1 REGRESS_TARGETS=test_repo_read test_repo_read_group \
2 test_repo_read_denied_user test_repo_read_denied_group \
3 test_repo_read_bad_user test_repo_read_bad_group \
4 test_repo_write test_repo_write_empty test_req_wrong_commit
7 .PHONY: ensure_root prepare_test_repo check_test_repo start_gotd
11 GOTD_DEVUSER_HOME!=userinfo $(GOTD_DEVUSER) | awk '/^dir/ {print $$2}'
12 GOTD_TEST_REPO!?=mktemp -d "$(GOTD_TEST_ROOT)/gotd-test-repo-XXXXXXXXX"
13 GOTD_TEST_REPO_URL=ssh://${GOTD_DEVUSER}@127.0.0.1/test-repo
15 GOTD_TEST_USER?=${DOAS_USER}
16 .if empty(GOTD_TEST_USER)
17 GOTD_TEST_USER=${SUDO_USER}
19 .if empty(GOTD_TEST_USER)
20 GOTD_TEST_USER=${USER}
22 GOTD_TEST_USER_HOME!=userinfo $(GOTD_TEST_USER) | awk '/^dir/ {print $$2}'
24 # gotd.conf parameters
27 GOTD_SOCK=${GOTD_DEVUSER_HOME}/gotd.sock
29 GOTD_START_CMD=../../gotd/obj/gotd -vv -f $(PWD)/gotd.conf
30 GOTD_STOP_CMD=../../gotctl/obj/gotctl -f $(GOTD_SOCK) stop
31 GOTD_TRAP=trap "$(GOTD_STOP_CMD)" HUP INT QUIT PIPE TERM
33 GOTD_TEST_ENV=GOTD_TEST_ROOT=$(GOTD_TEST_ROOT) \
34 GOTD_TEST_REPO_URL=$(GOTD_TEST_REPO_URL) \
35 GOTD_TEST_REPO=$(GOTD_TEST_REPO) \
36 GOTD_SOCK=$(GOTD_SOCK) \
37 GOTD_DEVUSER=$(GOTD_DEVUSER) \
38 HOME=$(GOTD_TEST_USER_HOME) \
39 PATH=$(GOTD_TEST_USER_HOME)/bin:$(PATH)
42 @if [[ `id -u` -ne 0 ]]; then \
43 echo gotd test suite must be started by root >&2; \
46 if [[ "$(GOTD_TEST_USER)" = "root" ]]; then \
47 echo GOTD_TEST_USER must be a non-root user >&2; \
51 start_gotd_ro: ensure_root
52 @echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
53 @echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
54 @echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
55 @echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
56 @echo ' path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
57 @echo ' permit ro $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
58 @echo "}" >> $(PWD)/gotd.conf
59 @$(GOTD_TRAP); $(GOTD_START_CMD)
60 @$(GOTD_TRAP); sleep .5
62 start_gotd_ro_group: ensure_root
63 @echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
64 @echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
65 @echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
66 @echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
67 @echo ' path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
68 @echo ' permit ro :$(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
69 @echo "}" >> $(PWD)/gotd.conf
70 @$(GOTD_TRAP); $(GOTD_START_CMD)
71 @$(GOTD_TRAP); sleep .5
73 # try a permit rule followed by a deny rule; last matched rule wins
74 start_gotd_ro_denied_user: ensure_root
75 @echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
76 @echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
77 @echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
78 @echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
79 @echo ' path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
80 @echo ' permit ro $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
81 @echo ' deny $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
82 @echo "}" >> $(PWD)/gotd.conf
83 @$(GOTD_TRAP); $(GOTD_START_CMD)
84 @$(GOTD_TRAP); sleep .5
86 # try a permit rule followed by a deny rule; last matched rule wins
87 start_gotd_ro_denied_group: ensure_root
88 @echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
89 @echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
90 @echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
91 @echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
92 @echo ' path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
93 @echo ' permit ro $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
94 @echo ' deny :$(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
95 @echo "}" >> $(PWD)/gotd.conf
96 @$(GOTD_TRAP); $(GOTD_START_CMD)
97 @$(GOTD_TRAP); sleep .5
99 # $GOTD_DEVUSER should not equal $GOTD_USER
100 start_gotd_ro_bad_user: ensure_root
101 @echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
102 @echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
103 @echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
104 @echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
105 @echo ' path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
106 @echo ' permit ro $(GOTD_USER)' >> $(PWD)/gotd.conf
107 @echo "}" >> $(PWD)/gotd.conf
108 @$(GOTD_TRAP); $(GOTD_START_CMD)
109 @$(GOTD_TRAP); sleep .5
111 # $GOTD_DEVUSER should not be in group wheel
112 start_gotd_ro_bad_group: ensure_root
113 @echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
114 @echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
115 @echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
116 @echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
117 @echo ' path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
118 @echo ' permit ro :wheel' >> $(PWD)/gotd.conf
119 @echo "}" >> $(PWD)/gotd.conf
120 @$(GOTD_TRAP); $(GOTD_START_CMD)
121 @$(GOTD_TRAP); sleep .5
123 start_gotd_rw: ensure_root
124 @echo 'unix_socket "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
125 @echo "unix_group $(GOTD_GROUP)" >> $(PWD)/gotd.conf
126 @echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
127 @echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
128 @echo ' path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
129 @echo ' permit rw $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
130 @echo "}" >> $(PWD)/gotd.conf
131 @$(GOTD_TRAP); $(GOTD_START_CMD)
132 @$(GOTD_TRAP); sleep .5
134 prepare_test_repo: ensure_root
135 @chown ${GOTD_USER} "${GOTD_TEST_REPO}"
136 @su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./prepare_test_repo.sh'
138 prepare_test_repo_empty: ensure_root
139 @chown ${GOTD_USER} "${GOTD_TEST_REPO}"
140 @su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./prepare_test_repo.sh 1'
142 test_repo_read: prepare_test_repo start_gotd_ro
143 @-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
144 'env $(GOTD_TEST_ENV) sh ./repo_read.sh'
145 @$(GOTD_STOP_CMD) 2>/dev/null
146 @su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
148 test_repo_read_group: prepare_test_repo start_gotd_ro_group
149 @-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
150 'env $(GOTD_TEST_ENV) sh ./repo_read.sh'
151 @$(GOTD_STOP_CMD) 2>/dev/null
152 @su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
154 test_repo_read_denied_user: prepare_test_repo start_gotd_ro_denied_user
155 @-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
156 'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
157 @$(GOTD_STOP_CMD) 2>/dev/null
158 @su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
160 test_repo_read_denied_group: prepare_test_repo start_gotd_ro_denied_group
161 @-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
162 'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
163 @$(GOTD_STOP_CMD) 2>/dev/null
164 @su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
166 test_repo_read_bad_user: prepare_test_repo start_gotd_ro_bad_user
167 @-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
168 'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
169 @$(GOTD_STOP_CMD) 2>/dev/null
170 @su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
172 test_repo_read_bad_group: prepare_test_repo start_gotd_ro_bad_group
173 @-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
174 'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
175 @$(GOTD_STOP_CMD) 2>/dev/null
176 @su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
178 test_repo_write: prepare_test_repo start_gotd_rw
179 @-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
180 'env $(GOTD_TEST_ENV) sh ./repo_write.sh'
181 @$(GOTD_STOP_CMD) 2>/dev/null
182 @su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
184 test_repo_write_empty: prepare_test_repo_empty start_gotd_rw
185 @-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
186 'env $(GOTD_TEST_ENV) sh ./repo_write_empty.sh'
187 @$(GOTD_STOP_CMD) 2>/dev/null
188 @su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
190 test_req_wrong_commit: prepare_test_repo_empty start_gotd_ro
191 @-$(GOTD_TRAP); su -m ${GOTD_TEST_USER} -c \
192 'env $(GOTD_TEST_ENV) sh ./req_wrong_commit.sh'
193 @$(GOTD_STOP_CMD) 2>/dev/null
195 .include <bsd.regress.mk>
