From 5424e3a063fb76d6bf221fdc26fe3f140f4e0361 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Sun, 16 Oct 2016 21:14:07 +0200 Subject: [PATCH] keyfile: disable permission checks of keyfile for tests The tests were checking that the keyfiles had permission 0600 and there was a check-local target to prepare the permissons of the tests. That is inconvenient, and it is unexpected to have a check-local target for such a case. Also, the tests were not testing that keyfile reader would bail out on invalid permissions. So just skip the check for testing. --- src/settings/plugins/keyfile/nms-keyfile-reader.c | 14 +++++++------- .../plugins/keyfile/tests/keyfiles/Makefile.am | 5 ----- src/settings/plugins/keyfile/tests/test-keyfile.c | 3 ++- 3 files changed, 9 insertions(+), 13 deletions(-) diff --git a/src/settings/plugins/keyfile/nms-keyfile-reader.c b/src/settings/plugins/keyfile/nms-keyfile-reader.c index c09e68c03f..39a0148021 100644 --- a/src/settings/plugins/keyfile/nms-keyfile-reader.c +++ b/src/settings/plugins/keyfile/nms-keyfile-reader.c @@ -102,14 +102,14 @@ nms_keyfile_reader_from_file (const char *filename, GError **error) return NULL; } - if (statbuf.st_mode & 0077) { - g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_INVALID_CONNECTION, - "File permissions (%o) were insecure", - statbuf.st_mode); - return NULL; - } - if (!NM_FLAGS_HAS (nm_utils_get_testing (), NM_UTILS_TEST_NO_KEYFILE_OWNER_CHECK)) { + if (statbuf.st_mode & 0077) { + g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_INVALID_CONNECTION, + "File permissions (%o) were insecure", + statbuf.st_mode); + return NULL; + } + if (statbuf.st_uid != 0) { g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_INVALID_CONNECTION, "File owner (%o) is insecure", diff --git a/src/settings/plugins/keyfile/tests/keyfiles/Makefile.am b/src/settings/plugins/keyfile/tests/keyfiles/Makefile.am index be431067f0..9d652fd218 100644 --- a/src/settings/plugins/keyfile/tests/keyfiles/Makefile.am +++ b/src/settings/plugins/keyfile/tests/keyfiles/Makefile.am @@ -39,8 +39,3 @@ CERTS = \ EXTRA_DIST = $(KEYFILES) $(CERTS) -check-local: - @for f in $(KEYFILES); do \ - chmod 0600 $(abs_srcdir)/$$f; \ - done - diff --git a/src/settings/plugins/keyfile/tests/test-keyfile.c b/src/settings/plugins/keyfile/tests/test-keyfile.c index d9d70437bb..21dc0c13fc 100644 --- a/src/settings/plugins/keyfile/tests/test-keyfile.c +++ b/src/settings/plugins/keyfile/tests/test-keyfile.c @@ -204,7 +204,8 @@ test_read_valid_wired_connection (void) "*ipv6.routes*semicolon at the end*routes1*"); g_test_expect_message ("NetworkManager", G_LOG_LEVEL_INFO, "*ipv6.route*semicolon at the end*route6*"); - connection = nms_keyfile_reader_from_file (TEST_KEYFILES_DIR "/Test_Wired_Connection", NULL); + connection = nms_keyfile_reader_from_file (TEST_KEYFILES_DIR "/Test_Wired_Connection", &error); + g_assert_no_error (error); g_test_assert_expected_messages (); g_assert (connection);