Snowflake-Labs · stvnrhodes · May 3, 2023 · Jun 5, 2023 · Jun 6, 2023 · Jun 6, 2023
diff --git a/.gitattributes b/.gitattributes
@@ -0,0 +1,3 @@
+# We checksum this data in tests so we need the content to be
+# identical across operating systems.
+services/localfile/server/testdata/sum.data text eol=lf
diff --git a/.github/workflows/build-test.yaml b/.github/workflows/build-test.yaml
@@ -8,26 +8,26 @@ on:
       - v*
   pull_request:
   schedule:
-    - cron:  '7 3 * * *'
+    - cron: "7 3 * * *"
 jobs:
   pre-commit:
     name: Pre commit
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
-    - uses: actions/setup-go@v3
-      with:
-        go-version-file: 'go.mod'
-    - uses: actions/setup-python@v3
-    - uses: pre-commit/[email protected]
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
+        with:
+          go-version-file: "go.mod"
+      - uses: actions/setup-python@v3
+      - uses: pre-commit/[email protected]
   test:
     name: Unit tests
     runs-on: ubuntu-20.04
     steps:
       - uses: actions/checkout@v3
       - uses: actions/setup-go@v3
         with:
-          go-version-file: 'go.mod'
+          go-version-file: "go.mod"
       - name: Install tools
         run: |
           sudo apt-get update
@@ -37,4 +37,23 @@ jobs:
       - name: integration tests
         run: ./testing/integrate.sh
         shell: bash
-
+  test-macos:
+    name: Test on macos
+    runs-on: macos-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
+        with:
+          go-version-file: "go.mod"
+      - name: unit tests
+        run: go test ./...
+  test-windows:
+    name: Test on windows
+    runs-on: windows-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
+        with:
+          go-version-file: "go.mod"
+      - name: unit tests
+        run: go test ./...
diff --git a/server/server_test.go b/server/server_test.go
@@ -47,12 +47,13 @@ package sansshell.authz
 default allow = false
 
 allow {
-    input.type = "LocalFile.ReadActionRequest"
-		input.message.file.filename = "/etc/hosts"
-}
-allow {
-    input.type = "LocalFile.ReadActionRequest"
-		input.message.file.filename = "/no-such-filename-for-sansshell-unittest"
+	input.type = "LocalFile.ReadActionRequest"
+	input.message.file.filename in [
+		"/etc/hosts",
+		"/no-such-filename-for-sansshell-unittest",
+		"C:\\Windows\\win.ini",
+		"C:\\no-such-filename-for-sansshell-unittest",
+	]
 }
 `
 )
@@ -138,23 +139,7 @@ func TestRead(t *testing.T) {
 	testutil.FatalOnErr("Failed to dial bufnet", err, t)
 	t.Cleanup(func() { conn.Close() })
 
-	for _, tc := range []struct {
-		filename string
-		err      string
-	}{
-		{
-			filename: "/etc/hosts",
-			err:      "",
-		},
-		{
-			filename: "/no-such-filename-for-sansshell-unittest",
-			err:      "no such file or directory",
-		},
-		{
-			filename: "/permission-denied-filename-for-sansshell-unittest",
-			err:      "PermissionDenied",
-		},
-	} {
+	for _, tc := range readFileTestCases {
 		tc := tc
 		t.Run(tc.filename, func(t *testing.T) {
 			client := lfpb.NewLocalFileClient(conn)

diff --git a/server/server_unix_test.go b/server/server_unix_test.go
@@ -0,0 +1,21 @@
+//go:build unix
+
+package server
+
+var readFileTestCases = []struct {
+	filename string
+	err      string
+}{
+	{
+		filename: "/etc/hosts",
+		err:      "",
+	},
+	{
+		filename: "/no-such-filename-for-sansshell-unittest",
+		err:      "no such file or directory",
+	},
+	{
+		filename: "/permission-denied-filename-for-sansshell-unittest",
+		err:      "PermissionDenied",
+	},
+}
diff --git a/server/server_windows_test.go b/server/server_windows_test.go
@@ -0,0 +1,21 @@
+//go:build windows
+
+package server
+
+var readFileTestCases = []struct {
+	filename string
+	err      string
+}{
+	{
+		filename: "C:\\Windows\\win.ini",
+		err:      "",
+	},
+	{
+		filename: "C:\\no-such-filename-for-sansshell-unittest",
+		err:      "The system cannot find the file specified",
+	},
+	{
+		filename: "/permission-denied-filename-for-sansshell-unittest",
+		err:      "PermissionDenied",
+	},
+}
diff --git a/services/fdb/server/conf_test.go b/services/fdb/server/conf_test.go
@@ -1,3 +1,5 @@
+//go:build unix
+
 /* Copyright (c) 2019 Snowflake Inc. All rights reserved.
 
    Licensed under the Apache License, Version 2.0 (the

diff --git a/services/fdb/server/fdbcli_test.go b/services/fdb/server/fdbcli_test.go
@@ -1,3 +1,5 @@
+//go:build unix
+
 /* Copyright (c) 2019 Snowflake Inc. All rights reserved.
 
    Licensed under the Apache License, Version 2.0 (the

diff --git a/services/fdb/server/server_test.go b/services/fdb/server/server_test.go
@@ -1,3 +1,5 @@
+//go:build unix
+
 /* Copyright (c) 2019 Snowflake Inc. All rights reserved.
 
    Licensed under the Apache License, Version 2.0 (the

diff --git a/services/localfile/server/localfile.go b/services/localfile/server/localfile.go
@@ -32,6 +32,7 @@ import (
 	"os"
 	"os/user"
 	"path/filepath"
+	"runtime"
 	"strconv"
 	"time"
 
@@ -43,8 +44,6 @@ import (
 	"github.com/Snowflake-Labs/sansshell/services/util"
 	"github.com/Snowflake-Labs/sansshell/telemetry/metrics"
 
-	"golang.org/x/sys/unix"
-
 	"github.com/go-logr/logr"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
@@ -57,7 +56,7 @@ var (
 	AbsolutePathError = status.Error(codes.InvalidArgument, "filename path must be absolute and clean")
 
 	// For testing since otherwise tests have to run as root for these.
-	chown             = unix.Chown
+	chown             = os.Chown
 	changeImmutableOS = changeImmutable
 
 	// ReadTimeout is how long tail should wait on a given poll call
@@ -95,7 +94,7 @@ var (
 
 // This encompasses the permission plus the setuid/gid/sticky bits one
 // can set on a file/directory.
-const modeMask = uint32(fs.ModePerm | fs.ModeSticky | fs.ModeSetuid | fs.ModeSetgid)
+const modeMask = fs.ModePerm | fs.ModeSticky | fs.ModeSetuid | fs.ModeSetgid
 
 // server is used to implement the gRPC server
 type server struct{}
@@ -320,6 +319,9 @@ func setupOutput(a *pb.FileAttributes) (*os.File, *immutableState, error) {
 	// to accidentally leave this in another otherwise default state.
 	// Except we don't trigger immutable now or we won't be able to write to it.
 	immutable, err := validateAndSetAttrs(f.Name(), a.Attributes, false)
+	if err != nil {
+		f.Close()
+	}
 	return f, immutable, err
 }
 
@@ -577,7 +579,7 @@ type immutableState struct {
 func validateAndSetAttrs(filename string, attrs []*pb.FileAttribute, doImmutable bool) (*immutableState, error) {
 	uid, gid := int(-1), int(-1)
 	setMode, setImmutable, immutable := false, false, false
-	mode := uint32(0)
+	mode := fs.FileMode(0)
 
 	for _, attr := range attrs {
 		switch a := attr.Value.(type) {
@@ -621,7 +623,7 @@ func validateAndSetAttrs(filename string, attrs []*pb.FileAttribute, doImmutable
 			if setMode {
 				return nil, status.Error(codes.InvalidArgument, "cannot set mode more than once")
 			}
-			mode = a.Mode
+			mode = fs.FileMode(a.Mode)
 			setMode = true
 		case *pb.FileAttribute_Immutable:
 			if setImmutable {
@@ -632,14 +634,14 @@ func validateAndSetAttrs(filename string, attrs []*pb.FileAttribute, doImmutable
 		}
 	}
 
-	if uid != -1 || gid != -1 {
+	if (uid != -1 || gid != -1) && runtime.GOOS != "windows" {
 		if err := chown(filename, uid, gid); err != nil {
 			return nil, status.Errorf(codes.Internal, "error from chown: %v", err)
 		}
 	}
 
 	if setMode {
-		if err := unix.Chmod(filename, mode&modeMask); err != nil {
+		if err := os.Chmod(filename, mode&modeMask); err != nil {
 			return nil, status.Errorf(codes.Internal, "error from chmod: %v", err)
 		}
 	}
@@ -687,7 +689,7 @@ func (s *server) Rm(ctx context.Context, req *pb.RmRequest) (*emptypb.Empty, err
 		recorder.CounterOrLog(ctx, localfileRmFailureCounter, 1, attribute.String("reason", "invalid_path"))
 		return nil, err
 	}
-	err := unix.Unlink(req.Filename)
+	err := osAgnosticRm(req.Filename)
 	if err != nil {
 		recorder.CounterOrLog(ctx, localfileRmFailureCounter, 1, attribute.String("reason", "unlink_err"))
 		return nil, status.Errorf(codes.Internal, "unlink error: %v", err)
@@ -703,7 +705,7 @@ func (s *server) Rmdir(ctx context.Context, req *pb.RmdirRequest) (*emptypb.Empt
 		recorder.CounterOrLog(ctx, localfileRmDirFailureCounter, 1, attribute.String("reason", "invalid_path"))
 		return nil, err
 	}
-	err := unix.Rmdir(req.Directory)
+	err := osAgnosticRmdir(req.Directory)
 	if err != nil {
 		recorder.CounterOrLog(ctx, localfileRmDirFailureCounter, 1, attribute.String("reason", "rmdir_err"))
 		return nil, status.Errorf(codes.Internal, "rmdir error: %v", err)
@@ -723,7 +725,7 @@ func (s *server) Rename(ctx context.Context, req *pb.RenameRequest) (*emptypb.Em
 		recorder.CounterOrLog(ctx, localfileRenameFailureCounter, 1, attribute.String("reason", "invalid_dst_path"))
 		return nil, err
 	}
-	err := unix.Rename(req.OriginalName, req.DestinationName)
+	err := os.Rename(req.OriginalName, req.DestinationName)
 	if err != nil {
 		recorder.CounterOrLog(ctx, localfileRenameFailureCounter, 1, attribute.String("reason", "rename_err"))
 		return nil, status.Errorf(codes.Internal, "rename error: %v", err)

diff --git a/services/localfile/server/localfile_default.go b/services/localfile/server/localfile_default.go
@@ -1,5 +1,5 @@
-//go:build !(linux || darwin)
-// +build !linux,!darwin
+//go:build !(linux || darwin || windows)
+// +build !linux,!darwin,!windows
 
 /* Copyright (c) 2019 Snowflake Inc. All rights reserved.
 
@@ -32,9 +32,11 @@ import (
 	pb "github.com/Snowflake-Labs/sansshell/services/localfile"
 )
 
-// osStat is the platform agnostic version which uses basic os.Stat.
+var osStat = defaultOsStat
+
+// defaultOsStat is the platform agnostic version which uses basic os.Stat.
 // As a result immutable bits cannot be returned.
-func osStat(path string, useLstat bool) (*pb.StatReply, error) {
+func defaultOsStat(path string, useLstat bool) (*pb.StatReply, error) {
 	var stat fs.FileInfo
 	var err error
 	if useLstat {
@@ -83,14 +85,14 @@ func dataPrep(f *os.File) (interface{}, func(), error) {
 // stream and then return no matter what (assuming the file was already
 // at EOF).
 func dataReady(_ interface{}, stream pb.LocalFile_ReadServer) error {
-	// We sleep for READ_TIMEOUT_SEC between calls as there's no good
+	// We sleep for ReadTimeout between calls as there's no good
 	// way to poll on a file. Once it reaches EOF it's always readable
 	// (you just get EOF). We have to poll like this so we can check
 	// the context state and return if it's canclled.
 	if stream.Context().Err() != nil {
 		return stream.Context().Err()
 	}
-	time.Sleep(READ_TIMEOUT_SEC * time.Second)
+	time.Sleep(ReadTimeout * time.Second)
 	// Time to try again.
 	return nil
 }