File: spec_linux_test.go

package info (click to toggle)
singularity-container 4.1.5%2Bds4-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 43,876 kB
  • sloc: asm: 14,840; sh: 3,190; ansic: 1,751; awk: 414; makefile: 413; python: 99
file content (112 lines) | stat: -rw-r--r-- 2,824 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
 
// Copyright (c) 2022, Sylabs Inc. All rights reserved.
// This software is licensed under a 3-clause BSD license. Please consult the
// LICENSE.md file distributed with the sources of this project regarding your
// rights to use or distribute this software.

package oci

import (
	"reflect"
	"testing"

	"github.com/opencontainers/runtime-spec/specs-go"
	"github.com/sylabs/singularity/v4/internal/pkg/runtime/launcher"
	"github.com/sylabs/singularity/v4/internal/pkg/test"
	"github.com/sylabs/singularity/v4/internal/pkg/util/bin"
	"gotest.tools/v3/assert"
)

func Test_addNamespaces(t *testing.T) {
	test.DropPrivilege(t)
	defer test.ResetPrivilege(t)

	defaultPlusPID := append(defaultNamespaces,
		specs.LinuxNamespace{Type: specs.PIDNamespace})
	defaultPlusNetPID := append(defaultNamespaces,
		specs.LinuxNamespace{Type: specs.NetworkNamespace},
		specs.LinuxNamespace{Type: specs.PIDNamespace})
	defaultPlusPIDUTS := append(defaultNamespaces,
		specs.LinuxNamespace{Type: specs.PIDNamespace},
		specs.LinuxNamespace{Type: specs.UTSNamespace})

	tests := []struct {
		name   string
		ns     launcher.Namespaces
		wantNS []specs.LinuxNamespace
	}{
		{
			name:   "none",
			ns:     launcher.Namespaces{},
			wantNS: defaultPlusPID,
		},
		{
			name:   "nopid",
			ns:     launcher.Namespaces{NoPID: true},
			wantNS: defaultNamespaces,
		},
		{
			name:   "pid",
			ns:     launcher.Namespaces{PID: true},
			wantNS: defaultPlusPID,
		},
		{
			name:   "ipc",
			ns:     launcher.Namespaces{IPC: true},
			wantNS: defaultPlusPID,
		},
		{
			name:   "user",
			ns:     launcher.Namespaces{User: true},
			wantNS: defaultPlusPID,
		},
		{
			name:   "net",
			ns:     launcher.Namespaces{Net: true},
			wantNS: defaultPlusNetPID,
		},
		{
			name:   "uts",
			ns:     launcher.Namespaces{UTS: true},
			wantNS: defaultPlusPIDUTS,
		},
	}

	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			ms := minimalSpec()
			spec := &ms
			err := addNamespaces(spec, tt.ns)
			if err != nil {
				t.Errorf("addNamespaces() returned an unexpected error: %v", err)
			}
			newNS := spec.Linux.Namespaces
			if !reflect.DeepEqual(newNS, tt.wantNS) {
				t.Errorf("addNamespaces() got %v, want %v", newNS, tt.wantNS)
			}
		})
	}
}

func Test_noSetgroupsAnnotation(t *testing.T) {
	ms := minimalSpec()

	gotErr := noSetgroupsAnnotation(&ms)

	// crun case - no error, expect annotation
	if _, err := bin.FindBin("crun"); err == nil {
		if err != nil {
			t.Errorf("noSetgroupsAnnotation returned unexpected error when crun available: %s", err)
		}
		assert.DeepEqual(t, ms.Annotations,
			map[string]string{
				"run.oci.keep_original_groups": "1",
			},
		)
		return
	}

	// Otherwise, expect an error
	if gotErr == nil {
		t.Errorf("noSetgroupsAnnotation returned unexpected success when crun not available")
	}
}