3 # lxc: linux Container library
6 # Serge Hallyn <serge.hallyn@ubuntu.com>
8 # This is a test script for the lxc-user-nic program
10 # This library is free software; you can redistribute it and/or
11 # modify it under the terms of the GNU Lesser General Public
12 # License as published by the Free Software Foundation; either
13 # version 2.1 of the License, or (at your option) any later version.
15 # This library is distributed in the hope that it will be useful,
16 # but WITHOUT ANY WARRANTY; without even the implied warranty of
17 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 # Lesser General Public License for more details.
20 # You should have received a copy of the GNU Lesser General Public
21 # License along with this library; if not, write to the Free Software
22 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
24 # This test assumes an Ubuntu host
27 KNOWN_RELEASES
="precise trusty xenial yakkety zesty"
28 LXC_USER_NIC
="@LIBEXECDIR@/lxc/lxc-user-nic"
34 lxc-stop
-n usernic-c1
-k
35 lxc-destroy
-n usernic-c1
37 sed -i '/usernic-user/d' /run
/lxc
/nics
/etc
/lxc
/lxc-usernet
38 ifconfig usernic-br0 down
39 ifconfig usernic-br1 down
40 brctl delbr usernic-br0
41 brctl delbr usernic-br1
43 run_cmd
"lxc-stop -n b1 -k"
44 pkill
-u $
(id
-u usernic-user
) -9
46 rm -rf /tmp
/usernic-test
/home
/usernic-user
/run
/user
/$
(id
-u usernic-user
)
51 if [ "$DONE" = "1" ]; then
61 sudo
-i -u usernic-user \
62 env http_proxy
=${http_proxy:-} https_proxy
=${https_proxy:-} \
63 XDG_RUNTIME_DIR
=/run
/user
/$
(id
-u usernic-user
) $
*
67 if type dpkg
>/dev
/null
2>&1; then
68 ARCH
=$
(dpkg
--print-architecture)
72 trap cleanup EXIT SIGHUP SIGINT SIGTERM
75 deluser usernic-user || true
77 sudo mkdir
-p /home
/usernic-user
78 sudo chown usernic-user
: /home
/usernic-user
79 usermod
-v 910000-919999 -w 910000-919999 usernic-user
81 mkdir
-p /home
/usernic-user
/.config
/lxc
/
82 cat > /home
/usernic-user
/.config
/lxc
/default.conf
<< EOF
83 lxc.network.type = empty
84 lxc.id_map = u 0 910000 10000
85 lxc.id_map = g 0 910000 10000
88 if which cgm
>/dev
/null
2>&1; then
89 cgm create all usernic-user
90 cgm chown all usernic-user $
(id
-u usernic-user
) $
(id
-g usernic-user
)
91 cgm movepid all usernic-user $$
92 elif [ -e /sys
/fs
/cgroup
/cgmanager
/sock
]; then
93 for d
in $
(cut
-d : -f 2 /proc
/self
/cgroup
); do
94 dbus-send
--print-reply --address=unix
:path
=/sys
/fs
/cgroup
/cgmanager
/sock \
95 --type=method_call
/org
/linuxcontainers
/cgmanager org.linuxcontainers.cgmanager0_0.Create \
96 string
:$d string
:usernic-user
>/dev
/null
98 dbus-send
--print-reply --address=unix
:path
=/sys
/fs
/cgroup
/cgmanager
/sock \
99 --type=method_call
/org
/linuxcontainers
/cgmanager org.linuxcontainers.cgmanager0_0.Chown \
100 string
:$d string
:usernic-user int32
:$
(id
-u usernic-user
) int32
:$
(id
-g usernic-user
) >/dev
/null
102 dbus-send
--print-reply --address=unix
:path
=/sys
/fs
/cgroup
/cgmanager
/sock \
103 --type=method_call
/org
/linuxcontainers
/cgmanager org.linuxcontainers.cgmanager0_0.MovePid \
104 string
:$d string
:usernic-user int32
:$$
>/dev
/null
107 for d
in /sys
/fs
/cgroup
/*; do
108 [ -f $d/cgroup.clone_children
] && echo 1 > $d/cgroup.clone_children
109 [ ! -d $d/lxctest
] && mkdir
$d/lxctest
110 chown
-R usernic-user
: $d/lxctest
111 echo $$
> $d/lxctest
/tasks
115 mkdir
-p /run
/user
/$
(id
-u usernic-user
)
116 chown
-R usernic-user
: /run
/user
/$
(id
-u usernic-user
) /home
/usernic-user
118 # Copy the download template cache if available
119 run_cmd
"mkdir -p /home/usernic-user/.cache/lxc"
120 [ -d /var
/cache
/lxc
/download
] && \
121 cp -R /var
/cache
/lxc
/download
/home
/usernic-user
/.cache
/lxc
&& \
122 chown
-R usernic-user
: /home
/usernic-user
/.cache
/lxc
125 # Create two test bridges
126 brctl addbr usernic-br0
127 brctl addbr usernic-br1
128 ifconfig usernic-br0
0.0.0.0 up
129 ifconfig usernic-br1
0.0.0.0 up
132 if type dpkg
>/dev
/null
2>&1; then
133 ARCH
=$
(dpkg
--print-architecture)
136 # default release is trusty, or the systems release if recognized
138 if [ -f /etc
/lsb-release
]; then
140 rels
=$
(ubuntu-distro-info
--supported 2>/dev
/null
) ||
141 rels
="$KNOWN_RELEASES"
143 [ "$DISTRIB_CODENAME" = "$r" ] && release
="$r"
147 # Create three containers
148 run_cmd
"lxc-create -t download -n b1 -- -d ubuntu -r $release -a $ARCH"
149 run_cmd
"lxc-start -n b1 -d"
150 p1
=$
(run_cmd
"lxc-info -n b1 -p -H")
152 lxcpath
=/home
/usernic-user
/.local
/share
/lxc
155 # Assign one veth, should fail as no allowed entries yet
156 if run_cmd
"$LXC_USER_NIC $lxcpath $lxcname $p1 veth usernic-br0 xx1"; then
157 echo "FAIL: able to create nic with no entries"
161 # Give him a quota of two
162 touch /etc
/lxc
/lxc-usernet
163 sed -i '/^usernic-user/d' /etc
/lxc
/lxc-usernet
164 echo "usernic-user veth usernic-br0 2" >> /etc
/lxc
/lxc-usernet
166 # Assign one veth to second bridge, should fail
167 if run_cmd
"$LXC_USER_NIC $lxcpath $lxcname $p1 veth usernic-br1 xx1"; then
168 echo "FAIL: able to create nic with no entries"
172 # Assign two veths, should succeed
173 if ! run_cmd
"$LXC_USER_NIC $lxcpath $lxcname $p1 veth usernic-br0 xx2"; then
174 echo "FAIL: unable to create first nic"
178 if ! run_cmd
"$LXC_USER_NIC $lxcpath $lxcname $p1 veth usernic-br0 xx3"; then
179 echo "FAIL: unable to create second nic"
183 # Assign one more veth, should fail.
184 if run_cmd
"$LXC_USER_NIC $lxcpath $lxcname $p1 veth usernic-br0 xx4"; then
185 echo "FAIL: able to create third nic"
189 # Shut down and restart the container, should be able to assign more nics
190 run_cmd
"lxc-stop -n b1 -k"
191 run_cmd
"lxc-start -n b1 -d"
192 p1
=$
(run_cmd
"lxc-info -n b1 -p -H")
194 if ! run_cmd
"$LXC_USER_NIC $lxcpath $lxcname $p1 veth usernic-br0 xx5"; then
195 echo "FAIL: unable to create nic after destroying the old"
199 run_cmd
"lxc-stop -n b1 -k"
201 # Create a root-owned ns
202 lxc-create
-t busybox
-n usernic-c1
203 lxc-start
-n usernic-c1
-d
204 p2
=$
(lxc-info
-n usernic-c1
-p -H)
206 # assign veth to it - should fail
207 if run_cmd
"$LXC_USER_NIC $lxcpath $lxcname $p2 veth usernic-br0 xx6"; then
208 echo "FAIL: able to attach nic to root-owned container"
212 echo "All tests passed"