Ejemplo n.º 1
0
func TestLinuxCapabilitiesSETFCAP() string {
	// copy the testbin into container
	cmd := exec.Command("/bin/sh", "-c", "cp  cases/linuxcapabilities/capabilitytestbin /tmp/testtool")
	_, err := cmd.Output()
	if err != nil {
		log.Fatalf("[specsValidator] linux Capabilities test : init the testbin file error, %v", err)
	}

	linuxspec := setCapability("SETFCAP")
	linuxspec.Spec.Process.Args = []string{"/sbin/setcap", "CAP_SETFCAP=eip", "/testtool/capabilitytestbin"}
	capability := linuxspec.Linux.Capabilities
	configFile := "./config.json"
	err = configconvert.LinuxSpecToConfig(configFile, &linuxspec)
	out, err := adaptor.StartRunc(configFile)
	var result string
	var errout error
	if err != nil {
		result = manager.UNSPPORTED
		errout = errors.New(string(out) + err.Error())
	} else if strings.EqualFold(strings.TrimSpace(string(out)), "") {
		result = manager.PASSED
		errout = nil
	} else {
		result = manager.FAILED
		errout = nil
	}
	var testResult manager.TestResult
	testResult.Set("TestMountTmpfs", capability, errout, result)
	return testResult.Marshal()
}
Ejemplo n.º 2
0
func TestLinuxApparmorProfile() string {
	apparmorfile := "testapporprofile"
	linuxspec := setApparmorProfile(apparmorfile)
	result, err := testApparmorProfile(&linuxspec)
	var testResult manager.TestResult
	testResult.Set("TestLinuxApparmorProfile", linuxspec.Linux.ApparmorProfile, err, result)
	return testResult.Marshal()
}
Ejemplo n.º 3
0
func TestPathError() string {
	linuxspec := setRoot(true, testPathError)
	root := linuxspec.Spec.Root
	result, err := testRoot(&linuxspec, true, testPathError)
	var testResult manager.TestResult
	testResult.Set("TestPathError", root, err, result)
	return testResult.Marshal()
}
Ejemplo n.º 4
0
func TestPlatformCorrect() string {
	linuxspec := setPlatform(runtime.GOOS, runtime.GOARCH)
	platform := linuxspec.Spec.Platform
	result, err := testPlatform(&linuxspec, runtime.GOOS, runtime.GOARCH)
	var testResult manager.TestResult
	testResult.Set("TestPlatformCorrect", platform, err, result)
	return testResult.Marshal()
}
Ejemplo n.º 5
0
func TestMountTmpfs() string {
	linuxspec := setMount("tmpfs", "tmpfs", "/mountTest", "")
	mount := linuxspec.Spec.Mounts
	result, err := testMount(&linuxspec)
	var testResult manager.TestResult
	testResult.Set("TestMountTmpfs", mount, err, result)
	return testResult.Marshal()
}
Ejemplo n.º 6
0
func TestReadOnlyFalse() string {
	linuxspec := setRoot(false, testPathCorrect)
	root := linuxspec.Spec.Root
	result, err := testRoot(&linuxspec, false, testPathCorrect)
	var testResult manager.TestResult
	testResult.Set("TestReadOnlyFalse", root, err, result)
	return testResult.Marshal()
}
Ejemplo n.º 7
0
func TestRootfsPropagationShare() string {
	mode := "share"
	linuxspec := setRootfsPropagation(mode)
	result, err := testRootfsPropagationHost(&linuxspec, "linuxrootfspropagation")
	var testResult manager.TestResult
	testResult.Set("TestRootfsPropagationShare", linuxspec.Linux.RootfsPropagation, err, result)
	return testResult.Marshal()
}
Ejemplo n.º 8
0
func TestVersionCorrect() string {

	linuxspec := setVersion(testValueCorrect)
	version := linuxspec.Spec.Version
	result, err := testVersion(&linuxspec)
	var testResult manager.TestResult
	testResult.Set("TestVersionCorrect", version, err, result)
	return testResult.Marshal()
}
Ejemplo n.º 9
0
func TestLinuxSelinuxProcessLabel() string {
	labelin := "system_u:system_r:svirt_lxc_net_t:s0:c124,c675"
	linuxspec := setSElinuxLabel(labelin)
	go testSElinuxLabel(&linuxspec)
	result, err := checkProcessLableFromHost(labelin)
	var testResult manager.TestResult
	testResult.Set("TestLinuxSelinuxProcessLabel", linuxspec.Linux.SelinuxProcessLabel, err, result)
	return testResult.Marshal()
}
Ejemplo n.º 10
0
func TestPlatformErr() string {
	osErr := "osErr"
	archErr := "archErr"
	linuxspec := setPlatform(osErr, archErr)
	platform := linuxspec.Spec.Platform
	result, err := testPlatform(&linuxspec, osErr, archErr)
	var testResult manager.TestResult
	testResult.Set("TestPlatformErr", platform, err, result)
	return testResult.Marshal()
}
Ejemplo n.º 11
0
func TestRlimitNOFILEHard() string {
	var rlimitstest specs.Rlimit = specs.Rlimit{
		Type: syscall.RLIMIT_NOFILE,
		Soft: uint64(1024),
		Hard: uint64(20480),
	}
	var testResult manager.TestResult
	linuxspec := setRlimits(rlimitstest)
	result, err := testRlimits(&linuxspec, "-n", strconv.FormatUint(rlimitstest.Hard, 10), false)
	testResult.Set("TestRlimitNOFILEHard", rlimitstest.Hard, err, result)
	return testResult.Marshal()
}
Ejemplo n.º 12
0
Archivo: uts.go Proyecto: Issacpeng/oct
func TestUtsPathEmpty() string {

	ns := specs.Namespace{Type: "uts",
		Path: ""}

	ls := setUtsSpec(ns)
	result, err := TestPathEmpty(&ls, "/proc/*/ns/uts")

	var testResult manager.TestResult
	testResult.Set("TestUtsPathEmpty", ns, err, result)
	return testResult.Marshal()
}
Ejemplo n.º 13
0
Archivo: ipc.go Proyecto: Issacpeng/oct
func TestIpcPathUnempty() string {

	ns := specs.Namespace{Type: "ipc",
		Path: "/proc/1/ns/ipc"}

	ls := setIpcSpec(ns)
	result, err := TestPathUnEmpty(&ls, ns.Path)

	var testResult manager.TestResult
	testResult.Set("TestIpcPathUnempty", ns, err, result)
	return testResult.Marshal()
}
Ejemplo n.º 14
0
func TestMntPathEmpty() string {

	ns := specs.Namespace{Type: "mount",
		Path: ""}

	ls := linuxSpec
	ls.Process.Args = append(ls.Process.Args, "/bin/readlink", "/proc/self/ns/mnt")
	result, err := TestPathEmpty(&ls, "/proc/*/ns/mnt")

	var testResult manager.TestResult
	testResult.Set("TestMntPathEmpty", ns, err, result)
	return testResult.Marshal()
}
Ejemplo n.º 15
0
func TestBase() string {
	var process specs.Process = specs.Process{
		Terminal: false,
		User: specs.User{
			UID:            0,
			GID:            0,
			AdditionalGids: []int32{},
		},
		Args: []string{"./specprocess"},
		Env:  nil,
		Cwd:  "/containerend",
	}

	linuxspec := setProcess(process)
	newProcess := linuxspec.Spec.Process
	result, err := testProcess(&linuxspec, true)
	var testResult manager.TestResult
	testResult.Set("TestBase", newProcess, err, result)
	return testResult.Marshal()
}
func TestMemoryLimit() string {
	var testResourceseMemory specs.Resources = specs.Resources{
		Memory: specs.Memory{
			Limit:       204800,
			Reservation: 0,
			Swap:        0,
			Kernel:      0,
			Swappiness:  -1,
		},
	}
	linuxspec := setResources(testResourceseMemory)
	go testResources(&linuxspec)
	time.Sleep(time.Second * 3)
	// defer cleanCgroup()
	defer adaptor.CleanRunc()
	result, err := checkConfigurationFromHost("memory.limit_in_bytes", "204800")
	var testResult manager.TestResult
	testResult.Set("TestMemoryLimit", testResourceseMemory.Memory, err, result)
	return testResult.Marshal()
}