diff options
| -rw-r--r-- | regress/usr.bin/doas/Makefile | 67 | ||||
| -rw-r--r-- | regress/usr.bin/doas/t-fail-quotes.conf | 2 | ||||
| -rw-r--r-- | regress/usr.bin/doas/t-fail-quotes.err | 3 | ||||
| -rw-r--r-- | regress/usr.bin/doas/t-fail-quotes.expected.err | 3 | ||||
| -rw-r--r-- | regress/usr.bin/doas/t-fail-quotes.out | 0 | ||||
| -rw-r--r-- | regress/usr.bin/doas/t-okay.conf | 25 | ||||
| -rw-r--r-- | regress/usr.bin/doas/t-okay.err | 0 | ||||
| -rw-r--r-- | regress/usr.bin/doas/t-okay.out | 0 | ||||
| -rw-r--r-- | regress/usr.bin/doas/t-permit-1.conf | 3 | ||||
| -rw-r--r-- | regress/usr.bin/doas/t-permit-1.patterns | 6 |
10 files changed, 109 insertions, 0 deletions
diff --git a/regress/usr.bin/doas/Makefile b/regress/usr.bin/doas/Makefile new file mode 100644 index 00000000000..ce9d736f494 --- /dev/null +++ b/regress/usr.bin/doas/Makefile @@ -0,0 +1,67 @@ +# $OpenBSD: Makefile,v 1.1 2015/07/26 17:28:05 zhuk Exp $ + +REGRESS_TARGETS = \ + t-okay \ + t-fail-quotes \ + t-permit-1 + +TEST_RUN_CMD = doas -C ${.CURDIR}/$@.conf >$@.out 2>$@.err +TEST_ERRORS_CMD = \ + if [ -s $@.err -a ! -s ${.CURDIR}/$@.expected.err ]; then \ + echo "FAIL: unexpected error output:" >&2; \ + cat $@.err >&2; \ + exit 1; \ + elif [ -s ${.CURDIR}/$@.expected.err ]; then \ + diff -u ${.CURDIR}/$@.expected.err $@.err; \ + fi +TEST_OUTPUT_CMD = ${TEST_ERRORS_CMD:C/\.err/.out/:C/error //} + +CLEANFILES += ${REGRESS_TARGETS:=.out} +CLEANFILES += ${REGRESS_TARGETS:=.err} + +.for t in ${REGRESS_TARGETS:N*-fail*:N*-permit*} +${t}: + @echo '===> $@' + @${TEST_RUN_CMD} + @${TEST_ERRORS_CMD} + @${TEST_OUTPUT_CMD} +.endfor + +.for t in ${REGRESS_TARGETS:M*-fail*} +${t}: + @echo '===> $@' + @ ! ${TEST_RUN_CMD} + @${TEST_ERRORS_CMD} + @${TEST_OUTPUT_CMD} +.endfor + +.for t in ${REGRESS_TARGETS:M*-permit*} +${t}: + @echo '===> $@' + @rv=true; \ + while read ident cmdline; do \ + read expected; \ + set +e; \ + action=$$(doas -C ${.CURDIR}/$@.conf -u $$ident $$cmdline); \ + ret=$$?; \ + set -e; \ + if [ X"$$action" != X"$$expected" ]; then \ + echo "FAILED: expected '$$expected'," \ + "but got '$$action'" >&2; \ + echo " for command: $$cmdline" >&2; \ + rv=false; \ + fi; \ + if [ X"$$action" = Xdeny -a $$ret -eq 0 ]; then \ + echo "FAILED: deny without error return" >&2; \ + echo " for command: $$cmdline" >&2; \ + rv=false; \ + elif [ X"$$action" != Xdeny -a $$ret -ne 0 ]; then \ + echo "FAILED: permit with error return" >&2; \ + echo " for command: $$cmdline" >&2; \ + rv=false; \ + fi; \ + done <${.CURDIR}/$@.patterns; \ + $$rv +.endfor + +.include <bsd.regress.mk> diff --git a/regress/usr.bin/doas/t-fail-quotes.conf b/regress/usr.bin/doas/t-fail-quotes.conf new file mode 100644 index 00000000000..6b44384529e --- /dev/null +++ b/regress/usr.bin/doas/t-fail-quotes.conf @@ -0,0 +1,2 @@ +permit :wheel cmd echo" +permit :wheel cmd echo"
\ No newline at end of file diff --git a/regress/usr.bin/doas/t-fail-quotes.err b/regress/usr.bin/doas/t-fail-quotes.err new file mode 100644 index 00000000000..4a8076b62b0 --- /dev/null +++ b/regress/usr.bin/doas/t-fail-quotes.err @@ -0,0 +1,3 @@ +unterminated quotes in column 23 at line 1 +unterminated quotes in column 23 at line 2 +syntax error at line 2 diff --git a/regress/usr.bin/doas/t-fail-quotes.expected.err b/regress/usr.bin/doas/t-fail-quotes.expected.err new file mode 100644 index 00000000000..4a8076b62b0 --- /dev/null +++ b/regress/usr.bin/doas/t-fail-quotes.expected.err @@ -0,0 +1,3 @@ +unterminated quotes in column 23 at line 1 +unterminated quotes in column 23 at line 2 +syntax error at line 2 diff --git a/regress/usr.bin/doas/t-fail-quotes.out b/regress/usr.bin/doas/t-fail-quotes.out new file mode 100644 index 00000000000..e69de29bb2d --- /dev/null +++ b/regress/usr.bin/doas/t-fail-quotes.out diff --git a/regress/usr.bin/doas/t-okay.conf b/regress/usr.bin/doas/t-okay.conf new file mode 100644 index 00000000000..08b0008492f --- /dev/null +++ b/regress/usr.bin/doas/t-okay.conf @@ -0,0 +1,25 @@ +permit :wheel +deny :wheel +deny root +permit nopass root +permit :wheel cmd echo +permit :wheel cmd /bin/echo +permit :wheel cmd "/bin/echo" +permit :wheel cmd "/bi"n"/echo" + +permit :wheel cmd echo args +permit :wheel cmd echo args \ +"args" +permit :wheel cmd echo args \ + "args" + +permit :wheel cmd echo args "" "" + +permit :wheel cmd echo args " args \22 " + +permit nopass keepenv { \ + FTPMODE PKG_CACHE PKG_PATH SM_PATH SSH_AUTH_SOCK \ + DESTDIR DISTDIR FETCH_CMD FLAVOR GROUP MAKE MAKECONF \ + MULTI_PACKAGES NOMAN OKAY_FILES OWNER PKG_DBDIR \ + PKG_DESTDIR PKG_TMPDIR PORTSDIR RELEASEDIR SHARED_ONLY \ + SUBPACKAGE WRKOBJDIR SUDO_PORT_V1 } :wheel diff --git a/regress/usr.bin/doas/t-okay.err b/regress/usr.bin/doas/t-okay.err new file mode 100644 index 00000000000..e69de29bb2d --- /dev/null +++ b/regress/usr.bin/doas/t-okay.err diff --git a/regress/usr.bin/doas/t-okay.out b/regress/usr.bin/doas/t-okay.out new file mode 100644 index 00000000000..e69de29bb2d --- /dev/null +++ b/regress/usr.bin/doas/t-okay.out diff --git a/regress/usr.bin/doas/t-permit-1.conf b/regress/usr.bin/doas/t-permit-1.conf new file mode 100644 index 00000000000..6a51afbe4f9 --- /dev/null +++ b/regress/usr.bin/doas/t-permit-1.conf @@ -0,0 +1,3 @@ +permit :wsrc as root cmd echo args la-la-la +permit :wsrc as operator cmd echo args +permit nopass :wsrc as www cmd echo args slackers diff --git a/regress/usr.bin/doas/t-permit-1.patterns b/regress/usr.bin/doas/t-permit-1.patterns new file mode 100644 index 00000000000..c1b5ed75a25 --- /dev/null +++ b/regress/usr.bin/doas/t-permit-1.patterns @@ -0,0 +1,6 @@ +root echo la-la-la +permit +operator echo zzz +deny +www echo slackers +permit nopass |