From f60bbb5c2ad01c0d3df46d936603c35c680a65bf Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Mon, 18 Sep 2017 13:48:34 +0200 Subject: [PATCH] Issue #195: Check presence of nested env first --- lib/core/chroot.sh | 6 ++++-- lib/core/namespace.sh | 4 ++-- lib/core/proot.sh | 5 ++++- tests/unit-tests/test-chroot.sh | 12 ++++++++++++ tests/unit-tests/test-common.sh | 1 - tests/unit-tests/test-namespace.sh | 6 ++++++ tests/unit-tests/test-proot.sh | 12 ++++++++++++ 7 files changed, 40 insertions(+), 6 deletions(-) diff --git a/lib/core/chroot.sh b/lib/core/chroot.sh index 9a104aa..731739a 100644 --- a/lib/core/chroot.sh +++ b/lib/core/chroot.sh @@ -28,8 +28,6 @@ function _run_env_as_xroot(){ copy_common_files - check_nested_env - JUNEST_ENV=1 $cmd $backend_args "$JUNEST_HOME" "${SH[@]}" "-c" "${main_cmd}" } @@ -52,6 +50,8 @@ function _run_env_as_xroot(){ # - : The command output. ####################################### function run_env_as_groot(){ + check_nested_env + local backend_args="$1" shift @@ -81,6 +81,8 @@ function run_env_as_groot(){ # - : The command output. ####################################### function run_env_as_chroot(){ + check_nested_env + local backend_args="$1" shift diff --git a/lib/core/namespace.sh b/lib/core/namespace.sh index f472a4c..6acd21d 100644 --- a/lib/core/namespace.sh +++ b/lib/core/namespace.sh @@ -46,8 +46,6 @@ function _run_env_with_namespace(){ local backend_args="$1" shift - check_nested_env - provide_common_bindings local bindings=${RESULT} unset RESULT @@ -82,6 +80,8 @@ function _run_env_with_namespace(){ # - : The command output. ####################################### function run_env_with_namespace() { + check_nested_env + local backend_args="$1" shift _check_user_namespace diff --git a/lib/core/proot.sh b/lib/core/proot.sh index f678d9d..21f8a01 100644 --- a/lib/core/proot.sh +++ b/lib/core/proot.sh @@ -12,7 +12,6 @@ function _run_env_with_proot(){ local proot_args="$1" shift - check_nested_env if [ "$1" != "" ] then JUNEST_ENV=1 proot_cmd "${proot_args}" "${SH[@]}" "-c" "$(insert_quotes_on_spaces "${@}")" @@ -60,6 +59,8 @@ function _run_env_with_qemu(){ function run_env_as_fakeroot(){ (( EUID == 0 )) && \ die_on_status $ROOT_ACCESS_ERROR "You cannot access with root privileges. Use --groot option instead." + check_nested_env + local backend_args="$1" shift @@ -93,6 +94,8 @@ function run_env_as_fakeroot(){ function run_env_as_user(){ (( EUID == 0 )) && \ die_on_status $ROOT_ACCESS_ERROR "You cannot access with root privileges. Use --groot option instead." + check_nested_env + local backend_args="$1" shift diff --git a/tests/unit-tests/test-chroot.sh b/tests/unit-tests/test-chroot.sh index aa491e5..7102dd5 100755 --- a/tests/unit-tests/test-chroot.sh +++ b/tests/unit-tests/test-chroot.sh @@ -44,6 +44,12 @@ function test_run_env_as_groot_no_cmd(){ assertEquals "chroot_cmd -b $HOME -b /tmp -b /proc -b /sys -b /dev $JUNEST_HOME /bin/sh --login -c /bin/sh --login" "$(cat $STDOUTF)" } +function test_run_env_as_groot_nested_env(){ + JUNEST_ENV=1 + assertCommandFailOnStatus 106 run_env_as_groot "" + unset JUNEST_ENV +} + function test_run_env_as_groot_cmd_with_backend_args(){ assertCommandSuccess run_env_as_groot "-n -b /home/blah" pwd assertEquals "chroot_cmd -b $HOME -b /tmp -b /proc -b /sys -b /dev -n -b /home/blah $JUNEST_HOME /bin/sh --login -c pwd" "$(cat $STDOUTF)" @@ -59,6 +65,12 @@ function test_run_env_as_chroot_no_cmd(){ assertEquals "chroot_cmd $JUNEST_HOME /bin/sh --login -c /bin/sh --login" "$(cat $STDOUTF)" } +function test_run_env_as_choot_nested_env(){ + JUNEST_ENV=1 + assertCommandFailOnStatus 106 run_env_as_chroot "" + unset JUNEST_ENV +} + function test_run_env_as_chroot_cmd_with_backend_args(){ assertCommandSuccess run_env_as_chroot "-n -b /home/blah" pwd assertEquals "chroot_cmd -n -b /home/blah $JUNEST_HOME /bin/sh --login -c pwd" "$(cat $STDOUTF)" diff --git a/tests/unit-tests/test-common.sh b/tests/unit-tests/test-common.sh index cfa3475..dfff6f4 100755 --- a/tests/unit-tests/test-common.sh +++ b/tests/unit-tests/test-common.sh @@ -164,7 +164,6 @@ function test_proot_cmd_seccomp(){ env | grep "^PROOT_NO_SECCOMP" } PROOT=envv - local output=$(proot_cmd | grep "^PROOT_NO_SECCOMP") assertCommandSuccess proot_cmd cmd # The variable PROOT_NO_SECCOMP will be produced # twice due to the fallback mechanism diff --git a/tests/unit-tests/test-namespace.sh b/tests/unit-tests/test-namespace.sh index 811cfef..c4e0f8d 100755 --- a/tests/unit-tests/test-namespace.sh +++ b/tests/unit-tests/test-namespace.sh @@ -110,4 +110,10 @@ function test_run_env_with_namespace_with_bindings_and_command() { _test_copy_remaining_files } +function test_run_env_with_namespace_nested_env(){ + JUNEST_ENV=1 + assertCommandFailOnStatus 106 run_env_with_namespace "" + unset JUNEST_ENV +} + source $JUNEST_ROOT/tests/utils/shunit2 diff --git a/tests/unit-tests/test-proot.sh b/tests/unit-tests/test-proot.sh index 6640035..cb2d35c 100755 --- a/tests/unit-tests/test-proot.sh +++ b/tests/unit-tests/test-proot.sh @@ -62,6 +62,12 @@ function test_run_env_as_user(){ _test_copy_remaining_files } +function test_run_env_as_user_nested_env(){ + JUNEST_ENV=1 + assertCommandFailOnStatus 106 run_env_as_user "" + unset JUNEST_ENV +} + function test_run_env_as_fakeroot(){ _run_env_with_qemu() { echo $@ @@ -76,6 +82,12 @@ function test_run_env_as_fakeroot(){ _test_copy_common_files } +function test_run_env_as_fakeroot_nested_env(){ + JUNEST_ENV=1 + assertCommandFailOnStatus 106 run_env_as_fakeroot "" + unset JUNEST_ENV +} + function test_run_env_with_quotes(){ _run_env_with_qemu() { echo $@