Add (currently failing) test for passing PATH via keepenv in doas.

Initial report by Ze Loff on misc@.

3 files changed, 47 insertions, 6 deletions

diff --git a/regress/usr.bin/doas/Makefile b/regress/usr.bin/doas/Makefile
index f6d06788477..0f717f18778 100644
--- a/regress/usr.bin/doas/Makefile
+++ b/regress/usr.bin/doas/Makefile
@@ -1,11 +1,14 @@
-# $OpenBSD: Makefile,v 1.2 2015/07/26 17:31:18 zhuk Exp $
+# $OpenBSD: Makefile,v 1.3 2015/07/28 12:25:27 zhuk Exp $
 
 REGRESS_TARGETS = \
 	t-okay \
 	t-fail-quotes \
-	t-permit-1
+	t-permit-1 \
+	t-run-keepenv-path
 
-TEST_RUN_CMD =	doas -C ${.CURDIR}/$@.conf >$@.out 2>$@.err
+REGRESS_ROOT_TARGETS =	${REGRESS_TARGETS:M*-run*}
+
+TEST_CONFIG_CMD =	doas -C ${.CURDIR}/$@.conf >$@.out 2>$@.err
 TEST_ERRORS_CMD = \
 	if [ -s $@.err -a ! -s ${.CURDIR}/$@.expected.err ]; then \
 		echo "FAIL: unexpected error output:" >&2; \
@@ -19,10 +22,10 @@ TEST_OUTPUT_CMD = ${TEST_ERRORS_CMD:C/\.err/.out/:C/error //}
 CLEANFILES +=	${REGRESS_TARGETS:=.out}
 CLEANFILES +=	${REGRESS_TARGETS:=.err}
 
-.for t in ${REGRESS_TARGETS:N*-fail*:N*-permit*}
+.for t in ${REGRESS_TARGETS:N*-fail*:N*-permit*:N*-run*}
 ${t}:
 	@echo '$@'
-	@${TEST_RUN_CMD}
+	@${TEST_CONFIG_CMD}
 	@${TEST_ERRORS_CMD}
 	@${TEST_OUTPUT_CMD}
 .endfor
@@ -30,7 +33,7 @@ ${t}:
 .for t in ${REGRESS_TARGETS:M*-fail*}
 ${t}:
 	@echo '$@'
-	@ ! ${TEST_RUN_CMD}
+	@ ! ${TEST_CONFIG_CMD}
 	@${TEST_ERRORS_CMD}
 	@${TEST_OUTPUT_CMD}
 .endfor
@@ -64,4 +67,35 @@ ${t}:
 	$$rv
 .endfor
 
+.for t in ${REGRESS_TARGETS:M*-run*}
+${t}:
+	@echo '$@'
+	@${SUDO} rm -Rf $t.root
+	@${SUDO} install -d -o ${BINOWN} -g ${BINGRP} -m ${DIRMODE} $t.root/etc
+	@${SUDO} install -d -o ${BINOWN} -g ${BINGRP} -m ${DIRMODE} $t.root/bin
+	@${SUDO} install -d -o ${BINOWN} -g ${BINGRP} -m ${DIRMODE} $t.root/usr/bin
+	@${SUDO} install -d -o ${BINOWN} -g ${BINGRP} -m ${DIRMODE} $t.root/usr/lib
+	@${SUDO} install -d -o ${BINOWN} -g ${BINGRP} -m ${DIRMODE} $t.root/usr/libexec
+	@${SUDO} install -o root -g wheel -m 0444 \
+	    ${.CURDIR}/$t.conf $t.root/etc/doas.conf
+	@${SUDO} install -o root -g wheel -m 0400 \
+	    ${.CURDIR}/master.passwd $t.root/etc/master.passwd
+	@${SUDO} pwd_mkdb -d $t.root/etc -p master.passwd
+	@${SUDO} install -o ${SHAREOWN} -g ${SHAREGRP} -m ${SHAREMODE} \
+	    /usr/libexec/ld.so $t.root/usr/libexec/ld.so
+	@${SUDO} install -o ${LIBOWN} -g ${LIBGRP} -m ${LIBMODE} \
+	    /usr/lib/libc.so.* $t.root/usr/lib
+	@${SUDO} install -o ${BINOWN} -g ${BINGRP} -m ${BINMODE} \
+	    /bin/echo $t.root/bin/echo
+	@${SUDO} install -o ${BINOWN} -g ${BINGRP} -m 4555 \
+	    /usr/bin/doas $t.root/usr/bin/doas
+	@${SUDO} env MALLOC_OPTIONS=S chroot -u nobody $t.root /usr/bin/doas echo okay
+.endfor
+# cleanup copied files
+afterclean: cleanroots
+cleanroots:
+.for t in ${REGRESS_TARGETS:M*-run*}
+	${SUDO} rm -Rf $t.root
+.endfor
+
 .include <bsd.regress.mk>
diff --git a/regress/usr.bin/doas/master.passwd b/regress/usr.bin/doas/master.passwd
new file mode 100644
index 00000000000..4637e4d1a4a
--- /dev/null
+++ b/regress/usr.bin/doas/master.passwd
@@ -0,0 +1,6 @@
+root:$2b$08$roIBH3ArOv0Mp64KeE71GOJtHbyNwPzQvc212q1ZfLUuMbXO6fUu6:0:0:daemon:0:0:Charlie &:/root:/bin/ksh
+daemon:*:1:1::0:0:The devil himself:/root:/sbin/nologin
+operator:*:2:5::0:0:System &:/operator:/sbin/nologin
+bin:*:3:7::0:0:Binaries Commands and Source:/:/sbin/nologin
+www:*:67:67::0:0:HTTP Server:/var/www:/sbin/nologin
+nobody:*:32767:32767::0:0:Unprivileged user:/nonexistent:/sbin/nologin
diff --git a/regress/usr.bin/doas/t-run-keepenv-path.conf b/regress/usr.bin/doas/t-run-keepenv-path.conf
new file mode 100644
index 00000000000..31a80aacec1
--- /dev/null
+++ b/regress/usr.bin/doas/t-run-keepenv-path.conf
@@ -0,0 +1 @@
+permit nopass keepenv { PATH JUNK } nobody as root cmd echo args okay