Mirrors/junest
1
0
Fork 0
mirror of https://github.com/fsquillace/junest.git synced 2026-01-23 02:34:30 +00:00
Code Issues Projects Releases Wiki Activity

Issue #174: Add unit test for namespace

Browse source
This commit is contained in:
Filippo Squillace 2017-04-03 22:26:19 +01:00
parent 0f7fd33c53
commit 8e5531a27a
5 changed files with 181 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

1
lib/core/build.sh
View file

@ -137,4 +137,5 @@ function check_env(){
info "Removing the previous packages..."
JUNEST_HOME=${testdir} ${cmd} -f pacman --noconfirm -Rsn tcptraceroute tree iftop
JUNEST_HOME=${testdir} ${cmd} -u -- ls -la
}

62
lib/core/namespace.sh
View file

@ -26,7 +26,7 @@ function _is_user_namespace_enabled() {
return $NOT_EXISTING_FILE
fi
if ! zgrep_cmd "CONFIG_USER_NS=y" $config_file
if ! zgrep_cmd -q "CONFIG_USER_NS=y" $config_file
then
return $NO_CONFIG_FOUND
fi
@ -42,6 +42,35 @@ function _check_user_namespace() {
set -e
}
function _run_env_with_namespace(){
local backend_args="$1"
shift
if [[ "$1" != "" ]]
then
JUNEST_ENV=1 unshare_cmd --mount --user --map-root-user $GROOT $bindings $backend_args "$JUNEST_HOME" "${SH[@]}" "-c" "$(insert_quotes_on_spaces "${@}")"
else
JUNEST_ENV=1 unshare_cmd --mount --user --map-root-user $GROOT $bindings $backend_args "$JUNEST_HOME" "${SH[@]}"
fi
}
#######################################
# Run JuNest as normal user via user namespace.
#
# Globals:
# JUNEST_HOME (RO) : The JuNest home directory.
# GROOT (RO) : The groot program.
# SH (RO) : Contains the default command to run in JuNest.
# Arguments:
# backend_args ($1) : The arguments to pass to proot
# cmd ($2-?) : The command to run inside JuNest environment.
# Default command is defined by SH variable.
# Returns:
# Depends on the unshare command outcome.
# Output:
# - : The command output.
#######################################
function run_env_as_user_with_namespace() {
local backend_args="$1"
shift
@ -59,9 +88,26 @@ function run_env_as_user_with_namespace() {
local bindings=${RESULT}
unset RESULT
unshare_cmd --mount --user --map-root-user $GROOT $bindings $backend_args "$JUNEST_HOME"
# TODO make sure to run the environment as normal user
_run_env_with_namespace "$backend_args" "$@"
}
#######################################
# Run JuNest as fakeroot via user namespace.
#
# Globals:
# JUNEST_HOME (RO) : The JuNest home directory.
# GROOT (RO) : The groot program.
# SH (RO) : Contains the default command to run in JuNest.
# Arguments:
# backend_args ($1) : The arguments to pass to proot
# cmd ($2-?) : The command to run inside JuNest environment.
# Default command is defined by SH variable.
# Returns:
# Depends on the unshare command outcome.
# Output:
# - : The command output.
#######################################
function run_env_as_fakeroot_with_namespace() {
local backend_args="$1"
shift
@ -69,19 +115,9 @@ function run_env_as_fakeroot_with_namespace() {
copy_common_files
#mkdir -p "$chrootdir/$HOME"
#mkdir -p "$chrootdir/run/lock"
#chroot_add_mount --rbind /proc "$chrootdir/proc/"
#chroot_add_mount --rbind /dev "$chrootdir/dev/"
#chroot_add_mount --rbind /sys "$chrootdir/sys/"
#chroot_add_mount --rbind /tmp "$chrootdir/tmp/"
## alternately create a new tmp istead of binding it:
##chroot_add_mount -t tmpfs tmp "$chrootdir/tmp/"
#chroot_add_mount --rbind $HOME "$chrootdir/$HOME"
provide_common_bindings
local bindings=${RESULT}
unset RESULT
JUNEST_ENV=1 unshare_cmd --mount --user --map-root-user $GROOT $bindings $backend_args "$JUNEST_HOME"
_run_env_with_namespace "$backend_args" "$@"
}

24
lib/core/proot.sh
View file

@ -44,20 +44,23 @@ function _run_env_with_qemu(){
# Run JuNest as fakeroot.
#
# Globals:
# JUNEST_HOME (RO) : The JuNest home directory.
# EUID (RO) : The user ID.
# SH (RO) : Contains the default command to run in JuNest.
# JUNEST_HOME (RO) : The JuNest home directory.
# EUID (RO) : The user ID.
# SH (RO) : Contains the default command to run in JuNest.
# Arguments:
# cmd ($@?) : The command to run inside JuNest environment.
# backend_args ($1) : The arguments to pass to proot
# cmd ($2-?) : The command to run inside JuNest environment.
# Default command is defined by SH variable.
# Returns:
# $ROOT_ACCESS_ERROR : If the user is the real root.
# $ROOT_ACCESS_ERROR : If the user is the real root.
# Output:
# - : The command output.
# - : The command output.
#######################################
function run_env_as_fakeroot(){
(( EUID == 0 )) && \
die_on_status $ROOT_ACCESS_ERROR "You cannot access with root privileges. Use --root option instead."
local backend_args="$1"
shift
copy_common_files
@ -67,7 +70,7 @@ function run_env_as_fakeroot(){
# An alternative is via -S option:
#_run_env_with_qemu "-S ${JUNEST_HOME} $1" "${@:2}"
_run_env_with_qemu "-0 ${bindings} -r ${JUNEST_HOME} $1" "${@:2}"
_run_env_with_qemu "-0 ${bindings} -r ${JUNEST_HOME} $backend_args" "$@"
}
#######################################
@ -78,7 +81,8 @@ function run_env_as_fakeroot(){
# EUID (RO) : The user ID.
# SH (RO) : Contains the default command to run in JuNest.
# Arguments:
# cmd ($@?) : The command to run inside JuNest environment.
# backend_args ($1) : The arguments to pass to proot
# cmd ($2-?) : The command to run inside JuNest environment.
# Default command is defined by SH variable.
# Returns:
# $ROOT_ACCESS_ERROR : If the user is the real root.
@ -88,6 +92,8 @@ function run_env_as_fakeroot(){
function run_env_as_user(){
(( EUID == 0 )) && \
die_on_status $ROOT_ACCESS_ERROR "You cannot access with root privileges. Use --root option instead."
local backend_args="$1"
shift
# Files to bind are visible in `proot --help`.
# This function excludes /etc/mtab file so that
@ -105,5 +111,5 @@ function run_env_as_user(){
local bindings=${RESULT}
unset RESULT
_run_env_with_qemu "${bindings} -r ${JUNEST_HOME} $1" "${@:2}"
_run_env_with_qemu "${bindings} -r ${JUNEST_HOME} $backend_args" "$@"
}

97
tests/unit-tests/test-namespace.sh
View file

@ -5,8 +5,6 @@ JUNEST_ROOT=$(readlink -f $(dirname $0)/../..)
source "$JUNEST_ROOT/tests/utils/utils.sh"
source "$JUNEST_ROOT/lib/utils/utils.sh"
source "$JUNEST_ROOT/lib/core/common.sh"
source "$JUNEST_ROOT/lib/core/namespace.sh"
# Disable the exiterr
set +e
@ -15,14 +13,49 @@ function oneTimeSetUp(){
setUpUnitTests
}
## Mock functions ##
function init_mocks() {
function unshare_cmd(){
echo "unshare $@"
}
}
function setUp(){
cwdSetUp
junestSetUp
# Attempt to source the files under test to revert variable
# overrides (i.e. SH variable)
source "$JUNEST_ROOT/lib/core/common.sh"
source "$JUNEST_ROOT/lib/core/namespace.sh"
set +e
init_mocks
}
function tearDown(){
junestTearDown
cwdTearDown
}
function _test_copy_common_files() {
[[ -e /etc/hosts ]] && assertEquals "$(cat /etc/hosts)" "$(cat ${JUNEST_HOME}/etc/hosts)"
[[ -e /etc/host.conf ]] && assertEquals "$(cat /etc/host.conf)" "$(cat ${JUNEST_HOME}/etc/host.conf)"
[[ -e /etc/nsswitch.conf ]] && assertEquals "$(cat /etc/nsswitch.conf)" "$(cat ${JUNEST_HOME}/etc/nsswitch.conf)"
[[ -e /etc/resolv.conf ]] && assertEquals "$(cat /etc/resolv.conf)" "$(cat ${JUNEST_HOME}/etc/resolv.conf)"
}
function _test_copy_remaining_files() {
[[ -e /etc/hosts.equiv ]] && assertEquals "$(cat /etc/hosts.equiv)" "$(cat ${JUNEST_HOME}/etc/hosts.equiv)"
[[ -e /etc/netgroup ]] && assertEquals "$(cat /etc/netgroup)" "$(cat ${JUNEST_HOME}/etc/netgroup)"
[[ -e /etc/networks ]] && assertEquals "$(cat /etc/networks)" "$(cat ${JUNEST_HOME}/etc/networks)"
[[ -e ${JUNEST_HOME}/etc/passwd ]]
assertEquals 0 $?
[[ -e ${JUNEST_HOME}/etc/group ]]
assertEquals 0 $?
}
function test_is_user_namespace_enabled_no_config_file(){
CONFIG_PROC_FILE="blah"
CONFIG_BOOT_FILE="blah"
@ -45,4 +78,64 @@ function test_is_user_namespace_enabled_with_config(){
assertCommandSuccess _is_user_namespace_enabled
}
function test_run_env_as_user_with_namespace() {
assertCommandSuccess run_env_as_user_with_namespace "" ""
assertEquals "unshare --mount --user --map-root-user $GROOT -b $HOME -b /tmp -b /proc -b /sys -b /dev $JUNEST_HOME /bin/sh --login" "$(cat $STDOUTF)"
_test_copy_common_files
_test_copy_remaining_files
}
function test_run_env_as_user_with_namespace_with_bindings() {
assertCommandSuccess run_env_as_user_with_namespace "-b /usr -b /lib:/tmp/lib" ""
assertEquals "unshare --mount --user --map-root-user $GROOT -b $HOME -b /tmp -b /proc -b /sys -b /dev -b /usr -b /lib:/tmp/lib $JUNEST_HOME /bin/sh --login" "$(cat $STDOUTF)"
_test_copy_common_files
_test_copy_remaining_files
}
function test_run_env_as_user_with_namespace_with_command() {
assertCommandSuccess run_env_as_user_with_namespace "" "ls -la"
assertEquals "unshare --mount --user --map-root-user $GROOT -b $HOME -b /tmp -b /proc -b /sys -b /dev $JUNEST_HOME /bin/sh --login -c \"ls -la\"" "$(cat $STDOUTF)"
_test_copy_common_files
_test_copy_remaining_files
}
function test_run_env_as_user_with_namespace_with_bindings_and_command() {
assertCommandSuccess run_env_as_user_with_namespace "-b /usr -b /lib:/tmp/lib" "ls -la"
assertEquals "unshare --mount --user --map-root-user $GROOT -b $HOME -b /tmp -b /proc -b /sys -b /dev -b /usr -b /lib:/tmp/lib $JUNEST_HOME /bin/sh --login -c \"ls -la\"" "$(cat $STDOUTF)"
_test_copy_common_files
_test_copy_remaining_files
}
function test_run_env_as_fakeroot_with_namespace() {
assertCommandSuccess run_env_as_fakeroot_with_namespace "" ""
assertEquals "unshare --mount --user --map-root-user $GROOT -b $HOME -b /tmp -b /proc -b /sys -b /dev $JUNEST_HOME /bin/sh --login" "$(cat $STDOUTF)"
_test_copy_common_files
}
function test_run_env_as_fakeroot_with_namespace_with_bindings() {
assertCommandSuccess run_env_as_fakeroot_with_namespace "-b /usr -b /lib:/tmp/lib" ""
assertEquals "unshare --mount --user --map-root-user $GROOT -b $HOME -b /tmp -b /proc -b /sys -b /dev -b /usr -b /lib:/tmp/lib $JUNEST_HOME /bin/sh --login" "$(cat $STDOUTF)"
_test_copy_common_files
}
function test_run_env_as_fakeroot_with_namespace_with_command() {
assertCommandSuccess run_env_as_fakeroot_with_namespace "" "ls -la"
assertEquals "unshare --mount --user --map-root-user $GROOT -b $HOME -b /tmp -b /proc -b /sys -b /dev $JUNEST_HOME /bin/sh --login -c \"ls -la\"" "$(cat $STDOUTF)"
_test_copy_common_files
}
function test_run_env_as_fakeroot_with_namespace_with_bindings_and_command() {
assertCommandSuccess run_env_as_fakeroot_with_namespace "-b /usr -b /lib:/tmp/lib" "ls -la"
assertEquals "unshare --mount --user --map-root-user $GROOT -b $HOME -b /tmp -b /proc -b /sys -b /dev -b /usr -b /lib:/tmp/lib $JUNEST_HOME /bin/sh --login -c \"ls -la\"" "$(cat $STDOUTF)"
_test_copy_common_files
}
source $JUNEST_ROOT/tests/utils/shunit2

38
tests/unit-tests/test-proot.sh
View file

@ -29,6 +29,24 @@ function tearDown(){
cwdTearDown
}
function _test_copy_common_files() {
[[ -e /etc/hosts ]] && assertEquals "$(cat /etc/hosts)" "$(cat ${JUNEST_HOME}/etc/hosts)"
[[ -e /etc/host.conf ]] && assertEquals "$(cat /etc/host.conf)" "$(cat ${JUNEST_HOME}/etc/host.conf)"
[[ -e /etc/nsswitch.conf ]] && assertEquals "$(cat /etc/nsswitch.conf)" "$(cat ${JUNEST_HOME}/etc/nsswitch.conf)"
[[ -e /etc/resolv.conf ]] && assertEquals "$(cat /etc/resolv.conf)" "$(cat ${JUNEST_HOME}/etc/resolv.conf)"
}
function _test_copy_remaining_files() {
[[ -e /etc/hosts.equiv ]] && assertEquals "$(cat /etc/hosts.equiv)" "$(cat ${JUNEST_HOME}/etc/hosts.equiv)"
[[ -e /etc/netgroup ]] && assertEquals "$(cat /etc/netgroup)" "$(cat ${JUNEST_HOME}/etc/netgroup)"
[[ -e /etc/networks ]] && assertEquals "$(cat /etc/networks)" "$(cat ${JUNEST_HOME}/etc/networks)"
[[ -e ${JUNEST_HOME}/etc/passwd ]]
assertEquals 0 $?
[[ -e ${JUNEST_HOME}/etc/group ]]
assertEquals 0 $?
}
function test_run_env_as_user(){
_run_env_with_qemu() {
echo $@
@ -40,19 +58,8 @@ function test_run_env_as_user(){
assertCommandSuccess run_env_as_user "-k 3.10"
assertEquals "-b $HOME -b /tmp -b /proc -b /sys -b /dev -r ${JUNEST_HOME} -k 3.10" "$(cat $STDOUTF)"
[[ -e /etc/hosts ]] && assertEquals "$(cat /etc/hosts)" "$(cat ${JUNEST_HOME}/etc/hosts)"
[[ -e /etc/host.conf ]] && assertEquals "$(cat /etc/host.conf)" "$(cat ${JUNEST_HOME}/etc/host.conf)"
[[ -e /etc/nsswitch.conf ]] && assertEquals "$(cat /etc/nsswitch.conf)" "$(cat ${JUNEST_HOME}/etc/nsswitch.conf)"
[[ -e /etc/resolv.conf ]] && assertEquals "$(cat /etc/resolv.conf)" "$(cat ${JUNEST_HOME}/etc/resolv.conf)"
[[ -e /etc/hosts.equiv ]] && assertEquals "$(cat /etc/hosts.equiv)" "$(cat ${JUNEST_HOME}/etc/hosts.equiv)"
[[ -e /etc/netgroup ]] && assertEquals "$(cat /etc/netgroup)" "$(cat ${JUNEST_HOME}/etc/netgroup)"
[[ -e /etc/passwd ]]
assertEquals 0 $?
[[ -e /etc/group ]]
assertEquals 0 $?
_test_copy_common_files
_test_copy_remaining_files
}
function test_run_env_as_fakeroot(){
@ -66,10 +73,7 @@ function test_run_env_as_fakeroot(){
assertCommandSuccess run_env_as_fakeroot "-k 3.10"
assertEquals "-0 -b ${HOME} -b /tmp -b /proc -b /sys -b /dev -r ${JUNEST_HOME} -k 3.10" "$(cat $STDOUTF)"
[[ -e /etc/hosts ]] && assertEquals "$(cat /etc/hosts)" "$(cat ${JUNEST_HOME}/etc/hosts)"
[[ -e /etc/host.conf ]] && assertEquals "$(cat /etc/host.conf)" "$(cat ${JUNEST_HOME}/etc/host.conf)"
[[ -e /etc/nsswitch.conf ]] && assertEquals "$(cat /etc/nsswitch.conf)" "$(cat ${JUNEST_HOME}/etc/nsswitch.conf)"
[[ -e /etc/resolv.conf ]] && assertEquals "$(cat /etc/resolv.conf)" "$(cat ${JUNEST_HOME}/etc/resolv.conf)"
_test_copy_common_files
}
function test_run_env_with_quotes(){