...

Source file src/github.com/opencontainers/runc/libcontainer/configs/validate/rootless_test.go

Documentation: github.com/opencontainers/runc/libcontainer/configs/validate 

     1  package validate
     2  
     3  import (
     4  	"testing"
     5  
     6  	"github.com/opencontainers/runc/libcontainer/configs"
     7  )
     8  
     9  func rootlessEUIDConfig() *configs.Config {
    10  	return &configs.Config{
    11  		Rootfs:          "/var",
    12  		RootlessEUID:    true,
    13  		RootlessCgroups: true,
    14  		Namespaces: configs.Namespaces(
    15  			[]configs.Namespace{
    16  				{Type: configs.NEWUSER},
    17  			},
    18  		),
    19  		UidMappings: []configs.IDMap{
    20  			{
    21  				HostID:      1337,
    22  				ContainerID: 0,
    23  				Size:        1,
    24  			},
    25  		},
    26  		GidMappings: []configs.IDMap{
    27  			{
    28  				HostID:      7331,
    29  				ContainerID: 0,
    30  				Size:        1,
    31  			},
    32  		},
    33  	}
    34  }
    35  
    36  func TestValidateRootlessEUID(t *testing.T) {
    37  	validator := New()
    38  
    39  	config := rootlessEUIDConfig()
    40  	if err := validator.Validate(config); err != nil {
    41  		t.Errorf("Expected error to not occur: %+v", err)
    42  	}
    43  }
    44  
    45  /* rootlessEUIDMappings */
    46  
    47  func TestValidateRootlessEUIDUserns(t *testing.T) {
    48  	validator := New()
    49  
    50  	config := rootlessEUIDConfig()
    51  	config.Namespaces = nil
    52  	if err := validator.Validate(config); err == nil {
    53  		t.Errorf("Expected error to occur if user namespaces not set")
    54  	}
    55  }
    56  
    57  func TestValidateRootlessEUIDMappingUid(t *testing.T) {
    58  	validator := New()
    59  
    60  	config := rootlessEUIDConfig()
    61  	config.UidMappings = nil
    62  	if err := validator.Validate(config); err == nil {
    63  		t.Errorf("Expected error to occur if no uid mappings provided")
    64  	}
    65  }
    66  
    67  func TestValidateNonZeroEUIDMappingGid(t *testing.T) {
    68  	validator := New()
    69  
    70  	config := rootlessEUIDConfig()
    71  	config.GidMappings = nil
    72  	if err := validator.Validate(config); err == nil {
    73  		t.Errorf("Expected error to occur if no gid mappings provided")
    74  	}
    75  }
    76  
    77  /* rootlessEUIDMount() */
    78  
    79  func TestValidateRootlessEUIDMountUid(t *testing.T) {
    80  	config := rootlessEUIDConfig()
    81  	validator := New()
    82  
    83  	config.Mounts = []*configs.Mount{
    84  		{
    85  			Source:      "devpts",
    86  			Destination: "/dev/pts",
    87  			Device:      "devpts",
    88  		},
    89  	}
    90  
    91  	if err := validator.Validate(config); err != nil {
    92  		t.Errorf("Expected error to not occur when uid= not set in mount options: %+v", err)
    93  	}
    94  
    95  	config.Mounts[0].Data = "uid=5"
    96  	if err := validator.Validate(config); err == nil {
    97  		t.Errorf("Expected error to occur when setting uid=5 in mount options")
    98  	}
    99  
   100  	config.Mounts[0].Data = "uid=0"
   101  	if err := validator.Validate(config); err != nil {
   102  		t.Errorf("Expected error to not occur when setting uid=0 in mount options: %+v", err)
   103  	}
   104  
   105  	config.Mounts[0].Data = "uid=2"
   106  	config.UidMappings[0].Size = 10
   107  	if err := validator.Validate(config); err != nil {
   108  		t.Errorf("Expected error to not occur when setting uid=2 in mount options and UidMapping[0].size is 10")
   109  	}
   110  
   111  	config.Mounts[0].Data = "uid=20"
   112  	config.UidMappings[0].Size = 10
   113  	if err := validator.Validate(config); err == nil {
   114  		t.Errorf("Expected error to occur when setting uid=20 in mount options and UidMapping[0].size is 10")
   115  	}
   116  }
   117  
   118  func TestValidateRootlessEUIDMountGid(t *testing.T) {
   119  	config := rootlessEUIDConfig()
   120  	validator := New()
   121  
   122  	config.Mounts = []*configs.Mount{
   123  		{
   124  			Source:      "devpts",
   125  			Destination: "/dev/pts",
   126  			Device:      "devpts",
   127  		},
   128  	}
   129  
   130  	if err := validator.Validate(config); err != nil {
   131  		t.Errorf("Expected error to not occur when gid= not set in mount options: %+v", err)
   132  	}
   133  
   134  	config.Mounts[0].Data = "gid=5"
   135  	if err := validator.Validate(config); err == nil {
   136  		t.Errorf("Expected error to occur when setting gid=5 in mount options")
   137  	}
   138  
   139  	config.Mounts[0].Data = "gid=0"
   140  	if err := validator.Validate(config); err != nil {
   141  		t.Errorf("Expected error to not occur when setting gid=0 in mount options: %+v", err)
   142  	}
   143  
   144  	config.Mounts[0].Data = "gid=5"
   145  	config.GidMappings[0].Size = 10
   146  	if err := validator.Validate(config); err != nil {
   147  		t.Errorf("Expected error to not occur when setting gid=5 in mount options and GidMapping[0].size is 10")
   148  	}
   149  
   150  	config.Mounts[0].Data = "gid=11"
   151  	config.GidMappings[0].Size = 10
   152  	if err := validator.Validate(config); err == nil {
   153  		t.Errorf("Expected error to occur when setting gid=11 in mount options and GidMapping[0].size is 10")
   154  	}
   155  }
   156  

View as plain text