]> git.proxmox.com Git - mirror_lxc.git/blob - src/tests/lxc-test-usernic.in
projects / mirror_lxc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
lxc-test-{unpriv,usernic.in}: make sure to chgrp as well
[mirror_lxc.git] / src / tests / lxc-test-usernic.in
1 #!/bin/bash
2
3 # lxc: linux Container library
4
5 # Authors:
6 # Serge Hallyn <serge.hallyn@ubuntu.com>
7 #
8 # This is a test script for the lxc-user-nic program
9
10 # This library is free software; you can redistribute it and/or
11 # modify it under the terms of the GNU Lesser General Public
12 # License as published by the Free Software Foundation; either
13 # version 2.1 of the License, or (at your option) any later version.
14
15 # This library is distributed in the hope that it will be useful,
16 # but WITHOUT ANY WARRANTY; without even the implied warranty of
17 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 # Lesser General Public License for more details.
19
20 # You should have received a copy of the GNU Lesser General Public
21 # License along with this library; if not, write to the Free Software
22 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
23
24 # This test assumes an Ubuntu host
25
26 DONE=0
27 LXC_USER_NIC="@LIBEXECDIR@/lxc/lxc-user-nic"
28
29 cleanup() {
30 (
31 set +e
32
33 lxc-stop -n usernic-c1 -k
34 lxc-destroy -n usernic-c1
35
36 sed -i '/usernic-user/d' /run/lxc/nics /etc/lxc/lxc-usernet
37 ifconfig usernic-br0 down
38 ifconfig usernic-br1 down
39 brctl delbr usernic-br0
40 brctl delbr usernic-br1
41
42 run_cmd "lxc-stop -n b1 -k"
43 pkill -u $(id -u usernic-user) -9
44
45 rm -rf /tmp/usernic-test /home/usernic-user /run/user/$(id -u usernic-user)
46
47 deluser usernic-user
48 ) >/dev/null 2>&1
49
50 if [ "$DONE" = "1" ]; then
51 echo "PASS"
52 exit 0
53 fi
54
55 echo "FAIL"
56 exit 1
57 }
58
59 run_cmd() {
60 sudo -i -u usernic-user \
61 env http_proxy=${http_proxy:-} https_proxy=${https_proxy:-} \
62 XDG_RUNTIME_DIR=/run/user/$(id -u usernic-user) $*
63 }
64
65 ARCH=i386
66 if type dpkg >/dev/null 2>&1; then
67 ARCH=$(dpkg --print-architecture)
68 fi
69
70 set -eu
71 trap cleanup EXIT SIGHUP SIGINT SIGTERM
72
73 # create a test user
74 deluser usernic-user || true
75 useradd usernic-user
76 sudo mkdir -p /home/usernic-user
77 sudo chown usernic-user: /home/usernic-user
78 usermod -v 910000-919999 -w 910000-919999 usernic-user
79
80 mkdir -p /home/usernic-user/.config/lxc/
81 cat > /home/usernic-user/.config/lxc/default.conf << EOF
82 lxc.network.type = empty
83 lxc.id_map = u 0 910000 10000
84 lxc.id_map = g 0 910000 10000
85 EOF
86
87 if [ -e /sys/fs/cgroup/cgmanager/sock ]; then
88 for d in $(cut -d : -f 2 /proc/self/cgroup); do
89 dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \
90 --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Create \
91 string:$d string:usernic-user >/dev/null
92
93 dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \
94 --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Chown \
95 string:$d string:usernic-user int32:$(id -u usernic-user) int32:$(id -g usernic-user) >/dev/null
96
97 dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \
98 --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.MovePid \
99 string:$d string:usernic-user int32:$$ >/dev/null
100 done
101 else
102 for d in /sys/fs/cgroup/*; do
103 [ ! -d $d/lxctest ] && mkdir $d/lxctest
104 chown -R usernic-user: $d/lxctest
105 echo $$ > $d/lxctest/tasks
106 done
107 fi
108
109 mkdir -p /run/user/$(id -u usernic-user)
110 chown -R usernic-user: /run/user/$(id -u usernic-user) /home/usernic-user
111
112 # Create two test bridges
113 brctl addbr usernic-br0
114 brctl addbr usernic-br1
115 ifconfig usernic-br0 0.0.0.0 up
116 ifconfig usernic-br1 0.0.0.0 up
117
118 ARCH=i386
119 if type dpkg >/dev/null 2>&1; then
120 ARCH=$(dpkg --print-architecture)
121 fi
122
123 # Create three containers
124 run_cmd "lxc-create -t download -n b1 -- -d ubuntu -r trusty -a $ARCH"
125 run_cmd "lxc-start -n b1 -d"
126 p1=$(run_cmd "lxc-info -n b1 -p -H")
127
128 # Assign one veth, should fail as no allowed entries yet
129 if run_cmd "$LXC_USER_NIC $p1 veth usernic-br0 xx1"; then
130 echo "FAIL: able to create nic with no entries"
131 exit 1
132 fi
133
134 # Give him a quota of two
135 touch /etc/lxc/lxc-usernet
136 sed -i '/^usernic-user/d' /etc/lxc/lxc-usernet
137 echo "usernic-user veth usernic-br0 2" >> /etc/lxc/lxc-usernet
138
139 # Assign one veth to second bridge, should fail
140 if run_cmd "$LXC_USER_NIC $p1 veth usernic-br1 xx1"; then
141 echo "FAIL: able to create nic with no entries"
142 exit 1
143 fi
144
145 # Assign two veths, should succeed
146 if ! run_cmd "$LXC_USER_NIC $p1 veth usernic-br0 xx2"; then
147 echo "FAIL: unable to create first nic"
148 exit 1
149 fi
150
151 if ! run_cmd "$LXC_USER_NIC $p1 veth usernic-br0 xx3"; then
152 echo "FAIL: unable to create second nic"
153 exit 1
154 fi
155
156 # Assign one more veth, should fail.
157 if run_cmd "$LXC_USER_NIC $p1 veth usernic-br0 xx4"; then
158 echo "FAIL: able to create third nic"
159 exit 1
160 fi
161
162 # Shut down and restart the container, should be able to assign more nics
163 run_cmd "lxc-stop -n b1 -k"
164 run_cmd "lxc-start -n b1 -d"
165 p1=$(run_cmd "lxc-info -n b1 -p -H")
166
167 if ! run_cmd "$LXC_USER_NIC $p1 veth usernic-br0 xx5"; then
168 echo "FAIL: unable to create nic after destroying the old"
169 cleanup 1
170 fi
171
172 run_cmd "lxc-stop -n b1 -k"
173
174 # Create a root-owned ns
175 lxc-create -t busybox -n usernic-c1
176 lxc-start -n usernic-c1 -d
177 p2=$(lxc-info -n usernic-c1 -p -H)
178
179 # assign veth to it - should fail
180 if run_cmd "$LXC_USER_NIC $p2 veth usernic-br0 xx6"; then
181 echo "FAIL: able to attach nic to root-owned container"
182 cleanup 1
183 fi
184
185 echo "All tests passed"
186 DONE=1
LXC mirror