htwkmooc/poseidon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Explicitly switch user for code execution.

Browse Source 
Co-authored-by: Maximilian Pass <maximilian.pass@student.hpi.uni-potsdam.de>
This commit is contained in:
Sebastian Serth
2022-09-18 01:52:15 +02:00
committed by Sebastian Serth
parent 69237fb415
commit 1a5a49d7c8
13 changed files with 144 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tests/e2e/runners_test.go
View File

@ -224,7 +224,7 @@ func (s *E2ETestSuite) TestCopyFilesRoute_PermissionDenied() {
newFileContent := []byte("New content")
copyFilesRequestByteString, err := json.Marshal(&dto.UpdateFileSystemRequest{
Copy: []dto.File{
{Path: "/dev/sda", Content: []byte(tests.DefaultFileContent)},
{Path: "/proc/1/environ", Content: []byte(tests.DefaultFileContent)},
{Path: tests.DefaultFileName, Content: newFileContent},
},
})
@ -237,7 +237,7 @@ func (s *E2ETestSuite) TestCopyFilesRoute_PermissionDenied() {
internalServerError := new(dto.InternalServerError)
err = json.NewDecoder(resp.Body).Decode(internalServerError)
s.NoError(err)
s.Contains(internalServerError.Message, "Cannot open: Permission denied")
s.Contains(internalServerError.Message, "Cannot open: ")
_ = resp.Body.Close()
s.Run("File content can be printed on runner", func() {
@ -257,7 +257,7 @@ func (s *E2ETestSuite) TestCopyFilesRoute_PermissionDenied() {
newFileContent := []byte("New content")
copyFilesRequestByteString, err := json.Marshal(&dto.UpdateFileSystemRequest{
Copy: []dto.File{
{Path: "/dev/sda", Content: []byte(tests.DefaultFileContent)},
{Path: "/proc/1/environ", Content: []byte(tests.DefaultFileContent)},
{Path: tests.DefaultFileName, Content: newFileContent},
},
})
@ -271,7 +271,7 @@ func (s *E2ETestSuite) TestCopyFilesRoute_PermissionDenied() {
stdout, stderr := s.PrintContentOfFileOnRunner(runnerID, tests.DefaultFileName)
s.Equal(string(newFileContent), stdout)
s.Contains(stderr, "Permission denied")
s.Contains(stderr, "Exception")
})
}
})

13
tests/e2e/websocket_test.go
View File

@ -82,6 +82,19 @@ func (s *E2ETestSuite) TestOutputToStderr() {
}
}
func (s *E2ETestSuite) TestUserNomad() {
s.Run("unprivileged", func() {
stdout, _, _ := ExecuteNonInteractive(&s.Suite, tests.DefaultEnvironmentIDAsInteger,
&dto.ExecutionRequest{Command: "id --name --user", PrivilegedExecution: false}, nil)
s.Require().NotEqual("root", stdout)
})
s.Run("privileged", func() {
stdout, _, _ := ExecuteNonInteractive(&s.Suite, tests.DefaultEnvironmentIDAsInteger,
&dto.ExecutionRequest{Command: "id --name --user", PrivilegedExecution: true}, nil)
s.Require().Equal("root\r\n", stdout)
})
}
// AWS environments do not support stdin at this moment therefore they cannot take this test.
func (s *E2ETestSuite) TestCommandHead() {
hello := "Hello World!"