]> git.proxmox.com Git - mirror_lxc.git/blob - src/tests/parse_config_file.c
projects / mirror_lxc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #2029 from brauner/2017-12-12/do_not_unconditionally_dup_stdfds_fo...
[mirror_lxc.git] / src / tests / parse_config_file.c
1 /* liblxcapi
2 *
3 * Copyright © 2017 Christian Brauner <christian.brauner@ubuntu.com>.
4 * Copyright © 2017 Canonical Ltd.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2, as
8 * published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 */
19 #include <lxc/lxccontainer.h>
20
21 #include <errno.h>
22 #include <signal.h>
23 #include <stdio.h>
24 #include <stdlib.h>
25 #include <string.h>
26 #include <sys/types.h>
27 #include <sys/wait.h>
28 #include <unistd.h>
29 #include <libgen.h>
30
31 #include "confile_utils.h"
32 #include "lxc/state.h"
33 #include "lxctest.h"
34
35 static int set_get_compare_clear_save_load(struct lxc_container *c,
36 const char *key, const char *value,
37 const char *config_file,
38 bool compare)
39 {
40 char retval[4096] = {0};
41 int ret;
42
43 if (!c->set_config_item(c, key, value)) {
44 lxc_error("failed to set config item \"%s\" to \"%s\"\n", key,
45 value);
46 return -1;
47 }
48
49 ret = c->get_config_item(c, key, retval, sizeof(retval));
50 if (ret < 0) {
51 lxc_error("failed to get config item \"%s\"\n", key);
52 return -1;
53 }
54
55 if (compare) {
56 ret = strcmp(retval, value);
57 if (ret != 0) {
58 lxc_error(
59 "expected value \"%s\" and retrieved value \"%s\" "
60 "for config key \"%s\" do not match\n",
61 value, retval, key);
62 return -1;
63 }
64 }
65
66 if (config_file) {
67 if (!c->save_config(c, config_file)) {
68 lxc_error("%s\n", "failed to save config file");
69 return -1;
70 }
71
72 c->clear_config(c);
73 c->lxc_conf = NULL;
74
75 if (!c->load_config(c, config_file)) {
76 lxc_error("%s\n", "failed to load config file");
77 return -1;
78 }
79 }
80
81 if (!c->clear_config_item(c, key)) {
82 lxc_error("failed to clear config item \"%s\"\n", key);
83 return -1;
84 }
85
86 c->clear_config(c);
87 c->lxc_conf = NULL;
88
89 return 0;
90 }
91
92 static int set_and_clear_complete_netdev(struct lxc_container *c)
93 {
94 if (!c->set_config_item(c, "lxc.net.1.type", "veth")) {
95 lxc_error("%s\n", "lxc.net.1.type");
96 return -1;
97 }
98
99 if (!c->set_config_item(c, "lxc.net.1.ipv4.address", "10.0.2.3/24")) {
100 lxc_error("%s\n", "lxc.net.1.ipv4.address");
101 return -1;
102 }
103
104 if (!c->set_config_item(c, "lxc.net.1.ipv4.gateway", "10.0.2.2")) {
105 lxc_error("%s\n", "lxc.net.1.ipv4.gateway");
106 return -1;
107 }
108
109 if (!c->set_config_item(c, "lxc.net.1.ipv6.address",
110 "2003:db8:1:0:214:1234:fe0b:3596/64")) {
111 lxc_error("%s\n", "lxc.net.1.ipv6.address");
112 return -1;
113 }
114
115 if (!c->set_config_item(c, "lxc.net.1.ipv6.gateway",
116 "2003:db8:1:0::1")) {
117 lxc_error("%s\n", "lxc.net.1.ipv6.gateway");
118 return -1;
119 }
120
121 if (!c->set_config_item(c, "lxc.net.1.flags", "up")) {
122 lxc_error("%s\n", "lxc.net.1.flags");
123 return -1;
124 }
125
126 if (!c->set_config_item(c, "lxc.net.1.link", "br0")) {
127 lxc_error("%s\n", "lxc.net.1.link");
128 return -1;
129 }
130
131 if (!c->set_config_item(c, "lxc.net.1.veth.pair", "bla")) {
132 lxc_error("%s\n", "lxc.net.1.veth.pair");
133 return -1;
134 }
135
136 if (!c->set_config_item(c, "lxc.net.1.hwaddr",
137 "52:54:00:80:7a:5d")) {
138 lxc_error("%s\n", "lxc.net.1.hwaddr");
139 return -1;
140 }
141
142 if (!c->set_config_item(c, "lxc.net.1.mtu", "2000")) {
143 lxc_error("%s\n", "lxc.net.1.mtu");
144 return -1;
145 }
146
147 if (!c->clear_config_item(c, "lxc.net.1")) {
148 lxc_error("%s", "failed to clear \"lxc.net.1\"\n");
149 return -1;
150 }
151
152 c->clear_config(c);
153 c->lxc_conf = NULL;
154
155 return 0;
156 }
157
158 static int set_invalid_netdev(struct lxc_container *c) {
159 if (c->set_config_item(c, "lxc.net.0.asdf", "veth")) {
160 lxc_error("%s\n", "lxc.net.0.asdf should be invalid");
161 return -1;
162 }
163
164 if (c->set_config_item(c, "lxc.net.2147483647.type", "veth")) {
165 lxc_error("%s\n", "lxc.net.2147483647.type should be invalid");
166 return -1;
167 }
168
169 if (c->set_config_item(c, "lxc.net.0.", "veth")) {
170 lxc_error("%s\n", "lxc.net.0. should be invalid");
171 return -1;
172 }
173
174 if (c->set_config_item(c, "lxc.network.0.", "veth")) {
175 lxc_error("%s\n", "lxc.network.0. should be invalid");
176 return -1;
177 }
178
179 c->clear_config(c);
180 c->lxc_conf = NULL;
181
182 return 0;
183 }
184
185 int test_idmap_parser(void)
186 {
187 size_t i;
188 struct idmap_check {
189 bool is_valid;
190 const char *idmap;
191 };
192 static struct idmap_check idmaps[] = {
193 /* valid idmaps */
194 { true, "u 0 0 1" },
195 { true, "g 0 0 1" },
196 { true, "u 1 100001 999999999" },
197 { true, "g 1 100001 999999999" },
198 { true, "u 0 0 0" },
199 { true, "g 0 0 0" },
200 { true, "u 1000 165536 65536" },
201 { true, "g 999 999 1" },
202 { true, "u 0 5000 100000" },
203 { true, "g 577 789 5" },
204 { true, "u 65536 65536 1 " },
205 /* invalid idmaps */
206 { false, "1u 0 0 0" },
207 { false, "1g 0 0 0a" },
208 { false, "1 u 0 0 0" },
209 { false, "1g 0 0 0 1" },
210 { false, "1u a0 b0 c0 d1" },
211 { false, "1g 0 b0 0 d1" },
212 { false, "1u a0 0 c0 1" },
213 { false, "g -1 0 -10" },
214 { false, "a 1 0 10" },
215 { false, "u 1 1 0 10" },
216 { false, "g 1 0 10 z " },
217 };
218
219 for (i = 0; i < sizeof(idmaps) / sizeof(struct idmap_check); i++) {
220 unsigned long hostid, nsid, range;
221 char type;
222 int ret;
223 ret = parse_idmaps(idmaps[i].idmap, &type, &nsid, &hostid,
224 &range);
225 if ((ret < 0 && idmaps[i].is_valid) ||
226 (ret == 0 && !idmaps[i].is_valid)) {
227 lxc_error("failed to parse idmap \"%s\"\n",
228 idmaps[i].idmap);
229 return -1;
230 }
231 }
232
233 return 0;
234 }
235
236 static int set_get_compare_clear_save_load_network(
237 struct lxc_container *c, const char *key, const char *value,
238 const char *config_file, bool compare, const char *network_type)
239 {
240 char retval[4096] = {0};
241 int ret;
242
243 if (!c->set_config_item(c, "lxc.net.0.type", network_type)) {
244 lxc_error("%s\n", "lxc.net.0.type");
245 return -1;
246 }
247
248 if (!c->set_config_item(c, key, value)) {
249 lxc_error("failed to set config item \"%s\" to \"%s\"\n", key,
250 value);
251 return -1;
252 }
253
254 ret = c->get_config_item(c, key, retval, sizeof(retval));
255 if (ret < 0) {
256 lxc_error("failed to get config item \"%s\"\n", key);
257 return -1;
258 }
259
260 if (compare) {
261 ret = strcmp(retval, value);
262 if (ret != 0) {
263 lxc_error(
264 "expected value \"%s\" and retrieved value \"%s\" "
265 "for config key \"%s\" do not match\n",
266 value, retval, key);
267 return -1;
268 }
269 }
270
271 if (config_file) {
272 if (!c->save_config(c, config_file)) {
273 lxc_error("%s\n", "failed to save config file");
274 return -1;
275 }
276
277 c->clear_config(c);
278 c->lxc_conf = NULL;
279
280 if (!c->load_config(c, config_file)) {
281 lxc_error("%s\n", "failed to load config file");
282 return -1;
283 }
284 }
285
286 if (!c->clear_config_item(c, key)) {
287 lxc_error("failed to clear config item \"%s\"\n", key);
288 return -1;
289 }
290
291 if (!c->clear_config_item(c, "lxc.net.0.type")) {
292 lxc_error("%s\n", "lxc.net.0.type");
293 return -1;
294 }
295
296 c->clear_config(c);
297 c->lxc_conf = NULL;
298
299 return 0;
300 }
301
302 int main(int argc, char *argv[])
303 {
304 struct lxc_container *c;
305 int fd = -1;
306 int ret = EXIT_FAILURE;
307 char tmpf[] = "lxc-parse-config-file-XXXXXX";
308 char retval[4096] = {0};
309
310 fd = mkstemp(tmpf);
311 if (fd < 0) {
312 lxc_error("%s\n", "Could not create temporary file");
313 exit(ret);
314 }
315 close(fd);
316
317 c = lxc_container_new(tmpf, NULL);
318 if (!c) {
319 lxc_error("%s\n", "Failed to create new container");
320 exit(EXIT_FAILURE);
321 }
322
323 /* lxc.arch */
324 if (set_get_compare_clear_save_load(c, "lxc.arch", "x86_64", tmpf,
325 true) < 0) {
326 lxc_error("%s\n", "lxc.arch");
327 goto non_test_error;
328 }
329
330 /* REMOVE IN LXC 3.0
331 legacy ps keys
332 */
333 if (set_get_compare_clear_save_load(c, "lxc.pts", "1000", tmpf, true) <
334 0) {
335 lxc_error("%s\n", "lxc.pts");
336 goto non_test_error;
337 }
338
339 /* lxc.pty.max */
340 if (set_get_compare_clear_save_load(c, "lxc.pty.max", "1000", tmpf, true) <
341 0) {
342 lxc_error("%s\n", "lxc.pty.max");
343 goto non_test_error;
344 }
345
346 /* REMOVE IN LXC 3.0
347 legacy tty.max keys
348 */
349 if (set_get_compare_clear_save_load(c, "lxc.tty", "4", tmpf, true) <
350 0) {
351 lxc_error("%s\n", "lxc.tty");
352 goto non_test_error;
353 }
354
355 /* lxc.tty.max */
356 if (set_get_compare_clear_save_load(c, "lxc.tty.max", "4", tmpf, true) <
357 0) {
358 lxc_error("%s\n", "lxc.tty.max");
359 goto non_test_error;
360 }
361
362 /* REMOVE IN LXC 3.0
363 legacy devttydir keys
364 */
365 if (set_get_compare_clear_save_load(c, "lxc.devttydir", "not-dev", tmpf,
366 true) < 0) {
367 lxc_error("%s\n", "lxc.devttydir");
368 goto non_test_error;
369 }
370
371 /* lxc.tty.dir */
372 if (set_get_compare_clear_save_load(c, "lxc.tty.dir", "not-dev", tmpf,
373 true) < 0) {
374 lxc_error("%s\n", "lxc.tty.dir");
375 goto non_test_error;
376 }
377
378 /* REMOVE IN LXC 3.0
379 legacy security keys
380 */
381 if (set_get_compare_clear_save_load(c, "lxc.aa_profile", "unconfined",
382 tmpf, true) < 0) {
383 lxc_error("%s\n", "lxc.aa_profile");
384 goto non_test_error;
385 }
386
387 /* REMOVE IN LXC 3.0
388 legacy security keys
389 */
390 if (set_get_compare_clear_save_load(c, "lxc.aa_allow_incomplete", "1",
391 tmpf, true) < 0) {
392 lxc_error("%s\n", "lxc.aa_allow_incomplete");
393 goto non_test_error;
394 }
395
396 /* REMOVE IN LXC 3.0
397 legacy security keys
398 */
399 if (set_get_compare_clear_save_load(c, "lxc.se_context", "system_u:system_r:lxc_t:s0:c22",
400 tmpf, true) < 0) {
401 lxc_error("%s\n", "lxc.se_context");
402 goto non_test_error;
403 }
404
405 /* lxc.apparmor.profile */
406 if (set_get_compare_clear_save_load(c, "lxc.apparmor.profile", "unconfined",
407 tmpf, true) < 0) {
408 lxc_error("%s\n", "lxc.apparmor.profile");
409 goto non_test_error;
410 }
411
412 /* lxc.apparmor.allow_incomplete */
413 if (set_get_compare_clear_save_load(c, "lxc.apparmor.allow_incomplete", "1",
414 tmpf, true) < 0) {
415 lxc_error("%s\n", "lxc.apparmor.allow_incomplete");
416 goto non_test_error;
417 }
418
419 /* lxc.selinux.context */
420 if (set_get_compare_clear_save_load(c, "lxc.selinux.context", "system_u:system_r:lxc_t:s0:c22",
421 tmpf, true) < 0) {
422 lxc_error("%s\n", "lxc.selinux.context");
423 goto non_test_error;
424 }
425
426 /* lxc.cgroup.cpuset.cpus */
427 if (set_get_compare_clear_save_load(c, "lxc.cgroup.cpuset.cpus",
428 "1-100", tmpf, false) < 0) {
429 lxc_error("%s\n", "lxc.cgroup.cpuset.cpus");
430 goto non_test_error;
431 }
432
433 /* lxc.cgroup */
434 if (!c->set_config_item(c, "lxc.cgroup.cpuset.cpus", "1-100")) {
435 lxc_error("%s\n", "failed to set config item "
436 "\"lxc.cgroup.cpuset.cpus\" to \"1-100\"");
437 return -1;
438 }
439
440 if (!c->set_config_item(c, "lxc.cgroup.memory.limit_in_bytes",
441 "123456789")) {
442 lxc_error(
443 "%s\n",
444 "failed to set config item "
445 "\"lxc.cgroup.memory.limit_in_bytes\" to \"123456789\"");
446 return -1;
447 }
448
449 if (!c->get_config_item(c, "lxc.cgroup", retval, sizeof(retval))) {
450 lxc_error("%s\n", "failed to get config item \"lxc.cgroup\"");
451 return -1;
452 }
453
454 c->clear_config(c);
455 c->lxc_conf = NULL;
456
457 /* lxc.id_map
458 * We can't really save the config here since save_config() wants to
459 * chown the container's directory but we haven't created an on-disk
460 * container. So let's test set-get-clear.
461 */
462 if (set_get_compare_clear_save_load(
463 c, "lxc.id_map", "u 0 100000 1000000000", NULL, false) < 0) {
464 lxc_error("%s\n", "lxc.id_map");
465 goto non_test_error;
466 }
467
468 if (!c->set_config_item(c, "lxc.id_map", "u 1 100000 10000000")) {
469 lxc_error("%s\n", "failed to set config item "
470 "\"lxc.id_map\" to \"u 1 100000 10000000\"");
471 return -1;
472 }
473
474 if (!c->set_config_item(c, "lxc.id_map", "g 1 100000 10000000")) {
475 lxc_error("%s\n", "failed to set config item "
476 "\"lxc.id_map\" to \"g 1 100000 10000000\"");
477 return -1;
478 }
479
480 if (!c->get_config_item(c, "lxc.id_map", retval, sizeof(retval))) {
481 lxc_error("%s\n", "failed to get config item \"lxc.cgroup\"");
482 return -1;
483 }
484
485 /* lxc.idmap
486 * We can't really save the config here since save_config() wants to
487 * chown the container's directory but we haven't created an on-disk
488 * container. So let's test set-get-clear.
489 */
490 if (set_get_compare_clear_save_load(
491 c, "lxc.idmap", "u 0 100000 1000000000", NULL, false) < 0) {
492 lxc_error("%s\n", "lxc.idmap");
493 goto non_test_error;
494 }
495
496 if (!c->set_config_item(c, "lxc.idmap", "u 1 100000 10000000")) {
497 lxc_error("%s\n", "failed to set config item "
498 "\"lxc.idmap\" to \"u 1 100000 10000000\"");
499 return -1;
500 }
501
502 if (!c->set_config_item(c, "lxc.idmap", "g 1 100000 10000000")) {
503 lxc_error("%s\n", "failed to set config item "
504 "\"lxc.idmap\" to \"g 1 100000 10000000\"");
505 return -1;
506 }
507
508 if (!c->get_config_item(c, "lxc.idmap", retval, sizeof(retval))) {
509 lxc_error("%s\n", "failed to get config item \"lxc.cgroup\"");
510 return -1;
511 }
512
513 c->clear_config(c);
514 c->lxc_conf = NULL;
515
516 /* REMOVE IN LXC 3.0
517 legacy lxc.loglevel key
518 */
519 if (set_get_compare_clear_save_load(c, "lxc.loglevel", "DEBUG", tmpf,
520 true) < 0) {
521 lxc_error("%s\n", "lxc.loglevel");
522 goto non_test_error;
523 }
524
525 /* REMOVE IN LXC 3.0
526 legacy lxc.logfile key
527 */
528 if (set_get_compare_clear_save_load(c, "lxc.logfile", "/some/path",
529 tmpf, true) < 0) {
530 lxc_error("%s\n", "lxc.logfile");
531 goto non_test_error;
532 }
533
534
535 /* lxc.log.level */
536 if (set_get_compare_clear_save_load(c, "lxc.log.level", "DEBUG", tmpf,
537 true) < 0) {
538 lxc_error("%s\n", "lxc.log.level");
539 goto non_test_error;
540 }
541
542 /* lxc.log */
543 if (set_get_compare_clear_save_load(c, "lxc.log.file", "/some/path",
544 tmpf, true) < 0) {
545 lxc_error("%s\n", "lxc.log.file");
546 goto non_test_error;
547 }
548
549 /* REMOVE IN LXC 3.0
550 legacy lxc.mount key
551 */
552 if (set_get_compare_clear_save_load(c, "lxc.mount", "/some/path", NULL,
553 true) < 0) {
554 lxc_error("%s\n", "lxc.mount");
555 goto non_test_error;
556 }
557
558 /* lxc.mount.fstab */
559 if (set_get_compare_clear_save_load(c, "lxc.mount.fstab", "/some/path", NULL,
560 true) < 0) {
561 lxc_error("%s\n", "lxc.mount.fstab");
562 goto non_test_error;
563 }
564
565 /* lxc.mount.auto
566 * Note that we cannot compare the values since the getter for
567 * lxc.mount.auto does not preserve ordering.
568 */
569 if (set_get_compare_clear_save_load(c, "lxc.mount.auto",
570 "proc:rw sys:rw cgroup-full:rw",
571 tmpf, false) < 0) {
572 lxc_error("%s\n", "lxc.mount.auto");
573 goto non_test_error;
574 }
575
576 /* lxc.mount.entry
577 * Note that we cannot compare the values since the getter for
578 * lxc.mount.entry appends newlines.
579 */
580 if (set_get_compare_clear_save_load(
581 c, "lxc.mount.entry",
582 "/dev/dri dev/dri none bind,optional,create=dir", tmpf,
583 false) < 0) {
584 lxc_error("%s\n", "lxc.mount.entry");
585 goto non_test_error;
586 }
587
588 /* REMOVE IN LXC 3.0
589 legacy lxc.rootfs key
590 */
591 if (set_get_compare_clear_save_load(c, "lxc.rootfs", "/some/path", tmpf,
592 true) < 0) {
593 lxc_error("%s\n", "lxc.rootfs");
594 goto non_test_error;
595 }
596
597 /* lxc.rootfs.path */
598 if (set_get_compare_clear_save_load(c, "lxc.rootfs.path", "/some/path", tmpf,
599 true) < 0) {
600 lxc_error("%s\n", "lxc.rootfs.path");
601 goto non_test_error;
602 }
603
604 /* lxc.rootfs.mount */
605 if (set_get_compare_clear_save_load(c, "lxc.rootfs.mount", "/some/path",
606 tmpf, true) < 0) {
607 lxc_error("%s\n", "lxc.rootfs.mount");
608 goto non_test_error;
609 }
610
611 /* lxc.rootfs.options */
612 if (set_get_compare_clear_save_load(c, "lxc.rootfs.options",
613 "ext4,discard", tmpf, true) < 0) {
614 lxc_error("%s\n", "lxc.rootfs.options");
615 goto non_test_error;
616 }
617
618 /* REMOVE IN LXC 3.0
619 legacy lxc.utsname key
620 */
621 if (set_get_compare_clear_save_load(c, "lxc.utsname", "the-shire", tmpf,
622 true) < 0) {
623 lxc_error("%s\n", "lxc.utsname");
624 goto non_test_error;
625 }
626
627 /* lxc.uts.name */
628 if (set_get_compare_clear_save_load(c, "lxc.uts.name", "the-shire", tmpf,
629 true) < 0) {
630 lxc_error("%s\n", "lxc.uts.name");
631 goto non_test_error;
632 }
633
634 /* lxc.hook.pre-start */
635 if (set_get_compare_clear_save_load(
636 c, "lxc.hook.pre-start", "/some/pre-start", tmpf, false) < 0) {
637 lxc_error("%s\n", "lxc.hook.pre-start");
638 goto non_test_error;
639 }
640
641 /* lxc.hook.pre-mount */
642 if (set_get_compare_clear_save_load(
643 c, "lxc.hook.pre-mount", "/some/pre-mount", tmpf, false) < 0) {
644 lxc_error("%s\n", "lxc.hook.pre-mount");
645 goto non_test_error;
646 }
647
648 /* lxc.hook.mount */
649 if (set_get_compare_clear_save_load(c, "lxc.hook.mount", "/some/mount",
650 tmpf, false) < 0) {
651 lxc_error("%s\n", "lxc.hook.mount");
652 goto non_test_error;
653 }
654
655 /* lxc.hook.autodev */
656 if (set_get_compare_clear_save_load(c, "lxc.hook.autodev",
657 "/some/autodev", tmpf, false) < 0) {
658 lxc_error("%s\n", "lxc.hook.autodev");
659 goto non_test_error;
660 }
661
662 /* lxc.hook.start */
663 if (set_get_compare_clear_save_load(c, "lxc.hook.start", "/some/start",
664 tmpf, false) < 0) {
665 lxc_error("%s\n", "lxc.hook.start");
666 goto non_test_error;
667 }
668
669 /* lxc.hook.stop */
670 if (set_get_compare_clear_save_load(c, "lxc.hook.stop", "/some/stop",
671 tmpf, false) < 0) {
672 lxc_error("%s\n", "lxc.hook.stop");
673 goto non_test_error;
674 }
675
676 /* lxc.hook.post-stop */
677 if (set_get_compare_clear_save_load(
678 c, "lxc.hook.post-stop", "/some/post-stop", tmpf, false) < 0) {
679 lxc_error("%s\n", "lxc.hook.post-stop");
680 goto non_test_error;
681 }
682
683 /* lxc.hook.clone */
684 if (set_get_compare_clear_save_load(c, "lxc.hook.clone", "/some/clone",
685 tmpf, false) < 0) {
686 lxc_error("%s\n", "lxc.hook.clone");
687 goto non_test_error;
688 }
689
690 /* lxc.hook.destroy */
691 if (set_get_compare_clear_save_load(c, "lxc.hook.destroy",
692 "/some/destroy", tmpf, false) < 0) {
693 lxc_error("%s\n", "lxc.hook.destroy");
694 goto non_test_error;
695 }
696
697 /* lxc.cap.drop */
698 if (set_get_compare_clear_save_load(c, "lxc.cap.drop",
699 "sys_module mknod setuid net_raw",
700 tmpf, false) < 0) {
701 lxc_error("%s\n", "lxc.cap.drop");
702 goto non_test_error;
703 }
704
705 /* lxc.cap.keep */
706 if (set_get_compare_clear_save_load(c, "lxc.cap.keep",
707 "sys_module mknod setuid net_raw",
708 tmpf, false) < 0) {
709 lxc_error("%s\n", "lxc.cap.keep");
710 goto non_test_error;
711 }
712
713 /* REMOVE IN LXC 3.0
714 legacy lxc.console key
715 */
716 if (set_get_compare_clear_save_load(c, "lxc.console", "none", tmpf,
717 true) < 0) {
718 lxc_error("%s\n", "lxc.console");
719 goto non_test_error;
720 }
721
722 /* lxc.console.path */
723 if (set_get_compare_clear_save_load(c, "lxc.console.path", "none", tmpf,
724 true) < 0) {
725 lxc_error("%s\n", "lxc.console.path");
726 goto non_test_error;
727 }
728
729 /* lxc.console.logfile */
730 if (set_get_compare_clear_save_load(c, "lxc.console.logfile",
731 "/some/logfile", tmpf, true) < 0) {
732 lxc_error("%s\n", "lxc.console.logfile");
733 goto non_test_error;
734 }
735
736 /* REMOVE IN LXC 3.0
737 legacy seccomp key
738 */
739 if (set_get_compare_clear_save_load(
740 c, "lxc.seccomp", "/some/seccomp/file", tmpf, true) < 0) {
741 lxc_error("%s\n", "lxc.seccomp");
742 goto non_test_error;
743 }
744
745 /* lxc.seccomp.profile */
746 if (set_get_compare_clear_save_load(
747 c, "lxc.seccomp.profile", "/some/seccomp/file", tmpf, true) < 0) {
748 lxc_error("%s\n", "lxc.seccomp.profile");
749 goto non_test_error;
750 }
751
752 /* lxc.autodev */
753 if (set_get_compare_clear_save_load(c, "lxc.autodev", "1", tmpf, true) <
754 0) {
755 lxc_error("%s\n", "lxc.autodev");
756 goto non_test_error;
757 }
758
759 /* REMOVE IN LXC 3.0
760 legacy lxc.haltsignal key
761 */
762 if (set_get_compare_clear_save_load(c, "lxc.haltsignal", "1", tmpf,
763 true) < 0) {
764 lxc_error("%s\n", "lxc.haltsignal");
765 goto non_test_error;
766 }
767
768 /* lxc.signal.halt */
769 if (set_get_compare_clear_save_load(c, "lxc.signal.halt", "1", tmpf,
770 true) < 0) {
771 lxc_error("%s\n", "lxc.signal.halt");
772 goto non_test_error;
773 }
774
775 /* REMOVE IN LXC 3.0
776 legacy lxc.rebootsignal key
777 */
778 if (set_get_compare_clear_save_load(c, "lxc.rebootsignal", "1", tmpf,
779 true) < 0) {
780 lxc_error("%s\n", "lxc.rebootsignal");
781 goto non_test_error;
782 }
783
784 /* lxc.signal.reboot */
785 if (set_get_compare_clear_save_load(c, "lxc.signal.reboot", "1", tmpf,
786 true) < 0) {
787 lxc_error("%s\n", "lxc.signal.reboot");
788 goto non_test_error;
789 }
790
791 /* REMOVE IN LXC 3.0
792 legacy lxc.stopsignal key
793 */
794 if (set_get_compare_clear_save_load(c, "lxc.stopsignal", "1", tmpf,
795 true) < 0) {
796 lxc_error("%s\n", "lxc.stopsignal");
797 goto non_test_error;
798 }
799
800 /* lxc.signal.stop */
801 if (set_get_compare_clear_save_load(c, "lxc.signal.stop", "1", tmpf,
802 true) < 0) {
803 lxc_error("%s\n", "lxc.signal.stop");
804 goto non_test_error;
805 }
806
807 /* lxc.start.auto */
808 if (set_get_compare_clear_save_load(c, "lxc.start.auto", "1", tmpf,
809 true) < 0) {
810 lxc_error("%s\n", "lxc.start.auto");
811 goto non_test_error;
812 }
813
814 /* lxc.start.delay */
815 if (set_get_compare_clear_save_load(c, "lxc.start.delay", "5", tmpf,
816 true) < 0) {
817 lxc_error("%s\n", "lxc.start.delay");
818 goto non_test_error;
819 }
820
821 /* lxc.start.order */
822 if (set_get_compare_clear_save_load(c, "lxc.start.order", "1", tmpf,
823 true) < 0) {
824 lxc_error("%s\n", "lxc.start.order");
825 goto non_test_error;
826 }
827
828 /* lxc.log.syslog */
829 if (set_get_compare_clear_save_load(c, "lxc.log.syslog", "local0", tmpf,
830 true) < 0) {
831 lxc_error("%s\n", "lxc.log.syslog");
832 goto non_test_error;
833 }
834
835 /* lxc.utsname */
836 if (set_get_compare_clear_save_load(c, "lxc.utsname", "get-schwifty",
837 tmpf, true) < 0) {
838 lxc_error("%s\n", "lxc.utsname");
839 goto non_test_error;
840 }
841
842 /* lxc.monitor.unshare */
843 if (set_get_compare_clear_save_load(c, "lxc.monitor.unshare", "1", tmpf,
844 true) < 0) {
845 lxc_error("%s\n", "lxc.monitor.unshare");
846 goto non_test_error;
847 }
848
849 /* lxc.group */
850 if (set_get_compare_clear_save_load(
851 c, "lxc.group", "some,container,groups", tmpf, false) < 0) {
852 lxc_error("%s\n", "lxc.group");
853 goto non_test_error;
854 }
855
856 /* lxc.environment */
857 if (set_get_compare_clear_save_load(c, "lxc.environment", "FOO=BAR",
858 tmpf, false) < 0) {
859 lxc_error("%s\n", "lxc.environment");
860 goto non_test_error;
861 }
862
863 /* REMOVE IN LXC 3.0
864 legacy lxc.init_cmd key
865 */
866 if (set_get_compare_clear_save_load(c, "lxc.init_cmd", "/bin/bash",
867 tmpf, true) < 0) {
868 lxc_error("%s\n", "lxc.init_cmd");
869 goto non_test_error;
870 }
871
872 /* lxc.init.cmd */
873 if (set_get_compare_clear_save_load(c, "lxc.init.cmd", "/bin/bash",
874 tmpf, true) < 0) {
875 lxc_error("%s\n", "lxc.init.cmd");
876 goto non_test_error;
877 }
878
879 /* REMOVE IN LXC 3.0
880 legacy lxc.init_uid key
881 */
882 if (set_get_compare_clear_save_load(c, "lxc.init_uid", "1000", tmpf,
883 true) < 0) {
884 lxc_error("%s\n", "lxc.init_uid");
885 goto non_test_error;
886 }
887
888 /* lxc.init.uid */
889 if (set_get_compare_clear_save_load(c, "lxc.init.uid", "1000", tmpf,
890 true) < 0) {
891 lxc_error("%s\n", "lxc.init.uid");
892 goto non_test_error;
893 }
894
895 /* REMOVE IN LXC 3.0
896 legacy lxc.init_gid key
897 */
898 if (set_get_compare_clear_save_load(c, "lxc.init_gid", "1000", tmpf,
899 true) < 0) {
900 lxc_error("%s\n", "lxc.init_gid");
901 goto non_test_error;
902 }
903
904 /* lxc.init.gid */
905 if (set_get_compare_clear_save_load(c, "lxc.init.gid", "1000", tmpf,
906 true) < 0) {
907 lxc_error("%s\n", "lxc.init.gid");
908 goto non_test_error;
909 }
910
911 /* lxc.ephemeral */
912 if (set_get_compare_clear_save_load(c, "lxc.ephemeral", "1", tmpf,
913 true) < 0) {
914 lxc_error("%s\n", "lxc.ephemeral");
915 goto non_test_error;
916 }
917
918 /* lxc.no_new_privs */
919 if (set_get_compare_clear_save_load(c, "lxc.no_new_privs", "1", tmpf,
920 true) < 0) {
921 lxc_error("%s\n", "lxc.no_new_privs");
922 goto non_test_error;
923 }
924
925 /* lxc.sysctl */
926 if (set_get_compare_clear_save_load(c, "lxc.sysctl.net.core.somaxconn", "256", tmpf,
927 true) < 0) {
928 lxc_error("%s\n", "lxc.sysctl.net.core.somaxconn");
929 goto non_test_error;
930 }
931
932 /* lxc.proc */
933 if (set_get_compare_clear_save_load(c, "lxc.proc.oom_score_adj", "10", tmpf,
934 true) < 0) {
935 lxc_error("%s\n", "lxc.proc.oom_score_adj");
936 goto non_test_error;
937 }
938
939 /* REMOVE IN LXC 3.0
940 legacy lxc.limit.* key
941 */
942 if (set_get_compare_clear_save_load(c, "lxc.limit.nofile", "65536",
943 tmpf, true) < 0) {
944 lxc_error("%s\n", "lxc.limit.nofile");
945 goto non_test_error;
946 }
947
948 /* lxc.prlimit.nofile */
949 if (set_get_compare_clear_save_load(c, "lxc.prlimit.nofile", "65536",
950 tmpf, true) < 0) {
951 lxc_error("%s\n", "lxc.prlimit.nofile");
952 goto non_test_error;
953 }
954
955 if (test_idmap_parser() < 0) {
956 lxc_error("%s\n", "failed to test parser for \"lxc.id_map\"");
957 goto non_test_error;
958 }
959
960 if (set_get_compare_clear_save_load(c, "lxc.net.0.type", "veth",
961 tmpf, true)) {
962 lxc_error("%s\n", "lxc.net.0.type");
963 goto non_test_error;
964 }
965
966 if (set_get_compare_clear_save_load(c, "lxc.net.2.type", "none",
967 tmpf, true)) {
968 lxc_error("%s\n", "lxc.net.2.type");
969 goto non_test_error;
970 }
971
972 if (set_get_compare_clear_save_load(c, "lxc.net.3.type", "empty",
973 tmpf, true)) {
974 lxc_error("%s\n", "lxc.net.3.type");
975 goto non_test_error;
976 }
977
978 if (set_get_compare_clear_save_load(c, "lxc.net.4.type", "vlan",
979 tmpf, true)) {
980 lxc_error("%s\n", "lxc.net.4.type");
981 goto non_test_error;
982 }
983
984 if (set_get_compare_clear_save_load(c, "lxc.net.0.type", "macvlan",
985 tmpf, true)) {
986 lxc_error("%s\n", "lxc.net.0.type");
987 goto non_test_error;
988 }
989
990 if (set_get_compare_clear_save_load(c, "lxc.net.1000.type", "phys",
991 tmpf, true)) {
992 lxc_error("%s\n", "lxc.net.1000.type");
993 goto non_test_error;
994 }
995
996 if (set_get_compare_clear_save_load(c, "lxc.net.0.flags", "up",
997 tmpf, true)) {
998 lxc_error("%s\n", "lxc.net.0.flags");
999 goto non_test_error;
1000 }
1001
1002 if (set_get_compare_clear_save_load(c, "lxc.net.0.name", "eth0",
1003 tmpf, true)) {
1004 lxc_error("%s\n", "lxc.net.0.name");
1005 goto non_test_error;
1006 }
1007
1008 if (set_get_compare_clear_save_load(c, "lxc.net.0.link", "bla",
1009 tmpf, true)) {
1010 lxc_error("%s\n", "lxc.net.0.link");
1011 goto non_test_error;
1012 }
1013
1014 if (set_get_compare_clear_save_load_network(
1015 c, "lxc.net.0.macvlan.mode", "private", tmpf, true,
1016 "macvlan")) {
1017 lxc_error("%s\n", "lxc.net.0.macvlan.mode");
1018 goto non_test_error;
1019 }
1020
1021 if (set_get_compare_clear_save_load_network(
1022 c, "lxc.net.0.macvlan.mode", "vepa", tmpf, true,
1023 "macvlan")) {
1024 lxc_error("%s\n", "lxc.net.0.macvlan.mode");
1025 goto non_test_error;
1026 }
1027
1028 if (set_get_compare_clear_save_load_network(
1029 c, "lxc.net.0.macvlan.mode", "bridge", tmpf, true,
1030 "macvlan")) {
1031 lxc_error("%s\n", "lxc.net.0.macvlan.mode");
1032 goto non_test_error;
1033 }
1034
1035 if (set_get_compare_clear_save_load_network(
1036 c, "lxc.net.0.veth.pair", "clusterfuck", tmpf, true,
1037 "veth")) {
1038 lxc_error("%s\n", "lxc.net.0.veth.pair");
1039 goto non_test_error;
1040 }
1041
1042 if (set_get_compare_clear_save_load(c, "lxc.net.0.script.up",
1043 "/some/up/path", tmpf, true)) {
1044 lxc_error("%s\n", "lxc.net.0.script.up");
1045 goto non_test_error;
1046 }
1047
1048 if (set_get_compare_clear_save_load(c, "lxc.net.0.script.down",
1049 "/some/down/path", tmpf, true)) {
1050 lxc_error("%s\n", "lxc.net.0.script.down");
1051 goto non_test_error;
1052 }
1053
1054 if (set_get_compare_clear_save_load(c, "lxc.net.0.hwaddr",
1055 "52:54:00:80:7a:5d", tmpf, true)) {
1056 lxc_error("%s\n", "lxc.net.0.hwaddr");
1057 goto non_test_error;
1058 }
1059
1060 if (set_get_compare_clear_save_load(c, "lxc.net.0.mtu", "2000",
1061 tmpf, true)) {
1062 lxc_error("%s\n", "lxc.net.0.mtu");
1063 goto non_test_error;
1064 }
1065
1066 if (set_get_compare_clear_save_load_network(c, "lxc.net.0.vlan.id",
1067 "2", tmpf, true, "vlan")) {
1068 lxc_error("%s\n", "lxc.net.0.vlan.id");
1069 goto non_test_error;
1070 }
1071
1072 if (set_get_compare_clear_save_load(c, "lxc.net.0.ipv4.gateway",
1073 "10.0.2.2", tmpf, true)) {
1074 lxc_error("%s\n", "lxc.net.0.ipv4.gateway");
1075 goto non_test_error;
1076 }
1077
1078 if (set_get_compare_clear_save_load(c, "lxc.net.0.ipv6.gateway",
1079 "2003:db8:1::1", tmpf, true)) {
1080 lxc_error("%s\n", "lxc.net.0.ipv6.gateway");
1081 goto non_test_error;
1082 }
1083
1084 if (set_get_compare_clear_save_load(c, "lxc.net.0.ipv4.address",
1085 "10.0.2.3/24", tmpf, true)) {
1086 lxc_error("%s\n", "lxc.net.0.ipv4.address");
1087 goto non_test_error;
1088 }
1089
1090 if (set_get_compare_clear_save_load(
1091 c, "lxc.net.0.ipv6.address", "2003:db8:1:0:214:1234:fe0b:3596/64",
1092 tmpf, true)) {
1093 lxc_error("%s\n", "lxc.net.0.ipv6.address");
1094 goto non_test_error;
1095 }
1096
1097 if (set_get_compare_clear_save_load(c, "lxc.cgroup.dir", "lxd", tmpf,
1098 true)) {
1099 lxc_error("%s\n", "lxc.cgroup.dir");
1100 goto non_test_error;
1101 }
1102
1103 if (set_and_clear_complete_netdev(c) < 0) {
1104 lxc_error("%s\n", "failed to clear whole network");
1105 goto non_test_error;
1106 }
1107
1108 if (set_invalid_netdev(c) < 0) {
1109 lxc_error("%s\n", "failed to reject invalid configuration");
1110 goto non_test_error;
1111 }
1112
1113 ret = EXIT_SUCCESS;
1114 non_test_error:
1115 (void)unlink(tmpf);
1116 (void)rmdir(dirname(c->configfile));
1117 lxc_container_put(c);
1118 exit(ret);
1119 }
LXC mirror