1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (c) Huawei Technologies Co., Ltd., 2015
4 * Copyright (C) 2022 SUSE LLC Andrea Cervesato <[email protected]>
5 *
6 * When a process with non-zero user IDs performs an execve(), the
7 * process's capability sets are cleared. When a process with zero
8 * user IDs performs an execve(), the process's capability sets
9 * are set.
10 */
11
12 #define TST_NO_DEFAULT_MAIN
13 #include "tst_test.h"
14 #include "config.h"
15
16 #ifdef HAVE_LIBCAP
17 #define _GNU_SOURCE
18
19 #include <string.h>
20 #include <sys/wait.h>
21 #include <sys/capability.h>
22
main(int argc,char * argv[])23 int main(int argc, char *argv[])
24 {
25 cap_t caps;
26 int i, last_cap;
27 cap_flag_value_t cap_flag;
28 cap_flag_value_t expected_cap_flag = 1;
29
30 tst_reinit();
31
32 if (argc < 2)
33 tst_brk(TBROK, "userns06_capcheck <privileged|unprivileged>");
34
35 SAFE_FILE_SCANF("/proc/sys/kernel/cap_last_cap", "%d", &last_cap);
36
37 if (strcmp("privileged", argv[1]))
38 expected_cap_flag = 0;
39
40 caps = cap_get_proc();
41
42 for (i = 0; i <= last_cap; i++) {
43 cap_get_flag(caps, i, CAP_EFFECTIVE, &cap_flag);
44 if (cap_flag != expected_cap_flag)
45 break;
46
47 cap_get_flag(caps, i, CAP_PERMITTED, &cap_flag);
48 if (cap_flag != expected_cap_flag)
49 break;
50 }
51
52 TST_EXP_EQ_LI(cap_flag, expected_cap_flag);
53
54 return 0;
55 }
56
57 #else
main(void)58 int main(void)
59 {
60 tst_reinit();
61
62 tst_brk(TCONF, "System is missing libcap");
63
64 return 0;
65 }
66 #endif
67