1 files changed, 38 insertions, 36 deletions

diff --git a/tools/regression/priv/priv_vfs_fhstat.c b/tools/regression/priv/priv_vfs_fhstat.c
index c8e58e8..18506fa 100644
--- a/tools/regression/priv/priv_vfs_fhstat.c
+++ b/tools/regression/priv/priv_vfs_fhstat.c
@@ -1,5 +1,6 @@
 /*-
  * Copyright (c) 2006 nCircle Network Security, Inc.
+ * Copyright (c) 2007 Robert N. M. Watson
  * All rights reserved.
  *
  * This software was developed by Robert N. M. Watson for the TrustedBSD
@@ -30,9 +31,8 @@
  */
 
 /*
- * Confirm that calls to fhstat() require privilege, trying with, and
- * without.  We create a temporary file and grab the file handle using
- * getfh() before starting.
+ * Confirm that calls to fhstat() require non-jailed privilege.  We create a
+ * temporary file and grab the file handle using getfh() before starting.
  */
 
 #include <sys/param.h>
@@ -45,45 +45,47 @@
 
 #include "main.h"
 
-void
-priv_vfs_fhstat(void)
-{
-	char fpath[1024];
-	struct stat sb;
-	fhandle_t fh;
-	int error;
-
-	assert_root();
+static char fpath[1024];
+static int fpath_initialized;
+static fhandle_t fh;
 
-	setup_file(fpath, UID_ROOT, GID_WHEEL, 0644);
+int
+priv_vfs_fhstat_setup(int asroot, int injail, struct test *test)
+{
 
+	setup_file("priv_vfs_fhstat_setup: fpath", fpath, UID_ROOT,
+	    GID_WHEEL, 0644);
+	fpath_initialized = 1;
 	if (getfh(fpath, &fh) < 0) {
-		warn("getfh(%s)", fpath);
-		goto out;
+		warn("priv_vfs_fhstat_setup: getfh(%s)", fpath);
+		return (-1);
 	}
+	return (0);
+}
 
-	/*
-	 * First, try with privilege.
-	 */
-	if (fhstat(&fh, &sb) < 0) {
-		warn("fhstat(%s) as root", fpath);
-		goto out;
-	}
+void
+priv_vfs_fhstat(int asroot, int injail, struct test *test)
+{
+	struct stat sb;
+	int error;
 
-	/*
-	 * Now, without privilege.
-	 */
-	set_euid(UID_OTHER);
 	error = fhstat(&fh, &sb);
-	if (error == 0) {
-		warn("fhstat(%s) succeeded as !root", fpath);
-		goto out;
-	}
-	if (errno != EPERM) {
-		warn("fhstat(%s) wrong errno %d as !root", fpath, errno);
-		goto out;
+	if (asroot && injail)
+		expect("priv_vfs_fhstat(asroot, injail)", error, -1, EPERM);
+	if (asroot && !injail)
+		expect("priv_vfs_fhstat(asroot, !injail)", error, 0, 0);
+	if (!asroot && injail)
+		expect("priv_vfs_fhstat(!asroot, injail)", error, -1, EPERM);
+	if (!asroot && !injail)
+		expect("priv_vfs_fhstat(!asroot, !injail)", error, -1, EPERM);
+}
+
+void
+priv_vfs_fhstat_cleanup(int asroot, int injail, struct test *test)
+{
+
+	if (fpath_initialized) {
+		(void)unlink(fpath);
+		fpath_initialized = 0;
 	}
-out:
-	seteuid(UID_ROOT);
-	(void)unlink(fpath);
 }