From 3855c948c029490c616f4b4aa81b47e6df8c12a0 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 9 Mar 2010 16:36:48 -0800
Subject: [PATCH] Add tests which, when run as root, will ensure we can't write
 into a read-only directory, or read a owner-read-only file.

Jeremy.
---
 source3/script/tests/selftest.sh          |  33 ++++++--
 source3/script/tests/test_smbclient_s3.sh | 128 +++++++++++++++++++++++++++++-
 source3/script/tests/tests_all.sh         |   4 +-
 3 files changed, 154 insertions(+), 11 deletions(-)

diff --git a/source3/script/tests/selftest.sh b/source3/script/tests/selftest.sh
index 9994e47035f..e49bca863b1 100755
--- a/source3/script/tests/selftest.sh
+++ b/source3/script/tests/selftest.sh
@@ -36,9 +36,22 @@ if [ $CUSTOM_CONF_ARG ]; then
 fi
 
 ##
-## create the test directory
+## create the test directory layout
 ##
 PREFIX=`echo $DIRECTORY | sed s+//+/+`
+printf "%s" "CREATE TEST ENVIRONMENT IN '$PREFIX'"...
+/bin/rm -rf $PREFIX
+if [ -e "$PREFIX" ]; then
+	echo "***"
+	echo "*** Failed to delete test environment $PREFIX"
+	echo "*** Was a previous run done as root ?"
+	echo "***"
+	exit 1
+fi
+
+##
+## create the test directory
+##
 mkdir -p $PREFIX || exit $?
 OLD_PWD=`pwd`
 cd $PREFIX || exit $?
@@ -145,11 +158,6 @@ if test "x`smbd -b | grep NSS_WRAPPER`" = "x"; then
 fi
 
 
-## 
-## create the test directory layout
-##
-printf "%s" "CREATE TEST ENVIRONMENT IN '$PREFIX'"...
-/bin/rm -rf $PREFIX/*
 mkdir -p $PRIVATEDIR $NCALRPCDIR $LIBDIR $PIDDIR $LOCKDIR $LOGDIR
 mkdir -p $SOCKET_WRAPPER_DIR
 mkdir -p $WINBINDD_SOCKET_DIR
@@ -173,6 +181,16 @@ fi
 chmod 777 $SHRDIR
 
 ##
+## Create a read-only directory.
+##
+RO_SHRDIR=`echo $SHRDIR | sed -e 's:/[^/]*$::'`
+RO_SHRDIR=$RO_SHRDIR/root-tmp
+mkdir -p $RO_SHRDIR
+chmod 755 $RO_SHRDIR
+touch $RO_SHRDIR/unreadable_file
+chmod 600 $RO_SHRDIR/unreadable_file
+
+##
 ## Create the common config include file with the basic settings
 ##
 
@@ -269,6 +287,9 @@ cat >$SERVERCONFFILE<<EOF
 
 [tmp]
 	path = $SHRDIR
+[ro-tmp]
+	path = $RO_SHRDIR
+	guest ok = yes
 [hideunread]
 	copy = tmp
 	hide unreadable = yes
diff --git a/source3/script/tests/test_smbclient_s3.sh b/source3/script/tests/test_smbclient_s3.sh
index ff5022015f8..84a3999f90e 100755
--- a/source3/script/tests/test_smbclient_s3.sh
+++ b/source3/script/tests/test_smbclient_s3.sh
@@ -2,9 +2,9 @@
 
 # this runs the file serving tests that are expected to pass with samba3
 
-if [ $# -lt 4 ]; then
+if [ $# -lt 5 ]; then
 cat <<EOF
-Usage: test_smbclient_s3.sh SERVER SERVER_IP USERNAME PASSWORD
+Usage: test_smbclient_s3.sh SERVER SERVER_IP USERNAME PASSWORD USERID
 EOF
 exit 1;
 fi
@@ -13,8 +13,9 @@ SERVER="$1"
 SERVER_IP="$2"
 USERNAME="$3"
 PASSWORD="$4"
+USERID="$5"
 SMBCLIENT="$VALGRIND ${SMBCLIENT:-$BINDIR/smbclient} $CONFIGURATION"
-shift 4
+shift 5
 ADDARGS="$*"
 
 test x"$TEST_FUNCTIONS_SH" != x"INCLUDED" && {
@@ -126,6 +127,119 @@ EOF
     fi
 }
 
+# Test writing into a read-only directory (logon as guest) fails.
+test_read_only_dir()
+{
+    prompt="NT_STATUS_ACCESS_DENIED making remote directory"
+    tmpfile=/tmp/smbclient.in.$$
+
+##
+## We can't do this as non-root. We always have rights to
+## create the directory.
+##
+    if [ "$USERID" != 0 ]; then
+	echo "skipping test_read_only_dir as non-root"
+	true
+	return
+    fi
+
+##
+## We can't do this with an encrypted connection. No credentials
+## to set up the channel.
+##
+    if [ "$ADDARGS" == "-e" ]; then
+	echo "skipping test_read_only_dir with encrypted connection"
+	true
+	return
+    fi
+
+    cat > $tmpfile <<EOF
+mkdir a_test_dir
+quit
+EOF
+
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT $CONFIGURATION "$@" -U% //$SERVER/ro-tmp -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+    rm -f $tmpfile
+
+    if [ $ret != 0 ] ; then
+	echo "$out"
+	echo "failed writing into read-only directory with error $ret"
+	false
+	return
+    fi
+
+    echo "$out" | grep "$prompt" >/dev/null 2>&1
+
+    ret=$?
+    if [ $ret = 0 ] ; then
+	# got the correct prompt .. succeed
+	true
+    else
+	echo "$out"
+	echo "failed writing into read-only directory - grep failed with $ret"
+	false
+    fi
+}
+
+# Test reading an owner-only file (logon as guest) fails.
+test_owner_only_file()
+{
+    prompt="NT_STATUS_ACCESS_DENIED opening remote file"
+    tmpfile=/tmp/smbclient.in.$$
+
+##
+## We can't do this as non-root. We always have rights to
+## read the file.
+##
+    if [ "$USERID" != 0 ]; then
+	echo "skipping test_owner_only_file as non-root"
+	true
+	return
+    fi
+
+##
+## We can't do this with an encrypted connection. No credentials
+## to set up the channel.
+##
+    if [ "$ADDARGS" == "-e" ]; then
+	echo "skipping test_owner_only_file with encrypted connection"
+	true
+	return
+    fi
+
+    cat > $tmpfile <<EOF
+get unreadable_file
+quit
+EOF
+
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT $CONFIGURATION "$@" -U% //$SERVER/ro-tmp -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+    rm -f $tmpfile
+
+    if [ $ret != 0 ] ; then
+	echo "$out"
+	echo "failed reading owner-only file with error $ret"
+	false
+	return
+    fi
+
+    echo "$out" | grep "$prompt" >/dev/null 2>&1
+
+    ret=$?
+    if [ $ret = 0 ] ; then
+	# got the correct prompt .. succeed
+	true
+    else
+	echo "$out"
+	echo "failed reading owner-only file - grep failed with $ret"
+	false
+    fi
+}
 
 testit "smbclient -L $SERVER_IP" $SMBCLIENT $CONFIGURATION -L $SERVER_IP -N -p 139 || failed=`expr $failed + 1`
 testit "smbclient -L $SERVER -I $SERVER_IP" $SMBCLIENT $CONFIGURATION -L $SERVER -I $SERVER_IP -N -p 139 || failed=`expr $failed + 1`
@@ -150,4 +264,12 @@ testit "creating a bad symlink and deleting it" \
    test_bad_symlink || \
    failed=`expr $failed + 1`
 
+testit "writing into a read-only directory fails" \
+   test_read_only_dir || \
+   failed=`expr $failed + 1`
+
+testit "Reading a owner-only file fails" \
+   test_owner_only_file || \
+   failed=`expr $failed + 1`
+
 testok $0 $failed
diff --git a/source3/script/tests/tests_all.sh b/source3/script/tests/tests_all.sh
index 11d315b1981..153f8ea0d5f 100755
--- a/source3/script/tests/tests_all.sh
+++ b/source3/script/tests/tests_all.sh
@@ -20,13 +20,13 @@ smbtorture_s3_encrypted() {
 
 smbclient_s3() {
 	echo "RUNNING TESTS smbclient_s3"
-	$SCRIPTDIR/test_smbclient_s3.sh $SERVER $SERVER_IP $USERNAME $PASSWORD \
+	$SCRIPTDIR/test_smbclient_s3.sh $SERVER $SERVER_IP $USERNAME $PASSWORD $USERID \
 	|| failed=`expr $failed + $?`
 }
 
 smbclient_s3_encrypted() {
 	echo "RUNNING TESTS smbclient_s3_encrypted"
-	$SCRIPTDIR/test_smbclient_s3.sh $SERVER $SERVER_IP $USERNAME $PASSWORD "-e" \
+	$SCRIPTDIR/test_smbclient_s3.sh $SERVER $SERVER_IP $USERNAME $PASSWORD $USERID "-e" \
 	|| failed=`expr $failed + $?`
 }
 
-- 
2.11.4.GIT