def testEnterSandbox(self):
sandbox.EnterSandbox(self._user, self._group)
self._mock_setresuid.assert_called_with(self._uid, self._uid,
self._uid)
self._mock_setresgid.assert_called_with(self._gid, self._gid,
self._gid)
self._mock_setgroups.assert_called_with([self._gid])
def _EnterSandbox(user: str, group: str) -> None:
if platform.system() == "Linux" or platform.system() == "Darwin":
# pylint: disable=g-import-not-at-top
from grr_response_client.unprivileged.unix import sandbox
# pylint: enable=g-import-not-at-top
sandbox.EnterSandbox(user, group)
def testEnterSandbox_nothing(self):
sandbox.EnterSandbox("", "")
self._mock_setresuid.assert_not_called()
self._mock_setresgid.assert_not_called()
self._mock_setgroups.assert_not_called()
def testEnterSandbox_groupOnly(self):
sandbox.EnterSandbox("", self._group)
self._mock_setresuid.assert_not_called()
self._mock_setresgid.assert_called_with(self._gid, self._gid,
self._gid)
self._mock_setgroups.assert_called_with([self._gid])
def testEnterSandbox_userOnly(self):
sandbox.EnterSandbox(self._user, "")
self._mock_setresuid.assert_called_with(self._uid, self._uid,
self._uid)
self._mock_setresgid.assert_not_called()
self._mock_setgroups.assert_not_called()