Refactor tests

Dockerfile

@@ -9,7 +9,7 @@ COPY src ./src
 RUN cargo build --release --target x86_64-unknown-linux-musl
 
 FROM python:latest
-RUN pip install pytest pyyaml
+RUN pip install pytest
 RUN useradd -m hacker
 COPY --from=builder --chmod=6755 /usr/src/exec-suid/target/x86_64-unknown-linux-musl/release/exec-suid /usr/bin/exec-suid
 COPY tests /tests

tests/programs/test_bash

@@ -1,6 +1,3 @@
 #!/usr/bin/exec-suid -- /bin/bash -p
 
-if [ "$(id -u)" -ne 0 ]; then
-    echo "Expected euid to be 0, got $(id -u)"
-    exit 1
-fi
+id -u

tests/programs/test_opt_real

@@ -0,0 +1,12 @@
+#!/usr/bin/exec-suid --real -- /usr/bin/python3 -I
+
+import json
+import os
+import sys
+
+json.dump(dict(
+    argv=sys.argv,
+    env=os.environ,
+    uid=os.getresuid(),
+    gid=os.getresgid(),
+), sys.stdout)

tests/programs/test_python

@@ -0,0 +1,12 @@
+#!/usr/bin/exec-suid -- /usr/bin/python3 -I
+
+import json
+import os
+import sys
+
+json.dump(dict(
+    argv=sys.argv,
+    env=os.environ,
+    uid=os.getresuid(),
+    gid=os.getresgid(),
+), sys.stdout)

tests/programs/test_sh

@@ -1,6 +1,3 @@
 #!/usr/bin/exec-suid -- /bin/sh -p
 
-if [ "$(id -u)" -ne 0 ]; then
-    echo "Expected euid to be 0, got $(id -u)"
-    exit 1
-fi
+id -u

tests/test_programs.py

@@ -1,38 +1,38 @@
+import json
 import subprocess
 import os
 
-import pytest
-import yaml
 
+def preexec_fn(uid=1000, gid=1000, cwd="/"):
+    os.setgid(gid)
+    os.setuid(uid)
+    os.chdir(cwd)
 
-test_configs = yaml.safe_load(open("/tests/test_programs.yml"))
 
+def test_python():
+    result = json.loads(subprocess.check_output("/tests/programs/test_python", preexec_fn=preexec_fn))
+    result["env"].pop("LC_CTYPE")  # This environment variable may be automatically set by Python"
+    assert result == dict(argv=["/tests/programs/test_python"],
+                          env={},
+                          uid=[0, 1000, 0],
+                          gid=[1000, 1000, 1000])
 
-@pytest.mark.parametrize("config", test_configs, ids=[test_config["name"] for test_config in test_configs])
-def test_program(config):
-    name = config["name"]
 
-    config.setdefault("path", f"/tests/programs/{name}")
-    config.setdefault("argv", [config["path"]])
-    config.setdefault("cwd", "/")
+def test_python_relative():
+    result = json.loads(subprocess.check_output("./test_python", preexec_fn=lambda: preexec_fn(cwd="/tests/programs")))
+    assert result["argv"] == ["./test_python"]
 
-    config.setdefault("permissions", {})
-    config["permissions"].setdefault("user", 0)
-    config["permissions"].setdefault("group", 1000)
-    config["permissions"].setdefault("mode", 0o4755)
 
-    config.setdefault("run_as", {})
-    config["run_as"].setdefault("user", 1000)
-    config["run_as"].setdefault("group", 1000)
+def test_sh():
+    result = int(subprocess.check_output("/tests/programs/test_sh", preexec_fn=preexec_fn))
+    assert result == 0
 
-    os.chown(config["path"], config["permissions"]["user"], config["permissions"]["group"])
-    os.chmod(config["path"], config["permissions"]["mode"])
 
-    def preexec_fn():
-        os.setgid(config["run_as"]["group"])
-        os.setuid(config["run_as"]["user"])
-        os.chdir(config["cwd"])
+def test_bash():
+    result = int(subprocess.check_output("/tests/programs/test_bash", preexec_fn=preexec_fn))
+    assert result == 0
 
-    subprocess.run(["ls", "-l", config["path"]])
 
-    subprocess.run(*config["argv"], preexec_fn=preexec_fn, check=True)
+def test_opt_real():
+    result = json.loads(subprocess.check_output("/tests/programs/test_opt_real", preexec_fn=preexec_fn))
+    assert result["uid"] == [0, 0, 0]