1*bbb1b6f9SApple OSS Distributions #include <darwintest.h> 2*bbb1b6f9SApple OSS Distributions 3*bbb1b6f9SApple OSS Distributions #include <errno.h> 4*bbb1b6f9SApple OSS Distributions #include <libproc.h> 5*bbb1b6f9SApple OSS Distributions #include <signal.h> 6*bbb1b6f9SApple OSS Distributions #include <spawn.h> 7*bbb1b6f9SApple OSS Distributions #include <spawn_private.h> 8*bbb1b6f9SApple OSS Distributions #include <stdbool.h> 9*bbb1b6f9SApple OSS Distributions #include <stdint.h> 10*bbb1b6f9SApple OSS Distributions #include <stdio.h> 11*bbb1b6f9SApple OSS Distributions #include <stdlib.h> 12*bbb1b6f9SApple OSS Distributions #include <string.h> 13*bbb1b6f9SApple OSS Distributions #include <sys/kauth.h> 14*bbb1b6f9SApple OSS Distributions #include <sys/proc_info.h> 15*bbb1b6f9SApple OSS Distributions #include <sys/spawn_internal.h> 16*bbb1b6f9SApple OSS Distributions #include <sys/sysctl.h> 17*bbb1b6f9SApple OSS Distributions #include <sysexits.h> 18*bbb1b6f9SApple OSS Distributions #include <unistd.h> 19*bbb1b6f9SApple OSS Distributions 20*bbb1b6f9SApple OSS Distributions T_GLOBAL_META(T_META_RUN_CONCURRENTLY(true)); 21*bbb1b6f9SApple OSS Distributions 22*bbb1b6f9SApple OSS Distributions T_DECL(posix_spawn_posix_cred, "Check posix_spawnattr for POSIX creds", 23*bbb1b6f9SApple OSS Distributions T_META_ASROOT(true), T_META_TAG_VM_PREFERRED) 24*bbb1b6f9SApple OSS Distributions { 25*bbb1b6f9SApple OSS Distributions posix_spawnattr_t attr; 26*bbb1b6f9SApple OSS Distributions int ret; 27*bbb1b6f9SApple OSS Distributions 28*bbb1b6f9SApple OSS Distributions ret = posix_spawnattr_init(&attr); 29*bbb1b6f9SApple OSS Distributions T_QUIET; 30*bbb1b6f9SApple OSS Distributions T_ASSERT_POSIX_SUCCESS(ret, "posix_spawnattr_init"); 31*bbb1b6f9SApple OSS Distributions 32*bbb1b6f9SApple OSS Distributions ret = posix_spawnattr_setflags(&attr, POSIX_SPAWN_START_SUSPENDED); 33*bbb1b6f9SApple OSS Distributions T_QUIET; 34*bbb1b6f9SApple OSS Distributions T_ASSERT_POSIX_SUCCESS(ret, "posix_spawnattr_setflags"); 35*bbb1b6f9SApple OSS Distributions 36*bbb1b6f9SApple OSS Distributions ret = posix_spawnattr_setflags(&attr, POSIX_SPAWN_SETSID); 37*bbb1b6f9SApple OSS Distributions T_ASSERT_POSIX_SUCCESS(ret, "posix_spawnattr_setflags(POSIX_SPAWN_SETSID)"); 38*bbb1b6f9SApple OSS Distributions 39*bbb1b6f9SApple OSS Distributions ret = posix_spawnattr_set_uid_np(&attr, 502); 40*bbb1b6f9SApple OSS Distributions T_ASSERT_POSIX_SUCCESS(ret, "posix_spawnattr_set_uid_np"); 41*bbb1b6f9SApple OSS Distributions 42*bbb1b6f9SApple OSS Distributions ret = posix_spawnattr_set_gid_np(&attr, 501); 43*bbb1b6f9SApple OSS Distributions T_ASSERT_POSIX_SUCCESS(ret, "posix_spawnattr_set_gid_np"); 44*bbb1b6f9SApple OSS Distributions 45*bbb1b6f9SApple OSS Distributions gid_t groups[3] = { 501, 250, 299 }; 46*bbb1b6f9SApple OSS Distributions ret = posix_spawnattr_set_groups_np(&attr, 3, &groups, KAUTH_UID_NONE); 47*bbb1b6f9SApple OSS Distributions T_ASSERT_POSIX_SUCCESS(ret, "posix_spawnattr_set_groups_np"); 48*bbb1b6f9SApple OSS Distributions 49*bbb1b6f9SApple OSS Distributions ret = posix_spawnattr_set_login_np(&attr, "fake-name"); 50*bbb1b6f9SApple OSS Distributions T_ASSERT_POSIX_SUCCESS(ret, "posix_spawnattr_set_login_np"); 51*bbb1b6f9SApple OSS Distributions 52*bbb1b6f9SApple OSS Distributions char * const prog = "/bin/sh"; 53*bbb1b6f9SApple OSS Distributions char * const argv_child[] = { prog, 54*bbb1b6f9SApple OSS Distributions "-c", 55*bbb1b6f9SApple OSS Distributions "test $(logname) = \"fake-name\" -a \"$(id -G)\" = \"501 250 299\"", 56*bbb1b6f9SApple OSS Distributions NULL, }; 57*bbb1b6f9SApple OSS Distributions pid_t child_pid; 58*bbb1b6f9SApple OSS Distributions extern char **environ; 59*bbb1b6f9SApple OSS Distributions 60*bbb1b6f9SApple OSS Distributions ret = posix_spawn(&child_pid, prog, NULL, &attr, argv_child, environ); 61*bbb1b6f9SApple OSS Distributions T_ASSERT_POSIX_SUCCESS(ret, "posix_spawn"); 62*bbb1b6f9SApple OSS Distributions 63*bbb1b6f9SApple OSS Distributions T_LOG("parent: spawned child with pid %d\n", child_pid); 64*bbb1b6f9SApple OSS Distributions 65*bbb1b6f9SApple OSS Distributions ret = posix_spawnattr_destroy(&attr); 66*bbb1b6f9SApple OSS Distributions T_QUIET; 67*bbb1b6f9SApple OSS Distributions T_ASSERT_POSIX_SUCCESS(ret, "posix_spawnattr_destroy"); 68*bbb1b6f9SApple OSS Distributions 69*bbb1b6f9SApple OSS Distributions struct proc_bsdinfo info; 70*bbb1b6f9SApple OSS Distributions 71*bbb1b6f9SApple OSS Distributions ret = proc_pidinfo(child_pid, PROC_PIDTBSDINFO, 1, &info, sizeof(info)); 72*bbb1b6f9SApple OSS Distributions T_QUIET; 73*bbb1b6f9SApple OSS Distributions T_ASSERT_EQ(ret, (int)sizeof(info), "proc_pidinfo(PROC_PIDTBSDINFO)"); 74*bbb1b6f9SApple OSS Distributions 75*bbb1b6f9SApple OSS Distributions T_EXPECT_TRUE((bool)(info.pbi_flags & PROC_FLAG_SLEADER), 76*bbb1b6f9SApple OSS Distributions "check setsid happened"); 77*bbb1b6f9SApple OSS Distributions T_EXPECT_EQ(info.pbi_uid, 502, "UID was set"); 78*bbb1b6f9SApple OSS Distributions T_EXPECT_EQ(info.pbi_gid, 501, "GID was set"); 79*bbb1b6f9SApple OSS Distributions 80*bbb1b6f9SApple OSS Distributions ret = kill(child_pid, SIGCONT); 81*bbb1b6f9SApple OSS Distributions T_ASSERT_POSIX_SUCCESS(ret, "kill(signal)"); 82*bbb1b6f9SApple OSS Distributions 83*bbb1b6f9SApple OSS Distributions T_LOG("parent: waiting for child process\n"); 84*bbb1b6f9SApple OSS Distributions 85*bbb1b6f9SApple OSS Distributions int status = 0; 86*bbb1b6f9SApple OSS Distributions int waitpid_result = waitpid(child_pid, &status, 0); 87*bbb1b6f9SApple OSS Distributions T_ASSERT_POSIX_SUCCESS(waitpid_result, "waitpid"); 88*bbb1b6f9SApple OSS Distributions T_ASSERT_EQ(waitpid_result, child_pid, "waitpid should return child we spawned"); 89*bbb1b6f9SApple OSS Distributions T_ASSERT_EQ(WIFEXITED(status), 1, "child should have exited normally"); 90*bbb1b6f9SApple OSS Distributions T_ASSERT_EQ(WEXITSTATUS(status), EX_OK, "child should have exited with success"); 91*bbb1b6f9SApple OSS Distributions } 92