File: 058-sudo-systemd_create_scope2.py

package info (click to toggle)
libcgroup 3.1.0-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 6,764 kB
  • sloc: ansic: 14,997; cpp: 9,957; python: 8,340; sh: 5,194; yacc: 470; makefile: 400; lex: 38
file content (165 lines) | stat: -rwxr-xr-x 4,906 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
 
#!/usr/bin/env python3
# SPDX-License-Identifier: LGPL-2.1-only
#
# Create a systemd scope with an existing PID
#
# Copyright (c) 2023 Oracle and/or its affiliates.
# Author: Tom Hromatka <tom.hromatka@oracle.com>
#

from cgroup import CgroupVersion as CgroupCliVersion
from cgroup import Cgroup as CgroupCli
from libcgroup import Cgroup, Version
from systemd import Systemd
from process import Process
from run import RunError
import ftests
import consts
import utils
import stat
import sys
import os

pid = None
CGNAME = 'libcgtests.slice/058delegated.scope'

# Which controller isn't all that important, but it is important that we
# have a cgroup v2 controller
CONTROLLER = 'cpu'

# 0751
DIR_MODE = stat.S_IRWXU | stat.S_IRGRP | stat.S_IXGRP | stat.S_IXOTH
# 0644
CTRL_MODE = stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP | stat.S_IROTH
# 0775
TASK_MODE = stat.S_IRWXU | stat.S_IRWXG | stat.S_IXOTH

TASKS_UID = 2468
TASKS_GID = 3579
CTRL_UID = 4680
CTRL_GID = 5791


def prereqs(config):
    result = consts.TEST_PASSED
    cause = None

    if config.args.container:
        result = consts.TEST_SKIPPED
        cause = 'This test cannot be run within a container'
        return result, cause

    if CgroupCliVersion.get_version(CONTROLLER) != CgroupCliVersion.CGROUP_V2:
        result = consts.TEST_SKIPPED
        cause = 'This test requires cgroup v2'

    return result, cause


def setup(config):
    pass


def test(config):
    global pid

    result = consts.TEST_PASSED
    cause = None

    pid = config.process.create_process(config)

    cg = Cgroup(CGNAME, Version.CGROUP_V2)

    cg.add_controller(CONTROLLER)
    cg.set_permissions(DIR_MODE, CTRL_MODE, TASK_MODE)
    cg.set_uid_gid(TASKS_UID, TASKS_GID, CTRL_UID, CTRL_GID)

    cg.create_scope2(ignore_ownership=False, pid=pid)

    if not Systemd.is_delegated(config, os.path.basename(CGNAME)):
        result = consts.TEST_FAILED
        cause = 'Cgroup is not delegated'

    if not CgroupCli.is_controller_enabled(config, CGNAME, CONTROLLER):
        result = consts.TEST_FAILED
        tmp_cause = 'Controller {} is not enabled in the parent cgroup'.format(CONTROLLER)
        cause = '\n'.join(filter(None, [cause, tmp_cause]))

    dir_path = os.path.join(CgroupCli.get_controller_mount_point(CONTROLLER), CGNAME)

    dir_mode = utils.get_file_permissions(config, dir_path)
    if int(dir_mode, 8) != DIR_MODE:
        result = consts.TEST_FAILED
        tmp_cause = 'Expected directory mode to be {} but it\'s {}'.format(
                    format(DIR_MODE, '03o'), dir_mode)
        cause = '\n'.join(filter(None, [cause, tmp_cause]))

    ctrl_path = os.path.join(CgroupCli.get_controller_mount_point(CONTROLLER), CGNAME,
                             'cgroup.procs')

    ctrl_mode = utils.get_file_permissions(config, ctrl_path)
    if int(ctrl_mode, 8) != CTRL_MODE:
        result = consts.TEST_FAILED
        tmp_cause = 'Expected cgroup.procs mode to be {} but it\'s {}'.format(
                    format(CTRL_MODE, '03o'), ctrl_mode)
        cause = '\n'.join(filter(None, [cause, tmp_cause]))

    uid = utils.get_file_owner_uid(config, ctrl_path)
    if uid != CTRL_UID:
        result = consts.TEST_FAILED
        tmp_cause = 'Expected cgroup.procs owner to be {} but it\'s {}'.format(CTRL_UID, uid)
        cause = '\n'.join(filter(None, [cause, tmp_cause]))

    gid = utils.get_file_owner_gid(config, ctrl_path)
    if gid != CTRL_GID:
        result = consts.TEST_FAILED
        tmp_cause = 'Expected cgroup.procs group to be {} but it\'s {}'.format(CTRL_GID, gid)
        cause = '\n'.join(filter(None, [cause, tmp_cause]))

    return result, cause


def teardown(config, result):
    global pid

    Process.kill(config, pid)

    if result != consts.TEST_PASSED:
        # Something went wrong.  Let's force the removal of the cgroups just to be safe.
        # Note that this should remove the cgroup, but it won't remove it from systemd's
        # internal caches, so the system may not return to its 'pristine' prior-to-this-test
        # state
        try:
            CgroupCli.delete(config, None, CGNAME)
        except RunError:
            pass
    else:
        # There is no need to remove the scope.  systemd should automatically remove it
        # once there are no processes inside of it
        pass

    return consts.TEST_PASSED, None


def main(config):
    [result, cause] = prereqs(config)
    if result != consts.TEST_PASSED:
        return [result, cause]

    try:
        result = consts.TEST_FAILED
        setup(config)
        [result, cause] = test(config)
    finally:
        teardown(config, result)

    return [result, cause]


if __name__ == '__main__':
    config = ftests.parse_args()
    # this test was invoked directly.  run only it
    config.args.num = int(os.path.basename(__file__).split('-')[0])
    sys.exit(ftests.main(config))

# vim: set et ts=4 sw=4: