2 * Copyright (c) 2013 The FreeBSD Foundation
5 * This software was developed by Pawel Jakub Dawidek under sponsorship from
6 * the FreeBSD Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 #include <sys/cdefs.h>
31 __FBSDID("$FreeBSD$");
33 #include <sys/capsicum.h>
44 #include <libcasper.h>
46 #include <casper/cap_grp.h>
50 #define CHECK(expr) do { \
52 printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \
54 printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \
57 #define CHECKX(expr) do { \
59 printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \
61 printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \
68 #define GID_OPERATOR 5
70 #define GETGRENT0 0x0001
71 #define GETGRENT1 0x0002
72 #define GETGRENT2 0x0004
73 #define GETGRENT (GETGRENT0 | GETGRENT1 | GETGRENT2)
74 #define GETGRENT_R0 0x0008
75 #define GETGRENT_R1 0x0010
76 #define GETGRENT_R2 0x0020
77 #define GETGRENT_R (GETGRENT_R0 | GETGRENT_R1 | GETGRENT_R2)
78 #define GETGRNAM 0x0040
79 #define GETGRNAM_R 0x0080
80 #define GETGRGID 0x0100
81 #define GETGRGID_R 0x0200
82 #define SETGRENT 0x0400
85 group_mem_compare(char **mem0, char **mem1)
89 if (mem0 == NULL && mem1 == NULL)
91 if (mem0 == NULL || mem1 == NULL)
94 for (i0 = 0; mem0[i0] != NULL; i0++) {
95 for (i1 = 0; mem1[i1] != NULL; i1++) {
96 if (strcmp(mem0[i0], mem1[i1]) == 0)
107 group_compare(const struct group *grp0, const struct group *grp1)
110 if (grp0 == NULL && grp1 == NULL)
112 if (grp0 == NULL || grp1 == NULL)
115 if (strcmp(grp0->gr_name, grp1->gr_name) != 0)
118 if (grp0->gr_passwd != NULL || grp1->gr_passwd != NULL) {
119 if (grp0->gr_passwd == NULL || grp1->gr_passwd == NULL)
121 if (strcmp(grp0->gr_passwd, grp1->gr_passwd) != 0)
125 if (grp0->gr_gid != grp1->gr_gid)
128 if (!group_mem_compare(grp0->gr_mem, grp1->gr_mem))
135 runtest_cmds(cap_channel_t *capgrp)
137 char bufs[1024], bufc[1024];
139 struct group *grps, *grpc;
140 struct group sts, stc;
145 if (cap_setgrent(capgrp) == 1)
149 grpc = cap_getgrent(capgrp);
150 if (group_compare(grps, grpc)) {
153 grpc = cap_getgrent(capgrp);
154 if (group_compare(grps, grpc))
158 getgrent_r(&sts, bufs, sizeof(bufs), &grps);
159 cap_getgrent_r(capgrp, &stc, bufc, sizeof(bufc), &grpc);
160 if (group_compare(grps, grpc)) {
161 result |= GETGRENT_R0;
162 getgrent_r(&sts, bufs, sizeof(bufs), &grps);
163 cap_getgrent_r(capgrp, &stc, bufc, sizeof(bufc), &grpc);
164 if (group_compare(grps, grpc))
165 result |= GETGRENT_R1;
169 if (cap_setgrent(capgrp) == 1)
172 getgrent_r(&sts, bufs, sizeof(bufs), &grps);
173 cap_getgrent_r(capgrp, &stc, bufc, sizeof(bufc), &grpc);
174 if (group_compare(grps, grpc))
175 result |= GETGRENT_R2;
178 grpc = cap_getgrent(capgrp);
179 if (group_compare(grps, grpc))
182 grps = getgrnam("wheel");
183 grpc = cap_getgrnam(capgrp, "wheel");
184 if (group_compare(grps, grpc)) {
185 grps = getgrnam("operator");
186 grpc = cap_getgrnam(capgrp, "operator");
187 if (group_compare(grps, grpc))
191 getgrnam_r("wheel", &sts, bufs, sizeof(bufs), &grps);
192 cap_getgrnam_r(capgrp, "wheel", &stc, bufc, sizeof(bufc), &grpc);
193 if (group_compare(grps, grpc)) {
194 getgrnam_r("operator", &sts, bufs, sizeof(bufs), &grps);
195 cap_getgrnam_r(capgrp, "operator", &stc, bufc, sizeof(bufc),
197 if (group_compare(grps, grpc))
198 result |= GETGRNAM_R;
201 grps = getgrgid(GID_WHEEL);
202 grpc = cap_getgrgid(capgrp, GID_WHEEL);
203 if (group_compare(grps, grpc)) {
204 grps = getgrgid(GID_OPERATOR);
205 grpc = cap_getgrgid(capgrp, GID_OPERATOR);
206 if (group_compare(grps, grpc))
210 getgrgid_r(GID_WHEEL, &sts, bufs, sizeof(bufs), &grps);
211 cap_getgrgid_r(capgrp, GID_WHEEL, &stc, bufc, sizeof(bufc), &grpc);
212 if (group_compare(grps, grpc)) {
213 getgrgid_r(GID_OPERATOR, &sts, bufs, sizeof(bufs), &grps);
214 cap_getgrgid_r(capgrp, GID_OPERATOR, &stc, bufc, sizeof(bufc),
216 if (group_compare(grps, grpc))
217 result |= GETGRGID_R;
224 test_cmds(cap_channel_t *origcapgrp)
226 cap_channel_t *capgrp;
227 const char *cmds[7], *fields[4], *names[5];
230 fields[0] = "gr_name";
231 fields[1] = "gr_passwd";
232 fields[2] = "gr_gid";
233 fields[3] = "gr_mem";
239 names[4] = "operator";
249 * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r,
250 * getgrgid, getgrgid_r
251 * fields: gr_name, gr_passwd, gr_gid, gr_mem
253 * names: wheel, daemon, kmem, sys, operator
256 capgrp = cap_clone(origcapgrp);
257 CHECK(capgrp != NULL);
259 cmds[0] = "setgrent";
260 cmds[1] = "getgrent";
261 cmds[2] = "getgrent_r";
262 cmds[3] = "getgrnam";
263 cmds[4] = "getgrnam_r";
264 cmds[5] = "getgrgid";
265 cmds[6] = "getgrgid_r";
266 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == 0);
267 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0);
268 CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0);
270 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R |
271 GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R));
277 * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r,
278 * getgrgid, getgrgid_r
279 * fields: gr_name, gr_passwd, gr_gid, gr_mem
282 * gids: 0, 1, 2, 3, 5
284 capgrp = cap_clone(origcapgrp);
285 CHECK(capgrp != NULL);
287 cmds[0] = "setgrent";
288 cmds[1] = "getgrent";
289 cmds[2] = "getgrent_r";
290 cmds[3] = "getgrnam";
291 cmds[4] = "getgrnam_r";
292 cmds[5] = "getgrgid";
293 cmds[6] = "getgrgid_r";
294 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == 0);
295 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0);
296 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0);
298 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R |
299 GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R));
305 * cmds: getgrent, getgrent_r, getgrnam, getgrnam_r,
306 * getgrgid, getgrgid_r
307 * fields: gr_name, gr_passwd, gr_gid, gr_mem
309 * names: wheel, daemon, kmem, sys, operator
316 capgrp = cap_clone(origcapgrp);
317 CHECK(capgrp != NULL);
319 cmds[0] = "getgrent";
320 cmds[1] = "getgrent_r";
321 cmds[2] = "getgrnam";
322 cmds[3] = "getgrnam_r";
323 cmds[4] = "getgrgid";
324 cmds[5] = "getgrgid_r";
325 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
326 cmds[0] = "setgrent";
327 cmds[1] = "getgrent";
328 cmds[2] = "getgrent_r";
329 cmds[3] = "getgrnam";
330 cmds[4] = "getgrnam_r";
331 cmds[5] = "getgrgid";
332 cmds[6] = "getgrgid_r";
333 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
334 cmds[0] = "setgrent";
335 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
336 CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0);
338 CHECK(runtest_cmds(capgrp) == (GETGRENT0 | GETGRENT1 | GETGRENT_R0 |
339 GETGRENT_R1 | GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R));
345 * cmds: getgrent, getgrent_r, getgrnam, getgrnam_r,
346 * getgrgid, getgrgid_r
347 * fields: gr_name, gr_passwd, gr_gid, gr_mem
350 * gids: 0, 1, 2, 3, 5
356 capgrp = cap_clone(origcapgrp);
357 CHECK(capgrp != NULL);
359 cmds[0] = "getgrent";
360 cmds[1] = "getgrent_r";
361 cmds[2] = "getgrnam";
362 cmds[3] = "getgrnam_r";
363 cmds[4] = "getgrgid";
364 cmds[5] = "getgrgid_r";
365 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
366 cmds[0] = "setgrent";
367 cmds[1] = "getgrent";
368 cmds[2] = "getgrent_r";
369 cmds[3] = "getgrnam";
370 cmds[4] = "getgrnam_r";
371 cmds[5] = "getgrgid";
372 cmds[6] = "getgrgid_r";
373 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
374 cmds[0] = "setgrent";
375 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
376 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0);
378 CHECK(runtest_cmds(capgrp) == (GETGRENT0 | GETGRENT1 | GETGRENT_R0 |
379 GETGRENT_R1 | GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R));
385 * cmds: setgrent, getgrent_r, getgrnam, getgrnam_r,
386 * getgrgid, getgrgid_r
387 * fields: gr_name, gr_passwd, gr_gid, gr_mem
389 * names: wheel, daemon, kmem, sys, operator
396 capgrp = cap_clone(origcapgrp);
397 CHECK(capgrp != NULL);
399 cmds[0] = "setgrent";
400 cmds[1] = "getgrent_r";
401 cmds[2] = "getgrnam";
402 cmds[3] = "getgrnam_r";
403 cmds[4] = "getgrgid";
404 cmds[5] = "getgrgid_r";
405 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
406 cmds[0] = "setgrent";
407 cmds[1] = "getgrent";
408 cmds[2] = "getgrent_r";
409 cmds[3] = "getgrnam";
410 cmds[4] = "getgrnam_r";
411 cmds[5] = "getgrgid";
412 cmds[6] = "getgrgid_r";
413 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
414 cmds[0] = "getgrent";
415 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
416 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0);
417 CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0);
419 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT_R2 |
420 GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R));
426 * cmds: setgrent, getgrent_r, getgrnam, getgrnam_r,
427 * getgrgid, getgrgid_r
428 * fields: gr_name, gr_passwd, gr_gid, gr_mem
431 * gids: 0, 1, 2, 3, 5
437 capgrp = cap_clone(origcapgrp);
438 CHECK(capgrp != NULL);
440 cmds[0] = "setgrent";
441 cmds[1] = "getgrent_r";
442 cmds[2] = "getgrnam";
443 cmds[3] = "getgrnam_r";
444 cmds[4] = "getgrgid";
445 cmds[5] = "getgrgid_r";
446 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
447 cmds[0] = "setgrent";
448 cmds[1] = "getgrent";
449 cmds[2] = "getgrent_r";
450 cmds[3] = "getgrnam";
451 cmds[4] = "getgrnam_r";
452 cmds[5] = "getgrgid";
453 cmds[6] = "getgrgid_r";
454 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
455 cmds[0] = "getgrent";
456 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
457 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0);
458 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0);
460 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT_R2 |
461 GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R));
467 * cmds: setgrent, getgrent, getgrnam, getgrnam_r,
468 * getgrgid, getgrgid_r
469 * fields: gr_name, gr_passwd, gr_gid, gr_mem
471 * names: wheel, daemon, kmem, sys, operator
478 capgrp = cap_clone(origcapgrp);
479 CHECK(capgrp != NULL);
481 cmds[0] = "setgrent";
482 cmds[1] = "getgrent";
483 cmds[2] = "getgrnam";
484 cmds[3] = "getgrnam_r";
485 cmds[4] = "getgrgid";
486 cmds[5] = "getgrgid_r";
487 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
488 cmds[0] = "setgrent";
489 cmds[1] = "getgrent";
490 cmds[2] = "getgrent_r";
491 cmds[3] = "getgrnam";
492 cmds[4] = "getgrnam_r";
493 cmds[5] = "getgrgid";
494 cmds[6] = "getgrgid_r";
495 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
496 cmds[0] = "getgrent_r";
497 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
498 CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0);
500 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT0 | GETGRENT1 |
501 GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R));
507 * cmds: setgrent, getgrent, getgrnam, getgrnam_r,
508 * getgrgid, getgrgid_r
509 * fields: gr_name, gr_passwd, gr_gid, gr_mem
512 * gids: 0, 1, 2, 3, 5
518 capgrp = cap_clone(origcapgrp);
519 CHECK(capgrp != NULL);
521 cmds[0] = "setgrent";
522 cmds[1] = "getgrent";
523 cmds[2] = "getgrnam";
524 cmds[3] = "getgrnam_r";
525 cmds[4] = "getgrgid";
526 cmds[5] = "getgrgid_r";
527 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
528 cmds[0] = "setgrent";
529 cmds[1] = "getgrent";
530 cmds[2] = "getgrent_r";
531 cmds[3] = "getgrnam";
532 cmds[4] = "getgrnam_r";
533 cmds[5] = "getgrgid";
534 cmds[6] = "getgrgid_r";
535 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
536 cmds[0] = "getgrent_r";
537 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
538 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0);
540 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT0 | GETGRENT1 |
541 GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R));
547 * cmds: setgrent, getgrent, getgrent_r, getgrnam_r,
548 * getgrgid, getgrgid_r
549 * fields: gr_name, gr_passwd, gr_gid, gr_mem
551 * names: wheel, daemon, kmem, sys, operator
558 capgrp = cap_clone(origcapgrp);
559 CHECK(capgrp != NULL);
561 cmds[0] = "setgrent";
562 cmds[1] = "getgrent";
563 cmds[2] = "getgrent_r";
564 cmds[3] = "getgrnam_r";
565 cmds[4] = "getgrgid";
566 cmds[5] = "getgrgid_r";
567 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
568 cmds[0] = "setgrent";
569 cmds[1] = "getgrent";
570 cmds[2] = "getgrent_r";
571 cmds[3] = "getgrnam";
572 cmds[4] = "getgrnam_r";
573 cmds[5] = "getgrgid";
574 cmds[6] = "getgrgid_r";
575 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
576 cmds[0] = "getgrnam";
577 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
578 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0);
579 CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0);
581 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R |
582 GETGRNAM_R | GETGRGID | GETGRGID_R));
588 * cmds: setgrent, getgrent, getgrent_r, getgrnam_r,
589 * getgrgid, getgrgid_r
590 * fields: gr_name, gr_passwd, gr_gid, gr_mem
593 * gids: 0, 1, 2, 3, 5
599 capgrp = cap_clone(origcapgrp);
600 CHECK(capgrp != NULL);
602 cmds[0] = "setgrent";
603 cmds[1] = "getgrent";
604 cmds[2] = "getgrent_r";
605 cmds[3] = "getgrnam_r";
606 cmds[4] = "getgrgid";
607 cmds[5] = "getgrgid_r";
608 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
609 cmds[0] = "setgrent";
610 cmds[1] = "getgrent";
611 cmds[2] = "getgrent_r";
612 cmds[3] = "getgrnam";
613 cmds[4] = "getgrnam_r";
614 cmds[5] = "getgrgid";
615 cmds[6] = "getgrgid_r";
616 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
617 cmds[0] = "getgrnam";
618 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
619 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0);
620 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0);
622 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R |
623 GETGRNAM_R | GETGRGID | GETGRGID_R));
629 * cmds: setgrent, getgrent, getgrent_r, getgrnam,
630 * getgrgid, getgrgid_r
631 * fields: gr_name, gr_passwd, gr_gid, gr_mem
633 * names: wheel, daemon, kmem, sys, operator
640 capgrp = cap_clone(origcapgrp);
641 CHECK(capgrp != NULL);
643 cmds[0] = "setgrent";
644 cmds[1] = "getgrent";
645 cmds[2] = "getgrent_r";
646 cmds[3] = "getgrnam";
647 cmds[4] = "getgrgid";
648 cmds[5] = "getgrgid_r";
649 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
650 cmds[0] = "setgrent";
651 cmds[1] = "getgrent";
652 cmds[2] = "getgrent_r";
653 cmds[3] = "getgrnam";
654 cmds[4] = "getgrnam_r";
655 cmds[5] = "getgrgid";
656 cmds[6] = "getgrgid_r";
657 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
658 cmds[0] = "getgrnam_r";
659 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
660 CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0);
662 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R |
663 GETGRNAM | GETGRGID | GETGRGID_R));
669 * cmds: setgrent, getgrent, getgrent_r, getgrnam,
670 * getgrgid, getgrgid_r
671 * fields: gr_name, gr_passwd, gr_gid, gr_mem
674 * gids: 0, 1, 2, 3, 5
680 capgrp = cap_clone(origcapgrp);
681 CHECK(capgrp != NULL);
683 cmds[0] = "setgrent";
684 cmds[1] = "getgrent";
685 cmds[2] = "getgrent_r";
686 cmds[3] = "getgrnam";
687 cmds[4] = "getgrgid";
688 cmds[5] = "getgrgid_r";
689 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
690 cmds[0] = "setgrent";
691 cmds[1] = "getgrent";
692 cmds[2] = "getgrent_r";
693 cmds[3] = "getgrnam";
694 cmds[4] = "getgrnam_r";
695 cmds[5] = "getgrgid";
696 cmds[6] = "getgrgid_r";
697 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
698 cmds[0] = "getgrnam_r";
699 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
700 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0);
702 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R |
703 GETGRNAM | GETGRGID | GETGRGID_R));
709 * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r,
711 * fields: gr_name, gr_passwd, gr_gid, gr_mem
713 * names: wheel, daemon, kmem, sys, operator
720 capgrp = cap_clone(origcapgrp);
721 CHECK(capgrp != NULL);
723 cmds[0] = "setgrent";
724 cmds[1] = "getgrent";
725 cmds[2] = "getgrent_r";
726 cmds[3] = "getgrnam";
727 cmds[4] = "getgrnam_r";
728 cmds[5] = "getgrgid_r";
729 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
730 cmds[0] = "setgrent";
731 cmds[1] = "getgrent";
732 cmds[2] = "getgrent_r";
733 cmds[3] = "getgrnam";
734 cmds[4] = "getgrnam_r";
735 cmds[5] = "getgrgid";
736 cmds[6] = "getgrgid_r";
737 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
738 cmds[0] = "getgrgid";
739 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
740 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0);
741 CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0);
743 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R |
744 GETGRNAM | GETGRNAM_R | GETGRGID_R));
750 * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r,
752 * fields: gr_name, gr_passwd, gr_gid, gr_mem
755 * gids: 0, 1, 2, 3, 5
761 capgrp = cap_clone(origcapgrp);
762 CHECK(capgrp != NULL);
764 cmds[0] = "setgrent";
765 cmds[1] = "getgrent";
766 cmds[2] = "getgrent_r";
767 cmds[3] = "getgrnam";
768 cmds[4] = "getgrnam_r";
769 cmds[5] = "getgrgid_r";
770 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
771 cmds[0] = "setgrent";
772 cmds[1] = "getgrent";
773 cmds[2] = "getgrent_r";
774 cmds[3] = "getgrnam";
775 cmds[4] = "getgrnam_r";
776 cmds[5] = "getgrgid";
777 cmds[6] = "getgrgid_r";
778 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
779 cmds[0] = "getgrgid";
780 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
781 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0);
782 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0);
784 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R |
785 GETGRNAM | GETGRNAM_R | GETGRGID_R));
791 * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r,
793 * fields: gr_name, gr_passwd, gr_gid, gr_mem
795 * names: wheel, daemon, kmem, sys, operator
802 capgrp = cap_clone(origcapgrp);
803 CHECK(capgrp != NULL);
805 cmds[0] = "setgrent";
806 cmds[1] = "getgrent";
807 cmds[2] = "getgrent_r";
808 cmds[3] = "getgrnam";
809 cmds[4] = "getgrnam_r";
810 cmds[5] = "getgrgid";
811 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
812 cmds[0] = "setgrent";
813 cmds[1] = "getgrent";
814 cmds[2] = "getgrent_r";
815 cmds[3] = "getgrnam";
816 cmds[4] = "getgrnam_r";
817 cmds[5] = "getgrgid";
818 cmds[6] = "getgrgid_r";
819 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
820 cmds[0] = "getgrgid_r";
821 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
822 CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0);
824 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R |
825 GETGRNAM | GETGRNAM_R | GETGRGID));
831 * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r,
833 * fields: gr_name, gr_passwd, gr_gid, gr_mem
836 * gids: 0, 1, 2, 3, 5
842 capgrp = cap_clone(origcapgrp);
843 CHECK(capgrp != NULL);
845 cmds[0] = "setgrent";
846 cmds[1] = "getgrent";
847 cmds[2] = "getgrent_r";
848 cmds[3] = "getgrnam";
849 cmds[4] = "getgrnam_r";
850 cmds[5] = "getgrgid";
851 CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0);
852 cmds[0] = "setgrent";
853 cmds[1] = "getgrent";
854 cmds[2] = "getgrent_r";
855 cmds[3] = "getgrnam";
856 cmds[4] = "getgrnam_r";
857 cmds[5] = "getgrgid";
858 cmds[6] = "getgrgid_r";
859 CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE);
860 cmds[0] = "getgrgid_r";
861 CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE);
862 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0);
864 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R |
865 GETGRNAM | GETGRNAM_R | GETGRGID));
871 #define GR_PASSWD 0x02
876 group_fields(const struct group *grp)
882 if (grp->gr_name != NULL && grp->gr_name[0] != '\0')
885 if (grp->gr_passwd != NULL && grp->gr_passwd[0] != '\0')
888 if (grp->gr_gid != (gid_t)-1)
891 if (grp->gr_mem != NULL && grp->gr_mem[0] != NULL)
898 runtest_fields(cap_channel_t *capgrp, unsigned int expected)
904 (void)cap_setgrent(capgrp);
905 grp = cap_getgrent(capgrp);
906 if (group_fields(grp) != expected)
909 (void)cap_setgrent(capgrp);
910 cap_getgrent_r(capgrp, &st, buf, sizeof(buf), &grp);
911 if (group_fields(grp) != expected)
914 grp = cap_getgrnam(capgrp, "wheel");
915 if (group_fields(grp) != expected)
918 cap_getgrnam_r(capgrp, "wheel", &st, buf, sizeof(buf), &grp);
919 if (group_fields(grp) != expected)
922 grp = cap_getgrgid(capgrp, GID_WHEEL);
923 if (group_fields(grp) != expected)
926 cap_getgrgid_r(capgrp, GID_WHEEL, &st, buf, sizeof(buf), &grp);
927 if (group_fields(grp) != expected)
934 test_fields(cap_channel_t *origcapgrp)
936 cap_channel_t *capgrp;
937 const char *fields[4];
941 CHECK(runtest_fields(origcapgrp, GR_NAME | GR_PASSWD | GR_GID | GR_MEM));
945 * fields: gr_name, gr_passwd, gr_gid, gr_mem
947 capgrp = cap_clone(origcapgrp);
948 CHECK(capgrp != NULL);
950 fields[0] = "gr_name";
951 fields[1] = "gr_passwd";
952 fields[2] = "gr_gid";
953 fields[3] = "gr_mem";
954 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0);
956 CHECK(runtest_fields(capgrp, GR_NAME | GR_PASSWD | GR_GID | GR_MEM));
962 * fields: gr_passwd, gr_gid, gr_mem
964 capgrp = cap_clone(origcapgrp);
965 CHECK(capgrp != NULL);
967 fields[0] = "gr_passwd";
968 fields[1] = "gr_gid";
969 fields[2] = "gr_mem";
970 CHECK(cap_grp_limit_fields(capgrp, fields, 3) == 0);
971 fields[0] = "gr_name";
972 fields[1] = "gr_passwd";
973 fields[2] = "gr_gid";
974 fields[3] = "gr_mem";
975 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 &&
976 errno == ENOTCAPABLE);
978 CHECK(runtest_fields(capgrp, GR_PASSWD | GR_GID | GR_MEM));
984 * fields: gr_name, gr_gid, gr_mem
986 capgrp = cap_clone(origcapgrp);
987 CHECK(capgrp != NULL);
989 fields[0] = "gr_name";
990 fields[1] = "gr_gid";
991 fields[2] = "gr_mem";
992 CHECK(cap_grp_limit_fields(capgrp, fields, 3) == 0);
993 fields[0] = "gr_name";
994 fields[1] = "gr_passwd";
995 fields[2] = "gr_gid";
996 fields[3] = "gr_mem";
997 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 &&
998 errno == ENOTCAPABLE);
999 fields[0] = "gr_passwd";
1000 CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 &&
1001 errno == ENOTCAPABLE);
1003 CHECK(runtest_fields(capgrp, GR_NAME | GR_GID | GR_MEM));
1009 * fields: gr_name, gr_passwd, gr_mem
1011 capgrp = cap_clone(origcapgrp);
1012 CHECK(capgrp != NULL);
1014 fields[0] = "gr_name";
1015 fields[1] = "gr_passwd";
1016 fields[2] = "gr_mem";
1017 CHECK(cap_grp_limit_fields(capgrp, fields, 3) == 0);
1018 fields[0] = "gr_name";
1019 fields[1] = "gr_passwd";
1020 fields[2] = "gr_gid";
1021 fields[3] = "gr_mem";
1022 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 &&
1023 errno == ENOTCAPABLE);
1024 fields[0] = "gr_gid";
1025 CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 &&
1026 errno == ENOTCAPABLE);
1028 CHECK(runtest_fields(capgrp, GR_NAME | GR_PASSWD | GR_MEM));
1034 * fields: gr_name, gr_passwd, gr_gid
1036 capgrp = cap_clone(origcapgrp);
1037 CHECK(capgrp != NULL);
1039 fields[0] = "gr_name";
1040 fields[1] = "gr_passwd";
1041 fields[2] = "gr_gid";
1042 CHECK(cap_grp_limit_fields(capgrp, fields, 3) == 0);
1043 fields[0] = "gr_name";
1044 fields[1] = "gr_passwd";
1045 fields[2] = "gr_gid";
1046 fields[3] = "gr_mem";
1047 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 &&
1048 errno == ENOTCAPABLE);
1049 fields[0] = "gr_mem";
1050 CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 &&
1051 errno == ENOTCAPABLE);
1053 CHECK(runtest_fields(capgrp, GR_NAME | GR_PASSWD | GR_GID));
1059 * fields: gr_name, gr_passwd
1061 capgrp = cap_clone(origcapgrp);
1062 CHECK(capgrp != NULL);
1064 fields[0] = "gr_name";
1065 fields[1] = "gr_passwd";
1066 CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0);
1067 fields[0] = "gr_name";
1068 fields[1] = "gr_passwd";
1069 fields[2] = "gr_gid";
1070 fields[3] = "gr_mem";
1071 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 &&
1072 errno == ENOTCAPABLE);
1073 fields[0] = "gr_gid";
1074 CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 &&
1075 errno == ENOTCAPABLE);
1077 CHECK(runtest_fields(capgrp, GR_NAME | GR_PASSWD));
1083 * fields: gr_name, gr_gid
1085 capgrp = cap_clone(origcapgrp);
1086 CHECK(capgrp != NULL);
1088 fields[0] = "gr_name";
1089 fields[1] = "gr_gid";
1090 CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0);
1091 fields[0] = "gr_name";
1092 fields[1] = "gr_passwd";
1093 fields[2] = "gr_gid";
1094 fields[3] = "gr_mem";
1095 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 &&
1096 errno == ENOTCAPABLE);
1097 fields[0] = "gr_mem";
1098 CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 &&
1099 errno == ENOTCAPABLE);
1101 CHECK(runtest_fields(capgrp, GR_NAME | GR_GID));
1107 * fields: gr_name, gr_mem
1109 capgrp = cap_clone(origcapgrp);
1110 CHECK(capgrp != NULL);
1112 fields[0] = "gr_name";
1113 fields[1] = "gr_mem";
1114 CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0);
1115 fields[0] = "gr_name";
1116 fields[1] = "gr_passwd";
1117 fields[2] = "gr_gid";
1118 fields[3] = "gr_mem";
1119 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 &&
1120 errno == ENOTCAPABLE);
1121 fields[0] = "gr_passwd";
1122 CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 &&
1123 errno == ENOTCAPABLE);
1125 CHECK(runtest_fields(capgrp, GR_NAME | GR_MEM));
1131 * fields: gr_passwd, gr_gid
1133 capgrp = cap_clone(origcapgrp);
1134 CHECK(capgrp != NULL);
1136 fields[0] = "gr_passwd";
1137 fields[1] = "gr_gid";
1138 CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0);
1139 fields[0] = "gr_name";
1140 fields[1] = "gr_passwd";
1141 fields[2] = "gr_gid";
1142 fields[3] = "gr_mem";
1143 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 &&
1144 errno == ENOTCAPABLE);
1145 fields[0] = "gr_mem";
1146 CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 &&
1147 errno == ENOTCAPABLE);
1149 CHECK(runtest_fields(capgrp, GR_PASSWD | GR_GID));
1155 * fields: gr_passwd, gr_mem
1157 capgrp = cap_clone(origcapgrp);
1158 CHECK(capgrp != NULL);
1160 fields[0] = "gr_passwd";
1161 fields[1] = "gr_mem";
1162 CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0);
1163 fields[0] = "gr_name";
1164 fields[1] = "gr_passwd";
1165 fields[2] = "gr_gid";
1166 fields[3] = "gr_mem";
1167 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 &&
1168 errno == ENOTCAPABLE);
1169 fields[0] = "gr_gid";
1170 CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 &&
1171 errno == ENOTCAPABLE);
1173 CHECK(runtest_fields(capgrp, GR_PASSWD | GR_MEM));
1179 * fields: gr_gid, gr_mem
1181 capgrp = cap_clone(origcapgrp);
1182 CHECK(capgrp != NULL);
1184 fields[0] = "gr_gid";
1185 fields[1] = "gr_mem";
1186 CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0);
1187 fields[0] = "gr_name";
1188 fields[1] = "gr_passwd";
1189 fields[2] = "gr_gid";
1190 fields[3] = "gr_mem";
1191 CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 &&
1192 errno == ENOTCAPABLE);
1193 fields[0] = "gr_passwd";
1194 CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 &&
1195 errno == ENOTCAPABLE);
1197 CHECK(runtest_fields(capgrp, GR_GID | GR_MEM));
1203 runtest_groups(cap_channel_t *capgrp, const char **names, const gid_t *gids,
1209 unsigned int i, got;
1211 (void)cap_setgrent(capgrp);
1214 grp = cap_getgrent(capgrp);
1218 for (i = 0; i < ngroups; i++) {
1219 if (strcmp(names[i], grp->gr_name) == 0 &&
1220 gids[i] == grp->gr_gid) {
1230 (void)cap_setgrent(capgrp);
1233 cap_getgrent_r(capgrp, &st, buf, sizeof(buf), &grp);
1237 for (i = 0; i < ngroups; i++) {
1238 if (strcmp(names[i], grp->gr_name) == 0 &&
1239 gids[i] == grp->gr_gid) {
1249 for (i = 0; i < ngroups; i++) {
1250 grp = cap_getgrnam(capgrp, names[i]);
1255 for (i = 0; i < ngroups; i++) {
1256 cap_getgrnam_r(capgrp, names[i], &st, buf, sizeof(buf), &grp);
1261 for (i = 0; i < ngroups; i++) {
1262 grp = cap_getgrgid(capgrp, gids[i]);
1267 for (i = 0; i < ngroups; i++) {
1268 cap_getgrgid_r(capgrp, gids[i], &st, buf, sizeof(buf), &grp);
1277 test_groups(cap_channel_t *origcapgrp)
1279 cap_channel_t *capgrp;
1280 const char *names[5];
1286 * names: wheel, daemon, kmem, sys, tty
1289 capgrp = cap_clone(origcapgrp);
1290 CHECK(capgrp != NULL);
1293 names[1] = "daemon";
1297 CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0);
1304 CHECK(runtest_groups(capgrp, names, gids, 5));
1311 * names: kmem, sys, tty
1314 capgrp = cap_clone(origcapgrp);
1315 CHECK(capgrp != NULL);
1320 CHECK(cap_grp_limit_groups(capgrp, names, 3, NULL, 0) == 0);
1321 names[3] = "daemon";
1322 CHECK(cap_grp_limit_groups(capgrp, names, 4, NULL, 0) == -1 &&
1323 errno == ENOTCAPABLE);
1324 names[0] = "daemon";
1325 CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == -1 &&
1326 errno == ENOTCAPABLE);
1332 CHECK(runtest_groups(capgrp, names, gids, 3));
1339 * names: wheel, kmem, tty
1342 capgrp = cap_clone(origcapgrp);
1343 CHECK(capgrp != NULL);
1348 CHECK(cap_grp_limit_groups(capgrp, names, 3, NULL, 0) == 0);
1349 names[3] = "daemon";
1350 CHECK(cap_grp_limit_groups(capgrp, names, 4, NULL, 0) == -1 &&
1351 errno == ENOTCAPABLE);
1352 names[0] = "daemon";
1353 CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == -1 &&
1354 errno == ENOTCAPABLE);
1360 CHECK(runtest_groups(capgrp, names, gids, 3));
1370 capgrp = cap_clone(origcapgrp);
1371 CHECK(capgrp != NULL);
1379 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 3) == 0);
1381 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 4) == -1 &&
1382 errno == ENOTCAPABLE);
1384 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == -1 &&
1385 errno == ENOTCAPABLE);
1388 CHECK(runtest_groups(capgrp, names, gids, 3));
1398 capgrp = cap_clone(origcapgrp);
1399 CHECK(capgrp != NULL);
1407 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 3) == 0);
1409 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 4) == -1 &&
1410 errno == ENOTCAPABLE);
1412 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == -1 &&
1413 errno == ENOTCAPABLE);
1416 CHECK(runtest_groups(capgrp, names, gids, 3));
1426 capgrp = cap_clone(origcapgrp);
1427 CHECK(capgrp != NULL);
1430 CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == 0);
1431 names[1] = "daemon";
1432 CHECK(cap_grp_limit_groups(capgrp, names, 2, NULL, 0) == -1 &&
1433 errno == ENOTCAPABLE);
1434 names[0] = "daemon";
1435 CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == -1 &&
1436 errno == ENOTCAPABLE);
1440 CHECK(runtest_groups(capgrp, names, gids, 1));
1450 capgrp = cap_clone(origcapgrp);
1451 CHECK(capgrp != NULL);
1455 CHECK(cap_grp_limit_groups(capgrp, names, 2, NULL, 0) == 0);
1456 names[2] = "daemon";
1457 CHECK(cap_grp_limit_groups(capgrp, names, 3, NULL, 0) == -1 &&
1458 errno == ENOTCAPABLE);
1459 names[0] = "daemon";
1460 CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == -1 &&
1461 errno == ENOTCAPABLE);
1466 CHECK(runtest_groups(capgrp, names, gids, 2));
1476 capgrp = cap_clone(origcapgrp);
1477 CHECK(capgrp != NULL);
1481 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == 0);
1483 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 2) == -1 &&
1484 errno == ENOTCAPABLE);
1486 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == -1 &&
1487 errno == ENOTCAPABLE);
1490 CHECK(runtest_groups(capgrp, names, gids, 1));
1500 capgrp = cap_clone(origcapgrp);
1501 CHECK(capgrp != NULL);
1507 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 2) == 0);
1509 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 3) == -1 &&
1510 errno == ENOTCAPABLE);
1512 CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == -1 &&
1513 errno == ENOTCAPABLE);
1516 CHECK(runtest_groups(capgrp, names, gids, 2));
1524 cap_channel_t *capcas, *capgrp;
1528 capcas = cap_init();
1529 CHECKX(capcas != NULL);
1531 capgrp = cap_service_open(capcas, "system.grp");
1532 CHECKX(capgrp != NULL);
1538 CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R |
1539 GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R));
1543 test_fields(capgrp);
1545 test_groups(capgrp);