[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
02/04: syscalls: Re-enable 'pivot-root' test.
|
From: |
guix-commits |
|
Subject: |
02/04: syscalls: Re-enable 'pivot-root' test. |
|
Date: |
Tue, 11 Feb 2020 06:34:31 -0500 (EST) |
civodul pushed a commit to branch master
in repository guix.
commit 1deca767be1b84b96633e317f3fcdd5165f95df3
Author: Ludovic Courtès <address@hidden>
AuthorDate: Tue Feb 11 12:13:14 2020 +0100
syscalls: Re-enable 'pivot-root' test.
Fixes <https://bugs.gnu.org/25476>.
Reported by Paul Garlick <address@hidden>.
* tests/syscalls.scm ("pivot-root"): Skip only when
PERFORM-CONTAINER-TESTS? is true. Rewrite to use a socket pair instead
of a pipe. Synchronize parent and child so that the parent can
initialize the child's UID and GID mappings before continuing.
---
tests/syscalls.scm | 55 ++++++++++++++++++++++++++++++------------------------
1 file changed, 31 insertions(+), 24 deletions(-)
diff --git a/tests/syscalls.scm b/tests/syscalls.scm
index 1b3121e..7fe0cd1 100644
--- a/tests/syscalls.scm
+++ b/tests/syscalls.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès
<address@hidden>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès
<address@hidden>
;;; Copyright © 2015 David Thompson <address@hidden>
;;;
;;; This file is part of GNU Guix.
@@ -161,29 +161,22 @@
(waitpid fork-pid)
result))))))))
-;; XXX: Skip this test when running Linux > 4.7.5 to work around
-;; <https://bugzilla.kernel.org/show_bug.cgi?id=183461>.
-(when (or (not perform-container-tests?)
- (version>? (utsname:release (uname)) "4.7.5")
-
- ;; Skip on Ubuntu's 4.4 kernels, which contain a backport of the
- ;; faulty code: <https://bugs.gnu.org/25476>.
- (member (utsname:release (uname))
- '("4.4.0-21-generic" "4.4.0-59-generic"
- "4.4.0-116-generic")))
+(when (not perform-container-tests?)
(test-skip 1))
(test-equal "pivot-root"
- #t
- (match (pipe)
- ((in . out)
+ 'success!
+ (match (socketpair AF_UNIX SOCK_STREAM 0)
+ ((parent . child)
(match (clone (logior CLONE_NEWUSER CLONE_NEWNS SIGCHLD))
(0
(dynamic-wind
(const #t)
(lambda ()
- (close in)
+ (close parent)
(call-with-temporary-directory
(lambda (root)
+ (display "ready\n" child)
+ (read child) ;wait for "go!"
(let ((put-old (string-append root "/real-root")))
(mount "none" root "tmpfs")
(mkdir put-old)
@@ -192,18 +185,32 @@
(display "testing\n" port)))
(pivot-root root put-old)
;; The test file should now be located inside the root
directory.
- (write (file-exists? "/test") out)
- (close out)))))
+ (write (and (file-exists? "/test") 'success!) child)
+ (close child)))))
(lambda ()
(primitive-exit 0))))
(pid
- (close out)
- (let ((result (read in)))
- (close in)
- (and (zero? (match (waitpid pid)
- ((_ . status)
- (status:exit-val status))))
- (eq? #t result))))))))
+ (close child)
+ (match (read parent)
+ ('ready
+ ;; Set up the UID/GID mapping so that we can mkdir on the tmpfs:
+ ;; <https://bugzilla.kernel.org/show_bug.cgi?id=183461>.
+ (call-with-output-file (format #f "/proc/~d/setgroups" pid)
+ (lambda (port)
+ (display "deny" port)))
+ (call-with-output-file (format #f "/proc/~d/uid_map" pid)
+ (lambda (port)
+ (format port "0 ~d 1" (getuid))))
+ (call-with-output-file (format #f "/proc/~d/gid_map" pid)
+ (lambda (port)
+ (format port "0 ~d 1" (getgid))))
+ (display "go!\n" parent)
+ (let ((result (read parent)))
+ (close parent)
+ (and (zero? (match (waitpid pid)
+ ((_ . status)
+ (status:exit-val status))))
+ result)))))))))
(test-equal "scandir*, ENOENT"
ENOENT