033040;
 Wed, 05 May 2021 12:13:53 -0700 (PDT)
Received: from localhost.localdomain
 (ptr-a4jp2u91t84gpm8in3b.18120a2.ip6.access.telenet.be.
 [2a02:1811:517c:9400:c77d:bbb8:ede4:f567])
 by smtp.gmail.com with ESMTPSA id t14sm86122ejc.121.2021.05.05.12.13.52
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 05 May 2021 12:13:52 -0700 (PDT)
From: "Arnout Vandecappelle (Essensium/Mind)" <arnout@mind.be>
To: buildroot@buildroot.org
Date: Wed,  5 May 2021 21:13:44 +0200
Message-Id: <20210505191344.2108832-1-arnout@mind.be>
X-Mailer: git-send-email 2.30.2
MIME-Version: 1.0
Subject: [Buildroot] [PATCH] support/testing: add sudo package test
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=subscribe>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Create a new user 'sudotest' to validate that sudo really works (i.e.
properly has setuid).

Creating the user and adding it to sudoers is done at runtime, otherwise
we'd need to add extra files to the config which complicates things a
little bit.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
---
 support/testing/tests/package/test_sudo.py | 36 ++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 support/testing/tests/package/test_sudo.py

diff --git a/support/testing/tests/package/test_sudo.py b/support/testing/tests/package/test_sudo.py
new file mode 100644
index 0000000000..f9d0a6f301
--- /dev/null
+++ b/support/testing/tests/package/test_sudo.py
@@ -0,0 +1,36 @@
+import os
+
+import infra.basetest
+
+
+class TestSudo(infra.basetest.BRTest):
+    config = infra.basetest.BASIC_TOOLCHAIN_CONFIG + \
+        """
+        BR2_PACKAGE_SUDO=y
+        BR2_TARGET_ROOTFS_CPIO=y
+        # BR2_TARGET_ROOTFS_TAR is not set
+        """
+
+    def test_run(self):
+        img = os.path.join(self.builddir, "images", "rootfs.cpio")
+        self.emulator.boot(arch="armv5",
+                           kernel="builtin",
+                           options=["-initrd", img])
+        self.emulator.login()
+
+        # -D    don't set a password
+        # -h    set home directory
+        # -H    don't create home directory
+        # -s    set shell
+        _, exit_code = self.emulator.run("adduser -D -h /tmp -H -s /bin/sh sudotest")
+        self.assertEqual(exit_code, 0)
+
+        _, exit_code = self.emulator.run("echo 'sudotest ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers")
+        self.assertEqual(exit_code, 0)
+
+        output, exit_code = self.emulator.run("su - sudotest -c 'echo hello world'")
+        self.assertEqual(output, ["hello world"])
+
+        output, exit_code = self.emulator.run("su - sudotest -c 'sudo echo hello world'")
+        self.assertEqual(exit_code, 0)
+        self.assertEqual(output, ["hello world"])