Merge pull request #271 from AkihiroSuda/dev

tests: refactor
rootless-containers · Jun 21, 2021 · df67b2f · df67b2f
2 parents 33eb5f7 + ef24321
commit df67b2f
Show file tree

Hide file tree

Showing 16 changed files with 262 additions and 245 deletions.
diff --git a/Makefile.am b/Makefile.am
@@ -5,7 +5,20 @@ AM_CFLAGS = @GLIB_CFLAGS@ @SLIRP_CFLAGS@ @LIBCAP_CFLAGS@ @LIBSECCOMP_CFLAGS@
 noinst_LIBRARIES = libparson.a
 
 AM_TESTS_ENVIRONMENT = PATH="$(abs_top_builddir):$(PATH)"
-TESTS = tests/test-slirp4netns.sh tests/test-slirp4netns-configure.sh tests/test-slirp4netns-exit-fd.sh tests/test-slirp4netns-ready-fd.sh tests/test-slirp4netns-api-socket.sh tests/test-slirp4netns-disable-host-loopback.sh tests/test-slirp4netns-cidr.sh tests/test-slirp4netns-outbound-addr.sh tests/test-slirp4netns-disable-dns.sh tests/test-slirp4netns-seccomp.sh tests/test-slirp4netns-macaddress.sh tests/test-slirp4netns-dhcp.sh
+TESTS = tests/test-slirp4netns-api-socket.sh \
+				tests/test-slirp4netns-cidr.sh \
+				tests/test-slirp4netns-configure.sh \
+				tests/test-slirp4netns-dhcp.sh \
+				tests/test-slirp4netns-disable-dns.sh \
+				tests/test-slirp4netns-disable-host-loopback.sh \
+				tests/test-slirp4netns-exit-fd.sh \
+				tests/test-slirp4netns-macaddress.sh \
+				tests/test-slirp4netns-nspath.sh \
+				tests/test-slirp4netns-outbound-addr.sh \
+				tests/test-slirp4netns-ready-fd.sh \
+				tests/test-slirp4netns-sandbox.sh \
+				tests/test-slirp4netns-sandbox-no-unmount.sh \
+				tests/test-slirp4netns-seccomp.sh
 
 EXTRA_DIST = \
 	slirp4netns.1.md \
@@ -18,7 +31,6 @@ EXTRA_DIST = \
 	seccomparch.h \
 	seccompfilter.h \
 	seccompfilter_rules.h \
-	tests/slirp4netns-no-unmount.sh \
 	vendor/parson/LICENSE \
 	vendor/parson/README.md \
 	vendor/parson/parson.h

diff --git a/tests/common.sh b/tests/common.sh
@@ -4,116 +4,116 @@
 TEST_EXIT_CODE_SKIP=77
 
 function nsenter_flags {
-  pid=$1
-  flags="--target=${pid}"
-  userns="$(readlink /proc/${pid}/ns/user)"
-  mntns="$(readlink /proc/${pid}/ns/mnt)"
-  netns="$(readlink /proc/${pid}/ns/net)"
+	pid=$1
+	flags="--target=${pid}"
+	userns="$(readlink /proc/${pid}/ns/user)"
+	mntns="$(readlink /proc/${pid}/ns/mnt)"
+	netns="$(readlink /proc/${pid}/ns/net)"
 
-  self_userns="$(readlink /proc/self/ns/user)"
-  self_mntns="$(readlink /proc/self/ns/mnt)"
-  self_netns="$(readlink /proc/self/ns/net)"
+	self_userns="$(readlink /proc/self/ns/user)"
+	self_mntns="$(readlink /proc/self/ns/mnt)"
+	self_netns="$(readlink /proc/self/ns/net)"
 
-  if [ "${userns}" != "${self_userns}" ]; then
-    flags="$flags --preserve-credentials -U"
-  fi
-  if [ "${mntns}" != "${self_mntns}" ]; then
-    flags="$flags -m"
-  fi
-  if [ "${netns}" != "${self_netns}" ]; then
-    flags="$flags -n"
-  fi
-  echo "${flags}"
+	if [ "${userns}" != "${self_userns}" ]; then
+		flags="$flags --preserve-credentials -U"
+	fi
+	if [ "${mntns}" != "${self_mntns}" ]; then
+		flags="$flags -m"
+	fi
+	if [ "${netns}" != "${self_netns}" ]; then
+		flags="$flags -n"
+	fi
+	echo "${flags}"
 }
 
 function wait_for_network_namespace {
-    # Wait that the namespace is ready.
-    COUNTER=0
-    while [ $COUNTER -lt 40 ]; do
-        flags=$(nsenter_flags $1)
-        if $(echo $flags | grep -qvw -- -n); then
-          flags="$flags -n"
-        fi
-        if nsenter ${flags} true >/dev/null 2>&1; then
-            return 0
-        else
-            sleep 0.5
-        fi
-        let COUNTER=COUNTER+1
-    done
-    exit 1
+	# Wait that the namespace is ready.
+	COUNTER=0
+	while [ $COUNTER -lt 40 ]; do
+		flags=$(nsenter_flags $1)
+		if $(echo $flags | grep -qvw -- -n); then
+			flags="$flags -n"
+		fi
+		if nsenter ${flags} true >/dev/null 2>&1; then
+			return 0
+		else
+			sleep 0.5
+		fi
+		let COUNTER=COUNTER+1
+	done
+	exit 1
 }
 
 function wait_for_network_device {
-    # Wait that the device appears.
-    COUNTER=0
-    while [ $COUNTER -lt 40 ]; do
-        if nsenter $(nsenter_flags $1) ip addr show $2; then
-            return 0
-        else
-            sleep 0.5
-        fi
-        let COUNTER=COUNTER+1
-    done
-    exit 1
+	# Wait that the device appears.
+	COUNTER=0
+	while [ $COUNTER -lt 40 ]; do
+		if nsenter $(nsenter_flags $1) ip addr show $2; then
+			return 0
+		else
+			sleep 0.5
+		fi
+		let COUNTER=COUNTER+1
+	done
+	exit 1
 }
 
 function wait_process_exits {
-    COUNTER=0
-    while [ $COUNTER -lt 40 ]; do
-        if  kill -0 $1; then
-            sleep 0.5
-        else
-            return 0
-        fi
-        let COUNTER=COUNTER+1
-    done
-    exit 1
+	COUNTER=0
+	while [ $COUNTER -lt 40 ]; do
+		if kill -0 $1; then
+			sleep 0.5
+		else
+			return 0
+		fi
+		let COUNTER=COUNTER+1
+	done
+	exit 1
 }
 
 function wait_for_ping_connectivity {
-    COUNTER=0
-    while [ $COUNTER -lt 40 ]; do
-        if nsenter $(nsenter_flags $1) ping -c 1 -w 1 $2; then
-            return 0
-        else
-            sleep 0.5
-        fi
-        let COUNTER=COUNTER+1
-    done
-    exit 1
+	COUNTER=0
+	while [ $COUNTER -lt 40 ]; do
+		if nsenter $(nsenter_flags $1) ping -c 1 -w 1 $2; then
+			return 0
+		else
+			sleep 0.5
+		fi
+		let COUNTER=COUNTER+1
+	done
+	exit 1
 }
 
 function wait_for_connectivity {
-    COUNTER=0
-    while [ $COUNTER -lt 40 ]; do
-        if echo "wait_for_connectivity" | nsenter $(nsenter_flags $1) ncat -v $2 $3; then
-            return 0
-        else
-            sleep 0.5
-        fi
-        let COUNTER=COUNTER+1
-    done
-    exit 1
+	COUNTER=0
+	while [ $COUNTER -lt 40 ]; do
+		if echo "wait_for_connectivity" | nsenter $(nsenter_flags $1) ncat -v $2 $3; then
+			return 0
+		else
+			sleep 0.5
+		fi
+		let COUNTER=COUNTER+1
+	done
+	exit 1
 }
 
 function wait_for_file_content {
-    # Wait for a file to get the specified content.
-    COUNTER=0
-    while [ $COUNTER -lt 20 ]; do
-        if grep $1 $2; then
-            return 0
-        else
-            sleep 0.5
-        fi
-        let COUNTER=COUNTER+1
-    done
-    exit 1
+	# Wait for a file to get the specified content.
+	COUNTER=0
+	while [ $COUNTER -lt 20 ]; do
+		if grep $1 $2; then
+			return 0
+		else
+			sleep 0.5
+		fi
+		let COUNTER=COUNTER+1
+	done
+	exit 1
 }
 
 function expose_tcp() {
-    apisock=$1 hostport=$2 guestport=$3
-    json="{\"execute\": \"add_hostfwd\", \"arguments\": {\"proto\": \"tcp\", \"host_addr\": \"0.0.0.0\", \"host_port\": $hostport, \"guest_addr\": \"10.0.2.100\", \"guest_port\": $guestport}}"
-    echo -n $json | ncat -U $apisock
-    echo -n "{\"execute\": \"list_hostfwd\"}" | ncat -U $apisock
+	apisock=$1 hostport=$2 guestport=$3
+	json="{\"execute\": \"add_hostfwd\", \"arguments\": {\"proto\": \"tcp\", \"host_addr\": \"0.0.0.0\", \"host_port\": $hostport, \"guest_addr\": \"10.0.2.100\", \"guest_port\": $guestport}}"
+	echo -n $json | ncat -U $apisock
+	echo -n "{\"execute\": \"list_hostfwd\"}" | ncat -U $apisock
 }
diff --git a/tests/test-slirp4netns-api-socket.sh b/tests/test-slirp4netns-api-socket.sh
@@ -12,17 +12,17 @@ tmpdir=$(mktemp -d /tmp/slirp4netns-bench.XXXXXXXXXX)
 apisocket=${tmpdir}/slirp4netns.sock
 apisocketlongpath=${tmpdir}/slirp4netns-TOO-LONG-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.sock
 
-if slirp4netns -c $child --api-socket $apisocketlongpath tun11; then
-    echo "expected failure with apisocket path too long" >&2
-    kill -9 $child
-    rm -rf $tmpdir
-    exit 1
+if slirp4netns -c $child --api-socket $apisocketlongpath tap11; then
+	echo "expected failure with apisocket path too long" >&2
+	kill -9 $child
+	rm -rf $tmpdir
+	exit 1
 fi
 
-slirp4netns -c $child --api-socket $apisocket tun11 &
+slirp4netns -c $child --api-socket $apisocket tap11 &
 slirp_pid=$!
 
-wait_for_network_device $child tun11
+wait_for_network_device $child tap11
 
 function cleanup() {
 	kill -9 $child $slirp_pid

diff --git a/tests/test-slirp4netns-cidr.sh b/tests/test-slirp4netns-cidr.sh
@@ -9,39 +9,39 @@ child=$!
 wait_for_network_namespace $child
 
 set +e
-result=$(slirp4netns -c --cidr 24 $child tun11 2>&1)
+result=$(slirp4netns -c --cidr 24 $child tap11 2>&1)
 set -e
 echo $result | grep "invalid CIDR"
 
 set +e
-result=$(slirp4netns -c --cidr foo $child tun11 2>&1)
+result=$(slirp4netns -c --cidr foo $child tap11 2>&1)
 set -e
 echo $result | grep "invalid CIDR"
 
 set +e
-result=$(slirp4netns -c --cidr 10.0.2.0 $child tun11 2>&1)
+result=$(slirp4netns -c --cidr 10.0.2.0 $child tap11 2>&1)
 set -e
 echo $result | grep "invalid CIDR"
 
 set +e
-result=$(slirp4netns -c --cidr 10.0.2.100/24 $child tun11 2>&1)
+result=$(slirp4netns -c --cidr 10.0.2.100/24 $child tap11 2>&1)
 set -e
 echo $result | grep "CIDR needs to be a network address like 10.0.2.0/24, not like 10.0.2.100/24"
 
 set +e
-result=$(slirp4netns -c --cidr 10.0.2.100/26 $child tun11 2>&1)
+result=$(slirp4netns -c --cidr 10.0.2.100/26 $child tap11 2>&1)
 set -e
 echo $result | grep "prefix length needs to be 1-25"
 
-slirp4netns -c $child --cidr 10.0.135.128/25 tun11 &
+slirp4netns -c $child --cidr 10.0.135.128/25 tap11 &
 slirp_pid=$!
 
-wait_for_network_device $child tun11
+wait_for_network_device $child tap11
 
 function cleanup {
-    kill -9 $child $slirp_pid
+	kill -9 $child $slirp_pid
 }
 trap cleanup EXIT
 
-result="$(nsenter --preserve-credentials -U -n --target=$child ip a show dev tun11)"
+result="$(nsenter $(nsenter_flags $child) ip a show dev tap11)"
 echo "$result" | grep -o '^\s*inet .*/' | grep -F 10.0.135.228
diff --git a/tests/test-slirp4netns-configure.sh b/tests/test-slirp4netns-configure.sh
@@ -8,16 +8,16 @@ child=$!
 
 wait_for_network_namespace $child
 
-slirp4netns -c $child tun11 &
+slirp4netns -c $child tap11 &
 slirp_pid=$!
 
-wait_for_network_device $child tun11
+wait_for_network_device $child tap11
 
 function cleanup {
-    kill -9 $child $slirp_pid
+	kill -9 $child $slirp_pid
 }
 trap cleanup EXIT
 
-nsenter --preserve-credentials -U -n --target=$child ip -a netconf | grep tun11
+nsenter $(nsenter_flags $child) ip -a netconf | grep tap11
 
-nsenter --preserve-credentials -U -n --target=$child ip addr show tun11 | grep inet
+nsenter $(nsenter_flags $child) ip addr show tap11 | grep inet
diff --git a/tests/test-slirp4netns-disable-dns.sh b/tests/test-slirp4netns-disable-dns.sh
@@ -1,35 +1,35 @@
 #!/bin/bash
 set -xeuo pipefail
 
+. $(dirname $0)/common.sh
+
 SLIRP_CONFIG_VERSION_MAX=$(slirp4netns -v | grep "SLIRP_CONFIG_VERSION_MAX: " | sed 's#SLIRP_CONFIG_VERSION_MAX: \(\)##')
 
 if [ "${SLIRP_CONFIG_VERSION_MAX:-0}" -lt 3 ]; then
-    printf "'--disable-dns' requires SLIRP_CONFIG_VERSION_MAX 3 or newer. Test skipped..."
-    exit 0
+	printf "'--disable-dns' requires SLIRP_CONFIG_VERSION_MAX 3 or newer. Test skipped..."
+	exit "$TEST_EXIT_CODE_SKIP"
 fi
 
-. $(dirname $0)/common.sh
-
 port=53
 unshare -r -n sleep infinity &
 child=$!
 
 wait_for_network_namespace $child
 
 mtu=${MTU:=1500}
-slirp4netns -c --mtu $mtu --disable-dns $child tun11 &
+slirp4netns -c --mtu $mtu --disable-dns $child tap11 &
 slirp_pid=$!
 
-wait_for_network_device $child tun11
+wait_for_network_device $child tap11
 # ping to 10.0.2.2
 wait_for_ping_connectivity $child 10.0.2.2
 
 function cleanup() {
-    kill -9 $child $slirp_pid
+	kill -9 $child $slirp_pid
 }
 trap cleanup EXIT
 
 set +e
-err=$(echo "should fail" | nsenter --preserve-credentials -U -n --target=$child ncat -v 10.0.2.3 $port 2>&1)
+err=$(echo "should fail" | nsenter $(nsenter_flags $child) ncat -v 10.0.2.3 $port 2>&1)
 set -e
 echo $err | grep 'Connection timed out\|TIMEOUT'