예제 #1
0
파일: root.go 프로젝트: yuchangchun1/oct
func testRoot(linuxSpec *specs.LinuxSpec, readonlyValue bool, pathValue string) (string, error) {
	configFile := "./config.json"
	linuxSpec.Spec.Process.Args[0] = "/bin/mount"
	err := configconvert.LinuxSpecToConfig(configFile, linuxSpec)

	out, err := adaptor.StartRunc(configFile)
	if err != nil {
		if pathValue == testPathError {
			return manager.PASSED, nil
		} else {
			return manager.FAILED, errors.New(string(out) + err.Error())
		}
	}
	if pathValue == testPathCorrect {
		if readonlyValue == true && strings.Contains(out, "(ro,") {
			return manager.PASSED, nil
		} else if readonlyValue == false && strings.Contains(out, "(rw,") {
			return manager.PASSED, nil
		} else {
			return manager.FAILED, nil
		}
	} else {
		return manager.UNKNOWNERR, nil
	}
}
예제 #2
0
func TestLinuxCapabilitiesSETFCAP() string {
	// copy the testbin into container
	cmd := exec.Command("/bin/sh", "-c", "cp  cases/linuxcapabilities/capabilitytestbin /tmp/testtool")
	_, err := cmd.Output()
	if err != nil {
		log.Fatalf("[Specstest] linux Capabilities test : init the testbin file error, %v", err)
	}

	linuxspec := setCapability("SETFCAP")
	linuxspec.Spec.Process.Args = []string{"/sbin/setcap", "CAP_SETFCAP=eip", "/testtool/capabilitytestbin"}
	capability := linuxspec.Linux.Capabilities
	configFile := "./config.json"
	err = configconvert.LinuxSpecToConfig(configFile, &linuxspec)
	out, err := adaptor.StartRunc(configFile)
	var result string
	var errout error
	if err != nil {
		result = manager.UNSPPORTED
		errout = errors.New(string(out) + err.Error())
	} else if strings.EqualFold(strings.TrimSpace(string(out)), "") {
		result = manager.PASSED
		errout = nil
	} else {
		result = manager.FAILED
		errout = nil
	}
	var testResult manager.TestResult
	testResult.Set("TestMountTmpfs", capability, errout, result)
	return testResult.Marshal()
}
예제 #3
0
파일: version.go 프로젝트: yuchangchun1/oct
func testVersion(linuxSpec *specs.LinuxSpec) (string, error) {
	configFile := "./config.json"
	linuxSpec.Spec.Process.Args[0] = "/bin/ls"
	err := configconvert.LinuxSpecToConfig(configFile, linuxSpec)

	out, err := adaptor.StartRunc(configFile)
	if err != nil {
		return manager.FAILED, errors.New(string(out) + err.Error())
	} else {
		return manager.PASSED, nil
	}
}
예제 #4
0
func testResources(linuxSpec *specs.LinuxSpec) (string, error) {
	fmt.Println("enter test source")
	configFile := "./config.json"
	linuxSpec.Spec.Process.Args = []string{"/bin/bash", "-c", "sleep 30s"}
	err := configconvert.LinuxSpecToConfig(configFile, linuxSpec)
	out, err := adaptor.StartRunc(configFile)
	if err != nil {
		return manager.UNSPPORTED, errors.New(string(out) + err.Error())
	} else {
		fmt.Println("runc start success")
		return manager.PASSED, nil
	}
}
예제 #5
0
func testMount(linuxSpec *specs.LinuxSpec) (string, error) {
	configFile := "./config.json"
	linuxSpec.Spec.Process.Args[0] = "/bin/mount"
	err := configconvert.LinuxSpecToConfig(configFile, linuxSpec)
	out, err := adaptor.StartRunc(configFile)
	if err != nil {
		return manager.UNSPPORTED, errors.New(string(out) + err.Error())
	} else if strings.Contains(out, "/mountTest") {
		return manager.PASSED, nil
	} else {
		return manager.FAILED, nil
	}
}
예제 #6
0
func testPlatform(linuxSpec *specs.LinuxSpec, osValue string, archValue string) (string, error) {
	configFile := "./config.json"
	err := configconvert.LinuxSpecToConfig(configFile, linuxSpec)
	linuxSpec.Spec.Process.Args[0] = "/bin/ls"
	out, err := adaptor.StartRunc(configFile)
	if err != nil {
		if osValue == runtime.GOOS && archValue == runtime.GOARCH {
			return manager.PASSED, nil
		} else {
			return manager.FAILED, errors.New(string(out) + err.Error())
		}
	}
	if osValue == runtime.GOOS && archValue == runtime.GOARCH {
		return manager.PASSED, nil
	} else {
		return manager.UNKNOWNERR, nil
	}
}
예제 #7
0
func testRlimits(linuxSpec *specs.LinuxSpec, rlimitItem string, value string, isSoftLimit bool) (string, error) {
	configFile := "./config.json"
	if isSoftLimit {
		linuxSpec.Spec.Process.Args = []string{"/bin/bash", "-c", "ulimit " + rlimitItem + " -S"}
	} else {
		linuxSpec.Spec.Process.Args = []string{"/bin/bash", "-c", "ulimit " + rlimitItem + " -H"}
	}
	err := configconvert.LinuxSpecToConfig(configFile, linuxSpec)
	out, err := adaptor.StartRunc(configFile)
	if err != nil {
		return manager.UNSPPORTED, errors.New(string(out) + err.Error())
	} else {
		if strings.EqualFold(strings.TrimSpace(string(out)), value) {
			return manager.PASSED, nil
		} else {
			return manager.FAILED, nil
		}
	}
}
예제 #8
0
func testSysctls(linuxSpec *specs.LinuxSpec) (string, error) {
	configFile := "./config.json"
	var key, value string
	for k, v := range linuxSpec.Linux.Sysctl {
		linuxSpec.Spec.Process.Args = []string{"/bin/bash", "-c", "sysctl " + k}
		key = k
		value = v
	}
	err := configconvert.LinuxSpecToConfig(configFile, linuxSpec)
	out, err := adaptor.StartRunc(configFile)
	if err != nil {
		return manager.UNSPPORTED, errors.New(string(out) + err.Error())
	} else {
		if strings.EqualFold(strings.TrimSpace(out), key+" = "+value) {
			return manager.PASSED, nil
		} else {
			return manager.FAILED, nil
		}
	}
}
예제 #9
0
/**
*container unreused namespace of host
 */
func TestPathEmpty(linuxSpec *specs.LinuxSpec, hostNamespacePath string) (string, error) {
	//1. output json file for runc
	configfile := "./config.json"
	err := configconvert.LinuxSpecToConfig(configfile, linuxSpec)
	if err != nil {
		log.Fatalf("write config error, %v", err)
	}

	//2. get container's pid namespace after executing  runc
	out, err := adaptor.StartRunc(configfile)
	if err != nil {
		return manager.UNSPPORTED, errors.New(string(out) + err.Error())
		//log.Fatalf("write config error, %v\n", errors.New(string(out)+err.Error()))
	}
	containerNs := strings.TrimSuffix(string(out), "\n")
	containerNs = strings.TrimSpace(containerNs)
	if containerNs == "" {
		log.Fatalf("can not find namespace in container.")
	}

	//3. get host's all pid namespace
	cmd := "readlink " + hostNamespacePath + "|sort -u"
	hostNs, err := getHostNs(cmd)
	if err != nil {
		log.Fatalf("get host namespace error,%v\n", err)
	}

	//4. juge if the container's pid namespace is not in host namespaces
	var result string
	if strings.Contains(hostNs, containerNs) {
		result = manager.FAILED
	} else {
		result = manager.PASSED
	}

	return result, nil
}