1 files changed, 99 insertions, 0 deletions
diff --git a/src/jailtest/virtual.c b/src/jailtest/virtual.c
new file mode 100644
index 000000000..48296fdb1
--- /dev/null
+++ b/src/jailtest/virtual.c
@@ -0,0 +1,99 @@
+#include "jailtest.h"
+#include <dirent.h>
+#include <sys/wait.h>
+#define MAX_TEST_FILES 16
+static char *dirs[MAX_TEST_FILES];
+static char *files[MAX_TEST_FILES];
+static int files_cnt = 0;
+void virtual_setup(const char *directory) {
+        // I am root!
+        assert(directory);
+        assert(*directory == '/');
+        assert(files_cnt < MAX_TEST_FILES);
+        // try to open the dir as root
+        DIR *dir = opendir(directory);
+        if (!dir) {
+                fprintf(stderr, "Warning: directory %s not found, skipping\n", directory);
+                return;
+        }
+        closedir(dir);
+        // create a test file
+        char *test_file;
+        if (asprintf(&test_file, "%s/jailtest-private-%d", directory, getpid()) == -1)
+                errExit("asprintf");
+        FILE *fp = fopen(test_file, "w");
+        if (!fp) {
+                printf("Warning: I cannot create test file in directory %s, skipping...\n", directory);
+                return;
+        }
+        fprintf(fp, "this file was created by firetest utility, you can safely delete it\n");
+        fclose(fp);
+        if (strcmp(directory, user_home_dir) == 0) {
+                int rv = chown(test_file, user_uid, user_gid);
+                if (rv)
+                        errExit("chown");
+        }
+        char *dname = strdup(directory);
+        if (!dname)
+                errExit("strdup");
+        dirs[files_cnt] = dname;
+        files[files_cnt] = test_file;
+        files_cnt++;
+}
+void virtual_destroy(void) {
+        // remove test files
+        int i;
+        for (i = 0; i < files_cnt; i++) {
+                int rv = unlink(files[i]);
+                (void) rv;
+        }
+        files_cnt = 0;
+}
+void virtual_test(void) {
+        // I am root in sandbox mount namespace
+        assert(user_uid);
+        int i;
+        printf("   Virtual dirs: "); fflush(0);
+        for (i = 0; i < files_cnt; i++) {
+                assert(files[i]);
+                // I am root!
+                pid_t child = fork();
+                if (child == -1)
+                        errExit("fork");
+                if (child == 0) { // child
+                        // drop privileges
+                        if (setgid(user_gid) != 0)
+                                errExit("setgid");
+                        if (setuid(user_uid) != 0)
+                                errExit("setuid");
+                        // try to open the file for reading
+                        FILE *fp = fopen(files[i], "r");
+                        if (fp)
+                                fclose(fp);
+                        else
+                                printf("%s, ", dirs[i]);
+                        fflush(0);
+                        exit(0);
+                }
+                // wait for the child to finish
+                int status;
+                wait(&status);
+        }
+        printf("\n");
+}

diff --git a/src/jailtest/virtual.c b/src/jailtest/virtual.c new file mode 100644 index 000000000..48296fdb1 --- /dev/null +++ b/src/jailtest/virtual.c
@@ -0,0 +1,99 @@
	1	#include "jailtest.h"
	2	#include <dirent.h>
	3	#include <sys/wait.h>
	4
	5
	6	#define MAX_TEST_FILES 16
	7	static char *dirs[MAX_TEST_FILES];
	8	static char *files[MAX_TEST_FILES];
	9	static int files_cnt = 0;
	10
	11	void virtual_setup(const char *directory) {
	12	// I am root!
	13	assert(directory);
	14	assert(*directory == '/');
	15	assert(files_cnt < MAX_TEST_FILES);
	16
	17	// try to open the dir as root
	18	DIR *dir = opendir(directory);
	19	if (!dir) {
	20	fprintf(stderr, "Warning: directory %s not found, skipping\n", directory);
	21	return;
	22	}
	23	closedir(dir);
	24
	25	// create a test file
	26	char *test_file;
	27	if (asprintf(&test_file, "%s/jailtest-private-%d", directory, getpid()) == -1)
	28	errExit("asprintf");
	29
	30	FILE *fp = fopen(test_file, "w");
	31	if (!fp) {
	32	printf("Warning: I cannot create test file in directory %s, skipping...\n", directory);
	33	return;
	34	}
	35	fprintf(fp, "this file was created by firetest utility, you can safely delete it\n");
	36	fclose(fp);
	37	if (strcmp(directory, user_home_dir) == 0) {
	38	int rv = chown(test_file, user_uid, user_gid);
	39	if (rv)
	40	errExit("chown");
	41	}
	42
	43	char *dname = strdup(directory);
	44	if (!dname)
	45	errExit("strdup");
	46	dirs[files_cnt] = dname;
	47	files[files_cnt] = test_file;
	48	files_cnt++;
	49	}
	50
	51	void virtual_destroy(void) {
	52	// remove test files
	53	int i;
	54
	55	for (i = 0; i < files_cnt; i++) {
	56	int rv = unlink(files[i]);
	57	(void) rv;
	58	}
	59	files_cnt = 0;
	60	}
	61
	62	void virtual_test(void) {
	63	// I am root in sandbox mount namespace
	64	assert(user_uid);
	65	int i;
	66
	67	printf(" Virtual dirs: "); fflush(0);
	68
	69	for (i = 0; i < files_cnt; i++) {
	70	assert(files[i]);
	71
	72	// I am root!
	73	pid_t child = fork();
	74	if (child == -1)
	75	errExit("fork");
	76
	77	if (child == 0) { // child
	78	// drop privileges
	79	if (setgid(user_gid) != 0)
	80	errExit("setgid");
	81	if (setuid(user_uid) != 0)
	82	errExit("setuid");
	83
	84	// try to open the file for reading
	85	FILE *fp = fopen(files[i], "r");
	86	if (fp)
	87	fclose(fp);
	88	else
	89	printf("%s, ", dirs[i]);
	90	fflush(0);
	91	exit(0);
	92	}
	93
	94	// wait for the child to finish
	95	int status;
	96	wait(&status);
	97	}
	98	printf("\n");
	99	}