aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2012-06-17 22:52:19 -0700
committerMike Frysinger <vapier@gentoo.org>2012-06-23 17:28:55 -0400
commit0dff704c8be2126fe54f235889cbe9b4aef09bed (patch)
treed8f66d0456b2b6e1639f83efac67c2e702537820
parenttests: move disabling of sandbox verbose to common init (diff)
downloadsandbox-0dff704c8be2126fe54f235889cbe9b4aef09bed.tar.gz
sandbox-0dff704c8be2126fe54f235889cbe9b4aef09bed.tar.bz2
sandbox-0dff704c8be2126fe54f235889cbe9b4aef09bed.zip
tests: always bubble up exit code regardless of log existence
To simplify testing, do not mung exit(0) to exit(1) just because the log file exists. In many of our tests, we will be doing things to generate a log file, but we explicitly test for exit values ourselves. This is also needed to make log file handling more resilient where we get the name at startup, but don't allow live env changes after that. The changing of the log name to sb.log on the fly no longer works. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
-rw-r--r--src/sandbox.c5
-rwxr-xr-xtests/access-1.sh3
-rwxr-xr-xtests/chmod-1.sh5
-rwxr-xr-xtests/chown-1.sh3
-rwxr-xr-xtests/fchmodat-1.sh3
-rwxr-xr-xtests/fchownat-2.sh3
-rwxr-xr-xtests/futimesat-2.sh3
-rwxr-xr-xtests/linkat-2.sh3
-rwxr-xr-xtests/linkat_static-2.sh3
-rwxr-xr-xtests/mkdir-3.sh2
-rwxr-xr-xtests/open_static-1.sh3
-rwxr-xr-xtests/openat_static-1.sh3
-rwxr-xr-xtests/openat_static-2.sh3
-rwxr-xr-xtests/remove-1.sh3
-rwxr-xr-xtests/rmdir-2.sh4
-rwxr-xr-xtests/unlink-1.sh3
-rwxr-xr-xtests/unlink_static-1.sh3
-rwxr-xr-xtests/utimensat-2.sh3
-rwxr-xr-xtests/utimensat_static-2.sh3
19 files changed, 21 insertions, 40 deletions
diff --git a/src/sandbox.c b/src/sandbox.c
index 0fda106..69ab18e 100644
--- a/src/sandbox.c
+++ b/src/sandbox.c
@@ -340,8 +340,9 @@ int main(int argc, char **argv)
} else
dputs(sandbox_footer);
- if (sandbox_log_presence && shell_exit == 0)
- shell_exit = 1;
+ if (!is_env_on(ENV_SANDBOX_TESTING))
+ if (sandbox_log_presence && shell_exit == 0)
+ shell_exit = 1;
return shell_exit;
oom_error:
diff --git a/tests/access-1.sh b/tests/access-1.sh
index efa1e18..047dc82 100755
--- a/tests/access-1.sh
+++ b/tests/access-1.sh
@@ -3,6 +3,5 @@
addwrite $PWD
-export SANDBOX_LOG=$PWD/sb.log
access-0 -1 rwx / || exit 1
-test ! -e sb.log
+test ! -e sandbox.log
diff --git a/tests/chmod-1.sh b/tests/chmod-1.sh
index f857eac..aab5b34 100755
--- a/tests/chmod-1.sh
+++ b/tests/chmod-1.sh
@@ -3,7 +3,7 @@
addwrite $PWD
-rm -rf deny link sb.log
+rm -rf deny link
(
set -e
mkdir deny
@@ -16,6 +16,5 @@ chmod-0 0 link 0666 || exit 1
# this *should* trigger a sandbox violation
adddeny $PWD/deny
-export SANDBOX_LOG=$PWD/sb.log
chmod-0 -1 link 0666 || exit 1
-test -s sb.log
+test -s sandbox.log
diff --git a/tests/chown-1.sh b/tests/chown-1.sh
index 4a4b778..a7845eb 100755
--- a/tests/chown-1.sh
+++ b/tests/chown-1.sh
@@ -16,6 +16,5 @@ chown-0 0 link ${SB_UID} ${SB_GID} || exit 1
# this *should* trigger a sandbox violation
adddeny $PWD/deny
-export SANDBOX_LOG=$PWD/sb.log
chown-0 -1 link ${SB_UID} ${SB_GID} || exit 1
-test -s sb.log
+test -s sandbox.log
diff --git a/tests/fchmodat-1.sh b/tests/fchmodat-1.sh
index 570a2bf..3af9ad1 100755
--- a/tests/fchmodat-1.sh
+++ b/tests/fchmodat-1.sh
@@ -16,6 +16,5 @@ fchmodat-0 0 AT_FDCWD link 0666 0 || exit 1
# this *should* trigger a sandbox violation
adddeny $PWD/deny
-export SANDBOX_LOG=$PWD/sb.log
fchmodat-0 -1 AT_FDCWD link 0666 0 || exit 1
-test -s sb.log
+test -s sandbox.log
diff --git a/tests/fchownat-2.sh b/tests/fchownat-2.sh
index 5c67616..cc5f651 100755
--- a/tests/fchownat-2.sh
+++ b/tests/fchownat-2.sh
@@ -16,6 +16,5 @@ fchownat-0 0 AT_FDCWD link ${SB_UID} ${SB_GID} 0 || exit 1
# this *should* trigger a sandbox violation
adddeny $PWD/deny
-export SANDBOX_LOG=$PWD/sb.log
fchownat-0 -1 AT_FDCWD link ${SB_UID} ${SB_GID} 0 || exit 1
-test -s sb.log
+test -s sandbox.log
diff --git a/tests/futimesat-2.sh b/tests/futimesat-2.sh
index 8542c2e..35e5845 100755
--- a/tests/futimesat-2.sh
+++ b/tests/futimesat-2.sh
@@ -2,6 +2,5 @@
# basic functionality check (violations are caught)
adddeny $PWD
-export SANDBOX_LOG=$PWD/sb.log
futimesat-0 -1,EACCES AT_FDCWD . NULL || exit 1
-test -s sb.log
+test -s sandbox.log
diff --git a/tests/linkat-2.sh b/tests/linkat-2.sh
index 9574070..8fe5c75 100755
--- a/tests/linkat-2.sh
+++ b/tests/linkat-2.sh
@@ -5,6 +5,5 @@ addwrite $PWD
touch file || exit 1
adddeny $PWD
-export SANDBOX_LOG=$PWD/sb.log
linkat-0 -1,EACCES AT_FDCWD file AT_FDCWD file-linked 0 || exit 1
-test -s sb.log
+test -s sandbox.log
diff --git a/tests/linkat_static-2.sh b/tests/linkat_static-2.sh
index 5a3d64b..5adb545 100755
--- a/tests/linkat_static-2.sh
+++ b/tests/linkat_static-2.sh
@@ -6,7 +6,6 @@ addwrite $PWD
touch file || exit 1
adddeny $PWD
-export SANDBOX_LOG=$PWD/sb.log
# we cant check exit status as ptrace code kills child
linkat-0 -1,EACCES AT_FDCWD file AT_FDCWD file-linked 0 #|| exit 1
-test -s sb.log
+test -s sandbox.log
diff --git a/tests/mkdir-3.sh b/tests/mkdir-3.sh
index db9027e..10e8723 100755
--- a/tests/mkdir-3.sh
+++ b/tests/mkdir-3.sh
@@ -9,8 +9,6 @@ addwrite $PWD
chmod -R a+rwx base 2>/dev/null
rm -rf base
-export SANDBOX_LOG=$PWD/sb.log
-
set -e
mkdir -p base/d
diff --git a/tests/open_static-1.sh b/tests/open_static-1.sh
index 0143402..faf91d0 100755
--- a/tests/open_static-1.sh
+++ b/tests/open_static-1.sh
@@ -6,8 +6,7 @@ addwrite $PWD
open_static-0 3 ok "O_WRONLY|O_CREAT" 0666 || exit 1
open_static-0 3 ok O_RDONLY 0666 || exit 1
-export SANDBOX_LOG=$PWD/sb.log
mkdir deny || exit 1
adddeny $PWD/deny
open_static-0 -1 deny/not-ok "O_WRONLY|O_CREAT" 0666
-test -e sb.log
+test -e sandbox.log
diff --git a/tests/openat_static-1.sh b/tests/openat_static-1.sh
index a00b19c..929fc51 100755
--- a/tests/openat_static-1.sh
+++ b/tests/openat_static-1.sh
@@ -6,8 +6,7 @@ addwrite $PWD
openat_static-0 3 AT_FDCWD ok "O_WRONLY|O_CREAT" 0666 || exit 1
openat_static-0 3 AT_FDCWD ok O_RDONLY 0666 || exit 1
-export SANDBOX_LOG=$PWD/sb.log
mkdir deny || exit 1
adddeny $PWD/deny
openat_static-0 -1 AT_FDCWD deny/not-ok "O_WRONLY|O_CREAT" 0666
-test -e sb.log
+test -e sandbox.log
diff --git a/tests/openat_static-2.sh b/tests/openat_static-2.sh
index 00a948e..577767f 100755
--- a/tests/openat_static-2.sh
+++ b/tests/openat_static-2.sh
@@ -6,8 +6,7 @@ addwrite $PWD
openat_static-0 3 AT_FDCWD ok "O_WRONLY|O_CREAT" 0666 || exit 1
openat_static-0 3 AT_FDCWD ok O_RDONLY 0666 || exit 1
-export SANDBOX_LOG=$PWD/sb.log
mkdir deny || exit 1
adddeny $PWD/deny
openat_static-0 -1 AT_FDCWD $PWD/deny/not-ok "O_WRONLY|O_CREAT" 0666
-test -e sb.log
+test -e sandbox.log
diff --git a/tests/remove-1.sh b/tests/remove-1.sh
index 2ebcda3..20f34fd 100755
--- a/tests/remove-1.sh
+++ b/tests/remove-1.sh
@@ -2,7 +2,6 @@
# make sure we catch openat with relative path
[ "${at_xfail}" = "yes" ] && exit 77 # see trace-0
-export SANDBOX_LOG=$PWD/sb.log
adddeny "${PWD}"
remove-0 -1 f
-test -e sb.log
+test -e sandbox.log
diff --git a/tests/rmdir-2.sh b/tests/rmdir-2.sh
index 7cb4717..27a4dc8 100755
--- a/tests/rmdir-2.sh
+++ b/tests/rmdir-2.sh
@@ -1,8 +1,6 @@
#!/bin/sh
# make sure symlinks don't fail
-export SANDBOX_LOG=$PWD/sb.log
-
addwrite $PWD
mkdir reject || exit 1
@@ -11,4 +9,4 @@ adddeny $PWD/reject
ln -s reject foo || exit 1
rmdir-0 -1,ENOTDIR foo || exit 1
[ -e foo ] || exit 1
-! test -e sb.log
+! test -e sandbox.log
diff --git a/tests/unlink-1.sh b/tests/unlink-1.sh
index 62e23ea..e8fcb81 100755
--- a/tests/unlink-1.sh
+++ b/tests/unlink-1.sh
@@ -2,7 +2,6 @@
# make sure we catch openat with relative path
[ "${at_xfail}" = "yes" ] && exit 77 # see trace-0
-export SANDBOX_LOG=$PWD/sb.log
adddeny "${PWD}"
unlink-0 -1 f
-test -e sb.log
+test -e sandbox.log
diff --git a/tests/unlink_static-1.sh b/tests/unlink_static-1.sh
index 62cb6b7..9585862 100755
--- a/tests/unlink_static-1.sh
+++ b/tests/unlink_static-1.sh
@@ -2,9 +2,8 @@
# make sure we catch openat with relative path
[ "${at_xfail}" = "yes" ] && exit 77 # see trace-0
-export SANDBOX_LOG=$PWD/sb.log
touch f
test -e f || exit 1
adddeny "${PWD}"
unlink_static-0 -1,EPERM f
-test -e sb.log -a -e f
+test -e sandbox.log -a -e f
diff --git a/tests/utimensat-2.sh b/tests/utimensat-2.sh
index 110da4e..d8ec8bb 100755
--- a/tests/utimensat-2.sh
+++ b/tests/utimensat-2.sh
@@ -2,6 +2,5 @@
# basic functionality check (violations are caught)
adddeny $PWD
-export SANDBOX_LOG=$PWD/sb.log
utimensat-0 -1,EACCES AT_FDCWD . NULL 0 || exit 1
-test -s sb.log
+test -s sandbox.log
diff --git a/tests/utimensat_static-2.sh b/tests/utimensat_static-2.sh
index 8f190fd..c232f1f 100755
--- a/tests/utimensat_static-2.sh
+++ b/tests/utimensat_static-2.sh
@@ -3,7 +3,6 @@
[ "${at_xfail}" = "yes" ] && exit 77 # see trace-0
adddeny $PWD
-export SANDBOX_LOG=$PWD/sb.log
# we cant check exit status as ptrace code kills child
utimensat_static-0 -1,EACCES AT_FDCWD . NULL 0 #|| exit 1
-test -s sb.log
+test -s sandbox.log