void TestAuthErr() {
  EscalateHelper *helper = NULL;
  GIOChannel *stdin_writer = NULL;
  GIOChannel *stdout_reader = NULL;
  GThread *helper_thread = NULL;

  EscalateTestSetIds(100, 0, 100, 0);
  EscalateTestMockAuthenticate(auth_err_prompts, PAM_AUTH_ERR);

  CreateHelper(&helper, &stdin_writer, &stdout_reader);
  helper_thread = RunHelperThread(helper);

  WriteMessage(stdin_writer,
               "(1, <(1, 0, 'janedoe', {3: @ms '/dev/pts/9000'})>)");
  AssertMessage(stdout_reader, "(2, <(1, 'Password: '******'testpass', 0)>)");
  AssertMessage(stdout_reader, "(2, <(4, 'Failed!')>)");
  WriteMessage(stdin_writer, "(3, <(@ms nothing, 0)>)");
  AssertMessage(stdout_reader, "(4, <(7,)>)");

  JoinHelperThread(helper_thread);
  EscalateHelperFree(helper);
  g_io_channel_unref(stdin_writer);
  g_io_channel_unref(stdout_reader);
}
Пример #2
0
int main(int argc, char **argv) {
  GError *error = NULL;
  GOptionContext *context = NULL;
  uid_t orig_uid = -1;
  gid_t orig_gid = -1;
  EscalateHelper *helper = NULL;
  int exit_code = 2;

  clearenv();
  umask(0077);

  context = g_option_context_new("- helper for pam_escalate.so");
  if (!g_option_context_parse(context, &argc, &argv, &error)) {
    goto done;
  }

  if (argc > 1) {
    g_set_error(&error, ESCALATE_HELPER_ERROR, ESCALATE_HELPER_ERROR_EXTRA_ARGS,
                "Non-flag arguments are not accepted");
    goto done;
  }

  orig_uid = getuid();
  orig_gid = getgid();

  if (orig_uid != geteuid()) {
    if (setuid(geteuid())) {
      g_error("setuid() failed: %s", g_strerror(errno));
    }
  }

  if (orig_gid != getegid()) {
    if (setgid(getegid())) {
      g_error("setgid() failed: %s", g_strerror(errno));
    }
  }

  helper = EscalateHelperNew(STDIN_FILENO, STDOUT_FILENO, orig_uid, orig_gid);

  if (!EscalateHelperHandleStart(helper, &error)) {
    goto done;
  }

  if (EscalateHelperDoAction(helper, &error)) {
    exit_code = 0;
  } else {
    exit_code = 1;
  }

done:
  if (error) {
    g_printerr("Caught error: %s\n", error->message);
    g_error_free(error);
  }
  EscalateHelperFree(helper);
  return exit_code;
}
static void TestWrongUser() {
  EscalateHelper *helper = NULL;
  GIOChannel *stdin_writer = NULL;
  GIOChannel *stdout_reader = NULL;
  GThread *helper_thread = NULL;

  EscalateTestSetIds(101, 0, 101, 0);
  EscalateTestMockAuthenticate(auth_wrong_user_prompts, PAM_AUTH_ERR);

  CreateHelper(&helper, &stdin_writer, &stdout_reader);
  helper_thread = RunHelperThread(helper);

  WriteMessage(stdin_writer,
               "(1, <(1, 0, 'janedoe', {3: @ms '/dev/pts/9000'})>)");
  AssertMessage(stdout_reader, "(4, <(4,)>)");

  JoinHelperThread(helper_thread);
  EscalateHelperFree(helper);
  g_io_channel_unref(stdin_writer);
  g_io_channel_unref(stdout_reader);
}