Uploaded image for project: 'CFEngine Community'
  1. CFEngine Community
  2. CFE-3054

'users' acceptance tests

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Open
    • Priority: (None)
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Labels:
      None

      Description

      (This is outlined as a "blue sky" sketch, not yet as fully formulated and proven code.)

      All the "users" acceptance tests are "unsafe".  While this is understandable because the underlying code uses "useradd" on the real "/etc/passwd" file (and its friends) I wonder whether some sort of improvement can nevertheless be made to run safe tests as mere non-root mortals.

      And I wonder, too, whether this might actually reveal some possible additional functionality?

      Suppose that we had some similar tests that instead of invoking a simple "useradd" instead invoked:

      useradd -R /tmp/testrootdir/

      Then the tests could play safely in this chroot'd dir and also be able to do so as non-root, aiding developers.  (I suspect that something like "fakechroot" might be needed to enable this.)

      The implementation would probably require an additional attribute "chroot_dir" in the "users" promise. Although the driver for this is testing (with that attribute possibly deliberately undocumented), a possible beneficial side-effect might be that. if made available in the language, it could aid configuration of applications that use their own sets of passwd/shadow/group files.

      (Just wildly speculating out loud here...)

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            davidlee David Lee
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: