-
Notifications
You must be signed in to change notification settings - Fork 36
Expand file tree
/
Copy pathtest.sh
More file actions
executable file
·143 lines (128 loc) · 7.84 KB
/
test.sh
File metadata and controls
executable file
·143 lines (128 loc) · 7.84 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
#!/bin/sh
cd $(dirname $0)
set -e
# build fixuid
./build.sh
mv fixuid docker/fs-stage/usr/local/bin
# build test-no-escalate
./test-no-escalate/build.sh
mv test-no-escalate/test-no-escalate docker/fs-stage/usr/local/bin
rm -rf docker/alpine/stage
cp -r docker/fs-stage docker/alpine/stage
rm -rf docker/fedora/stage
cp -r docker/fs-stage docker/fedora/stage
rm -rf docker/debian/stage
cp -r docker/fs-stage docker/debian/stage
docker compose build
echo "\nalpine default user/group cmd"
docker run --rm fixuid-alpine fixuid-test.sh docker docker
echo "\nfedora default user/group cmd"
docker run --rm fixuid-fedora fixuid-test.sh docker docker
echo "\ndebian default user/group cmd"
docker run --rm fixuid-debian fixuid-test.sh docker docker
echo "\nalpine default user/group entrypoint"
docker run --rm --entrypoint fixuid fixuid-alpine fixuid-test.sh docker docker
echo "\nfedora default user/group entrypoint"
docker run --rm --entrypoint fixuid fixuid-fedora fixuid-test.sh docker docker
echo "\ndebian default user/group entrypoint"
docker run --rm --entrypoint fixuid fixuid-debian fixuid-test.sh docker docker "docker users"
echo "\nalpine 1001:1001 cmd"
docker run --rm -u 1001:1001 fixuid-alpine fixuid-test.sh docker docker
echo "\nfedora 1001:1001 cmd"
docker run --rm -u 1001:1001 fixuid-fedora fixuid-test.sh docker docker
echo "\ndebian 1001:1001 cmd"
docker run --rm -u 1001:1001 fixuid-debian fixuid-test.sh docker docker
echo "\nalpine 1001:1001 entrypoint"
docker run --rm -u 1001:1001 --entrypoint fixuid fixuid-alpine fixuid-test.sh docker docker
echo "\nfedora 1001:1001 entrypoint"
docker run --rm -u 1001:1001 --entrypoint fixuid fixuid-fedora fixuid-test.sh docker docker
echo "\ndebian 1001:1001 entrypoint"
docker run --rm -u 1001:1001 --entrypoint fixuid fixuid-debian fixuid-test.sh docker docker "docker users"
echo "\nalpine 0:0 cmd"
docker run --rm -u 0:0 fixuid-alpine fixuid-test.sh root root
echo "\nfedora 0:0 cmd"
docker run --rm -u 0:0 fixuid-fedora fixuid-test.sh root root
echo "\ndebian 0:0 cmd"
docker run --rm -u 0:0 fixuid-debian fixuid-test.sh root root
echo "\nalpine 0:0 entrypoint"
docker run --rm -u 0:0 --entrypoint fixuid fixuid-alpine fixuid-test.sh root root "root bin daemon sys adm disk wheel floppy dialout tape video"
echo "\nfedora 0:0 entrypoint"
docker run --rm -u 0:0 --entrypoint fixuid fixuid-fedora fixuid-test.sh root root
echo "\ndebian 0:0 entrypoint"
docker run --rm -u 0:0 --entrypoint fixuid fixuid-debian fixuid-test.sh root root
echo "\nalpine 0:1001 cmd"
docker run --rm -u 0:1001 fixuid-alpine fixuid-test.sh root docker
echo "\nfedora 0:1001 cmd"
docker run --rm -u 0:1001 fixuid-fedora fixuid-test.sh root docker
echo "\ndebian 0:1001 cmd"
docker run --rm -u 0:1001 fixuid-debian fixuid-test.sh root docker
echo "\nalpine 0:1001 entrypoint"
docker run --rm -u 0:1001 --entrypoint fixuid fixuid-alpine fixuid-test.sh root docker "docker root bin daemon sys adm disk wheel floppy dialout tape video"
echo "\nfedora 0:1001 entrypoint"
docker run --rm -u 0:1001 --entrypoint fixuid fixuid-fedora fixuid-test.sh root docker "docker root"
echo "\ndebian 0:1001 entrypoint"
docker run --rm -u 0:1001 --entrypoint fixuid fixuid-debian fixuid-test.sh root docker "docker root"
echo "\nalpine 1001:0 cmd"
docker run --rm -u 1001:0 fixuid-alpine fixuid-test.sh docker root
echo "\nfedora 1001:0 cmd"
docker run --rm -u 1001:0 fixuid-fedora fixuid-test.sh docker root
echo "\ndebian 1001:0 cmd"
docker run --rm -u 1001:0 fixuid-debian fixuid-test.sh docker root
echo "\nalpine 1001:0 entrypoint"
docker run --rm -u 1001:0 --entrypoint fixuid fixuid-alpine fixuid-test.sh docker root "root docker"
echo "\nfedora 1001:0 entrypoint"
docker run --rm -u 1001:0 --entrypoint fixuid fixuid-fedora fixuid-test.sh docker root "root docker"
echo "\ndebian 1001:0 entrypoint"
docker run --rm -u 1001:0 --entrypoint fixuid fixuid-debian fixuid-test.sh docker root "root users docker"
echo "\nalpine run twice cmd"
docker run --rm fixuid-alpine sh -c "fixuid-test.sh docker docker && fixuid fixuid-test.sh docker docker"
echo "\nfedora run twice cmd"
docker run --rm fixuid-fedora sh -c "fixuid-test.sh docker docker && fixuid fixuid-test.sh docker docker"
echo "\ndebian run twice cmd"
docker run --rm fixuid-debian sh -c "fixuid-test.sh docker docker && fixuid fixuid-test.sh docker docker 'docker users'"
echo "\nalpine run twice entrypoint"
docker run --rm --entrypoint fixuid fixuid-alpine sh -c "fixuid-test.sh docker docker && fixuid fixuid-test.sh docker docker"
echo "\nfedora run twice entrypoint"
docker run --rm --entrypoint fixuid fixuid-fedora sh -c "fixuid-test.sh docker docker && fixuid fixuid-test.sh docker docker"
echo "\ndebian run twice entrypoint"
docker run --rm --entrypoint fixuid fixuid-debian sh -c "fixuid-test.sh docker docker 'docker users' && fixuid fixuid-test.sh docker docker 'docker users'"
echo "\nalpine should not chown mount"
docker run --rm -v $(pwd)/docker/fs-stage/tmp:/home/docker/mnt-dir -v $(pwd)/docker/fs-stage/tmp/test-file:/home/docker/mnt-file -u 1234:1234 fixuid-alpine sh -c "fixuid-test.sh docker docker && fixuid-mount-test.sh $(id -u) $(id -g)"
echo "\nfedora should not chown mount"
docker run --rm -v $(pwd)/docker/fs-stage/tmp:/home/docker/mnt-dir -v $(pwd)/docker/fs-stage/tmp/test-file:/home/docker/mnt-file -u 1234:1234 fixuid-fedora sh -c "fixuid-test.sh docker docker && fixuid-mount-test.sh $(id -u) $(id -g)"
echo "\ndebian should not chown mount"
docker run --rm -v $(pwd)/docker/fs-stage/tmp:/home/docker/mnt-dir -v $(pwd)/docker/fs-stage/tmp/test-file:/home/docker/mnt-file -u 1234:1234 fixuid-debian sh -c "fixuid-test.sh docker docker && fixuid-mount-test.sh $(id -u) $(id -g)"
echo "\nalpine quiet cmd"
docker run --rm -e "FIXUID_FLAGS=-q" fixuid-alpine fixuid-test.sh docker docker
echo "\nfedora quiet cmd"
docker run --rm -e "FIXUID_FLAGS=-q" fixuid-fedora fixuid-test.sh docker docker
echo "\ndebian quiet cmd"
docker run --rm -e "FIXUID_FLAGS=-q" fixuid-debian fixuid-test.sh docker docker
echo "\nalpine quiet entrypoint"
docker run --rm --entrypoint fixuid fixuid-alpine -q fixuid-test.sh docker docker
echo "\nfedora quiet entrypoint"
docker run --rm --entrypoint fixuid fixuid-fedora -q fixuid-test.sh docker docker
echo "\ndebian quiet entrypoint"
docker run --rm --entrypoint fixuid fixuid-debian -q fixuid-test.sh docker docker 'docker users'
echo "\nalpine test no escalate"
docker run --rm --entrypoint fixuid fixuid-alpine test-no-escalate
echo "\nfedora test no escalate"
docker run --rm --entrypoint fixuid fixuid-fedora test-no-escalate
echo "\ndebian test no escalate"
docker run --rm --entrypoint fixuid fixuid-debian test-no-escalate
printf "\npaths:\n - /\n - /home/docker\n - /tmp/space dir\n - /does/not/exist" >> docker/alpine/stage/etc/fixuid/config.yml
printf "\npaths:\n - /\n - /home/docker\n - /tmp/space dir\n - /does/not/exist" >> docker/fedora/stage/etc/fixuid/config.yml
printf "\npaths:\n - /\n - /home/docker\n - /tmp/space dir\n - /does/not/exist" >> docker/debian/stage/etc/fixuid/config.yml
docker compose build
echo "\nalpine 1001:1001 cmd"
docker run --rm -u 1001:1001 -v /home/docker -v "/tmp/space dir" fixuid-alpine fixuid-test.sh docker docker
echo "\nfedora 1001:1001 cmd"
docker run --rm -u 1001:1001 -v /home/docker -v "/tmp/space dir" fixuid-fedora fixuid-test.sh docker docker
echo "\ndebian 1001:1001 cmd"
docker run --rm -u 1001:1001 -v /home/docker -v "/tmp/space dir" fixuid-debian fixuid-test.sh docker docker
echo "\nalpine 1001:1001 entrypoint"
docker run --rm -u 1001:1001 -v /home/docker -v "/tmp/space dir" --entrypoint fixuid fixuid-alpine fixuid-test.sh docker docker
echo "\nfedora 1001:1001 entrypoint"
docker run --rm -u 1001:1001 -v /home/docker -v "/tmp/space dir" --entrypoint fixuid fixuid-fedora fixuid-test.sh docker docker
echo "\ndebian 1001:1001 entrypoint"
docker run --rm -u 1001:1001 -v /home/docker -v "/tmp/space dir" --entrypoint fixuid fixuid-debian fixuid-test.sh docker docker "docker users"