diff options
| author | Tiago Natel <t.nateldemoura@f5.com> | 2019-11-09 20:14:52 +0000 |
|---|---|---|
| committer | Tiago Natel <t.nateldemoura@f5.com> | 2019-11-09 20:14:52 +0000 |
| commit | 19b974674c1fdd8fc46eb0877d2a8ff8b794490d (patch) | |
| tree | 7d436f600dfe8a4bd7e66ff20be0b9ced6e48fb8 | |
| parent | 94a9162baa82809ec58a3d06ca3489c7e7fed6ed (diff) | |
| download | unit-19b974674c1fdd8fc46eb0877d2a8ff8b794490d.tar.gz unit-19b974674c1fdd8fc46eb0877d2a8ff8b794490d.tar.bz2 | |
Tests: fixed tests to run as root.
- The mode of testdir was changed to allow reading from other users/groups.
- The java multipart test now uploads the file into an app writable dir.
- The build directory was made readable for other users.
- The python environment test now uses the HOME env var instead of PWD
because the latter is not set by the root shell (/bin/sh) by default.
- The node `node_modules` directory now is copied into the `testdir` instead
of using symlinks.
| -rw-r--r-- | test/test_go_isolation.py | 33 | ||||
| -rw-r--r-- | test/test_java_application.py | 21 | ||||
| -rw-r--r-- | test/test_python_environment.py | 16 | ||||
| -rw-r--r-- | test/unit/applications/lang/node.py | 6 | ||||
| -rw-r--r-- | test/unit/main.py | 21 |
5 files changed, 72 insertions, 25 deletions
diff --git a/test/test_go_isolation.py b/test/test_go_isolation.py index ee5ddf47..a937c7a5 100644 --- a/test/test_go_isolation.py +++ b/test/test_go_isolation.py @@ -1,4 +1,5 @@ -import os +import pwd +import grp import json import unittest from unit.applications.lang.go import TestApplicationGo @@ -45,38 +46,50 @@ class TestGoIsolation(TestApplicationGo): raise unittest.SkipTest() self.load('ns_inspect') + + user_id = pwd.getpwnam('nobody').pw_uid + + try: + group_id = grp.getgrnam('nogroup').gr_gid + except: + group_id = grp.getgrnam('nobody').gr_gid + obj = self.isolation.parsejson(self.get()['body']) self.assertTrue(obj['UID'] != 0, 'uid not zero') self.assertTrue(obj['GID'] != 0, 'gid not zero') - self.assertEqual(obj['UID'], os.getuid(), 'uid match') - self.assertEqual(obj['GID'], os.getgid(), 'gid match') + + if self.is_su: + self.assertEqual(obj['UID'], user_id, 'uid match') + self.assertEqual(obj['GID'], group_id, 'gid match') + else: + self.assertEqual(obj['UID'], self.uid, 'uid match') + self.assertEqual(obj['GID'], self.gid, 'gid match') self.conf_isolation({"namespaces": {"credential": True}}) obj = self.isolation.parsejson(self.get()['body']) # default uid and gid maps current user to nobody - self.assertEqual(obj['UID'], 65534, 'uid nobody') - self.assertEqual(obj['GID'], 65534, 'gid nobody') + self.assertEqual(obj['UID'], user_id, 'uid nobody') + self.assertEqual(obj['GID'], group_id, 'gid nobody') self.conf_isolation( { "namespaces": {"credential": True}, "uidmap": [ - {"container": 1000, "host": os.geteuid(), "size": 1} + {"container": user_id, "host": self.uid, "size": 1} ], "gidmap": [ - {"container": 1000, "host": os.getegid(), "size": 1} + {"container": group_id, "host": self.gid, "size": 1} ], } ) obj = self.isolation.parsejson(self.get()['body']) - # default uid and gid maps current user to root - self.assertEqual(obj['UID'], 1000, 'uid root') - self.assertEqual(obj['GID'], 1000, 'gid root') + self.assertEqual(obj['UID'], user_id, 'uid match') + self.assertEqual(obj['GID'], group_id, 'gid match') def test_isolation_mnt(self): if not self.isolation_key('mnt'): diff --git a/test/test_java_application.py b/test/test_java_application.py index 2e937718..d2b97f88 100644 --- a/test/test_java_application.py +++ b/test/test_java_application.py @@ -1,3 +1,4 @@ +import os import time import unittest from unit.applications.lang.java import TestApplicationJava @@ -1217,7 +1218,13 @@ class TestJavaApplication(TestApplicationJava): def test_java_application_multipart(self): self.load('multipart') - body = """Preamble. Should be ignored.\r + reldst = '/uploads' + fulldst = self.testdir + reldst + os.mkdir(fulldst) + self.public_dir(fulldst) + + body = ( + """Preamble. Should be ignored.\r \r --12345\r Content-Disposition: form-data; name="file"; filename="sample.txt"\r @@ -1234,7 +1241,9 @@ Content-Disposition: form-data; name="upload"\r Upload\r --12345--\r \r -Epilogue. Should be ignored.""" % self.testdir +Epilogue. Should be ignored.""" + % fulldst + ) resp = self.post( headers={ @@ -1246,9 +1255,13 @@ Epilogue. Should be ignored.""" % self.testdir ) self.assertEqual(resp['status'], 200, 'multipart status') - self.assertRegex(resp['body'], r'sample\.txt created', 'multipart body') + self.assertRegex( + resp['body'], r'sample\.txt created', 'multipart body' + ) self.assertIsNotNone( - self.search_in_log(r'^Data from sample file$', name='sample.txt'), + self.search_in_log( + r'^Data from sample file$', name=reldst + '/sample.txt' + ), 'file created', ) diff --git a/test/test_python_environment.py b/test/test_python_environment.py index fe0baa13..f808f795 100644 --- a/test/test_python_environment.py +++ b/test/test_python_environment.py @@ -136,27 +136,27 @@ class TestPythonEnvironment(TestApplicationPython): def test_python_environment_replace_default(self): self.load('environment') - pwd_default = self.get( + home_default = self.get( headers={ 'Host': 'localhost', - 'X-Variables': 'PWD', + 'X-Variables': 'HOME', 'Connection': 'close', } )['body'] - self.assertGreater(len(pwd_default), 1, 'get default') + self.assertGreater(len(home_default), 1, 'get default') - self.conf({"PWD": "new/pwd"}, 'applications/environment/environment') + self.conf({"HOME": "/"}, 'applications/environment/environment') self.assertEqual( self.get( headers={ 'Host': 'localhost', - 'X-Variables': 'PWD', + 'X-Variables': 'HOME', 'Connection': 'close', } )['body'], - 'new/pwd,', + '/,', 'replace default', ) @@ -166,11 +166,11 @@ class TestPythonEnvironment(TestApplicationPython): self.get( headers={ 'Host': 'localhost', - 'X-Variables': 'PWD', + 'X-Variables': 'HOME', 'Connection': 'close', } )['body'], - pwd_default, + home_default, 'restore default', ) diff --git a/test/unit/applications/lang/node.py b/test/unit/applications/lang/node.py index 3cc72669..f2752321 100644 --- a/test/unit/applications/lang/node.py +++ b/test/unit/applications/lang/node.py @@ -22,13 +22,15 @@ class TestApplicationNode(TestApplicationProto): self.current_dir + '/node/' + script, self.testdir + '/node' ) - # link modules + # copy modules - os.symlink( + shutil.copytree( self.pardir + '/node/node_modules', self.testdir + '/node/node_modules', ) + self.public_dir(self.testdir + '/node') + self._load_conf( { "listeners": {"*:7080": {"pass": "applications/" + script}}, diff --git a/test/unit/main.py b/test/unit/main.py index 094fdb0e..ea6afd7f 100644 --- a/test/unit/main.py +++ b/test/unit/main.py @@ -1,6 +1,7 @@ import os import re import sys +import stat import time import fcntl import shutil @@ -20,6 +21,9 @@ class TestUnit(unittest.TestCase): pardir = os.path.abspath( os.path.join(os.path.dirname(__file__), os.pardir, os.pardir) ) + is_su = os.geteuid() == 0 + uid = os.geteuid() + gid = os.getegid() architecture = platform.architecture()[0] system = platform.system() maxDiff = None @@ -188,13 +192,19 @@ class TestUnit(unittest.TestCase): self.stop_processes() def _run(self): - self.unitd = self.pardir + '/build/unitd' + build_dir = self.pardir + '/build' + self.unitd = build_dir + '/unitd' if not os.path.isfile(self.unitd): exit("Could not find unit") self.testdir = tempfile.mkdtemp(prefix='unit-test-') + self.public_dir(self.testdir) + + if oct(stat.S_IMODE(os.stat(build_dir).st_mode)) != '0o777': + self.public_dir(build_dir) + os.mkdir(self.testdir + '/state') print() @@ -328,6 +338,15 @@ class TestUnit(unittest.TestCase): return ret + def public_dir(self, path): + os.chmod(path, 0o777) + + for root, dirs, files in os.walk(path): + for d in dirs: + os.chmod(os.path.join(root, d), 0o777) + for f in files: + os.chmod(os.path.join(root, f), 0o777) + @staticmethod def _parse_args(): parser = argparse.ArgumentParser(add_help=False) |