diff options
author | Heiko Schlittermann (HS12) <hs@schlittermann.de> | 2015-04-06 23:29:33 +0200 |
---|---|---|
committer | Heiko Schlittermann (HS12) <hs@schlittermann.de> | 2015-04-25 21:01:52 +0200 |
commit | 32ca7e2d3443b12a06aa0ae6bd21bfa8c27d031a (patch) | |
tree | a821e3bbcf7114dbd54b53356a1eac3f37de93b5 | |
parent | 26ab1da32241a0be1cf08ce866b00429fc35d06d (diff) |
Testsuite: check the TRUSTED_CONFIG_LIST content
The testsuite relies on trusted configs. Exim needs to be compiled with
the TRUSTED_CONFIG_LIST option. The file mentioned in the
TRUSTED_CONFIG_LIST needs to meet several conditions.
-rwxr-xr-x | test/runtest | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/test/runtest b/test/runtest index 0a2ede9ef..4247f8c53 100755 --- a/test/runtest +++ b/test/runtest @@ -2405,12 +2405,13 @@ symlink("$parm_cwd/confs/0000", "$parm_cwd/test-config") print("Probing with config file: $parm_cwd/test-config\n"); open(EXIMINFO, "$parm_exim -d -C $parm_cwd/test-config -DDIR=$parm_cwd " . - "-bP exim_user exim_group|") || + "-bP exim_user exim_group 2>&1|") || die "** Cannot run $parm_exim: $!\n"; while(<EXIMINFO>) { $parm_eximuser = $1 if /^exim_user = (.*)$/; $parm_eximgroup = $1 if /^exim_group = (.*)$/; + $parm_trusted_config_list = $1 if /^TRUSTED_CONFIG_LIST:.*?"(.*?)"$/; } close(EXIMINFO); @@ -2433,6 +2434,34 @@ if (defined $parm_eximgroup) else { $parm_exim_gid = getgrnam($parm_eximgroup); } } +# check the permissions on the TRUSTED_CONFIG_LIST +if (defined $parm_trusted_config_list) + { + die "TRUSTED_CONFIG_LIST: $parm_trusted_config_list: $!\n" + if not -f $parm_trusted_config_list; + + die "TRUSTED_CONFIG_LIST $parm_trusted_config_list must not be world writable!\n" + if 02 & (stat _)[2]; + + die sprintf "TRUSTED_CONFIG_LIST: $parm_trusted_config_list %d is group writable, but not owned by group '%s' or '%s'.\n", + (stat _)[1], + scalar(getgrgid 0), scalar(getgrgid $>) + if (020 & (stat _)[2]) and not ((stat _)[5] == $> or (stat _)[5] == 0); + + die sprintf "TRUSTED_CONFIG_LIST: $parm_trusted_config_list is not owned by user '%s' or '%s'.\n", + scalar(getpwuid 0), scalar(getpwuid $>) + if (not (-o _ or (stat _)[4] == 0)); + + open(TCL, $parm_trusted_config_list) or die "Can't open $parm_trusted_config_list: $!\n"; + my $test_config = getcwd() . '/test-config'; + die "Can't find '$test_config' in TRUSTED_CONFIG_LIST $parm_trusted_config_list." + if not grep { /^$test_config$/ } <TCL>; + } +else + { + die "Unable to check the TRUSTED_CONFIG_LIST, seems to be empty?\n"; + } + open(EXIMINFO, "$parm_exim -bV -C $parm_cwd/test-config -DDIR=$parm_cwd |") || die "** Cannot run $parm_exim: $!\n"; |