diff options
author | Nick Thomas <nick@gitlab.com> | 2018-04-25 00:42:56 +0300 |
---|---|---|
committer | Nick Thomas <nick@gitlab.com> | 2018-04-27 19:13:46 +0300 |
commit | 7667febecf3bb627d3e0912a59fa1d8918519280 (patch) | |
tree | b7037c5429cdb3eb4e7b205a8c4f8c0aaf1e010a /helpers_test.go | |
parent | 05c03d65f64021f4a3ead9b627b7293e7b63ca07 (diff) |
Restore the old in-place chroot behaviour as a command-line option
Diffstat (limited to 'helpers_test.go')
-rw-r--r-- | helpers_test.go | 48 |
1 files changed, 35 insertions, 13 deletions
diff --git a/helpers_test.go b/helpers_test.go index 656585c8..e853e1c4 100644 --- a/helpers_test.go +++ b/helpers_test.go @@ -10,7 +10,6 @@ import ( "net/http" "os" "os/exec" - "strconv" "strings" "testing" "time" @@ -206,23 +205,46 @@ func getPagesArgs(t *testing.T, listeners []ListenSpec, promPort string, extraAr args = append(args, "-metrics-address", promPort) } - // At least one of `-daemon-uid` and `-daemon-gid` must be non-zero - if daemon, _ := strconv.ParseBool(os.Getenv("TEST_DAEMONIZE")); daemon { - if os.Geteuid() == 0 { - t.Log("Running pages as a daemon") - args = append(args, "-daemon-uid", "0") - args = append(args, "-daemon-gid", "65534") // Root user can switch to "nobody" - } else { - t.Log("Privilege-dropping requested but not running as root!") - t.FailNow() - } - } - + args = append(args, getPagesDaemonArgs(t)...) args = append(args, extraArgs...) return } +func getPagesDaemonArgs(t *testing.T) []string { + mode := os.Getenv("TEST_DAEMONIZE") + if mode == "" { + return nil + } + + if os.Geteuid() != 0 { + t.Log("Privilege-dropping requested but not running as root!") + t.FailNow() + return nil + } + + out := []string{} + + switch mode { + case "tmpdir": + out = append(out, "-daemon-inplace-chroot=false") + case "inplace": + out = append(out, "-daemon-inplace-chroot=true") + default: + t.Log("Unknown daemonize mode", mode) + t.FailNow() + return nil + } + + t.Log("Running pages as a daemon") + + // This triggers the drop-privileges-and-chroot code in the pages daemon + out = append(out, "-daemon-uid", "0") + out = append(out, "-daemon-gid", "65534") + + return out +} + // Does a HTTP(S) GET against the listener specified, setting a fake // Host: and constructing the URL from the listener and the URL suffix. func GetPageFromListener(t *testing.T, spec ListenSpec, host, urlsuffix string) (*http.Response, error) { |