2016-12-03 01:04:07 +00:00
|
|
|
package allocdir
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"io/ioutil"
|
|
|
|
|
"os"
|
|
|
|
|
"path/filepath"
|
|
|
|
|
"testing"
|
2017-01-12 19:15:31 +00:00
|
|
|
|
2022-03-15 12:42:43 +00:00
|
|
|
"github.com/hashicorp/nomad/ci"
|
2018-06-13 22:33:25 +00:00
|
|
|
"github.com/hashicorp/nomad/helper/testlog"
|
2016-12-03 01:04:07 +00:00
|
|
|
)
|
|
|
|
|
|
2018-03-12 18:26:37 +00:00
|
|
|
// Test that building a chroot will skip nonexistent directories.
|
|
|
|
|
func TestTaskDir_EmbedNonexistent(t *testing.T) {
|
2022-03-15 12:42:43 +00:00
|
|
|
ci.Parallel(t)
|
|
|
|
|
|
2016-12-03 01:04:07 +00:00
|
|
|
tmp, err := ioutil.TempDir("", "AllocDir")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("Couldn't create temp dir: %v", err)
|
|
|
|
|
}
|
|
|
|
|
defer os.RemoveAll(tmp)
|
|
|
|
|
|
2021-10-15 23:56:14 +00:00
|
|
|
d := NewAllocDir(testlog.HCLogger(t), tmp, "test")
|
2016-12-03 01:04:07 +00:00
|
|
|
defer d.Destroy()
|
|
|
|
|
td := d.NewTaskDir(t1.Name)
|
|
|
|
|
if err := d.Build(); err != nil {
|
|
|
|
|
t.Fatalf("Build() failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fakeDir := "/foobarbaz"
|
|
|
|
|
mapping := map[string]string{fakeDir: fakeDir}
|
|
|
|
|
if err := td.embedDirs(mapping); err != nil {
|
|
|
|
|
t.Fatalf("embedDirs(%v) should should skip %v since it does not exist", mapping, fakeDir)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Test that building a chroot copies files from the host into the task dir.
|
|
|
|
|
func TestTaskDir_EmbedDirs(t *testing.T) {
|
2022-03-15 12:42:43 +00:00
|
|
|
ci.Parallel(t)
|
|
|
|
|
|
2016-12-03 01:04:07 +00:00
|
|
|
tmp, err := ioutil.TempDir("", "AllocDir")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("Couldn't create temp dir: %v", err)
|
|
|
|
|
}
|
|
|
|
|
defer os.RemoveAll(tmp)
|
|
|
|
|
|
2021-10-15 23:56:14 +00:00
|
|
|
d := NewAllocDir(testlog.HCLogger(t), tmp, "test")
|
2016-12-03 01:04:07 +00:00
|
|
|
defer d.Destroy()
|
|
|
|
|
td := d.NewTaskDir(t1.Name)
|
|
|
|
|
if err := d.Build(); err != nil {
|
|
|
|
|
t.Fatalf("Build() failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Create a fake host directory, with a file, and a subfolder that contains
|
|
|
|
|
// a file.
|
|
|
|
|
host, err := ioutil.TempDir("", "AllocDirHost")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("Couldn't create temp dir: %v", err)
|
|
|
|
|
}
|
|
|
|
|
defer os.RemoveAll(host)
|
|
|
|
|
|
|
|
|
|
subDirName := "subdir"
|
|
|
|
|
subDir := filepath.Join(host, subDirName)
|
|
|
|
|
if err := os.MkdirAll(subDir, 0777); err != nil {
|
|
|
|
|
t.Fatalf("Failed to make subdir %v: %v", subDir, err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
file := "foo"
|
|
|
|
|
subFile := "bar"
|
|
|
|
|
if err := ioutil.WriteFile(filepath.Join(host, file), []byte{'a'}, 0777); err != nil {
|
2018-03-11 17:51:47 +00:00
|
|
|
t.Fatalf("Couldn't create file in host dir %v: %v", host, err)
|
2016-12-03 01:04:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := ioutil.WriteFile(filepath.Join(subDir, subFile), []byte{'a'}, 0777); err != nil {
|
2018-03-11 17:51:47 +00:00
|
|
|
t.Fatalf("Couldn't create file in host subdir %v: %v", subDir, err)
|
2016-12-03 01:04:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Create mapping from host dir to task dir.
|
|
|
|
|
taskDest := "bin/test/"
|
|
|
|
|
mapping := map[string]string{host: taskDest}
|
|
|
|
|
if err := td.embedDirs(mapping); err != nil {
|
|
|
|
|
t.Fatalf("embedDirs(%v) failed: %v", mapping, err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
exp := []string{filepath.Join(td.Dir, taskDest, file), filepath.Join(td.Dir, taskDest, subDirName, subFile)}
|
|
|
|
|
for _, f := range exp {
|
|
|
|
|
if _, err := os.Stat(f); os.IsNotExist(err) {
|
2017-08-07 21:13:05 +00:00
|
|
|
t.Fatalf("File %v not embedded: %v", f, err)
|
2016-12-03 01:04:07 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-01-12 19:15:31 +00:00
|
|
|
|
|
|
|
|
// Test that task dirs for image based isolation don't require root.
|
2017-01-18 19:28:34 +00:00
|
|
|
func TestTaskDir_NonRoot_Image(t *testing.T) {
|
2022-03-15 12:42:43 +00:00
|
|
|
ci.Parallel(t)
|
2017-01-12 19:15:31 +00:00
|
|
|
if os.Geteuid() == 0 {
|
|
|
|
|
t.Skip("test should be run as non-root user")
|
|
|
|
|
}
|
|
|
|
|
tmp, err := ioutil.TempDir("", "AllocDir")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("Couldn't create temp dir: %v", err)
|
|
|
|
|
}
|
|
|
|
|
defer os.RemoveAll(tmp)
|
|
|
|
|
|
2021-10-15 23:56:14 +00:00
|
|
|
d := NewAllocDir(testlog.HCLogger(t), tmp, "test")
|
2017-01-12 19:15:31 +00:00
|
|
|
defer d.Destroy()
|
|
|
|
|
td := d.NewTaskDir(t1.Name)
|
|
|
|
|
if err := d.Build(); err != nil {
|
|
|
|
|
t.Fatalf("Build() failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
2019-01-04 21:05:40 +00:00
|
|
|
if err := td.Build(false, nil); err != nil {
|
2017-01-12 19:15:31 +00:00
|
|
|
t.Fatalf("TaskDir.Build failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-01-18 19:28:34 +00:00
|
|
|
|
|
|
|
|
// Test that task dirs with no isolation don't require root.
|
|
|
|
|
func TestTaskDir_NonRoot(t *testing.T) {
|
2022-03-15 12:42:43 +00:00
|
|
|
ci.Parallel(t)
|
2017-01-18 19:28:34 +00:00
|
|
|
if os.Geteuid() == 0 {
|
|
|
|
|
t.Skip("test should be run as non-root user")
|
|
|
|
|
}
|
2022-03-15 12:42:43 +00:00
|
|
|
|
2017-01-18 19:28:34 +00:00
|
|
|
tmp, err := ioutil.TempDir("", "AllocDir")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("Couldn't create temp dir: %v", err)
|
|
|
|
|
}
|
|
|
|
|
defer os.RemoveAll(tmp)
|
|
|
|
|
|
2021-10-15 23:56:14 +00:00
|
|
|
d := NewAllocDir(testlog.HCLogger(t), tmp, "test")
|
2017-01-18 19:28:34 +00:00
|
|
|
defer d.Destroy()
|
|
|
|
|
td := d.NewTaskDir(t1.Name)
|
|
|
|
|
if err := d.Build(); err != nil {
|
|
|
|
|
t.Fatalf("Build() failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
2019-01-04 21:05:40 +00:00
|
|
|
if err := td.Build(false, nil); err != nil {
|
2017-01-18 19:28:34 +00:00
|
|
|
t.Fatalf("TaskDir.Build failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ${TASK_DIR}/alloc should not exist!
|
|
|
|
|
if _, err = os.Stat(td.SharedTaskDir); !os.IsNotExist(err) {
|
|
|
|
|
t.Fatalf("Expected a NotExist error for shared alloc dir in task dir: %q", td.SharedTaskDir)
|
|
|
|
|
}
|
|
|
|
|
}
|
