Skip to content

Do not use sudo FQDN lookups #199

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
basak-qcom wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Do not use sudo FQDN lookups #199

Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
52829d7
qemu_test: factor out vm fixture
basak-qcom Nov 14, 2025
ba629bb
qemu_test: re-use the same qemu vm fixture
basak-qcom Nov 14, 2025
8ec93a6
ci: add and integrate qemu_guest_test.py
basak-qcom Nov 14, 2025
d8a43b6
qemu_guest_test: add test for sudo fqdn issue
basak-qcom Nov 14, 2025
deddc35
Do not use sudo FQDN lookups
basak-qcom Nov 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
69 changes: 69 additions & 0 deletions ci/qemu_guest_test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@
# These tests are run inside the qemu guest as root using its own pytest runner
# invocation.

import subprocess
import tempfile

import pytest

# Mark this module so that the main test runner can skip it when running from
Expand All @@ -20,3 +23,69 @@ def test_empty():
# The empty test. This is nevertheless useful as its presence ensures that
# the host is calling the guest test suite in this module correctly.
pass


# To keep tests fast for developer iteration, just install all the test
# dependencies together once for all tests defined here. It is likely that our
# tests here are not going to interact. If they do, then we can decide whether
# to compromise on this at that time.
@pytest.fixture(scope="module")
def apt_dependencies():
# To speed things up, we deliberately skip the apt-get update here on the
# assumption that it was arranged by whatever is running the test. This is
# arranged from qemu_test.py::test_using_guest_tests() instead.
subprocess.run(
["apt-get", "install", "-y", "--no-install-recommends", "sudo", "gdb"],
check=True,
)


@pytest.mark.xfail(
reason="https://github.com/qualcomm-linux/qcom-deb-images/issues/193",
strict=True,
)
def test_sudo_no_fqdn(apt_dependencies):
"""sudo should not call FQDN lookup functions

See: https://github.com/qualcomm-linux/qcom-deb-images/issues/193
"""
with tempfile.NamedTemporaryFile(
mode="w", delete_on_close=False
) as gdb_commands_file:
print(
"catch load",
"run",
"del 1",
sep="\n",
file=gdb_commands_file,
)
for fn_name in [
"gethostbyaddr",
"getnameinfo",
"getaddrinfo",
"gethostbyname",
]:
print(
f"break {fn_name}",
f"commands",
f' print "{fn_name} called\\n"',
f" quit 1",
f"end",
sep="\n",
file=gdb_commands_file,
)
print("continue", file=gdb_commands_file)
gdb_commands_file.close()

subprocess.run(
[
"gdb",
"--batch",
"-x",
gdb_commands_file.name,
"--args",
"sudo",
Copy link
Contributor

@lool lool Nov 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm a little bit surprized that this works; isn't sudo SUID and losing its SUID bit when run under GDB? I guess all tests run as root and this is sudo without SUID launched from the tests launched from a sudo shell.

"true",
],
check=True,
)