New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pyfakefs seemingly ignores file permissions on write() #489
Comments
You are running as root, in this case |
Fantastic point @mrbean-bremen ! That is exactly it; apologies we did not notice this factor which is a clear explanation. We'll make the necessary adjustments. No issue/bug here then. (closing) Here's an example (for future users landing here); import os
import stat
#from pyfakefs.fake_filesystem_unittest import TestCase
import pyfakefs
import pytest
class TestCaseExample(pyfakefs.fake_filesystem_unittest.TestCase):
def setUp(self):
self.setUpPyfakefs()
def test_create_file(self):
file_path = 'file_foo.txt'
self.assertFalse(os.path.exists(file_path))
self.fs.create_file(file_path)
self.assertTrue(os.path.exists(file_path))
def test_default_file_perms(self):
file_path = 'file_bar.txt'
self.fs.create_file(file_path)
self.assertTrue(os.path.exists(file_path))
default_mask = 0o666
initial_mask = stat.S_IMODE(os.lstat(file_path).st_mode)
assert initial_mask == 0o666
def test_impossible_write_capability(self):
file_path = 'file_bat.txt'
# Change the filesystem UID access to non-root
# (HACK use www-data UID 33)
pyfakefs.fake_filesystem.set_uid(33)
self.fs.create_file(file_path)
self.assertTrue(os.path.exists(file_path))
default_mask = 0o666
initial_mask = stat.S_IMODE(os.lstat(file_path).st_mode)
assert initial_mask == default_mask
no_write_mask = 0o000
os.chmod(file_path, no_write_mask)
new_mask = stat.S_IMODE(os.lstat(file_path).st_mode)
assert new_mask == no_write_mask
with pytest.raises(PermissionError) as e_info:
with open(file_path, 'w') as f:
f.write('This should NOT be possible\n')
with pytest.raises(PermissionError) as e_info:
with open(file_path) as f:
# user should not be allowed to READ, expect PermissionError
print(f.read()) (app) root@e2574646d5d0:/app# python3 -m pytest tests/ut/pyfakefs/test_perms.py
Test session starts (platform: linux, Python 3.7.3, pytest 4.6.3, pytest-sugar 0.9.2)
cachedir: .pytest_cache
rootdir: /app, inifile: pytest.ini
plugins: cov-2.7.1, sugar-0.9.2, pyfakefs-3.5.8, mock-1.10.4
collecting ...
tests/ut/pyfakefs/test_perms.py::TestCaseExample.test_create_file ✓ 33% ███▍
tests/ut/pyfakefs/test_perms.py::TestCaseExample.test_default_file_perms ✓ 67% ██████▋
tests/ut/pyfakefs/test_perms.py::TestCaseExample.test_impossible_write_capability ✓ 100% ██████████Coverage.py warning: No data was collected. (no-data-collected)
(snip coverage)
Results (0.94s):
3 passed |
Good point about future users - maybe we'll add this to the troubleshooting guide! With docker, this will probably happen more often now... |
as we will be create/access directories which are only accessible by root with pyfakefs, and pyfake respects the uid of current effective user, so if we run the test using non-root user, these tests would fail after the fix for pytest-dev/pyfakefs#489 is addressed in the pyfakefs we are using. in this change, we will run the test on behalf of root, so we can create and access the directories as we did before. Signed-off-by: Kefu Chai <tchaikov@gmail.com>
as we will be create/access directories which are only accessible by root with pyfakefs, and pyfake respects the uid of current effective user, so if we run the test using non-root user, these tests would fail after the fix for pytest-dev/pyfakefs#489 is addressed in the pyfakefs we are using. in this change, we will run the test on behalf of root, so we can create and access the directories as we did before. Signed-off-by: Kefu Chai <tchaikov@gmail.com>
as we will be create/access directories which are only accessible by root with pyfakefs, and pyfake respects the uid of current effective user, so if we run the test using non-root user, these tests would fail after the fix for pytest-dev/pyfakefs#489 is addressed in the pyfakefs we are using. in this change, we will run the test on behalf of root, so we can create and access the directories as we did before. Signed-off-by: Kefu Chai <tchaikov@gmail.com> (cherry picked from commit ed19416) Conflicts: src/cephadm/tests/fixtures.py - Replace _cephadm with cd
as we will be create/access directories which are only accessible by root with pyfakefs, and pyfake respects the uid of current effective user, so if we run the test using non-root user, these tests would fail after the fix for pytest-dev/pyfakefs#489 is addressed in the pyfakefs we are using. in this change, we will run the test on behalf of root, so we can create and access the directories as we did before. Signed-off-by: Kefu Chai <tchaikov@gmail.com> (cherry picked from commit ed19416) Conflicts: src/cephadm/tests/fixtures.py
Describe the bug
We have come across this seemingly impossible scenario, where despite creating a file in pyfakefs, with completely removed permissions (effectively chmod
000
), it is STILL allowed to write and read from it.How To Reproduce
Here follows an example suite of tests:
We EXPECT
test_create_file
andtest_default_file_perms
to PASS, andtest_impossible_write_capability
to FAIL. The failure is because in that last test we change the permissions to chmod000
, yet, these commands do not throw.Run it like so:
Your enviroment
Note that we are in a docker, inside of python venv (via pipenv).
The text was updated successfully, but these errors were encountered: