[LTP] [RFC] 'nobody' user for testing

[Petr Vorel]

> Hi Petr,

> On 9/17/25 12:27 PM, Petr Vorel wrote:
> > Hi,

> > I found a setup bug on LTP IMA tests ima_conditionals.sh and
> > ima_measurements.sh which use 'sudo' (with user 'nobody'). We have many C tests
> > in LTP which use 'nobody' user somehow, but they don't actually execute
> > anything with this account. IMHO these are the only tests which execute with 'sudo'
> > (please double check me).

> > $ git grep -l nobody testcases/kernel/syscalls/ | wc -l
> > 160

> > Because on newer systems (I checked Tumblewed, Fedora, Debian) 'nobody' account use
> > /usr/sbin/nologin which prevents logging, we 1) either need to change account
> > to use bash (and restore it back after testing) or 2) create a dedicated user
> > for testing. I'd try to use 'useradd' and check with grep /etc/passwd if the
> > user is not already defined.

> > I tend to use 2), add it only to IMA tests (to ima_setup.sh). But I could
> > put some more generic code to tst_test.sh so that it can be reused by other
> > tests in the future. WDYT?

> > Also, as we heavily use 'nobody' already I'm not sure if it's worth to bother
> > with putting environment variable allowing a different user. Nobody so far complained,
> > even AOSP folks seem to be used C tests which use 'nobody' (e.g. fchmod06.c is
> > compiled [1] and not disabled [2]).

> > Also, we agreed with Cyril, that it'd be good to convert these 2 IMA tests to
> > use 'su' instead of 'sudo' because 'su' is simpler than 'sudo' (although when
> > testing with rapido [3] none of them works out of the box).

> > [1] https://android.googlesource.com/platform/external/ltp/+/refs/heads/main/android/Android.bp
> > [2] https://android.googlesource.com/platform/external/ltp/+/refs/heads/main/android/tools/disabled_tests.txt
> > [3] https://github.com/rapido-linux/rapido
> As far as I understand, the ima_conditionals.sh and ima_measurements.sh
> tests are using sudo for creating a file from a specific user/group. This is
> already achieved in other tests such as dirtyc0w_shmem, where we spawn a new
> process, changing its current user/group to 'nobody' and executing a
> command.

> I don't know the internal sudo implementation, but I guess that's enough for
> the IMA tests, unless IMA testing suite wants to verify that sudo command is
> working properly within the IMA support.

> In short, I would re-implement those two tests in C to make it easy.

All tests use ima_setup.sh (more code than the test themselves) which needs to
be rewritten into C. And ideally rewrite all code at once, not having to
maintain helper implementations in both C and shell. i.e. bigger task than
simple pre-release fix.

Short term solution will be Jan's suggestion to write simple "sudo" binary or
even just let testers to fix the setup (i.e. fix it for us in openQA).

In a long term all shell tests will be either rewritten to C or
abandoned/removed (if not relevant). But because it's quite a lot of code in
helping libraries (e.g. for networking tests tst_net.sh) and we have still 248 C
API and 48 shell API legacy tests Cyril wrote shell loader (way to drop
implementing C API library functionality in shell API).

Kind regards,
Petr

[1] https://lore.kernel.org/ltp/CAASaF6yjdrLLVnehESx1TjsrB_z48nmN_2i585GPfkG3Vvg15Q@mail.gmail.com/