diff options
author | Kevin Krakauer <krakauer@google.com> | 2020-04-21 10:56:04 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2020-04-21 10:58:00 -0700 |
commit | 639c8dd80870133f61465588e717b725417a0c41 (patch) | |
tree | 757f83e2042e94254443dac14354bcdcd92e5b7a /test/syscalls/linux/uidgid.cc | |
parent | 8b72623e6ababc5448de0cb347476eaf4a611e2c (diff) |
Restore euid upon test finish
PiperOrigin-RevId: 307638329
Diffstat (limited to 'test/syscalls/linux/uidgid.cc')
-rw-r--r-- | test/syscalls/linux/uidgid.cc | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/test/syscalls/linux/uidgid.cc b/test/syscalls/linux/uidgid.cc index ff66a79f4..64d6d0b8f 100644 --- a/test/syscalls/linux/uidgid.cc +++ b/test/syscalls/linux/uidgid.cc @@ -253,12 +253,21 @@ TEST(UidGidRootTest, Setgroups) { TEST(UidGidRootTest, Setuid_prlimit) { SKIP_IF(!ASSERT_NO_ERRNO_AND_VALUE(IsRoot())); - // Change our UID. - EXPECT_THAT(seteuid(65534), SyscallSucceeds()); + // Do seteuid in a separate thread so that after finishing this test, the + // process can still open files the test harness created before starting this + // test. Otherwise, the files are created by root (UID before the test), but + // cannot be opened by the `uid` set below after the test. + ScopedThread([&] { + // Use syscall instead of glibc setuid wrapper because we want this seteuid + // call to only apply to this task. POSIX threads, however, require that all + // threads have the same UIDs, so using the seteuid wrapper sets all + // threads' UID. + EXPECT_THAT(syscall(SYS_setreuid, -1, 65534), SyscallSucceeds()); - // Despite the UID change, we should be able to get our own limits. - struct rlimit rl = {}; - ASSERT_THAT(prlimit(0, RLIMIT_NOFILE, NULL, &rl), SyscallSucceeds()); + // Despite the UID change, we should be able to get our own limits. + struct rlimit rl = {}; + EXPECT_THAT(prlimit(0, RLIMIT_NOFILE, NULL, &rl), SyscallSucceeds()); + }); } } // namespace |