#!/usr/bin/perl -wT
use strict;
use lib 'blib/lib';
use lib 'blib/arch';
# These tests are intended to be executed with set-gid privileges.
use Test;
BEGIN {
        if ($> == 0) {
                print "1..0 # Skipped, this file must not run as root.\n";
                exit 0;
        }
        if ($( == $)) {
                print "1..0 # Skipped, this file must run setgid.\n";
                exit 0;
        }
        plan tests => 18;
}
use Proc::UID qw(
        getegid getrgid getsgid $EGID $RGID $SGID
        drop_gid_temp drop_gid_perm restore_gid
);
# Basic sanity checking.
ok(1);  # Loaded module.
ok($(==$RGID,1,'$( is not $RGID');
ok($)==$EGID,1,'$) is not $EGID');
ok($(==getrgid(),1,'$( and getrgid() disagree');
ok($)==getegid(),1,'$) and getegid() disagree');
ok($SGID,getegid(),'$SGID and getgid are not same at startup.');
# Find a gid that we can't change to.
my $bad_gid = 0;
while ($bad_gid == $EGID or $bad_gid == $RGID or $bad_gid == $SGID) {
        $bad_gid++;
}
# Let's try to change to a bad gid.
eval {drop_gid_temp($bad_gid);};
ok($@,qr/Could not/,"Appeared to drop privs to $bad_gid");
# Drop privs temporarily.
ok(eval {drop_gid_temp($RGID); "ok";},"ok","Could not drop GID temporarily.");
ok($RGID,$EGID,"New GID not assumed");
ok($EGID==$),1,'$) appears not to have been updated.');
# Restore privs
ok(eval {restore_gid(); "ok";},"ok","Could not restore GID");
ok($EGID,$SGID,"Did not restore old GID.");
ok($EGID==$),1,'$) appears not to have been updated.');
# Drops privs permanently.
ok(eval {drop_gid_perm($RGID); "ok";},"ok","Could not drop GID permanently.");
ok($RGID,$SGID,"Real and saved GIDs do not match.");
ok($RGID,$EGID,"Real and effective GIDs do not match.");
ok($(==$RGID,1,'$( and $RGID disagree');
ok($)==$EGID,1,'$) and $EGID disagree');