3 # lxc: linux Container library
6 # Serge Hallyn <serge.hallyn@ubuntu.com>
8 # This is a test script for the lxc-user-nic program
10 # This library is free software; you can redistribute it and/or
11 # modify it under the terms of the GNU Lesser General Public
12 # License as published by the Free Software Foundation; either
13 # version 2.1 of the License, or (at your option) any later version.
15 # This library is distributed in the hope that it will be useful,
16 # but WITHOUT ANY WARRANTY; without even the implied warranty of
17 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 # Lesser General Public License for more details.
20 # You should have received a copy of the GNU Lesser General Public
21 # License along with this library; if not, write to the Free Software
22 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
24 # This test assumes an Ubuntu host
27 LXC_USER_NIC
="@LIBEXECDIR@/lxc/lxc-user-nic"
33 lxc-stop
-n usernic-c1
-k
34 lxc-destroy
-n usernic-c1
36 sed -i '/usernic-user/d' /run
/lxc
/nics
/etc
/lxc
/lxc-usernet
37 ifconfig usernic-br0 down
38 ifconfig usernic-br1 down
39 brctl delbr usernic-br0
40 brctl delbr usernic-br1
42 run_cmd
"lxc-stop -n b1 -k"
43 pkill
-u $
(id
-u usernic-user
) -9
45 rm -rf /tmp
/usernic-test
/home
/usernic-user
/run
/user
/$
(id
-u usernic-user
)
50 if [ "$DONE" = "1" ]; then
60 sudo
-i -u usernic-user \
61 env http_proxy
=${http_proxy:-} https_proxy
=${https_proxy:-} \
62 XDG_RUNTIME_DIR
=/run
/user
/$
(id
-u usernic-user
) $
*
66 if type dpkg
>/dev
/null
2>&1; then
67 ARCH
=$
(dpkg
--print-architecture)
71 trap cleanup EXIT SIGHUP SIGINT SIGTERM
74 deluser usernic-user || true
76 sudo mkdir
-p /home
/usernic-user
77 sudo chown usernic-user
: /home
/usernic-user
78 usermod
-v 910000-919999 -w 910000-919999 usernic-user
80 mkdir
-p /home
/usernic-user
/.config
/lxc
/
81 cat > /home
/usernic-user
/.config
/lxc
/default.conf
<< EOF
82 lxc.network.type = empty
83 lxc.id_map = u 0 910000 10000
84 lxc.id_map = g 0 910000 10000
87 if [ -e /sys
/fs
/cgroup
/cgmanager
/sock
]; then
88 for d
in $
(cut
-d : -f 2 /proc
/self
/cgroup
); do
89 dbus-send
--print-reply --address=unix
:path
=/sys
/fs
/cgroup
/cgmanager
/sock \
90 --type=method_call
/org
/linuxcontainers
/cgmanager org.linuxcontainers.cgmanager0_0.Create \
91 string
:$d string
:usernic-user
>/dev
/null
93 dbus-send
--print-reply --address=unix
:path
=/sys
/fs
/cgroup
/cgmanager
/sock \
94 --type=method_call
/org
/linuxcontainers
/cgmanager org.linuxcontainers.cgmanager0_0.Chown \
95 string
:$d string
:usernic-user int32
:$
(id
-u usernic-user
) int32
:$
(id
-g usernic-user
) >/dev
/null
97 dbus-send
--print-reply --address=unix
:path
=/sys
/fs
/cgroup
/cgmanager
/sock \
98 --type=method_call
/org
/linuxcontainers
/cgmanager org.linuxcontainers.cgmanager0_0.MovePid \
99 string
:$d string
:usernic-user int32
:$$
>/dev
/null
102 for d
in /sys
/fs
/cgroup
/*; do
103 [ ! -d $d/lxctest
] && mkdir
$d/lxctest
104 chown
-R usernic-user
: $d/lxctest
105 echo $$
> $d/lxctest
/tasks
109 mkdir
-p /run
/user
/$
(id
-u usernic-user
)
110 chown
-R usernic-user
: /run
/user
/$
(id
-u usernic-user
) /home
/usernic-user
112 # Create two test bridges
113 brctl addbr usernic-br0
114 brctl addbr usernic-br1
115 ifconfig usernic-br0
0.0.0.0 up
116 ifconfig usernic-br1
0.0.0.0 up
119 if type dpkg
>/dev
/null
2>&1; then
120 ARCH
=$
(dpkg
--print-architecture)
123 # Create three containers
124 run_cmd
"lxc-create -t download -n b1 -- -d ubuntu -r trusty -a $ARCH"
125 run_cmd
"lxc-start -n b1 -d"
126 p1
=$
(run_cmd
"lxc-info -n b1 -p -H")
128 # Assign one veth, should fail as no allowed entries yet
129 if run_cmd
"$LXC_USER_NIC $p1 veth usernic-br0 xx1"; then
130 echo "FAIL: able to create nic with no entries"
134 # Give him a quota of two
135 touch /etc
/lxc
/lxc-usernet
136 sed -i '/^usernic-user/d' /etc
/lxc
/lxc-usernet
137 echo "usernic-user veth usernic-br0 2" >> /etc
/lxc
/lxc-usernet
139 # Assign one veth to second bridge, should fail
140 if run_cmd
"$LXC_USER_NIC $p1 veth usernic-br1 xx1"; then
141 echo "FAIL: able to create nic with no entries"
145 # Assign two veths, should succeed
146 if ! run_cmd
"$LXC_USER_NIC $p1 veth usernic-br0 xx2"; then
147 echo "FAIL: unable to create first nic"
151 if ! run_cmd
"$LXC_USER_NIC $p1 veth usernic-br0 xx3"; then
152 echo "FAIL: unable to create second nic"
156 # Assign one more veth, should fail.
157 if run_cmd
"$LXC_USER_NIC $p1 veth usernic-br0 xx4"; then
158 echo "FAIL: able to create third nic"
162 # Shut down and restart the container, should be able to assign more nics
163 run_cmd
"lxc-stop -n b1 -k"
164 run_cmd
"lxc-start -n b1 -d"
165 p1
=$
(run_cmd
"lxc-info -n b1 -p -H")
167 if ! run_cmd
"$LXC_USER_NIC $p1 veth usernic-br0 xx5"; then
168 echo "FAIL: unable to create nic after destroying the old"
172 run_cmd
"lxc-stop -n b1 -k"
174 # Create a root-owned ns
175 lxc-create
-t busybox
-n usernic-c1
176 lxc-start
-n usernic-c1
-d
177 p2
=$
(lxc-info
-n usernic-c1
-p -H)
179 # assign veth to it - should fail
180 if run_cmd
"$LXC_USER_NIC $p2 veth usernic-br0 xx6"; then
181 echo "FAIL: able to attach nic to root-owned container"
185 echo "All tests passed"