From e566288cfbe5495052b32fefbf9da3ccf44f1c88 Mon Sep 17 00:00:00 2001
From: "Mark A. Grondona" <mark.grondona@gmail.com>
Date: Sun, 29 Mar 2020 15:54:35 +0000
Subject: [PATCH] testsuite: add check for proctable service security

Add test to ensure proctable shell service is not accessible to
all users in t2610-job-shell-mpir.t.
---
 t/t2610-job-shell-mpir.t | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/t/t2610-job-shell-mpir.t b/t/t2610-job-shell-mpir.t
index a0bd0a91441b..c3088d45235b 100755
--- a/t/t2610-job-shell-mpir.t
+++ b/t/t2610-job-shell-mpir.t
@@ -34,4 +34,21 @@ for test in 1:1 2:2 2:4 4:4 4:8 4:7; do
         flux job attach ${id}
     '
 done
+
+
+test_expect_success 'flux-shell: test security of proctable method' '
+    id=$(flux mini submit -o stop-tasks-in-exec /bin/true) &&
+    flux job wait-event -vt 5 -p guest.exec.eventlog \
+        -m sync=true ${id} shell.start &&
+    shell_rank=$(shell_leader_rank $id) &&
+    shell_service=$(shell_service $id) &&
+    ( export FLUX_HANDLE_USERID=9999 &&
+      export FLUX_HANDLE_ROLEMASK=0x2 &&
+      test_expect_code 1 ${mpir} $shell_rank $shell_service
+    ) &&
+    ${mpir} $(shell_leader_rank $id) $(shell_service $id) &&
+    flux job kill -s CONT ${id} &&
+    flux job attach ${id}
+'
+
 test_done