tMerge pull request #248 from mesbahamin/open_read_only - tomb - the crypto undertaker
HTML git clone git://parazyd.org/tomb.git
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
DIR commit 1f022d10f1a1fab564ba960679ec1460535d2a4e
DIR parent 2bc7e4319831a64ef46deb79a88e8ac937e09ca4
HTML Author: Jaromil <jaromil@dyne.org>
Date: Sat, 18 Feb 2017 20:30:33 +0100
Merge pull request #248 from mesbahamin/open_read_only
Open non-writable Tomb files with "read only " mount option
Diffstat:
M extras/test/runtests | 31 ++++++++++++++++++++++++++++---
M tomb | 3 ++-
2 files changed, 30 insertions(+), 4 deletions(-)
---
DIR diff --git a/extras/test/runtests b/extras/test/runtests
t@@ -56,7 +56,7 @@ command -v qrencode > /dev/null || QRENCODE=0
typeset -A results
-tests=(dig forge lock badpass open close passwd chksum bind setkey)
+tests=(dig forge lock badpass open close openro passwd chksum bind setkey)
{ test $RESIZER = 1 } && { tests+=(resize) }
{ test $KDF = 1 } && { tests+=(kdforge kdfpass kdflock kdfopen) }
{ test $STEGHIDE = 1 } && { tests+=(stgin stgout stgopen stgpipe stgimpl) }
t@@ -194,7 +194,32 @@ test-regression() {
}
+test-open-read-only() {
+ notice "wiping all testro.tomb* in /tmp"
+ sudo rm -f /tmp/testro.tomb{,.key,.new.key}
+
+ # Create new
+ tt dig -s 20 /tmp/testro.tomb
+ tt forge /tmp/testro.tomb.key \
+ --ignore-swap --unsafe --tomb-pwd ${dummypass} --use-urandom
+ tt lock /tmp/testro.tomb -k /tmp/testro.tomb.key \
+ --ignore-swap --unsafe --tomb-pwd ${dummypass}
+
+ notice "Testing open read only"
+
+ # Remove write privilege on test.tomb
+ chmod -w /tmp/testro.tomb
+
+ # Attempt to open the unwritable tomb with the read-only mount option
+ tt open /tmp/testro.tomb -k /tmp/testro.tomb.key \
+ --ignore-swap --unsafe --tomb-pwd ${dummypass} -o ro,noatime,nodev
+
+ { test $? = 0 } && {
+ results+=(openro SUCCESS)
+ tt close testro
+ }
+}
startloops=(`sudo losetup -a |cut -d: -f1`)
t@@ -227,8 +252,8 @@ tt close test
{ test $? = 0 } && { results+=(close SUCCESS) }
-
-
+# isolated function
+test-open-read-only
notice "Testing changing tomb password"
DIR diff --git a/tomb b/tomb
t@@ -507,7 +507,8 @@ is_valid_tomb() {
_fail=0
# Tomb file must be a readable, writable, non-empty regular file.
- [[ ! -w "$1" ]] && {
+ # If passed the "ro" mount option, the writable check is skipped.
+ [[ ! -w "$1" ]] && [[ $(option_value -o) != *"ro"* ]] && {
_warning "Tomb file is not writable: ::1 tomb file::" $1
_fail=1
}