Got Mirror

Blob

Date:: Thu Dec 8 22:23:03 2022 UTC
Message:: make it easier to run gotd regress via doas(1); ok kn, tracey
Actions:: History | Blame | Raw File
1 REGRESS_TARGETS=test_repo_read test_repo_read_group \
2 	test_repo_read_denied_user test_repo_read_denied_group \
3 	test_repo_read_bad_user test_repo_read_bad_group \
4 	test_repo_write test_repo_write_empty
5 NOOBJ=Yes
6 
7 .PHONY: ensure_root prepare_test_repo check_test_repo start_gotd
8 
9 GOTD_TEST_ROOT=/tmp
10 GOTD_DEVUSER?=gotdev
11 GOTD_DEVUSER_HOME!=userinfo $(GOTD_DEVUSER) | awk '/^dir/ {print $$2}'
12 GOTD_TEST_REPO!?=mktemp -d "$(GOTD_TEST_ROOT)/gotd-test-repo-XXXXXXXXX"
13 GOTD_TEST_REPO_URL=ssh://${GOTD_DEVUSER}@127.0.0.1/test-repo
14 
15 GOTD_TEST_USER?=${USERNAME}
16 GOTD_TEST_USER_HOME!=userinfo $(GOTD_TEST_USER) | awk '/^dir/ {print $$2}'
17 
18 # gotd.conf parameters
19 GOTD_USER?=got
20 GOTD_GROUP?=gotsh
21 GOTD_SOCK=${GOTD_DEVUSER_HOME}/gotd.sock
22 
23 GOTD_START_CMD=../../gotd/obj/gotd -vv -f $(PWD)/gotd.conf
24 GOTD_STOP_CMD=../../gotctl/obj/gotctl -f $(GOTD_SOCK) stop
25 GOTD_TRAP=trap "$(GOTD_STOP_CMD)" HUP INT QUIT PIPE TERM
26 
27 GOTD_TEST_ENV=GOTD_TEST_ROOT=$(GOTD_TEST_ROOT) \
28 	GOTD_TEST_REPO_URL=$(GOTD_TEST_REPO_URL) \
29 	GOTD_TEST_REPO=$(GOTD_TEST_REPO) \
30 	GOTD_SOCK=$(GOTD_SOCK) \
31 	GOTD_DEVUSER=$(GOTD_DEVUSER) \
32 	HOME=$(GOTD_TEST_USER_HOME) \
33 	PATH=$(GOTD_TEST_USER_HOME)/bin:$(PATH)
34 
35 ensure_root:
36 	@if [[ `id -u` -ne 0 ]]; then \
37 		echo gotd test suite must be started by root >&2; \
38 		false; \
39 	fi ; \
40 	if [[ "$(GOTD_TEST_USER)" = "root" ]]; then \
41 		echo GOTD_TEST_USER must be a non-root user >&2; \
42 		false; \
43 	fi
44 
45 start_gotd_ro: ensure_root
46 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
47 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
48 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
49 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
50 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
51 	@echo '    permit ro $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
52 	@echo "}" >> $(PWD)/gotd.conf
53 	@$(GOTD_TRAP); $(GOTD_START_CMD)
54 	@$(GOTD_TRAP); sleep .5
55 
56 start_gotd_ro_group: ensure_root
57 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
58 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
59 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
60 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
61 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
62 	@echo '    permit ro :$(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
63 	@echo "}" >> $(PWD)/gotd.conf
64 	@$(GOTD_TRAP); $(GOTD_START_CMD)
65 	@$(GOTD_TRAP); sleep .5
66 
67 # try a permit rule followed by a deny rule; last matched rule wins
68 start_gotd_ro_denied_user: ensure_root
69 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
70 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
71 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
72 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
73 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
74 	@echo '    permit ro $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
75 	@echo '    deny $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
76 	@echo "}" >> $(PWD)/gotd.conf
77 	@$(GOTD_TRAP); $(GOTD_START_CMD)
78 	@$(GOTD_TRAP); sleep .5
79 
80 # try a permit rule followed by a deny rule; last matched rule wins
81 start_gotd_ro_denied_group: ensure_root
82 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
83 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
84 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
85 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
86 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
87 	@echo '    permit ro $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
88 	@echo '    deny :$(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
89 	@echo "}" >> $(PWD)/gotd.conf
90 	@$(GOTD_TRAP); $(GOTD_START_CMD)
91 	@$(GOTD_TRAP); sleep .5
92 
93 # $GOTD_DEVUSER should not equal $GOTD_USER
94 start_gotd_ro_bad_user: ensure_root
95 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
96 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
97 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
98 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
99 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
100 	@echo '    permit ro $(GOTD_USER)' >> $(PWD)/gotd.conf
101 	@echo "}" >> $(PWD)/gotd.conf
102 	@$(GOTD_TRAP); $(GOTD_START_CMD)
103 	@$(GOTD_TRAP); sleep .5
104 
105 # $GOTD_DEVUSER should not be in group wheel
106 start_gotd_ro_bad_group: ensure_root
107 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
108 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
109 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
110 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
111 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
112 	@echo '    permit ro :wheel' >> $(PWD)/gotd.conf
113 	@echo "}" >> $(PWD)/gotd.conf
114 	@$(GOTD_TRAP); $(GOTD_START_CMD)
115 	@$(GOTD_TRAP); sleep .5
116 
117 start_gotd_rw: ensure_root
118 	@echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
119 	@echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
120 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
121 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
122 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
123 	@echo '    permit rw $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
124 	@echo "}" >> $(PWD)/gotd.conf
125 	@$(GOTD_TRAP); $(GOTD_START_CMD)
126 	@$(GOTD_TRAP); sleep .5
127 
128 prepare_test_repo: ensure_root
129 	@chown ${GOTD_USER} "${GOTD_TEST_REPO}"
130 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./prepare_test_repo.sh'
131 
132 prepare_test_repo_empty: ensure_root
133 	@chown ${GOTD_USER} "${GOTD_TEST_REPO}"
134 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./prepare_test_repo.sh 1'
135 
136 test_repo_read: prepare_test_repo start_gotd_ro
137 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
138 		'env $(GOTD_TEST_ENV) sh ./repo_read.sh'
139 	@$(GOTD_STOP_CMD) 2>/dev/null
140 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
141 
142 test_repo_read_group: prepare_test_repo start_gotd_ro_group
143 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
144 		'env $(GOTD_TEST_ENV) sh ./repo_read.sh'
145 	@$(GOTD_STOP_CMD) 2>/dev/null
146 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
147 
148 test_repo_read_denied_user: prepare_test_repo start_gotd_ro_denied_user
149 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
150 		'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
151 	@$(GOTD_STOP_CMD) 2>/dev/null
152 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
153 
154 test_repo_read_denied_group: prepare_test_repo start_gotd_ro_denied_group
155 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
156 		'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
157 	@$(GOTD_STOP_CMD) 2>/dev/null
158 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
159 
160 test_repo_read_bad_user: prepare_test_repo start_gotd_ro_bad_user
161 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
162 		'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
163 	@$(GOTD_STOP_CMD) 2>/dev/null
164 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
165 
166 test_repo_read_bad_group: prepare_test_repo start_gotd_ro_bad_group
167 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
168 		'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
169 	@$(GOTD_STOP_CMD) 2>/dev/null
170 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
171 
172 test_repo_write: prepare_test_repo start_gotd_rw
173 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
174 		'env $(GOTD_TEST_ENV) sh ./repo_write.sh'
175 	@$(GOTD_STOP_CMD) 2>/dev/null
176 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
177 
178 test_repo_write_empty: prepare_test_repo_empty start_gotd_rw
179 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
180 		'env $(GOTD_TEST_ENV) sh ./repo_write_empty.sh'
181 	@$(GOTD_STOP_CMD) 2>/dev/null
182 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
183 	
184 .include <bsd.regress.mk>