[apple/xnu.git] / tests / drop_priv.c

#include <darwintest.h>

#include <TargetConditionals.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/errno.h>
#include <unistd.h>

#if !TARGET_OS_OSX
#include <pwd.h>
#include <sys/types.h>
#include <uuid/uuid.h>
#endif

#include "drop_priv.h"

#if TARGET_OS_OSX
#define INVOKER_UID "SUDO_UID"
#define INVOKER_GID "SUDO_GID"
#define ID_MAX (unsigned long)UINT_MAX
static unsigned
_get_sudo_invoker(const char *var)
{
	char *value_str = getenv(var);
	T_QUIET; T_WITH_ERRNO; T_ASSERT_NOTNULL(value_str,
	    "Not running under sudo, getenv(\"%s\") failed", var);
	T_QUIET; T_ASSERT_NE_CHAR(*value_str, '\0',
	    "getenv(\"%s\") returned an empty string", var);

	char *endp;
	unsigned long value = strtoul(value_str, &endp, 10);
	T_QUIET; T_WITH_ERRNO; T_ASSERT_EQ_CHAR(*endp, '\0',
	    "strtoul(\"%s\") not called on a valid number", value_str);
	T_QUIET; T_WITH_ERRNO; T_ASSERT_NE_ULONG(value, ULONG_MAX,
	    "strtoul(\"%s\") overflow", value_str);

	T_QUIET; T_ASSERT_NE_ULONG(value, 0ul, "%s invalid", var);
	T_QUIET; T_ASSERT_LT_ULONG(value, ID_MAX, "%s invalid", var);
	return (unsigned)value;
}
#endif /* TARGET_OS_OSX */

void
drop_priv(void)
{
#if TARGET_OS_OSX
	uid_t lower_uid = _get_sudo_invoker(INVOKER_UID);
	gid_t lower_gid = _get_sudo_invoker(INVOKER_GID);
#else
	struct passwd *pw = getpwnam("mobile");
	T_QUIET; T_WITH_ERRNO; T_ASSERT_NOTNULL(pw, "getpwnam(\"mobile\")");
	uid_t lower_uid = pw->pw_uid;
	gid_t lower_gid = pw->pw_gid;
#endif
	T_ASSERT_POSIX_SUCCESS(setgid(lower_gid), "Change group to %u", lower_gid);
	T_ASSERT_POSIX_SUCCESS(setuid(lower_uid), "Change user to %u", lower_uid);
}
Commit	Line	Data
a39ff7e2 A	1	#include <darwintest.h>
	2
	3	#include <TargetConditionals.h>
	4	#include <limits.h>
	5	#include <stdio.h>
	6	#include <stdlib.h>
	7	#include <string.h>
	8	#include <sys/errno.h>
	9	#include <unistd.h>
	10
	11	#if !TARGET_OS_OSX
	12	#include <pwd.h>
	13	#include <sys/types.h>
	14	#include <uuid/uuid.h>
	15	#endif
	16
c3c9b80d A	17	#include "drop_priv.h"
c3c9b80d A	18
a39ff7e2 A	19	#if TARGET_OS_OSX
	20	#define INVOKER_UID "SUDO_UID"
	21	#define INVOKER_GID "SUDO_GID"
	22	#define ID_MAX (unsigned long)UINT_MAX
	23	static unsigned
	24	_get_sudo_invoker(const char *var)
	25	{
0a7de745 A	26	char *value_str = getenv(var);
	27	T_QUIET; T_WITH_ERRNO; T_ASSERT_NOTNULL(value_str,
	28	"Not running under sudo, getenv(\"%s\") failed", var);
	29	T_QUIET; T_ASSERT_NE_CHAR(*value_str, '\0',
	30	"getenv(\"%s\") returned an empty string", var);
a39ff7e2	31
0a7de745 A	32	char *endp;
	33	unsigned long value = strtoul(value_str, &endp, 10);
	34	T_QUIET; T_WITH_ERRNO; T_ASSERT_EQ_CHAR(*endp, '\0',
	35	"strtoul(\"%s\") not called on a valid number", value_str);
	36	T_QUIET; T_WITH_ERRNO; T_ASSERT_NE_ULONG(value, ULONG_MAX,
	37	"strtoul(\"%s\") overflow", value_str);
a39ff7e2	38
0a7de745 A	39	T_QUIET; T_ASSERT_NE_ULONG(value, 0ul, "%s invalid", var);
	40	T_QUIET; T_ASSERT_LT_ULONG(value, ID_MAX, "%s invalid", var);
	41	return (unsigned)value;
a39ff7e2 A	42	}
	43	#endif /* TARGET_OS_OSX */
	44
a39ff7e2 A	45	void
	46	drop_priv(void)
	47	{
	48	#if TARGET_OS_OSX
0a7de745 A	49	uid_t lower_uid = _get_sudo_invoker(INVOKER_UID);
0a7de745 A	50	gid_t lower_gid = _get_sudo_invoker(INVOKER_GID);
a39ff7e2	51	#else
0a7de745 A	52	struct passwd *pw = getpwnam("mobile");
	53	T_QUIET; T_WITH_ERRNO; T_ASSERT_NOTNULL(pw, "getpwnam(\"mobile\")");
	54	uid_t lower_uid = pw->pw_uid;
	55	gid_t lower_gid = pw->pw_gid;
a39ff7e2	56	#endif
0a7de745 A	57	T_ASSERT_POSIX_SUCCESS(setgid(lower_gid), "Change group to %u", lower_gid);
0a7de745 A	58	T_ASSERT_POSIX_SUCCESS(setuid(lower_uid), "Change user to %u", lower_uid);
a39ff7e2	59	}