Why Gemfury? Push, build, and install  RubyGems npm packages Python packages Maven artifacts PHP packages Go Modules Debian packages RPM packages NuGet packages

iio / golang deb

Repository URL to install this package:

Version: 
1.22.0  ▾
Details    
golang / usr / local / go / src / syscall / exec_pdeathsig_test.go
Size: Mime: 
// Copyright 2015 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

//go:build freebsd || linux

package syscall_test

import (
	"bufio"
	"fmt"
	"internal/testenv"
	"io"
	"os"
	"os/exec"
	"os/signal"
	"os/user"
	"path/filepath"
	"strconv"
	"strings"
	"syscall"
	"testing"
)

// TestDeathSignalSetuid verifies that a command run with a different UID still
// receives PDeathsig; it is a regression test for https://go.dev/issue/9686.
func TestDeathSignalSetuid(t *testing.T) {
	if testing.Short() {
		t.Skipf("skipping test that copies its binary into temp dir")
	}

	// Copy the test binary to a location that another user can read/execute
	// after we drop privileges.
	//
	// TODO(bcmills): Why do we believe that another users will be able to
	// execute a binary in this directory? (It could be mounted noexec.)
	tempDir, err := os.MkdirTemp("", "TestDeathSignal")
	if err != nil {
		t.Fatalf("cannot create temporary directory: %v", err)
	}
	defer os.RemoveAll(tempDir)
	os.Chmod(tempDir, 0755)

	tmpBinary := filepath.Join(tempDir, filepath.Base(os.Args[0]))

	src, err := os.Open(os.Args[0])
	if err != nil {
		t.Fatalf("cannot open binary %q, %v", os.Args[0], err)
	}
	defer src.Close()

	dst, err := os.OpenFile(tmpBinary, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0755)
	if err != nil {
		t.Fatalf("cannot create temporary binary %q, %v", tmpBinary, err)
	}
	if _, err := io.Copy(dst, src); err != nil {
		t.Fatalf("failed to copy test binary to %q, %v", tmpBinary, err)
	}
	err = dst.Close()
	if err != nil {
		t.Fatalf("failed to close test binary %q, %v", tmpBinary, err)
	}

	cmd := testenv.Command(t, tmpBinary)
	cmd.Env = append(cmd.Environ(), "GO_DEATHSIG_PARENT=1")
	chldStdin, err := cmd.StdinPipe()
	if err != nil {
		t.Fatalf("failed to create new stdin pipe: %v", err)
	}
	chldStdout, err := cmd.StdoutPipe()
	if err != nil {
		t.Fatalf("failed to create new stdout pipe: %v", err)
	}
	stderr := new(strings.Builder)
	cmd.Stderr = stderr

	err = cmd.Start()
	defer func() {
		chldStdin.Close()
		cmd.Wait()
		if stderr.Len() > 0 {
			t.Logf("stderr:\n%s", stderr)
		}
	}()
	if err != nil {
		t.Fatalf("failed to start first child process: %v", err)
	}

	chldPipe := bufio.NewReader(chldStdout)

	if got, err := chldPipe.ReadString('\n'); got == "start\n" {
		syscall.Kill(cmd.Process.Pid, syscall.SIGTERM)

		want := "ok\n"
		if got, err = chldPipe.ReadString('\n'); got != want {
			t.Fatalf("expected %q, received %q, %v", want, got, err)
		}
	} else if got == "skip\n" {
		t.Skipf("skipping: parent could not run child program as selected user")
	} else {
		t.Fatalf("did not receive start from child, received %q, %v", got, err)
	}
}

func deathSignalParent() {
	var (
		u   *user.User
		err error
	)
	if os.Getuid() == 0 {
		tryUsers := []string{"nobody"}
		if testenv.Builder() != "" {
			tryUsers = append(tryUsers, "gopher")
		}
		for _, name := range tryUsers {
			u, err = user.Lookup(name)
			if err == nil {
				break
			}
			fmt.Fprintf(os.Stderr, "Lookup(%q): %v\n", name, err)
		}
	}
	if u == nil {
		// If we couldn't find an unprivileged user to run as, try running as
		// the current user. (Empirically this still causes the call to Start to
		// fail with a permission error if running as a non-root user on Linux.)
		u, err = user.Current()
		if err != nil {
			fmt.Fprintln(os.Stderr, err)
			os.Exit(1)
		}
	}

	uid, err := strconv.ParseUint(u.Uid, 10, 32)
	if err != nil {
		fmt.Fprintf(os.Stderr, "invalid UID: %v\n", err)
		os.Exit(1)
	}
	gid, err := strconv.ParseUint(u.Gid, 10, 32)
	if err != nil {
		fmt.Fprintf(os.Stderr, "invalid GID: %v\n", err)
		os.Exit(1)
	}

	cmd := exec.Command(os.Args[0])
	cmd.Env = append(os.Environ(),
		"GO_DEATHSIG_PARENT=",
		"GO_DEATHSIG_CHILD=1",
	)
	cmd.Stdin = os.Stdin
	cmd.Stdout = os.Stdout
	attrs := syscall.SysProcAttr{
		Pdeathsig:  syscall.SIGUSR1,
		Credential: &syscall.Credential{Uid: uint32(uid), Gid: uint32(gid)},
	}
	cmd.SysProcAttr = &attrs

	fmt.Fprintf(os.Stderr, "starting process as user %q\n", u.Username)
	if err := cmd.Start(); err != nil {
		fmt.Fprintln(os.Stderr, err)
		if testenv.SyscallIsNotSupported(err) {
			fmt.Println("skip")
			os.Exit(0)
		}
		os.Exit(1)
	}
	cmd.Wait()
	os.Exit(0)
}

func deathSignalChild() {
	c := make(chan os.Signal, 1)
	signal.Notify(c, syscall.SIGUSR1)
	go func() {
		<-c
		fmt.Println("ok")
		os.Exit(0)
	}()
	fmt.Println("start")

	buf := make([]byte, 32)
	os.Stdin.Read(buf)

	// We expected to be signaled before stdin closed
	fmt.Println("not ok")
	os.Exit(1)
}

Products

About

Resources

Contact Gemfury