def test_setcaps(self):
     """Test the setcaps function"""
     if self.am_root:
         prctl.set_caps((prctl.CAP_SETUID, prctl.ALL_FLAGS, True))
     else:
         self.assertRaises(OSError, prctl.set_caps,
                           (prctl.CAP_SETUID, prctl.ALL_FLAGS, True))
     self.assertEqual(
         prctl.get_caps((prctl.CAP_SETUID, prctl.ALL_FLAGS)), {
             prctl.CAP_EFFECTIVE: {
                 prctl.CAP_SETUID: self.am_root
             },
             prctl.CAP_PERMITTED: {
                 prctl.CAP_SETUID: self.am_root
             },
             prctl.CAP_INHERITABLE: {
                 prctl.CAP_SETUID: self.am_root
             }
         })
     prctl.set_caps((prctl.CAP_SETUID, prctl.ALL_FLAGS, False))
     self.assertEqual(
         prctl.get_caps((prctl.CAP_SETUID, prctl.ALL_FLAGS)), {
             prctl.CAP_EFFECTIVE: {
                 prctl.CAP_SETUID: False
             },
             prctl.CAP_PERMITTED: {
                 prctl.CAP_SETUID: False
             },
             prctl.CAP_INHERITABLE: {
                 prctl.CAP_SETUID: False
             }
         })
     self.assertRaises(OSError, prctl.set_caps,
                       (prctl.CAP_SETUID, prctl.ALL_FLAGS, True))
Beispiel #2
0
 def __drop_caps(self):
     """ drop the CAP_NET_ADMIN capability """
     try:
         import prctl
         prctl.set_caps((prctl.CAP_NET_ADMIN, prctl.CAP_EFFECTIVE, False))
     except OSError, e:
         import Zorp.Common
         Zorp.Common.log(None, Zorp.Common.CORE_ERROR, 1, "Unable to drop NET_ADMIN capability; error='%s'" % (e))
         raise e
Beispiel #3
0
 def __acquire_caps(self):
     """ aquire the CAP_NET_ADMIN capability """
     try:
         import prctl
         prctl.set_caps((prctl.CAP_NET_ADMIN, prctl.CAP_EFFECTIVE, True))
     except OSError, e:
         import Zorp.Common
         Zorp.Common.log(None, Zorp.Common.CORE_ERROR, 1, "Unable to acquire NET_ADMIN capability; error='%s'" % (e))
         raise e
Beispiel #4
0
 def __drop_caps(self):
     """ drop the CAP_NET_ADMIN capability """
     try:
         import prctl
         prctl.set_caps((prctl.CAP_NET_ADMIN, prctl.CAP_EFFECTIVE, False))
     except OSError, e:
         import Zorp.Common
         Zorp.Common.log(
             None, Zorp.Common.CORE_ERROR, 1,
             "Unable to drop NET_ADMIN capability; error='%s'" % (e))
         raise e
Beispiel #5
0
 def __acquire_caps(self):
     """ aquire the CAP_NET_ADMIN capability """
     try:
         import prctl
         prctl.set_caps((prctl.CAP_NET_ADMIN, prctl.CAP_EFFECTIVE, True))
     except OSError, e:
         import Zorp.Common
         Zorp.Common.log(
             None, Zorp.Common.CORE_ERROR, 1,
             "Unable to acquire NET_ADMIN capability; error='%s'" % (e))
         raise e
Beispiel #6
0
 def test_setcaps(self):
     """Test the setcaps function"""
     if self.am_root:
         prctl.set_caps((prctl.CAP_SETUID, prctl.ALL_FLAGS, True))
     else:
         self.assertRaises(OSError, prctl.set_caps, (prctl.CAP_SETUID, prctl.ALL_FLAGS, True))
     self.assertEqual(prctl.get_caps((prctl.CAP_SETUID, prctl.ALL_FLAGS)),
                      {prctl.CAP_EFFECTIVE: {prctl.CAP_SETUID: self.am_root},
                       prctl.CAP_PERMITTED: {prctl.CAP_SETUID: self.am_root},
                       prctl.CAP_INHERITABLE: {prctl.CAP_SETUID: self.am_root}})
     prctl.set_caps((prctl.CAP_SETUID, prctl.ALL_FLAGS, False))
     self.assertEqual(prctl.get_caps((prctl.CAP_SETUID, prctl.ALL_FLAGS)),
                      {prctl.CAP_EFFECTIVE: {prctl.CAP_SETUID: False},
                       prctl.CAP_PERMITTED: {prctl.CAP_SETUID: False},
                       prctl.CAP_INHERITABLE: {prctl.CAP_SETUID: False}})
     self.assertRaises(OSError, prctl.set_caps, (prctl.CAP_SETUID, prctl.ALL_FLAGS, True))