bug-coreutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: non-root tests in target check-root?

From: Voelker, Bernhard
Subject: RE: non-root tests in target check-root?
Date: Mon, 2 Nov 2009 13:14:30 +0100 
Jim Meyering wrote:
> Voelker, Bernhard wrote:
> 
> > Jim Meyering wrote:
> >> Voelker, Bernhard wrote:
> >> > Jim Meyering wrote:
> >> >> Voelker, Bernhard wrote:
> >> >> > I'm wondering why there are so many tests (in coreutils-8.0( run by
> >> >> >
> >> >> >     sudo env PATH="$PATH" NON_ROOT_USERNAME=$USER make -k check-root
> >> >> >
> >> >> > which are skipped with "must be run as non-root",
> >> >> > e.g. touch/read-only, mv/perm-1, etc.
> >> >> > Is that on purpose (to check wether the root check works;-) ?
> >> >>
> >> >> It's because running them as root would fail,
> >> >> due to the different way in which permissions work when
> >> >> you are root; e.g., root can touch and write to a read-only file:
> >> >>
> >> >>     # :>f; chmod 0 f; touch f; echo > f
> >> >>     #
> >> >
> >> > thanks for the answer & sorry for the delay.
> >> >
> >> > That was clear to me, maybe my question was inprecise:
> >> > If I understand the check* targets right, there is the general
> >> > purpose target "check" which can be run as a non-root or a root user
> >> > while there is a special target for root-only checks named "check-root".
> >>
> >> Not quite.  I recommend against running "make check" as root.
> >> There are very many tests, and while we're pretty confident
> >> they contain few bugs and probably no *exploitable* bugs, it
> >> is best to be cautious and run as few programs as possible when root.
> >
> > ok.
> >
> >> Hence, "make check-root" serves to run the few tests
> >> that can succeed only when run by root.
> >
> > ... so "touch/read-only" and "mv/perm-1" should be removed from
> > "make check-root" since it cannot be run as root, right?
> 
> The list of root_tests is in tests/Makefile.am:
> 
> root_tests =                                  \
>   chown/basic                                 \
>   cp/cp-a-selinux                             \
>   cp/preserve-gid                             \
>   cp/special-bits                             \
>   cp/cp-mv-enotsup-xattr                      \
>   dd/skip-seek-past-dev                               \
>   install/install-C-root                      \
>   ls/capability                                       \
>   ls/nameless-uid                             \
>   misc/chcon                                  \
>   misc/chroot-credentials                     \
>   misc/selinux                                        \
>   misc/truncate-owned-by-other                        \
>   mkdir/writable-under-readonly                       \
>   mv/sticky-to-xpart                          \
>   rm/fail-2eperm                              \
>   rm/no-give-up                                       \
>   rm/one-file-system                          \
>   tail-2/append-only                          \
>   touch/now-owned-by-other
> 
> and it does not contain either of those two tests.
> Does "make check-root" run them for you?
> 
> If you are having a problem, please list the commands
> you are running and whatever problematic output they produce.

grmpf, my bad: make was /usr/ccs/bin/make which is no GNU make.
It therefore ran into `make check` inside `make check-root` because
it doesn't understand this syntax:
        $(MAKE) check TESTS='$(root_tests)'

With `gmake check-root`, the above list of tests is run.

Sorry for the noise.

Have a nice day,
Berny
reply via email to
[Prev in Thread] Current Thread [Next in Thread]