Expect UnauthorizedAccessException in tvOS if extracting fifo from tar without elevation

[carlossanlop]

I saw a tvOS failure in one of my PRs. I had not seen it before, so I'm unsure if it's intermittent or consistent.

The ExtractToFile_SpecialFile_Unelevated_Throws method threw UnauthorizedAccessException when attempting to extract the fifo from the archive into disk:

https://github.com/dotnet/runtime/blame/051b4828c7d3a0cad3289830ef9fd2120f45bb2b/src/libraries/System.Formats.Tar/tests/TarReader/TarReader.ExtractToFile.Tests.Unix.cs#L39

In other Unix platforms, extracting fifos does not throw, but apparently it does on tvOS.

Here's the callstack:

[14:55:07.7170830] 2022-06-22 14:55:07.706 System.Formats.Tar.Tests[58680:78698627]    Exception messages: System.UnauthorizedAccessException : Access to the path '/private/var/mobile/Containers/Data/Application/11374FD2-B51C-49C4-844D-F40F062ACE94/tmp/1pslf5q1.gf2/output' is denied.
[14:55:07.7171130] ---- System.IO.IOException : Operation not permitted
[14:55:07.7189880] 2022-06-22 14:55:07.708 System.Formats.Tar.Tests[58680:78698627]    Exception stack traces:    at Interop.ThrowExceptionForIoErrno(ErrorInfo errorInfo, String path, Boolean isDirectory, Func`2 errorRewriter)
[14:55:07.7190220]    at System.Formats.Tar.TarEntry.ExtractAsFifo(String destinationFileName)
[14:55:07.7190300] 2022-06-22 14:55:07.708 System.Formats.Tar.Tests[58680:78698627]    at System.Formats.Tar.TarEntry.ExtractToFileInternal(String filePath, String linkTargetPath, Boolean overwrite)
[14:55:07.7190360]    at System.Formats.Tar.TarEntry.ExtractToFile(String destinationFileName, Boolean overwrite)
[14:55:07.7201670] 2022-06-22 14:55:07.709 System.Formats.Tar.Tests[58680:78698627]    at System.Formats.Tar.Tests.TarReader_ExtractToFile_Tests.ExtractToFile_SpecialFile_Unelevated_Throws()

[ghost]

Tagging subscribers to this area: @dotnet/area-system-io
See info in area-owners.md if you want to be subscribed.

Issue Details

---

I saw a tvOS failure in one of my PRs. I had not seen it before, so I'm unsure if it's intermittent or consistent.

The ExtractToFile_SpecialFile_Unelevated_Throws method threw UnauthorizedAccessException when attempting to extract the fifo from the archive into disk:

https://github.com/dotnet/runtime/blame/051b4828c7d3a0cad3289830ef9fd2120f45bb2b/src/libraries/System.Formats.Tar/tests/TarReader/TarReader.ExtractToFile.Tests.Unix.cs#L39

In other Unix platforms, extracting fifos does not throw, but apparently it does on tvOS.

Here's the callstack:

[14:55:07.7170830] 2022-06-22 14:55:07.706 System.Formats.Tar.Tests[58680:78698627]    Exception messages: System.UnauthorizedAccessException : Access to the path '/private/var/mobile/Containers/Data/Application/11374FD2-B51C-49C4-844D-F40F062ACE94/tmp/1pslf5q1.gf2/output' is denied.
[14:55:07.7171130] ---- System.IO.IOException : Operation not permitted
[14:55:07.7189880] 2022-06-22 14:55:07.708 System.Formats.Tar.Tests[58680:78698627]    Exception stack traces:    at Interop.ThrowExceptionForIoErrno(ErrorInfo errorInfo, String path, Boolean isDirectory, Func`2 errorRewriter)
[14:55:07.7190220]    at System.Formats.Tar.TarEntry.ExtractAsFifo(String destinationFileName)
[14:55:07.7190300] 2022-06-22 14:55:07.708 System.Formats.Tar.Tests[58680:78698627]    at System.Formats.Tar.TarEntry.ExtractToFileInternal(String filePath, String linkTargetPath, Boolean overwrite)
[14:55:07.7190360]    at System.Formats.Tar.TarEntry.ExtractToFile(String destinationFileName, Boolean overwrite)
[14:55:07.7201670] 2022-06-22 14:55:07.709 System.Formats.Tar.Tests[58680:78698627]    at System.Formats.Tar.Tests.TarReader_ExtractToFile_Tests.ExtractToFile_SpecialFile_Unelevated_Throws()

Author:	carlossanlop
Assignees:	carlossanlop
Labels:	area-System.IO
Milestone:	7.0.0

[carlossanlop]

/azp run runtime-extra-platforms

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[danmoseley]

Instead of wondering whether it's consistent or not, I suggest to leave the code as it is but wrap in a try catch for UnauthorizedAccessException and in the catch simply Assert that you're on tvOS.

[carlossanlop]

The file got renamed in my last PR, so I'll force push a new commit. Also, I realized the problem might be that this test is executed always, regardless if the process is or is not elevated. I should explicitly check if the process is not elevated as a ConditionalFact. I was able to repro this problem when executing the tests in Unix, both with a normal user and with sudo. There were some weird failures when running as sudo.

Instead of wondering whether it's consistent or not, I suggest to leave the code as it is but wrap in a try catch for UnauthorizedAccessException and in the catch simply Assert that you're on tvOS.

Sounds good. I'll do that too (if needed).

[carlossanlop]

I noticed this test, which was supposed to be the synchronous one, was written as the asynchronous one.

[carlossanlop]

/azp run runtime-extra-platforms

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[adamsitnik]

LGTM, thank you @carlossanlop

[adamsitnik]

all the affected tests belong to *.Unix.cs files so we can assume that they are executed only on Unix and just use the existing IsSuperUser property:

Suggested change

	[ConditionalFact(nameof(IsUnixButNotSuperUser))]
	[ConditionalFact(typeof(PlatformDetection), nameof(PlatformDetection.IsSuperUser))]

[carlossanlop]

Right, but I need them to not be executed as a super user, ever. That's why I created the extra property for the conditional fact. I don't know if you can negate a conditional fact condition, can you?

[carlossanlop]

The Unix can be removed, yes.

[adamsitnik]

@carlossanlop you are right, I am sorry I've missed the negation

[carlossanlop]

The test failures are unrelated, which means the change worked. I can remove the Unix portion of the condition in my next PR with test fixes, @adamsitnik .