diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2019-10-16 11:51:42 +0200 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2019-10-16 22:53:40 +0200 |
| commit | 81c580c8664bfeeb767e2c47ea343004e88223c7 (patch) | |
| tree | 682678e9f32fd6c38f78ccd5cd2ab58ee736e1be /tests | |
| parent | a1aaca314ca94700ebe3449d6bd73522f2d243bc (diff) | |
| download | patches-81c580c8664bfeeb767e2c47ea343004e88223c7.tar patches-81c580c8664bfeeb767e2c47ea343004e88223c7.tar.gz | |
daemon: Make 'profiles/per-user' non-world-writable.
Fixes <https://bugs.gnu.org/37744>.
Reported at <https://www.openwall.com/lists/oss-security/2019/10/09/4>.
Based on Nix commit 5a303093dcae1e5ce9212616ef18f2ca51020b0d
by Eelco Dolstra <edolstra@gmail.com>.
* nix/libstore/local-store.cc (LocalStore::LocalStore): Set 'perUserDir'
to #o755 instead of #o1777.
(LocalStore::createUser): New function.
* nix/libstore/local-store.hh (LocalStore): Add it.
* nix/libstore/store-api.hh (StoreAPI): Add it.
* nix/nix-daemon/nix-daemon.cc (performOp): In 'wopSetOptions', add
condition to handle "user-name" property and honor it.
(processConnection): Add 'userId' parameter. Call 'store->createUser'
when userId is not -1.
* guix/profiles.scm (ensure-profile-directory): Note that this is now
handled by the daemon.
* guix/store.scm (current-user-name): New procedure.
(set-build-options): Add #:user-name parameter and pass it to the daemon.
* tests/guix-daemon.sh: Test the creation of 'profiles/per-user' when
listening on a TCP socket.
* tests/store.scm ("profiles/per-user exists and is not writable")
("profiles/per-user/$USER exists"): New tests.
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/guix-daemon.sh | 21 | ||||
| -rw-r--r-- | tests/store.scm | 13 |
2 files changed, 33 insertions, 1 deletions
diff --git a/tests/guix-daemon.sh b/tests/guix-daemon.sh index 758f18cc36..b58500966b 100644 --- a/tests/guix-daemon.sh +++ b/tests/guix-daemon.sh @@ -94,6 +94,27 @@ done kill "$daemon_pid" +# Make sure 'profiles/per-user' is created when connecting over TCP. + +orig_GUIX_STATE_DIRECTORY="$GUIX_STATE_DIRECTORY" +GUIX_STATE_DIRECTORY="$GUIX_STATE_DIRECTORY-2" + +guix-daemon --disable-chroot --listen="localhost:9877" & +daemon_pid=$! + +GUIX_DAEMON_SOCKET="guix://localhost:9877" +export GUIX_DAEMON_SOCKET + +test ! -d "$GUIX_STATE_DIRECTORY/profiles/per-user" + +guix build guile-bootstrap -d + +test -d "$GUIX_STATE_DIRECTORY/profiles/per-user/$USER" + +kill "$daemon_pid" +unset GUIX_DAEMON_SOCKET +GUIX_STATE_DIRECTORY="$orig_GUIX_STATE_DIRECTORY" + # Check the failed build cache. guix-daemon --no-substitutes --listen="$socket" --disable-chroot \ diff --git a/tests/store.scm b/tests/store.scm index 518750d26a..2b14a4af0a 100644 --- a/tests/store.scm +++ b/tests/store.scm @@ -18,6 +18,7 @@ (define-module (test-store) #:use-module (guix tests) + #:use-module (guix config) #:use-module (guix store) #:use-module (guix utils) #:use-module (guix monads) @@ -102,7 +103,17 @@ "/283gqy39v3g9dxjy26rynl0zls82fmcg-guile-2.0.7/bin/guile"))) (not (direct-store-path? (%store-prefix))))) -(test-skip (if %store 0 13)) +(test-skip (if %store 0 15)) + +(test-equal "profiles/per-user exists and is not writable" + #o755 + (stat:perms (stat (string-append %state-directory "/profiles/per-user")))) + +(test-equal "profiles/per-user/$USER exists" + (list (getuid) #o755) + (let ((s (stat (string-append %state-directory "/profiles/per-user/" + (passwd:name (getpwuid (getuid))))))) + (list (stat:uid s) (stat:perms s)))) (test-equal "add-data-to-store" #vu8(1 2 3 4 5) |