Add new sudo configuration option

Add a new configuration option, sudo, which tells remctld and
remctl-shell to run the command as a different user using sudo.  The
path to the sudo binary is determined when remctld is compiled.
Normally, it's more convenient to use the existing user option, but it
relies on remctld running as root.  If running the daemon as a
non-root user, or when running remctl-shell as a non-root user, this
option may work better.

7 files changed, 100 insertions, 6 deletions

diff --git a/tests/TESTS b/tests/TESTS
index 3ee8509..2da4dfa 100644
--- a/tests/TESTS
+++ b/tests/TESTS
@@ -37,6 +37,7 @@ server/shell-misc
 server/ssh-parse
 server/stdin
 server/streaming
+server/sudo
 server/summary
 server/user
 server/version
diff --git a/tests/data/conf-simple.in b/tests/data/conf-simple.in
index c2d60d2..c9cddae 100644
--- a/tests/data/conf-simple.in
+++ b/tests/data/conf-simple.in
@@ -16,6 +16,7 @@ test-summary ALL @abs_top_srcdir@/tests/data/cmd-help \
     summary=summary \
     help=help ANYUSER
 empty EMPTY @abs_top_srcdir@/tests/data/cmd-argv ANYUSER
+sudo foo /some/program stdin=2 sudo=testuser ANYUSER
 all ALL @abs_top_srcdir@/tests/data/cmd-hello ANYUSER
 ALL bar @abs_top_srcdir@/tests/data/cmd-hello ANYUSER
 
diff --git a/tests/data/fake-sudo b/tests/data/fake-sudo
new file mode 100755
index 0000000..9e639c0
--- /dev/null
+++ b/tests/data/fake-sudo
@@ -0,0 +1,38 @@
+#!/bin/sh
+#
+# Test running a command under sudo.
+#
+# Checks that all the right arguments were passed in to correctly use sudo if
+# this program had been sudo.  Used by the server/sudo test.
+#
+# Written by Russ Allbery <eagle@eyrie.org>
+# Copyright 2016 Dropbox, Inc.
+#
+# See LICENSE for licensing terms.
+
+set -e
+
+# Load the test library.
+. "$C_TAP_SOURCE/tap/libtap.sh"
+
+# Specify the plan.
+plan 10
+
+# Check the arguments.
+ok 'argument 1' [ "$1" = '-u' ]
+ok 'argument 2' [ "$2" = 'testuser' ]
+ok 'argument 3' [ "$3" = '--' ]
+ok 'argument 4' [ "$4" = '/some/program' ]
+ok 'argument 5' [ "$5" = 'foo' ]
+ok 'argument 6' [ "$6" = 'bar' ]
+ok 'argument 7' [ "$7" = 'baz' ]
+
+# Check standard input.
+ok 'standard input' [ "`cat`" = 'stdin' ]
+
+# Check environment variables.
+ok 'REMOTE_USER' [ "$REMOTE_USER" = 'test@EXAMPLE.ORG' ]
+ok 'REMOTE_ADDR' [ "$REMOTE_ADDR" = '127.0.0.1' ]
+
+# Return a status of 0.
+exit 0
diff --git a/tests/server/acl-t.c b/tests/server/acl-t.c
index 060503a..59ecaf8 100644
--- a/tests/server/acl-t.c
+++ b/tests/server/acl-t.c
@@ -72,7 +72,8 @@ int
 main(void)
 {
     struct rule rule = {
-        NULL, 0, NULL, NULL, NULL, NULL, NULL, 0, NULL, 0, 0, NULL, NULL, NULL
+        NULL, 0, NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL, 0, 0, NULL,
+        NULL, NULL
     };
     const char *acls[5];
 
diff --git a/tests/server/acl/localgroup-t.c b/tests/server/acl/localgroup-t.c
index 7632acc..2299da9 100644
--- a/tests/server/acl/localgroup-t.c
+++ b/tests/server/acl/localgroup-t.c
@@ -82,8 +82,8 @@ main(void)
 {
     const char *acls[5];
     const struct rule rule = {
-        (char *) "TEST", 0, NULL, NULL, NULL, NULL, NULL, 0, NULL, 0, 0, NULL,
-        NULL, (char **) acls
+        (char *) "TEST", 0, NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL, 0, 0,
+        NULL, NULL, NULL
     };
 
     plan(2);
@@ -128,8 +128,8 @@ main(void)
     char long_principal[VERY_LONG_PRINCIPAL];
     const char *acls[5];
     const struct rule rule = {
-        (char *) "TEST", 0, NULL, NULL, NULL, NULL, NULL, 0, NULL, 0, 0, NULL,
-        NULL, (char **) acls
+        (char *) "TEST", 0, NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL, 0, 0,
+        NULL, NULL, (char **) acls
     };
 
     plan(16);
diff --git a/tests/server/logging-t.c b/tests/server/logging-t.c
index 4fa7bf5..b2c82cc 100644
--- a/tests/server/logging-t.c
+++ b/tests/server/logging-t.c
@@ -21,7 +21,8 @@ int
 main(void)
 {
     struct rule rule = {
-        NULL, 0, NULL, NULL, NULL, NULL, NULL, 0, NULL, 0, 0, NULL, NULL, NULL
+        NULL, 0, NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL, 0, 0, NULL,
+        NULL, NULL
     };
     struct iovec **command;
     int i;
diff --git a/tests/server/sudo-t.c b/tests/server/sudo-t.c
new file mode 100644
index 0000000..d5074ba
--- /dev/null
+++ b/tests/server/sudo-t.c
@@ -0,0 +1,52 @@
+/*
+ * Test suite for running commands with sudo.
+ *
+ * Written by Russ Allbery <eagle@eyrie.org>
+ * Copyright 2016 Dropbox, Inc.
+ *
+ * See LICENSE for licensing terms.
+ */
+
+#include <config.h>
+#include <portable/event.h>
+#include <portable/system.h>
+
+#include <server/internal.h>
+#include <tests/tap/basic.h>
+#include <util/messages.h>
+
+
+int
+main(void)
+{
+    struct config *config;
+    struct iovec **command;
+    struct client *client;
+
+    /* Suppress normal logging. */
+    message_handlers_notice(0);
+
+    /* The tests are actually done by the command we run. */
+    if (chdir(getenv("C_TAP_SOURCE")) < 0)
+        sysbail("can't chdir to C_TAP_SOURCE");
+
+    /* Load the test configuration. */
+    config = server_config_load("data/conf-simple");
+    if (config == NULL)
+        bail("server_config_load returned NULL");
+
+    /* Create the command we're going to run. */
+    command = server_ssh_parse_command("sudo foo bar stdin baz");
+    putenv((char *) "REMCTL_USER=test@EXAMPLE.ORG");
+    putenv((char *) "SSH_CONNECTION=127.0.0.1 34537 127.0.0.1 4373");
+    client = server_ssh_new_client();
+
+    /* Run the command. */
+    server_run_command(client, config, command);
+
+    /* Clean up. */
+    server_free_command(command);
+    server_ssh_free_client(client);
+    server_config_free(config);
+    libevent_global_shutdown();
+}