[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: non-root tests in target check-root?
From: |
Voelker, Bernhard |
Subject: |
RE: non-root tests in target check-root? |
Date: |
Mon, 2 Nov 2009 13:14:30 +0100 |
Jim Meyering wrote:
> Voelker, Bernhard wrote:
>
> > Jim Meyering wrote:
> >> Voelker, Bernhard wrote:
> >> > Jim Meyering wrote:
> >> >> Voelker, Bernhard wrote:
> >> >> > I'm wondering why there are so many tests (in coreutils-8.0( run by
> >> >> >
> >> >> > sudo env PATH="$PATH" NON_ROOT_USERNAME=$USER make -k check-root
> >> >> >
> >> >> > which are skipped with "must be run as non-root",
> >> >> > e.g. touch/read-only, mv/perm-1, etc.
> >> >> > Is that on purpose (to check wether the root check works;-) ?
> >> >>
> >> >> It's because running them as root would fail,
> >> >> due to the different way in which permissions work when
> >> >> you are root; e.g., root can touch and write to a read-only file:
> >> >>
> >> >> # :>f; chmod 0 f; touch f; echo > f
> >> >> #
> >> >
> >> > thanks for the answer & sorry for the delay.
> >> >
> >> > That was clear to me, maybe my question was inprecise:
> >> > If I understand the check* targets right, there is the general
> >> > purpose target "check" which can be run as a non-root or a root user
> >> > while there is a special target for root-only checks named "check-root".
> >>
> >> Not quite. I recommend against running "make check" as root.
> >> There are very many tests, and while we're pretty confident
> >> they contain few bugs and probably no *exploitable* bugs, it
> >> is best to be cautious and run as few programs as possible when root.
> >
> > ok.
> >
> >> Hence, "make check-root" serves to run the few tests
> >> that can succeed only when run by root.
> >
> > ... so "touch/read-only" and "mv/perm-1" should be removed from
> > "make check-root" since it cannot be run as root, right?
>
> The list of root_tests is in tests/Makefile.am:
>
> root_tests = \
> chown/basic \
> cp/cp-a-selinux \
> cp/preserve-gid \
> cp/special-bits \
> cp/cp-mv-enotsup-xattr \
> dd/skip-seek-past-dev \
> install/install-C-root \
> ls/capability \
> ls/nameless-uid \
> misc/chcon \
> misc/chroot-credentials \
> misc/selinux \
> misc/truncate-owned-by-other \
> mkdir/writable-under-readonly \
> mv/sticky-to-xpart \
> rm/fail-2eperm \
> rm/no-give-up \
> rm/one-file-system \
> tail-2/append-only \
> touch/now-owned-by-other
>
> and it does not contain either of those two tests.
> Does "make check-root" run them for you?
>
> If you are having a problem, please list the commands
> you are running and whatever problematic output they produce.
grmpf, my bad: make was /usr/ccs/bin/make which is no GNU make.
It therefore ran into `make check` inside `make check-root` because
it doesn't understand this syntax:
$(MAKE) check TESTS='$(root_tests)'
With `gmake check-root`, the above list of tests is run.
Sorry for the noise.
Have a nice day,
Berny