bug-coreutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: non-root tests in target check-root?

From: Jim Meyering
Subject: Re: non-root tests in target check-root?
Date: Mon, 02 Nov 2009 12:42:01 +0100 
Voelker, Bernhard wrote:

> Jim Meyering wrote:
>> Voelker, Bernhard wrote:
>> > Jim Meyering wrote:
>> >> Voelker, Bernhard wrote:
>> >> > I'm wondering why there are so many tests (in coreutils-8.0( run by
>> >> >
>> >> >     sudo env PATH="$PATH" NON_ROOT_USERNAME=$USER make -k check-root
>> >> >
>> >> > which are skipped with "must be run as non-root",
>> >> > e.g. touch/read-only, mv/perm-1, etc.
>> >> > Is that on purpose (to check wether the root check works;-) ?
>> >>
>> >> It's because running them as root would fail,
>> >> due to the different way in which permissions work when
>> >> you are root; e.g., root can touch and write to a read-only file:
>> >>
>> >>     # :>f; chmod 0 f; touch f; echo > f
>> >>     #
>> >
>> > thanks for the answer & sorry for the delay.
>> >
>> > That was clear to me, maybe my question was inprecise:
>> > If I understand the check* targets right, there is the general
>> > purpose target "check" which can be run as a non-root or a root user
>> > while there is a special target for root-only checks named "check-root".
>>
>> Not quite.  I recommend against running "make check" as root.
>> There are very many tests, and while we're pretty confident
>> they contain few bugs and probably no *exploitable* bugs, it
>> is best to be cautious and run as few programs as possible when root.
>
> ok.
>
>> Hence, "make check-root" serves to run the few tests
>> that can succeed only when run by root.
>
> ... so "touch/read-only" and "mv/perm-1" should be removed from
> "make check-root" since it cannot be run as root, right?

The list of root_tests is in tests/Makefile.am:

root_tests =                                    \
  chown/basic                                   \
  cp/cp-a-selinux                               \
  cp/preserve-gid                               \
  cp/special-bits                               \
  cp/cp-mv-enotsup-xattr                        \
  dd/skip-seek-past-dev                         \
  install/install-C-root                        \
  ls/capability                                 \
  ls/nameless-uid                               \
  misc/chcon                                    \
  misc/chroot-credentials                       \
  misc/selinux                                  \
  misc/truncate-owned-by-other                  \
  mkdir/writable-under-readonly                 \
  mv/sticky-to-xpart                            \
  rm/fail-2eperm                                \
  rm/no-give-up                                 \
  rm/one-file-system                            \
  tail-2/append-only                            \
  touch/now-owned-by-other

and it does not contain either of those two tests.
Does "make check-root" run them for you?

If you are having a problem, please list the commands
you are running and whatever problematic output they produce.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]