]>
Commit | Line | Data |
---|---|---|
20ab58c7 SH |
1 | #!/bin/bash |
2 | ||
3 | # lxc: linux Container library | |
4 | ||
5 | # Authors: | |
6 | # Serge Hallyn <serge.hallyn@ubuntu.com> | |
7 | # | |
8 | # This is a test script for the lxc-user-nic program | |
9 | ||
10 | # This library is free software; you can redistribute it and/or | |
11 | # modify it under the terms of the GNU Lesser General Public | |
12 | # License as published by the Free Software Foundation; either | |
13 | # version 2.1 of the License, or (at your option) any later version. | |
14 | ||
15 | # This library is distributed in the hope that it will be useful, | |
16 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
17 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
18 | # Lesser General Public License for more details. | |
19 | ||
20 | # You should have received a copy of the GNU Lesser General Public | |
21 | # License along with this library; if not, write to the Free Software | |
250b1eec | 22 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
20ab58c7 | 23 | |
0e17b9c6 SG |
24 | DONE=0 |
25 | ||
8befa924 | 26 | cleanup() { |
0e17b9c6 SG |
27 | ( |
28 | set +e | |
29 | ||
c85a40bc | 30 | lxc-stop -n usernic-c1 -k |
0e17b9c6 SG |
31 | lxc-destroy -n usernic-c1 |
32 | ||
33 | sed -i '/usernic-user/d' /var/run/lxc/nics /etc/lxc/lxc-usernet | |
34 | ifconfig usernic-br0 down | |
35 | ifconfig usernic-br1 down | |
36 | brctl delbr usernic-br0 | |
37 | brctl delbr usernic-br1 | |
38 | ||
c85a40bc | 39 | run_cmd "lxc-stop -n b1 -k" |
0e17b9c6 SG |
40 | pkill -u $(id -u usernic-user) -9 |
41 | ||
42 | rm -rf /tmp/usernic-test /home/usernic-user /run/user/$(id -u usernic-user) | |
43 | ||
44 | deluser usernic-user | |
45 | ) >/dev/null 2>&1 | |
46 | ||
47 | if [ "$DONE" = "1" ]; then | |
48 | echo "PASS" | |
49 | exit 0 | |
50 | fi | |
51 | ||
52 | echo "FAIL" | |
53 | exit 1 | |
54 | } | |
55 | ||
56 | run_cmd() { | |
57 | sudo -i -u usernic-user env XDG_RUNTIME_DIR=/run/user/$(id -u usernic-user) $* | |
8befa924 | 58 | } |
20ab58c7 | 59 | |
0e17b9c6 SG |
60 | set -eu |
61 | trap cleanup EXIT SIGHUP SIGINT SIGTERM | |
62 | ||
8befa924 SH |
63 | # create a test user |
64 | deluser usernic-user || true | |
65 | useradd usernic-user | |
66 | sudo mkdir -p /home/usernic-user | |
67 | sudo chown usernic-user /home/usernic-user | |
68 | usermod -v 910000-919999 -w 910000-919999 usernic-user | |
8befa924 | 69 | |
0e17b9c6 SG |
70 | mkdir -p /home/usernic-user/.config/lxc/ |
71 | cat > /home/usernic-user/.config/lxc/default.conf << EOF | |
8befa924 | 72 | lxc.network.type = empty |
0e17b9c6 SG |
73 | lxc.id_map = u 0 910000 10000 |
74 | lxc.id_map = g 0 910000 10000 | |
8befa924 | 75 | EOF |
20ab58c7 | 76 | |
0e17b9c6 SG |
77 | for d in /sys/fs/cgroup/*; do |
78 | [ ! -d $d/lxctest ] && mkdir $d/lxctest | |
79 | chown -R usernic-user $d/lxctest | |
80 | echo $$ > $d/lxctest/tasks | |
81 | done | |
82 | ||
83 | mkdir -p /run/user/$(id -u usernic-user) | |
84 | chown -R usernic-user /run/user/$(id -u usernic-user) /home/usernic-user | |
20ab58c7 | 85 | |
0e17b9c6 | 86 | # Create two test bridges |
8befa924 SH |
87 | brctl addbr usernic-br0 |
88 | brctl addbr usernic-br1 | |
89 | ifconfig usernic-br0 0.0.0.0 up | |
90 | ifconfig usernic-br1 0.0.0.0 up | |
91 | ||
92 | # Create three containers | |
0e17b9c6 SG |
93 | run_cmd "lxc-create -t download -n b1 -- -d ubuntu -r trusty -a i386" |
94 | run_cmd "lxc-start -n b1 -d" | |
95 | p1=$(run_cmd "lxc-info -n b1 -p -H") | |
8befa924 SH |
96 | |
97 | # Assign one veth, should fail as no allowed entries yet | |
0e17b9c6 | 98 | if run_cmd "lxc-user-nic $p1 veth usernic-br0 xx1"; then |
8befa924 | 99 | echo "FAIL: able to create nic with no entries" |
0e17b9c6 | 100 | exit 1 |
20ab58c7 SH |
101 | fi |
102 | ||
8befa924 | 103 | # Give him a quota of two |
d08363af | 104 | touch /etc/lxc/lxc-usernet |
0e17b9c6 SG |
105 | sed -i '/^usernic-user/d' /etc/lxc/lxc-usernet |
106 | echo "usernic-user veth usernic-br0 2" >> /etc/lxc/lxc-usernet | |
8befa924 SH |
107 | |
108 | # Assign one veth to second bridge, should fail | |
0e17b9c6 | 109 | if run_cmd "lxc-user-nic $p1 veth usernic-br1 xx1"; then |
8befa924 | 110 | echo "FAIL: able to create nic with no entries" |
0e17b9c6 | 111 | exit 1 |
8befa924 | 112 | fi |
20ab58c7 | 113 | |
8befa924 | 114 | # Assign two veths, should succeed |
0e17b9c6 | 115 | if ! run_cmd "lxc-user-nic $p1 veth usernic-br0 xx2"; then |
8befa924 | 116 | echo "FAIL: unable to create first nic" |
0e17b9c6 | 117 | exit 1 |
8befa924 | 118 | fi |
0e17b9c6 SG |
119 | |
120 | if ! run_cmd "lxc-user-nic $p1 veth usernic-br0 xx3"; then | |
8befa924 | 121 | echo "FAIL: unable to create second nic" |
0e17b9c6 | 122 | exit 1 |
20ab58c7 SH |
123 | fi |
124 | ||
8befa924 | 125 | # Assign one more veth, should fail. |
0e17b9c6 | 126 | if run_cmd "lxc-user-nic $p1 veth usernic-br0 xx4"; then |
8befa924 | 127 | echo "FAIL: able to create third nic" |
0e17b9c6 | 128 | exit 1 |
20ab58c7 SH |
129 | fi |
130 | ||
8befa924 | 131 | # Shut down and restart the container, should be able to assign more nics |
c85a40bc | 132 | run_cmd "lxc-stop -n b1 -k" |
0e17b9c6 SG |
133 | run_cmd "lxc-start -n b1 -d" |
134 | p1=$(run_cmd "lxc-info -n b1 -p -H") | |
135 | ||
136 | if ! run_cmd "lxc-user-nic $p1 veth usernic-br0 xx5"; then | |
8befa924 SH |
137 | echo "FAIL: unable to create nic after destroying the old" |
138 | cleanup 1 | |
139 | fi | |
140 | ||
c85a40bc | 141 | run_cmd "lxc-stop -n b1 -k" |
8befa924 SH |
142 | |
143 | # Create a root-owned ns | |
144 | lxc-create -t busybox -n usernic-c1 | |
145 | lxc-start -n usernic-c1 -d | |
0e17b9c6 | 146 | p2=$(lxc-info -n usernic-c1 -p -H) |
8befa924 SH |
147 | |
148 | # assign veth to it - should fail | |
0e17b9c6 | 149 | if run_cmd "lxc-user-nic $p2 veth usernic-br0 xx6"; then |
8befa924 SH |
150 | echo "FAIL: able to attach nic to root-owned container" |
151 | cleanup 1 | |
20ab58c7 SH |
152 | fi |
153 | ||
154 | echo "All tests passed" | |
0e17b9c6 | 155 | DONE=1 |