You are viewing a plain text version of this content. The canonical link for it is here.
Posted to test-commits@perl.apache.org by ph...@apache.org on 2010/09/29 21:27:27 UTC

svn commit: r1002818 - in /perl/Apache-Test/trunk: Changes Makefile.PL lib/Apache/TestRun.pm

Author: phred
Date: Wed Sep 29 19:27:27 2010
New Revision: 1002818

URL: http://svn.apache.org/viewvc?rev=1002818&view=rev
Log:
Skip test suite if run as root user.  The workarounds which try to accomplish
running the tests as root are usually unsuccessful, and require user
intervention, which leads to additional support issues and problems.


Modified:
    perl/Apache-Test/trunk/Changes
    perl/Apache-Test/trunk/Makefile.PL
    perl/Apache-Test/trunk/lib/Apache/TestRun.pm

Modified: perl/Apache-Test/trunk/Changes
URL: http://svn.apache.org/viewvc/perl/Apache-Test/trunk/Changes?rev=1002818&r1=1002817&r2=1002818&view=diff
==============================================================================
--- perl/Apache-Test/trunk/Changes (original)
+++ perl/Apache-Test/trunk/Changes Wed Sep 29 19:27:27 2010
@@ -8,7 +8,10 @@ Changes - Apache::Test change logfile
 
 =item 1.34-dev
 
-
+Don't attempt to run the test suite as root.  The workarounds needed
+to facilitate root testing cause large maintenance costs, and return
+no tangible benefits.
+[Fred Moyer]
 
 =item 1.33 September 14, 2010
 

Modified: perl/Apache-Test/trunk/Makefile.PL
URL: http://svn.apache.org/viewvc/perl/Apache-Test/trunk/Makefile.PL?rev=1002818&r1=1002817&r2=1002818&view=diff
==============================================================================
--- perl/Apache-Test/trunk/Makefile.PL (original)
+++ perl/Apache-Test/trunk/Makefile.PL Wed Sep 29 19:27:27 2010
@@ -223,3 +223,24 @@ sub add_Apache__test_target {
         $string;
     };
 }
+
+sub MY::test {
+    my $self = shift;
+
+    # run tests normally if non root user
+    return $self->Apache::TestMM::test(@_) if (($> != 0) # root user
+        or (Apache::TestConfig::WINFU)); # win users
+        # or win32
+
+    return <<EOF
+test::
+\t\@echo
+\t\@echo Apache::Test tests cannot be run as the root user.
+\t\@echo Apache cannot spawn child processes as 'root', therefore
+\t\@echo the test suite must be run with a non privileged user.
+\t\@echo Please build Apache::Test as a non-privileged user to
+\t\@echo run the test suite.
+\t\@echo
+EOF
+}
+

Modified: perl/Apache-Test/trunk/lib/Apache/TestRun.pm
URL: http://svn.apache.org/viewvc/perl/Apache-Test/trunk/lib/Apache/TestRun.pm?rev=1002818&r1=1002817&r2=1002818&view=diff
==============================================================================
--- perl/Apache-Test/trunk/lib/Apache/TestRun.pm (original)
+++ perl/Apache-Test/trunk/lib/Apache/TestRun.pm Wed Sep 29 19:27:27 2010
@@ -46,7 +46,6 @@ my $orig_cwd;
 my $orig_conf_opts;
 
 my %core_files  = ();
-my %original_t_perms = ();
 
 my @std_run      = qw(start-httpd run-tests stop-httpd);
 my @others       = qw(verbose configure clean help ssl http11 bugreport
@@ -563,7 +562,7 @@ sub start {
         }
     }
 
-    $self->adjust_t_perms();
+    $self->check_runtime_user();
 
     if ($opts->{'start-httpd'}) {
         exit_perl 0 unless $server->start;
@@ -603,8 +602,6 @@ sub run_tests {
 sub stop {
     my $self = shift;
 
-    $self->restore_t_perms;
-
     return $self->{server}->stop if $self->{opts}->{'stop-httpd'};
 }
 
@@ -950,172 +947,21 @@ sub warn_core {
     }, $vars->{top_dir});
 }
 
-# this function handles the cases when the test suite is run under
-# 'root':
-#
-# 1. When user 'bar' is chosen to run Apache with, files and dirs
-#    created by 'root' might be not writable/readable by 'bar'
-#
-# 2. when the source is extracted as user 'foo', and the chosen user
-#    to run Apache under is 'bar', in which case normally 'bar' won't
-#    have the right permissions to write into the fs created by 'foo'.
-#
-# We solve that by 'chown -R bar.bar t/' in a portable way.
-#
-# 3. If the parent directory is not rwx for the chosen user, that user
-#    won't be able to read/write the DocumentRoot. In which case we
-#    have nothing else to do, but to tell the user to fix the situation.
-#
-sub adjust_t_perms {
-    my $self = shift;
-
-    return if Apache::TestConfig::WINFU;
-
-    %original_t_perms = (); # reset global
+# catch any attempts to ./t/TEST the tests as root user
 
-    my $user = getpwuid($>) || '';
-    if ($user eq 'root') {
-        my $vars = $self->{test_config}->{vars};
-        my $user = $vars->{user};
-        my($uid, $gid) = (getpwnam($user))[2..3]
-            or die "Can't find out uid/gid of '$user'";
-
-        warning "root mode: ".
-            "changing the files ownership to '$user' ($uid:$gid)";
-        finddepth(sub {
-            $original_t_perms{$File::Find::name} = [(stat $_)[4..5]];
-            chown $uid, $gid, $_;
-        }, $vars->{t_dir});
-
-        $self->check_perms($user, $uid, $gid);
-
-        $self->become_nonroot($user, $uid, $gid);
-    }
-}
-
-sub restore_t_perms {
+sub check_runtime_user {
     my $self = shift;
 
     return if Apache::TestConfig::WINFU;
 
-    if (%original_t_perms) {
-        warning "root mode: restoring the original files ownership";
-        my $vars = $self->{test_config}->{vars};
-        while (my($file, $ids) = each %original_t_perms) {
-            next unless -e $file; # files could be deleted
-            chown @$ids, $file;
-        }
-    }
-}
-
-# this sub is executed from an external process only, since it
-# "sudo"'s into a uid/gid of choice
-sub run_root_fs_test {
-    my($uid, $gid, $dir) = @_;
-
-    # first must change gid and egid ("$gid $gid" for an empty
-    # setgroups() call as explained in perlvar.pod)
-    my $groups = "$gid $gid";
-    $( = $) = $groups;
-    die "failed to change gid to $gid"
-        unless $( eq $groups && $) eq $groups;
-
-    # only now can change uid and euid
-    $< = $> = $uid+0;
-    die "failed to change uid to $uid" unless $< == $uid && $> == $uid;
-
-    my $file = catfile $dir, ".apache-test-file-$$-".time.int(rand);
-    eval "END { unlink q[$file] }";
-
-    # unfortunately we can't run the what seems to be an obvious test:
-    # -r $dir && -w _ && -x _
-    # since not all perl implementations do it right (e.g. sometimes
-    # acls are ignored, at other times setid/gid change is ignored)
-    # therefore we test by trying to attempt to read/write/execute
-
-    # -w
-    open TEST, ">$file" or die "failed to open $file: $!";
-
-    # -x
-    -f $file or die "$file cannot be looked up";
-    close TEST;
-
-    # -r
-    opendir DIR, $dir or die "failed to open dir $dir: $!";
-    defined readdir DIR or die "failed to read dir $dir: $!";
-    close DIR;
-
-    # all tests passed
-    print "OK";
-}
-
-sub check_perms {
-    my ($self, $user, $uid, $gid) = @_;
-
-    # test that the base dir is rwx by the selected non-root user
-    my $vars = $self->{test_config}->{vars};
-    my $dir  = $vars->{t_dir};
-    my $perl = Apache::TestConfig::shell_ready($vars->{perl});
+    my $user = getpwuid($>) || '';
 
-    # find where Apache::TestRun was loaded from, so we load this
-    # exact package from the external process
-    my $inc = dirname dirname $INC{"Apache/TestRun.pm"};
-    my $sub = "Apache::TestRun::run_root_fs_test";
-    my $check = <<"EOI";
-$perl -Mlib=$inc -MApache::TestRun -e 'eval { $sub($uid, $gid, q[$dir]) }';
-EOI
-    warning "testing whether '$user' is able to -rwx $dir\n$check\n";
-
-    my $res = qx[$check] || '';
-    warning "result: $res";
-    unless ($res eq 'OK') {
-        $self->user_error(1);
-        #$self->restore_t_perms;
-        error <<"EOI";
-You are running the test suite under user 'root'.
-Apache cannot spawn child processes as 'root', therefore
-we attempt to run the test suite with user '$user' ($uid:$gid).
-The problem is that the path (including all parent directories):
-  $dir
-must be 'rwx' by user '$user', so Apache can read and write under that
-path.
-
-There are several ways to resolve this issue. One is to move and
-rebuild the distribution to '/tmp/' and repeat the 'make test'
-phase. The other is not to run 'make test' as root (i.e. building
-under your /home/user directory).
-
-You can test whether some directory is suitable for 'make test' under
-'root', by running a simple test. For example to test a directory
-'$dir', run:
-
-  % $check
-Only if the test prints 'OK', the directory is suitable to be used for
-testing.
-EOI
-        skip_test_suite();
-        exit_perl 0;
+    if ($user eq 'root') {
+        error "Apache cannot spawn child processes as root, therefore the test suite must be run as a non-privileged user.";
+        exit_perl(0);
     }
-}
 
-# in case the client side creates any files after the initial chown
-# adjustments we want the server side to be able to read/write them, so
-# they better be with the same permissions. dropping root permissions
-# and becoming the same user as the server side solves this problem.
-sub become_nonroot {
-    my ($self, $user, $uid, $gid) = @_;
-
-    warning "the client side drops 'root' permissions and becomes '$user'";
-
-    # first must change gid and egid ("$gid $gid" for an empty
-    # setgroups() call as explained in perlvar.pod)
-    my $groups = "$gid $gid";
-    $( = $) = $groups;
-    die "failed to change gid to $gid" unless $( eq $groups && $) eq $groups;
-
-    # only now can change uid and euid
-    $< = $> = $uid+0;
-    die "failed to change uid to $uid" unless $< == $uid && $> == $uid;
+    return 1;
 }
 
 sub run_request {