1#!/bin/sh -u
2#
3#   Copyright (C) 2008 CAI Qian <caiqian@cclom.cn>
4#   Copyright (c) International Business Machines  Corp., 2003
5#
6#   This program is free software; you can redistribute it and/or modify
7#   it under the terms of the GNU General Public License as published by
8#   the Free Software Foundation; either version 2 of the License, or
9#   (at your option) any later version.
10#
11#   This program is distributed in the hope that it will be useful, but
12#   WITHOUT ANY WARRANTY; without even the implied warranty of
13#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14#   General Public License for more details.
15#
16#   You should have received a copy of the GNU General Public License
17#   along with this program; if not, write to the Free Software
18#   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
19#   USA
20#
21#   FILE: /etc/at.allow
22#
23#   PURPOSE: Test that /etc/at.allow , only allows those in the file to
24#   run cron jobs.
25#
26#   HISTORY:
27#		   04/03 Jerone Young (jyoung5@us.ibm.com)
28#
29
30export TCID=at_allow01
31export TST_TOTAL=1
32export TST_COUNT=1
33TMP=${TMP:=/tmp}
34allow="/etc/at.allow"
35test_user1="test_user_1"
36test_user2="test_user_2"
37test_user1_home="/home/${test_user1}"
38test_user2_home="/home/${test_user2}"
39tmpfile="$TMP/at_allow_test"
40
41if [ "$(id -ru)" = 0 ]; then
42	. cmdlib.sh
43fi
44
45#-----------------------------------------------------------------------
46# FUNCTION:  do_setup
47#-----------------------------------------------------------------------
48
49do_setup()
50{
51	# Move any files that may get in the way.
52	rm "${tmpfile}" >/dev/null 2>&1
53	mv "${allow}" "${allow}.old" >/dev/null 2>&1
54
55	# Remove users for clean enviroment.
56	rm -rf "${test_user1_home}" "${test_user2_home}"
57	userdel -r "${test_user1}" >/dev/null 2>&1
58	userdel -r "${test_user2}" >/dev/null 2>&1
59
60	# Create the 1st user.
61	if ! useradd -g users -d "${test_user1_home}" -m "${test_user1}"; then
62		echo "Could not add test user ${test_user1} to system."
63		exit 1
64	fi
65
66	# Create the 2nd user.
67	if ! useradd -g users -d "${test_user2_home}" -m "${test_user2}"; then
68		echo "Could not add test user ${test_user2} to system."
69		exit 1
70	fi
71
72	# This is the workaround for a potential bug.
73	# [Bug 468337] At Refuse to Work with Non-login Shell
74	# https://bugzilla.redhat.com/show_bug.cgi?id=468337
75	# As we are running in non-login shell now, we cannot run the script
76	# by simply given it a relative path. Therefore, we copy it to test
77	# users' home directories, and run it from there.
78	cp "$0" "${test_user1_home}/." &&
79	cp "$0" "${test_user2_home}/." &&
80	echo "export LTPROOT='$LTPROOT'" > "${test_user1_home}/cached_ltproot" &&
81	echo "export LTPROOT='$LTPROOT'" > "${test_user2_home}/cached_ltproot"
82	if [ $? -ne 0 ]; then
83		tst_resm TBROK "Couldn't copy over req'd files for test users"
84		exit 1
85	fi
86
87	restart_daemon atd
88}
89
90#-----------------------------------------------------------------------
91# FUNCTION:  do_cleanup
92#-----------------------------------------------------------------------
93do_cleanup()
94{
95	# We forcefully remove those files anyway. Otherwise userdel may
96	# give us bad warnings.
97	rm -rf "${test_user1_home}" "${test_user2_home}"
98	userdel -r "${test_user1}" >/dev/null 2>&1
99	userdel -r "${test_user2}" >/dev/null 2>&1
100	rm "${allow}"
101	mv "${allow}.old" "${allow}" >/dev/null 2>&1
102	rm "${tmpfile}" >/dev/null 2>&1
103}
104
105#-----------------------------------------------------------------------
106# FUNCTION:  run_test
107#-----------------------------------------------------------------------
108run_test()
109{
110	if [ $(whoami) = "${test_user1}" ]; then
111		. "${test_user1_home}/cached_ltproot" || exit 1
112		export PATH="$PATH:$LTPROOT/testcases/bin"
113
114		echo "TEST: $allow should allow only those who in the file to run jobs."
115		echo "(1) TEST THAT PERSON IN ${allow} IS ABLE TO RUN JOB."
116		echo "echo 'TEST JOB RAN' >>\"${tmpfile}\" 2>&1" |
117		if ! at -m now + 1 minutes ; then
118			echo "Error while adding job using at for user ${test_user1}."
119			exit 1
120		fi
121		echo " Sleeping for 75 seconds...."
122		sleep 75
123
124		exit_code=1
125		test -e "${tmpfile}" && exit_code=0
126		if [ ${exit_code} -eq 1 ]; then
127			tst_resm TFAIL "At did not allow user to execute job"
128		else
129			tst_resm TPASS "At allowed user to execute test job"
130		fi
131
132		rm -f "${tmpfile}" >/dev/null 2>&1
133		exit ${exit_code}
134
135	elif [ $(whoami) = "${test_user2}" ]; then
136
137		. "${test_user2_home}/cached_ltproot" || exit 1
138		export PATH="$PATH:$LTPROOT/testcases/bin"
139
140		echo "(2) TEST PERSON THAT IS NOT IN ${allow} IS NOT ABLE TO RUN JOB."
141
142		echo "echo 'TEST JOB RAN' >>\"${tmpfile}\" 2>&1" |
143		if ! at -m now + 1 minutes; then
144			echo "Expected error while adding job user at for user ${test_user2}"
145		fi
146		echo "Sleeping for 75 seconds...."
147		sleep 75
148
149		exit_code=1
150		test -e "${tmpfile}" || exit_code=0
151		if [ ${exit_code} -eq 1 ]; then
152			tst_resm TFAIL "At allowed user to execute test job"
153		else
154			tst_resm TPASS "At did not allow user to execute job"
155		fi
156
157		rm -f "${tmpfile}" >/dev/null 2>&1
158		exit ${exit_code}
159
160	fi
161}
162
163#-----------------------------------------------------------------------
164# FUNCTION: main
165#-----------------------------------------------------------------------
166if ! type at > /dev/null; then
167	tst_resm TCONF "at command not found on system"
168elif [ "$(id -ru)" = 0 ]; then
169	if do_setup; then
170
171		if ! echo "${test_user1}" >"${allow}"; then
172			exit_code=1
173		elif ! su "${test_user1}" -lc "${test_user1_home}/${0##*/}"; then
174			exit_code=1
175		elif ! su "${test_user2}" -lc "${test_user2_home}/${0##*/}"; then
176			exit_code=1
177		else
178			exit_code=0
179		fi
180		do_cleanup
181	else
182		exit_code=1
183	fi
184	exit ${exit_code}
185else
186	run_test
187	exit 0
188fi
189