bump runc@b263a43430ac6996a4302b891688544225197294
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
Antonio Murdaca
parent
73a0881dbb
commit
c258a2d8f0
386 changed files with 9394 additions and 39467 deletions
186
vendor/github.com/opencontainers/runc/libcontainer/integration/exec_test.go
generated
vendored
186
vendor/github.com/opencontainers/runc/libcontainer/integration/exec_test.go
generated
vendored
|
|
@ -2,6 +2,7 @@ package integration
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
|
|
@ -38,12 +39,12 @@ func testExecPS(t *testing.T, userns bool) {
|
|||
defer remove(rootfs)
|
||||
config := newTemplateConfig(rootfs)
|
||||
if userns {
|
||||
config.UidMappings = []configs.IDMap{{0, 0, 1000}}
|
||||
config.GidMappings = []configs.IDMap{{0, 0, 1000}}
|
||||
config.UidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}}
|
||||
config.GidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}}
|
||||
config.Namespaces = append(config.Namespaces, configs.Namespace{Type: configs.NEWUSER})
|
||||
}
|
||||
|
||||
buffers, exitCode, err := runContainer(config, "", "ps")
|
||||
buffers, exitCode, err := runContainer(config, "", "ps", "-o", "pid,user,comm")
|
||||
if err != nil {
|
||||
t.Fatalf("%s: %s", buffers, err)
|
||||
}
|
||||
|
|
@ -180,8 +181,8 @@ func testRlimit(t *testing.T, userns bool) {
|
|||
|
||||
config := newTemplateConfig(rootfs)
|
||||
if userns {
|
||||
config.UidMappings = []configs.IDMap{{0, 0, 1000}}
|
||||
config.GidMappings = []configs.IDMap{{0, 0, 1000}}
|
||||
config.UidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}}
|
||||
config.GidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}}
|
||||
config.Namespaces = append(config.Namespaces, configs.Namespace{Type: configs.NEWUSER})
|
||||
}
|
||||
|
||||
|
|
@ -199,17 +200,6 @@ func testRlimit(t *testing.T, userns bool) {
|
|||
}
|
||||
}
|
||||
|
||||
func newTestRoot() (string, error) {
|
||||
dir, err := ioutil.TempDir("", "libcontainer")
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
if err := os.MkdirAll(dir, 0700); err != nil {
|
||||
return "", err
|
||||
}
|
||||
return dir, nil
|
||||
}
|
||||
|
||||
func TestEnter(t *testing.T) {
|
||||
if testing.Short() {
|
||||
return
|
||||
|
|
@ -241,7 +231,7 @@ func TestEnter(t *testing.T) {
|
|||
Stdin: stdinR,
|
||||
Stdout: &stdout,
|
||||
}
|
||||
err = container.Start(&pconfig)
|
||||
err = container.Run(&pconfig)
|
||||
stdinR.Close()
|
||||
defer stdinW.Close()
|
||||
ok(t, err)
|
||||
|
|
@ -259,7 +249,7 @@ func TestEnter(t *testing.T) {
|
|||
pconfig2.Stdin = stdinR2
|
||||
pconfig2.Stdout = &stdout2
|
||||
|
||||
err = container.Start(&pconfig2)
|
||||
err = container.Run(&pconfig2)
|
||||
stdinR2.Close()
|
||||
defer stdinW2.Close()
|
||||
ok(t, err)
|
||||
|
|
@ -330,7 +320,7 @@ func TestProcessEnv(t *testing.T) {
|
|||
Stdin: nil,
|
||||
Stdout: &stdout,
|
||||
}
|
||||
err = container.Start(&pconfig)
|
||||
err = container.Run(&pconfig)
|
||||
ok(t, err)
|
||||
|
||||
// Wait for process
|
||||
|
|
@ -378,7 +368,7 @@ func TestProcessCaps(t *testing.T) {
|
|||
Stdin: nil,
|
||||
Stdout: &stdout,
|
||||
}
|
||||
err = container.Start(&pconfig)
|
||||
err = container.Run(&pconfig)
|
||||
ok(t, err)
|
||||
|
||||
// Wait for process
|
||||
|
|
@ -431,7 +421,6 @@ func TestAdditionalGroups(t *testing.T) {
|
|||
defer remove(rootfs)
|
||||
|
||||
config := newTemplateConfig(rootfs)
|
||||
config.AdditionalGroups = []string{"plugdev", "audio"}
|
||||
|
||||
factory, err := libcontainer.New(root, libcontainer.Cgroupfs)
|
||||
ok(t, err)
|
||||
|
|
@ -442,13 +431,14 @@ func TestAdditionalGroups(t *testing.T) {
|
|||
|
||||
var stdout bytes.Buffer
|
||||
pconfig := libcontainer.Process{
|
||||
Cwd: "/",
|
||||
Args: []string{"sh", "-c", "id", "-Gn"},
|
||||
Env: standardEnvironment,
|
||||
Stdin: nil,
|
||||
Stdout: &stdout,
|
||||
Cwd: "/",
|
||||
Args: []string{"sh", "-c", "id", "-Gn"},
|
||||
Env: standardEnvironment,
|
||||
Stdin: nil,
|
||||
Stdout: &stdout,
|
||||
AdditionalGroups: []string{"plugdev", "audio"},
|
||||
}
|
||||
err = container.Start(&pconfig)
|
||||
err = container.Run(&pconfig)
|
||||
ok(t, err)
|
||||
|
||||
// Wait for process
|
||||
|
|
@ -508,7 +498,7 @@ func testFreeze(t *testing.T, systemd bool) {
|
|||
Env: standardEnvironment,
|
||||
Stdin: stdinR,
|
||||
}
|
||||
err = container.Start(pconfig)
|
||||
err = container.Run(pconfig)
|
||||
stdinR.Close()
|
||||
defer stdinW.Close()
|
||||
ok(t, err)
|
||||
|
|
@ -613,7 +603,7 @@ func testPids(t *testing.T, systemd bool) {
|
|||
}
|
||||
|
||||
// Enforce a restrictive limit. 64 * /bin/true + 1 * shell should cause this
|
||||
// to fail reliabily.
|
||||
// to fail reliability.
|
||||
config.Cgroups.Resources.PidsLimit = 64
|
||||
out, _, err := runContainer(config, "", "/bin/sh", "-c", `
|
||||
/bin/true | /bin/true | /bin/true | /bin/true | /bin/true | /bin/true | bin/true | /bin/true |
|
||||
|
|
@ -719,7 +709,7 @@ func TestContainerState(t *testing.T) {
|
|||
Env: standardEnvironment,
|
||||
Stdin: stdinR,
|
||||
}
|
||||
err = container.Start(p)
|
||||
err = container.Run(p)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
|
@ -772,7 +762,7 @@ func TestPassExtraFiles(t *testing.T) {
|
|||
Stdin: nil,
|
||||
Stdout: &stdout,
|
||||
}
|
||||
err = container.Start(&process)
|
||||
err = container.Run(&process)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
|
@ -853,7 +843,7 @@ func TestMountCmds(t *testing.T) {
|
|||
Args: []string{"sh", "-c", "env"},
|
||||
Env: standardEnvironment,
|
||||
}
|
||||
err = container.Start(&pconfig)
|
||||
err = container.Run(&pconfig)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
|
@ -902,7 +892,7 @@ func TestSysctl(t *testing.T) {
|
|||
Stdin: nil,
|
||||
Stdout: &stdout,
|
||||
}
|
||||
err = container.Start(&pconfig)
|
||||
err = container.Run(&pconfig)
|
||||
ok(t, err)
|
||||
|
||||
// Wait for process
|
||||
|
|
@ -1042,7 +1032,7 @@ func TestOomScoreAdj(t *testing.T) {
|
|||
Stdin: nil,
|
||||
Stdout: &stdout,
|
||||
}
|
||||
err = container.Start(&pconfig)
|
||||
err = container.Run(&pconfig)
|
||||
ok(t, err)
|
||||
|
||||
// Wait for process
|
||||
|
|
@ -1059,17 +1049,32 @@ func TestHook(t *testing.T) {
|
|||
if testing.Short() {
|
||||
return
|
||||
}
|
||||
root, err := newTestRoot()
|
||||
|
||||
bundle, err := newTestBundle()
|
||||
ok(t, err)
|
||||
defer os.RemoveAll(root)
|
||||
defer remove(bundle)
|
||||
|
||||
rootfs, err := newRootfs()
|
||||
ok(t, err)
|
||||
defer remove(rootfs)
|
||||
|
||||
config := newTemplateConfig(rootfs)
|
||||
expectedBundlePath := "/path/to/bundle/path"
|
||||
expectedBundlePath := bundle
|
||||
config.Labels = append(config.Labels, fmt.Sprintf("bundle=%s", expectedBundlePath))
|
||||
|
||||
getRootfsFromBundle := func(bundle string) (string, error) {
|
||||
f, err := os.Open(filepath.Join(bundle, "config.json"))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
var config configs.Config
|
||||
if err = json.NewDecoder(f).Decode(&config); err != nil {
|
||||
return "", err
|
||||
}
|
||||
return config.Rootfs, nil
|
||||
}
|
||||
|
||||
config.Hooks = &configs.Hooks{
|
||||
Prestart: []configs.Hook{
|
||||
configs.NewFunctionHook(func(s configs.HookState) error {
|
||||
|
|
@ -1077,7 +1082,11 @@ func TestHook(t *testing.T) {
|
|||
t.Fatalf("Expected prestart hook bundlePath '%s'; got '%s'", expectedBundlePath, s.BundlePath)
|
||||
}
|
||||
|
||||
f, err := os.Create(filepath.Join(s.Root, "test"))
|
||||
root, err := getRootfsFromBundle(s.BundlePath)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
f, err := os.Create(filepath.Join(root, "test"))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -1090,7 +1099,11 @@ func TestHook(t *testing.T) {
|
|||
t.Fatalf("Expected poststart hook bundlePath '%s'; got '%s'", expectedBundlePath, s.BundlePath)
|
||||
}
|
||||
|
||||
return ioutil.WriteFile(filepath.Join(s.Root, "test"), []byte("hello world"), 0755)
|
||||
root, err := getRootfsFromBundle(s.BundlePath)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return ioutil.WriteFile(filepath.Join(root, "test"), []byte("hello world"), 0755)
|
||||
}),
|
||||
},
|
||||
Poststop: []configs.Hook{
|
||||
|
|
@ -1099,10 +1112,20 @@ func TestHook(t *testing.T) {
|
|||
t.Fatalf("Expected poststop hook bundlePath '%s'; got '%s'", expectedBundlePath, s.BundlePath)
|
||||
}
|
||||
|
||||
return os.RemoveAll(filepath.Join(s.Root, "test"))
|
||||
root, err := getRootfsFromBundle(s.BundlePath)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return os.RemoveAll(filepath.Join(root, "test"))
|
||||
}),
|
||||
},
|
||||
}
|
||||
|
||||
// write config of json format into config.json under bundle
|
||||
f, err := os.OpenFile(filepath.Join(bundle, "config.json"), os.O_CREATE|os.O_RDWR, 0644)
|
||||
ok(t, err)
|
||||
ok(t, json.NewEncoder(f).Encode(config))
|
||||
|
||||
container, err := factory.Create("test", config)
|
||||
ok(t, err)
|
||||
|
||||
|
|
@ -1114,7 +1137,7 @@ func TestHook(t *testing.T) {
|
|||
Stdin: nil,
|
||||
Stdout: &stdout,
|
||||
}
|
||||
err = container.Start(&pconfig)
|
||||
err = container.Run(&pconfig)
|
||||
ok(t, err)
|
||||
|
||||
// Wait for process
|
||||
|
|
@ -1139,7 +1162,7 @@ func TestHook(t *testing.T) {
|
|||
}
|
||||
|
||||
if err := container.Destroy(); err != nil {
|
||||
t.Fatalf("container destory %s", err)
|
||||
t.Fatalf("container destroy %s", err)
|
||||
}
|
||||
fi, err := os.Stat(filepath.Join(rootfs, "test"))
|
||||
if err == nil || !os.IsNotExist(err) {
|
||||
|
|
@ -1231,7 +1254,7 @@ func TestRootfsPropagationSlaveMount(t *testing.T) {
|
|||
Stdin: stdinR,
|
||||
}
|
||||
|
||||
err = container.Start(pconfig)
|
||||
err = container.Run(pconfig)
|
||||
stdinR.Close()
|
||||
defer stdinW.Close()
|
||||
ok(t, err)
|
||||
|
|
@ -1260,7 +1283,7 @@ func TestRootfsPropagationSlaveMount(t *testing.T) {
|
|||
Stdout: &stdout2,
|
||||
}
|
||||
|
||||
err = container.Start(pconfig2)
|
||||
err = container.Run(pconfig2)
|
||||
stdinR2.Close()
|
||||
defer stdinW2.Close()
|
||||
ok(t, err)
|
||||
|
|
@ -1348,7 +1371,7 @@ func TestRootfsPropagationSharedMount(t *testing.T) {
|
|||
Stdin: stdinR,
|
||||
}
|
||||
|
||||
err = container.Start(pconfig)
|
||||
err = container.Run(pconfig)
|
||||
stdinR.Close()
|
||||
defer stdinW.Close()
|
||||
ok(t, err)
|
||||
|
|
@ -1380,7 +1403,7 @@ func TestRootfsPropagationSharedMount(t *testing.T) {
|
|||
Capabilities: processCaps,
|
||||
}
|
||||
|
||||
err = container.Start(pconfig2)
|
||||
err = container.Run(pconfig2)
|
||||
stdinR2.Close()
|
||||
defer stdinW2.Close()
|
||||
ok(t, err)
|
||||
|
|
@ -1452,7 +1475,7 @@ func TestInitJoinPID(t *testing.T) {
|
|||
Env: standardEnvironment,
|
||||
Stdin: stdinR1,
|
||||
}
|
||||
err = container1.Start(init1)
|
||||
err = container1.Run(init1)
|
||||
stdinR1.Close()
|
||||
defer stdinW1.Close()
|
||||
ok(t, err)
|
||||
|
|
@ -1462,7 +1485,7 @@ func TestInitJoinPID(t *testing.T) {
|
|||
ok(t, err)
|
||||
pidns1 := state1.NamespacePaths[configs.NEWPID]
|
||||
|
||||
// Start a container inside the existing pidns but with different cgroups
|
||||
// Run a container inside the existing pidns but with different cgroups
|
||||
config2 := newTemplateConfig(rootfs)
|
||||
config2.Namespaces.Add(configs.NEWPID, pidns1)
|
||||
config2.Cgroups.Path = "integration/test2"
|
||||
|
|
@ -1478,7 +1501,7 @@ func TestInitJoinPID(t *testing.T) {
|
|||
Env: standardEnvironment,
|
||||
Stdin: stdinR2,
|
||||
}
|
||||
err = container2.Start(init2)
|
||||
err = container2.Run(init2)
|
||||
stdinR2.Close()
|
||||
defer stdinW2.Close()
|
||||
ok(t, err)
|
||||
|
|
@ -1508,7 +1531,7 @@ func TestInitJoinPID(t *testing.T) {
|
|||
Env: standardEnvironment,
|
||||
Stdout: buffers.Stdout,
|
||||
}
|
||||
err = container1.Start(ps)
|
||||
err = container1.Run(ps)
|
||||
ok(t, err)
|
||||
waitProcess(ps, t)
|
||||
|
||||
|
|
@ -1542,8 +1565,8 @@ func TestInitJoinNetworkAndUser(t *testing.T) {
|
|||
|
||||
// Execute a long-running container
|
||||
config1 := newTemplateConfig(rootfs)
|
||||
config1.UidMappings = []configs.IDMap{{0, 0, 1000}}
|
||||
config1.GidMappings = []configs.IDMap{{0, 0, 1000}}
|
||||
config1.UidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}}
|
||||
config1.GidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}}
|
||||
config1.Namespaces = append(config1.Namespaces, configs.Namespace{Type: configs.NEWUSER})
|
||||
container1, err := newContainer(config1)
|
||||
ok(t, err)
|
||||
|
|
@ -1557,7 +1580,7 @@ func TestInitJoinNetworkAndUser(t *testing.T) {
|
|||
Env: standardEnvironment,
|
||||
Stdin: stdinR1,
|
||||
}
|
||||
err = container1.Start(init1)
|
||||
err = container1.Run(init1)
|
||||
stdinR1.Close()
|
||||
defer stdinW1.Close()
|
||||
ok(t, err)
|
||||
|
|
@ -1568,14 +1591,14 @@ func TestInitJoinNetworkAndUser(t *testing.T) {
|
|||
netns1 := state1.NamespacePaths[configs.NEWNET]
|
||||
userns1 := state1.NamespacePaths[configs.NEWUSER]
|
||||
|
||||
// Start a container inside the existing pidns but with different cgroups
|
||||
// Run a container inside the existing pidns but with different cgroups
|
||||
rootfs2, err := newRootfs()
|
||||
ok(t, err)
|
||||
defer remove(rootfs2)
|
||||
|
||||
config2 := newTemplateConfig(rootfs2)
|
||||
config2.UidMappings = []configs.IDMap{{0, 0, 1000}}
|
||||
config2.GidMappings = []configs.IDMap{{0, 0, 1000}}
|
||||
config2.UidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}}
|
||||
config2.GidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}}
|
||||
config2.Namespaces.Add(configs.NEWNET, netns1)
|
||||
config2.Namespaces.Add(configs.NEWUSER, userns1)
|
||||
config2.Cgroups.Path = "integration/test2"
|
||||
|
|
@ -1591,7 +1614,7 @@ func TestInitJoinNetworkAndUser(t *testing.T) {
|
|||
Env: standardEnvironment,
|
||||
Stdin: stdinR2,
|
||||
}
|
||||
err = container2.Start(init2)
|
||||
err = container2.Run(init2)
|
||||
stdinR2.Close()
|
||||
defer stdinW2.Close()
|
||||
ok(t, err)
|
||||
|
|
@ -1622,3 +1645,52 @@ func TestInitJoinNetworkAndUser(t *testing.T) {
|
|||
stdinW1.Close()
|
||||
waitProcess(init1, t)
|
||||
}
|
||||
|
||||
func TestTmpfsCopyUp(t *testing.T) {
|
||||
if testing.Short() {
|
||||
return
|
||||
}
|
||||
root, err := newTestRoot()
|
||||
ok(t, err)
|
||||
defer os.RemoveAll(root)
|
||||
|
||||
rootfs, err := newRootfs()
|
||||
ok(t, err)
|
||||
defer remove(rootfs)
|
||||
|
||||
config := newTemplateConfig(rootfs)
|
||||
|
||||
config.Mounts = append(config.Mounts, &configs.Mount{
|
||||
Source: "tmpfs",
|
||||
Destination: "/etc",
|
||||
Device: "tmpfs",
|
||||
Extensions: configs.EXT_COPYUP,
|
||||
})
|
||||
|
||||
factory, err := libcontainer.New(root, libcontainer.Cgroupfs)
|
||||
ok(t, err)
|
||||
|
||||
container, err := factory.Create("test", config)
|
||||
ok(t, err)
|
||||
defer container.Destroy()
|
||||
|
||||
var stdout bytes.Buffer
|
||||
pconfig := libcontainer.Process{
|
||||
Args: []string{"ls", "/etc/passwd"},
|
||||
Env: standardEnvironment,
|
||||
Stdin: nil,
|
||||
Stdout: &stdout,
|
||||
}
|
||||
err = container.Run(&pconfig)
|
||||
ok(t, err)
|
||||
|
||||
// Wait for process
|
||||
waitProcess(&pconfig, t)
|
||||
|
||||
outputLs := string(stdout.Bytes())
|
||||
|
||||
// Check that the ls output has /etc/passwd
|
||||
if !strings.Contains(outputLs, "/etc/passwd") {
|
||||
t.Fatalf("/etc/passwd not copied up as expected: %v", outputLs)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue