Add sudo ability detection

Detect current capabilities with help of sudo tool. If addresses are already configured, then just run tests. If they are not, use capsh to detect ability to configure network.
2023-01-21 23:00:16 +01:00 · 2023-01-21 23:00:16 +01:00 · b94624a2fa
parent 4a655f56d7
commit b94624a2fa
1 changed files with 16 additions and 2 deletions
--- a/bind9-next.spec
+++ b/bind9-next.spec
@ -6,6 +6,8 @@
 # bcond_without is built by default, unless --without X is passed
 # bcond_with is built only when --with X is passed to build
 %bcond_with    SYSTEMTEST
+# Allow net configuration using sudo when SYSTEMTEST is enabled
+%bcond_without SUDO
 %bcond_without GSSTSIG
 %bcond_without JSON
 # FIXME: Not ready. Should it be worked on?
@ -133,8 +135,12 @@ BuildRequires:  softhsm
 # bin/tests/system dependencies
 BuildRequires:  perl(Net::DNS) perl(Net::DNS::Nameserver) perl(Time::HiRes) perl(Getopt::Long)
 BuildRequires:  perl(English)
+BuildRequires:  python3-pytest
 # manual configuration requires this tool
 BuildRequires:  iproute
+%if %{with SUDO}
+BuildRequires:  libcap sudo
+%endif
 %endif
 %if %{with GSSTSIG}
 BuildRequires:  krb5-devel
@ -479,13 +485,21 @@ export TSAN_OPTIONS="log_exe_name=true log_path=ThreadSanitizer exitcode=0"
 %if %{with SYSTEMTEST}
 # Runs system test if ip addresses are already configured
 # or it is able to configure them
+  SUDO=
  pushd build/bin/tests/system/
  if perl ./testsock.pl
  then
    CONFIGURED=already
  else
+    %if %{with SUDO}
+      if [ -x /usr/sbin/capsh ] && ! /usr/sbin/capsh --has-p=cap_net_admin; then
+        echo "Not running as privileged user, using sudo"
+        SUDO=sudo
+      fi
+    %endif
+
    CONFIGURED=
-    sh ./ifconfig.sh up
+    $SUDO sh ./ifconfig.sh up
    perl ./testsock.pl && CONFIGURED=build
  fi
  popd
@ -498,7 +512,7 @@ export TSAN_OPTIONS="log_exe_name=true log_path=ThreadSanitizer exitcode=0"
    chown -R ${USER} . # Can be unknown user
    %make_build test 2>&1 | tee test.log
    e=$?
-    [ "$CONFIGURED" = build ] && sh ./ifconfig.sh down
+    [ "$CONFIGURED" = build ] && $SUDO sh ./ifconfig.sh down
    popd
    if [ "$e" -ne 0 ]; then
      echo "ERROR: this build of BIND failed 'make test'. Aborting."