]>
Commit | Line | Data |
---|---|---|
20ab58c7 SH |
1 | #!/bin/bash |
2 | ||
3 | # lxc: linux Container library | |
4 | ||
5 | # Authors: | |
6 | # Serge Hallyn <serge.hallyn@ubuntu.com> | |
7 | # | |
8 | # This is a test script for the lxc-user-nic program | |
9 | ||
10 | # This library is free software; you can redistribute it and/or | |
11 | # modify it under the terms of the GNU Lesser General Public | |
12 | # License as published by the Free Software Foundation; either | |
13 | # version 2.1 of the License, or (at your option) any later version. | |
14 | ||
15 | # This library is distributed in the hope that it will be useful, | |
16 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
17 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
18 | # Lesser General Public License for more details. | |
19 | ||
20 | # You should have received a copy of the GNU Lesser General Public | |
21 | # License along with this library; if not, write to the Free Software | |
250b1eec | 22 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
20ab58c7 | 23 | |
061ba5d0 SG |
24 | # This test assumes an Ubuntu host |
25 | ||
0e17b9c6 | 26 | DONE=0 |
0815a592 | 27 | KNOWN_RELEASES="precise trusty xenial yakkety zesty" |
8cb8e496 | 28 | LXC_USER_NIC="@LIBEXECDIR@/lxc/lxc-user-nic" |
0e17b9c6 | 29 | |
8befa924 | 30 | cleanup() { |
9c50a526 | 31 | set +e |
0e17b9c6 | 32 | |
9c50a526 | 33 | ( |
c85a40bc | 34 | lxc-stop -n usernic-c1 -k |
0e17b9c6 SG |
35 | lxc-destroy -n usernic-c1 |
36 | ||
061ba5d0 | 37 | sed -i '/usernic-user/d' /run/lxc/nics /etc/lxc/lxc-usernet |
0e17b9c6 SG |
38 | ifconfig usernic-br0 down |
39 | ifconfig usernic-br1 down | |
40 | brctl delbr usernic-br0 | |
41 | brctl delbr usernic-br1 | |
42 | ||
c85a40bc | 43 | run_cmd "lxc-stop -n b1 -k" |
0e17b9c6 SG |
44 | pkill -u $(id -u usernic-user) -9 |
45 | ||
46 | rm -rf /tmp/usernic-test /home/usernic-user /run/user/$(id -u usernic-user) | |
47 | ||
48 | deluser usernic-user | |
49 | ) >/dev/null 2>&1 | |
50 | ||
51 | if [ "$DONE" = "1" ]; then | |
52 | echo "PASS" | |
53 | exit 0 | |
54 | fi | |
55 | ||
56 | echo "FAIL" | |
57 | exit 1 | |
58 | } | |
59 | ||
60 | run_cmd() { | |
198a3f10 SG |
61 | sudo -i -u usernic-user \ |
62 | env http_proxy=${http_proxy:-} https_proxy=${https_proxy:-} \ | |
63 | XDG_RUNTIME_DIR=/run/user/$(id -u usernic-user) $* | |
8befa924 | 64 | } |
20ab58c7 | 65 | |
fd2b7320 SG |
66 | ARCH=i386 |
67 | if type dpkg >/dev/null 2>&1; then | |
68 | ARCH=$(dpkg --print-architecture) | |
69 | fi | |
70 | ||
0e17b9c6 SG |
71 | set -eu |
72 | trap cleanup EXIT SIGHUP SIGINT SIGTERM | |
73 | ||
8befa924 SH |
74 | # create a test user |
75 | deluser usernic-user || true | |
76 | useradd usernic-user | |
77 | sudo mkdir -p /home/usernic-user | |
79d88b03 | 78 | sudo chown usernic-user: /home/usernic-user |
8befa924 | 79 | usermod -v 910000-919999 -w 910000-919999 usernic-user |
8befa924 | 80 | |
0e17b9c6 SG |
81 | mkdir -p /home/usernic-user/.config/lxc/ |
82 | cat > /home/usernic-user/.config/lxc/default.conf << EOF | |
7fa3f2e9 | 83 | lxc.net.0.type = empty |
bdcbb6b3 CB |
84 | lxc.idmap = u 0 910000 10000 |
85 | lxc.idmap = g 0 910000 10000 | |
8befa924 | 86 | EOF |
20ab58c7 | 87 | |
42e5c987 | 88 | if which cgm >/dev/null 2>&1; then |
2ba5eb93 SG |
89 | cgm create all usernic-user |
90 | cgm chown all usernic-user $(id -u usernic-user) $(id -g usernic-user) | |
91 | cgm movepid all usernic-user $$ | |
42e5c987 | 92 | elif [ -e /sys/fs/cgroup/cgmanager/sock ]; then |
ef4deb7f | 93 | for d in $(cut -d : -f 2 /proc/self/cgroup); do |
3f458ed0 SG |
94 | dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ |
95 | --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Create \ | |
96 | string:$d string:usernic-user >/dev/null | |
97 | ||
98 | dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ | |
99 | --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Chown \ | |
100 | string:$d string:usernic-user int32:$(id -u usernic-user) int32:$(id -g usernic-user) >/dev/null | |
101 | ||
102 | dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ | |
103 | --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.MovePid \ | |
104 | string:$d string:usernic-user int32:$$ >/dev/null | |
105 | done | |
106 | else | |
107 | for d in /sys/fs/cgroup/*; do | |
177f793a | 108 | [ -f $d/cgroup.clone_children ] && echo 1 > $d/cgroup.clone_children |
3f458ed0 | 109 | [ ! -d $d/lxctest ] && mkdir $d/lxctest |
79d88b03 | 110 | chown -R usernic-user: $d/lxctest |
3f458ed0 SG |
111 | echo $$ > $d/lxctest/tasks |
112 | done | |
113 | fi | |
0e17b9c6 SG |
114 | |
115 | mkdir -p /run/user/$(id -u usernic-user) | |
79d88b03 | 116 | chown -R usernic-user: /run/user/$(id -u usernic-user) /home/usernic-user |
20ab58c7 | 117 | |
57221f67 SG |
118 | # Copy the download template cache if available |
119 | run_cmd "mkdir -p /home/usernic-user/.cache/lxc" | |
120 | [ -d /var/cache/lxc/download ] && \ | |
121 | cp -R /var/cache/lxc/download /home/usernic-user/.cache/lxc && \ | |
122 | chown -R usernic-user: /home/usernic-user/.cache/lxc | |
123 | ||
124 | ||
0e17b9c6 | 125 | # Create two test bridges |
8befa924 SH |
126 | brctl addbr usernic-br0 |
127 | brctl addbr usernic-br1 | |
128 | ifconfig usernic-br0 0.0.0.0 up | |
129 | ifconfig usernic-br1 0.0.0.0 up | |
130 | ||
fd2b7320 SG |
131 | ARCH=i386 |
132 | if type dpkg >/dev/null 2>&1; then | |
133 | ARCH=$(dpkg --print-architecture) | |
134 | fi | |
135 | ||
64ea46c7 PHL |
136 | # default release is trusty, or the systems release if recognized |
137 | release=trusty | |
138 | if [ -f /etc/lsb-release ]; then | |
139 | . /etc/lsb-release | |
140 | rels=$(ubuntu-distro-info --supported 2>/dev/null) || | |
141 | rels="$KNOWN_RELEASES" | |
142 | for r in $rels; do | |
143 | [ "$DISTRIB_CODENAME" = "$r" ] && release="$r" | |
144 | done | |
145 | fi | |
146 | ||
8befa924 | 147 | # Create three containers |
64ea46c7 | 148 | run_cmd "lxc-create -t download -n b1 -- -d ubuntu -r $release -a $ARCH" |
0e17b9c6 SG |
149 | run_cmd "lxc-start -n b1 -d" |
150 | p1=$(run_cmd "lxc-info -n b1 -p -H") | |
8befa924 | 151 | |
615af4ac SH |
152 | lxcpath=/home/usernic-user/.local/share/lxc |
153 | lxcname=b1 | |
154 | ||
8befa924 | 155 | # Assign one veth, should fail as no allowed entries yet |
f703d990 | 156 | if run_cmd "$LXC_USER_NIC create $lxcpath $lxcname $p1 veth usernic-br0 xx1"; then |
8befa924 | 157 | echo "FAIL: able to create nic with no entries" |
0e17b9c6 | 158 | exit 1 |
20ab58c7 SH |
159 | fi |
160 | ||
8befa924 | 161 | # Give him a quota of two |
d08363af | 162 | touch /etc/lxc/lxc-usernet |
0e17b9c6 SG |
163 | sed -i '/^usernic-user/d' /etc/lxc/lxc-usernet |
164 | echo "usernic-user veth usernic-br0 2" >> /etc/lxc/lxc-usernet | |
8befa924 SH |
165 | |
166 | # Assign one veth to second bridge, should fail | |
f703d990 | 167 | if run_cmd "$LXC_USER_NIC create $lxcpath $lxcname $p1 veth usernic-br1 xx1"; then |
8befa924 | 168 | echo "FAIL: able to create nic with no entries" |
0e17b9c6 | 169 | exit 1 |
8befa924 | 170 | fi |
20ab58c7 | 171 | |
8befa924 | 172 | # Assign two veths, should succeed |
f703d990 | 173 | if ! run_cmd "$LXC_USER_NIC create $lxcpath $lxcname $p1 veth usernic-br0 xx2"; then |
8befa924 | 174 | echo "FAIL: unable to create first nic" |
0e17b9c6 | 175 | exit 1 |
8befa924 | 176 | fi |
0e17b9c6 | 177 | |
f703d990 | 178 | if ! run_cmd "$LXC_USER_NIC create $lxcpath $lxcname $p1 veth usernic-br0 xx3"; then |
8befa924 | 179 | echo "FAIL: unable to create second nic" |
0e17b9c6 | 180 | exit 1 |
20ab58c7 SH |
181 | fi |
182 | ||
8befa924 | 183 | # Assign one more veth, should fail. |
f703d990 | 184 | if run_cmd "$LXC_USER_NIC create $lxcpath $lxcname $p1 veth usernic-br0 xx4"; then |
8befa924 | 185 | echo "FAIL: able to create third nic" |
0e17b9c6 | 186 | exit 1 |
20ab58c7 SH |
187 | fi |
188 | ||
8befa924 | 189 | # Shut down and restart the container, should be able to assign more nics |
c85a40bc | 190 | run_cmd "lxc-stop -n b1 -k" |
0e17b9c6 SG |
191 | run_cmd "lxc-start -n b1 -d" |
192 | p1=$(run_cmd "lxc-info -n b1 -p -H") | |
193 | ||
f703d990 | 194 | if ! run_cmd "$LXC_USER_NIC create $lxcpath $lxcname $p1 veth usernic-br0 xx5"; then |
8befa924 SH |
195 | echo "FAIL: unable to create nic after destroying the old" |
196 | cleanup 1 | |
197 | fi | |
198 | ||
c85a40bc | 199 | run_cmd "lxc-stop -n b1 -k" |
8befa924 SH |
200 | |
201 | # Create a root-owned ns | |
202 | lxc-create -t busybox -n usernic-c1 | |
203 | lxc-start -n usernic-c1 -d | |
0e17b9c6 | 204 | p2=$(lxc-info -n usernic-c1 -p -H) |
8befa924 SH |
205 | |
206 | # assign veth to it - should fail | |
f703d990 | 207 | if run_cmd "$LXC_USER_NIC create $lxcpath $lxcname $p2 veth usernic-br0 xx6"; then |
8befa924 SH |
208 | echo "FAIL: able to attach nic to root-owned container" |
209 | cleanup 1 | |
20ab58c7 SH |
210 | fi |
211 | ||
212 | echo "All tests passed" | |
0e17b9c6 | 213 | DONE=1 |