func setCapability(capabilityname string) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() linuxSpec.Linux.Capabilities = []string{capabilityname} utils.SetBind(&linuxRuntimeSpec, &linuxSpec) return linuxSpec, linuxRuntimeSpec }
// Set input value of spec.Version to specs.LinuxSpec obj func setVersion(testValue string) specs.LinuxSpec { // Get smallest set of specs.LinuxSpec ls := specsinit.SetLinuxspecMinimum() // Set value ls.Version = testValue return ls }
func setMount(fsName string, fsType string, fsSrc string, fsDes string, fsOpt []string) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { var linuxSpec specs.LinuxSpec = specsinit.SetLinuxspecMinimum() var linuxRuntimeSpec specs.LinuxRuntimeSpec = specsinit.SetLinuxruntimeMinimum() configMountTest := specs.MountPoint{fsName, fsDes} runtimeMountTest := specs.Mount{fsType, fsSrc, fsOpt} linuxSpec.Mounts = append(linuxSpec.Mounts, configMountTest) linuxRuntimeSpec.Mounts[fsName] = runtimeMountTest return linuxSpec, linuxRuntimeSpec }
func setHooks(thooks []specs.Hook, isPre bool) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() if isPre { linuxRuntimeSpec.RuntimeSpec.Hooks.Prestart = thooks } else { linuxRuntimeSpec.RuntimeSpec.Hooks.Prestart = thooks } return linuxSpec, linuxRuntimeSpec }
func setProcess(process specs.Process) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() lr := specsinit.SetLinuxruntimeMinimum() //Bind containerend folder to runc container, thus we can get containerend guest programme linuxSpec.Spec.Process = process utils.SetBind(&lr, &linuxSpec) return linuxSpec, lr }
func setCgroupspath(path string) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() linuxRuntimeSpec.Linux.CgroupsPath = path // temporary add cgroup filesystem for test configMountTest := specs.MountPoint{"cgroup", "/sys/fs/cgroup"} runtimeMountTest := specs.Mount{"cgroup", "cgroup", []string{""}} linuxSpec.Mounts = append(linuxSpec.Mounts, configMountTest) linuxRuntimeSpec.Mounts["cgroup"] = runtimeMountTest return linuxSpec, linuxRuntimeSpec }
func setRootfsPropagation(mode string) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() var initdevice specs.Device = specs.Device{ Type: 99, Path: "/dev/null", Major: 1, Minor: 3, Permissions: "rwm", FileMode: 438, UID: 0, GID: 0, } linuxRuntimeSpec.Linux.Devices = []specs.Device{initdevice} linuxRuntimeSpec.Linux.RootfsPropagation = mode return linuxSpec, linuxRuntimeSpec }
func setDevices(testdevices specs.Device) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() var initdevice specs.Device = specs.Device{ Type: 99, Path: "/dev/null", Major: 1, Minor: 3, Permissions: "rwm", FileMode: 438, UID: 0, GID: 0, } linuxRuntimeSpec.Linux.Devices = []specs.Device{initdevice} linuxRuntimeSpec.Linux.Devices = append(linuxRuntimeSpec.Linux.Devices, testdevices) return linuxSpec, linuxRuntimeSpec }
func setPlatform(osValue string, archValue string) specs.LinuxSpec { linuxSpec := specsinit.SetLinuxspecMinimum() linuxSpec.Platform.OS = osValue linuxSpec.Platform.Arch = archValue return linuxSpec }
func setRlimits(testrlimits specs.Rlimit) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() linuxRuntimeSpec.Linux.Rlimits = []specs.Rlimit{testrlimits} return linuxSpec, linuxRuntimeSpec }
func setResources(resources specs.Resources) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() linuxRuntimeSpec.Linux.Resources = &resources return linuxSpec, linuxRuntimeSpec }
package linuxapparmorprofile import ( "errors" "github.com/huawei-openlab/oct/tools/runtimeValidator/adaptor" "github.com/huawei-openlab/oct/tools/runtimeValidator/manager" "github.com/huawei-openlab/oct/tools/runtimeValidator/utils/configconvert" "github.com/huawei-openlab/oct/tools/runtimeValidator/utils/specsinit" "github.com/opencontainers/specs" "os/exec" "strings" "time" ) var linuxSpec specs.LinuxSpec = specsinit.SetLinuxspecMinimum() var linuxRuntimeSpec specs.LinuxRuntimeSpec = specsinit.SetLinuxruntimeMinimum() var TestSuiteLinuxApparmorProfile manager.TestSuite = manager.TestSuite{Name: "LinuxSpec.Linux.ApparmorProfile"} func init() { TestSuiteLinuxApparmorProfile.AddTestCase("TestLinuxApparmorProfile", TestLinuxApparmorProfile) manager.Manager.AddTestSuite(TestSuiteLinuxApparmorProfile) } func setApparmorProfile(profilename string) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxRuntimeSpec.Linux.ApparmorProfile = profilename linuxSpec.Spec.Process.Args = []string{"/bin/bash", "-c", "sleep 3s"} return linuxSpec, linuxRuntimeSpec }
func setSeccomp(sec specs.Seccomp) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() linuxRuntimeSpec.Linux.Seccomp = sec return linuxSpec, linuxRuntimeSpec }
func setRoot(readonlyValue bool, path string) specs.LinuxSpec { ls := specsinit.SetLinuxspecMinimum() ls.Root.Readonly = readonlyValue ls.Root.Path = path return ls }
func setSElinuxLabel(label string) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() linuxRuntimeSpec.Linux.SelinuxProcessLabel = label return linuxSpec, linuxRuntimeSpec }