Tests compat. setgid failure / dropped_privilege

If we've *dropped* privilege, it's okay to not abort if setgid fails.

Document some of what's now needed for the test suite.
Adjust the test suide for better post-4.73 compat.

diff --git a/src/src/exim.c b/src/src/exim.c
index 67fbc5cf7a9a558ae3b9d422eb71fdf2f9d05f69..c8a5da12a70ae6cbbeb46eb0ca5657487e407926 100644 (file)
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -3885,14 +3885,14 @@ else
   no need to complain then. */
   if (rv == -1)
     {
   no need to complain then. */
   if (rv == -1)
     {

-    if (!unprivileged)
+    if (!(unprivileged || removed_privilege))

       {
       fprintf(stderr,
           "exim: changing group failed: %s\n", strerror(errno));
       exit(EXIT_FAILURE);
       }
     else
       {
       fprintf(stderr,
           "exim: changing group failed: %s\n", strerror(errno));
       exit(EXIT_FAILURE);
       }
     else

-      debug_printf("changing group to %ld failed: %s\n",
+      DEBUG(D_any) debug_printf("changing group to %ld failed: %s\n",

           (long int)exim_gid, strerror(errno));
     }
   }
           (long int)exim_gid, strerror(errno));
     }
   }

diff --git a/test/README b/test/README
index e9cc10dfba9235828248402a8feedb7a1f8d479b..b93deb4c5dbeac1dc312ef98204d2723ac2ecf26 100644 (file)
--- a/test/README
+++ b/test/README
@@ -108,6 +108,14 @@ In order to run this test suite, the following requirements must be met:
     interface; when one is not found, some tests are skipped (with a warning
     message).
 
     interface; when one is not found, some tests are skipped (with a warning
     message).
 

+(9) Exim must be built with TRUSTED_CONFIG_LIST support, so that the test
+    configs can be placed into it. DISABLE_D_OPTION must not be used. If
+    ALT_CONFIG_PREFIX is used, it must contain the directory of the test-suite.
+    WHITELIST_D_MACROS should contain:
+    
+     DIR:EXIM_PATH:AA:ACL:ACLRCPT:ACL_MAIL:ACL_PREDATA:ACL_RCPT:AFFIX:ALLOW:ARG1:ARG2:AUTHF:AUTHS:AUTH_ID_DOMAIN:BAD:BANNER:BB:BR:BRB:CERT:COM:COMMAND_USER:CONNECTCOND:CONTROL:CREQCIP:CREQMAC:CRL:CSS:D6:DATA:DCF:DDF:DEFAULTDWC:DELAY:DETAILS:DRATELIMIT:DYNAMIC_OPTION:ELI:ERROR_DETAILS:ERT:FAKE:FALLBACK:FILTER:FILTER_PREPEND_HOME:FORBID:FORBID_SMTP_CODE:FUSER:HAI:HAP:HARDLIMIT:HEADER_LINE_MAXSIZE:HEADER_MAXSIZE:HELO_MSG:HL:HOSTS:HOSTS_AVOID_TLS:HOSTS_MAX_TRY:HVH:IFACE:IGNORE_QUOTA:INC:INSERT:IP1:IP2:LAST:LDAPSERVERS:LENCHECK:LIMIT:LIST:LOG_SELECTOR:LS:MAXNM:MESSAGE_LOGS:MSIZE:NOTDAEMON:ONCE:ONLY:OPT:OPTION:ORDER:PAH:PEX:PORT:PTBC:QDG:QOLL:QUOTA:QUOTA_FILECOUNT:QWM:RCPT_MSG:REMEMBER:REQUIRE:RETRY:RETRY1:RETRY2:RETURN:RETURN_ERROR_DETAILS:REWRITE:ROUTE_DATA:RRATELIMIT:RT:S:SELECTOR:SELF:SERVER:SERVERS:SREQCIP:SREQMAC:SRV:STD:STRICT:SUB:SUBMISSION_OPTIONS:TIMEOUTDEFER:TIMES:TRUSTED:TRYCLEAR:UL:USE_SENDER:UTF8:VALUE:WMF:X:Y
+
+

 
 OPTIONAL EXTRAS
 ---------------
 
 OPTIONAL EXTRAS
 ---------------


@@ -129,9 +137,11 @@ RUNNING THE TEST SUITE
 (3) Run "./configure" and then "make". This builds a few auxiliary programs
     that are written in C.
 
 (3) Run "./configure" and then "make". This builds a few auxiliary programs
     that are written in C.
 

-(4) Run "./runtest" (a Perl script) as described below.
+(4) ls -1 $PWD/confs/* >> your_TRUSTED_CONFIG_LIST_filename
+
+(5) Run "./runtest" (a Perl script) as described below.

 
 

-(5) If you want to see what tests are available, run "./listtests".
+(6) If you want to see what tests are available, run "./listtests".

 
 
 BREAKING OUT OF THE TEST SCRIPT
 
 
 BREAKING OUT OF THE TEST SCRIPT

diff --git a/test/runtest b/test/runtest
index d65d0b5301ef3fadef9187139ab26f5e7e59be51..d70b98c64749304b841840fcc95d3bbce076c3f3 100755 (executable)
--- a/test/runtest
+++ b/test/runtest
@@ -2003,7 +2003,7 @@ if ($parm_exim eq "")
 #          Find what is in the binary            #
 ##################################################
 
 #          Find what is in the binary            #
 ##################################################
 

-open(EXIMINFO, "$parm_exim -C confs/0000 -DDIR=$parm_cwd " .
+open(EXIMINFO, "$parm_exim -C $parm_cwd/confs/0000 -DDIR=$parm_cwd " .

                "-bP exim_user exim_group|") ||
   die "** Cannot run $parm_exim: $!\n";
 while(<EXIMINFO>)
                "-bP exim_user exim_group|") ||
   die "** Cannot run $parm_exim: $!\n";
 while(<EXIMINFO>)


@@ -2025,7 +2025,7 @@ if (defined $parm_eximgroup)
     else { $parm_exim_gid = getgrnam($parm_eximgroup); }
   }
 
     else { $parm_exim_gid = getgrnam($parm_eximgroup); }
   }
 

-open(EXIMINFO, "$parm_exim -bV -C confs/0000 -DDIR=$parm_cwd |") ||
+open(EXIMINFO, "$parm_exim -bV -C $parm_cwd/confs/0000 -DDIR=$parm_cwd |") ||

   die "** Cannot run $parm_exim: $!\n";
 
 print "-" x 78, "\n";
   die "** Cannot run $parm_exim: $!\n";
 
 print "-" x 78, "\n";


@@ -2052,7 +2052,7 @@ while (<EXIMINFO>)
     %parm_support = @temp;
     }
 
     %parm_support = @temp;
     }
 

-  elsif (/^Lookups: (.*)/)
+  elsif (/^Lookups \(built-in\): (.*)/)

     {
     print;
     @temp = split /(\s+)/, $1;
     {
     print;
     @temp = split /(\s+)/, $1;