utils

package
v0.0.0-...-37033d0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 1, 2021 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Overview

Package utils provides support code for the sandboxfs integration tests.

Index

Constants

This section is empty.

Variables

View Source 
var MissingXattrErr = unix.ENODATA

MissingXattrErr is the errno we expect on a getxattr call for a missing extended attribute.

View Source 
var ZeroBtime = time.Date(0, 0, 0, 0, 0, 0, 0, time.Local)

ZeroBtime indicates that the given timestamp could not be queried.

Functions

func Atime 

func Atime(s *syscall.Stat_t) time.Time

Atime obtains the access time from a system-specific stat structure.

func Btime 

func Btime(path string) (time.Time, error)

Btime obtains the birth time from a system-specific stat structure.

func CreateFileAsUser 

func CreateFileAsUser(path string, user *UnixUser) error

CreateFileAsUser creates the given file, running the operation as the given user.

func Ctime 

func Ctime(s *syscall.Stat_t) time.Time

Ctime obtains the inode change time from a system-specific stat structure.

func DirEntryNamesEqual 

func DirEntryNamesEqual(path string, wantNames []string) error

DirEntryNamesEqual checks if the names of the entries in the given directory match the expected names in the given slice. The list of expected entries needs to be sorted alphabetically.

func DirEquals 

func DirEquals(path1 string, path2 string) error

DirEquals checks if the contents of two directories are the same. The equality check is based on the directory entry names and their modes.

func FileEquals 

func FileEquals(path string, wantContents string) error

FileEquals checks if a file matches the expected contents.

func FileExistsAsUser 

func FileExistsAsUser(path string, user *UnixUser) error

FileExistsAsUser checks if the given path is accessible by the given user. The user may be nil, in which case the current user is assumed.

func MatchesRegexp 

func MatchesRegexp(pattern string, s string) bool

MatchesRegexp returns true if the given string s matches the pattern.

func MkdirAsUser 

func MkdirAsUser(path string, user *UnixUser) error

MkdirAsUser creates the given directory, running the operation as the given user.

func MkfifoAsUser 

func MkfifoAsUser(path string, user *UnixUser) error

MkfifoAsUser creates the given named pipe, running the operation as the given user.

func MoveAsUser 

func MoveAsUser(source string, target string, user *UnixUser) error

MoveAsUser moves the given file, running the operation as the given user.

func Mtime 

func Mtime(s *syscall.Stat_t) time.Time

Mtime obtains the modification time from a system-specific stat structure.

func MustMkdirAll 

func MustMkdirAll(t *testing.T, path string, perm os.FileMode)

MustMkdirAll wraps os.MkdirAll and immediately fails the test case on failure. This is purely syntactic sugar to keep test setup short and concise. 

func MustSymlink(t *testing.T, target string, path string)

MustSymlink wraps os.Symlink and immediately fails the test case on failure. This is purely syntactic sugar to keep test setup short and concise.

Note that, compared to the other *OrFatal operations, this one does not take file permissions into account because Linux does not have an lchmod(2) system call, nor Go offers a mechanism to call it on the systems that support it.

func MustWriteFile 

func MustWriteFile(t *testing.T, path string, perm os.FileMode, contents string)

MustWriteFile wraps ioutil.WriteFile and immediately fails the test case on failure. This is purely syntactic sugar to keep test setup short and concise.

func RunAndWait 

func RunAndWait(wantExitStatus int, arg ...string) (string, string, error)

RunAndWait invokes sandboxfs with the given arguments and waits for termination.

TODO(jmmv): We should extend this function to also take what the expectations are on stdout and stderr to remove a lot of boilerplate from the tests... but we should probably wait until Go's 1.9 t.Helper() feature is available so that we can actually report failures/errors from here.

func SetConfigFromFlags 

func SetConfigFromFlags(rawFeatures string, releaseBinary bool, rawSandboxfsBinary string, unprivilegedUserName string) error

SetConfigFromFlags initializes the test configuration based on the raw values provided by the user on the command line. Returns an error if any of those values is incorrect.

func SetCredential 

func SetCredential(cmd *exec.Cmd, user *UnixUser)

SetCredential updates the spawn attributes of the given command to execute such command under the credentials of the given user.

For the simplicity of the caller, the attributes are not modified if the given user is nil or if the given user matches the current user.

func SymlinkAsUser 

func SymlinkAsUser(target string, path string, user *UnixUser) error

SymlinkAsUser creates the given symlink, running the operation as the given user.

func Unmount 

func Unmount(path string) error

Unmount unmounts the given file system.

func WriteErrorForUnwritableNode 

func WriteErrorForUnwritableNode() error

WriteErrorForUnwritableNode returns the expected error for operations that cannot succeed on unwritable nodes.

Unwritable nodes have read-only permissions. Because we use default_permissions when mounting the daemon, the kernel performs access checks on its own based on those. For unprivileged users, the kernel denies access and returns EACCES without even calling the FUSE handler for the desired write operation. However, when running as root, the kernel bypasses this check and ends up calling the operation, which then fails with EPERM. This function computes the expected error code based on this logic.

Types

type Config 

type Config struct {
	// Features contains the set of features enabled during the build.  This represents a set
	// and therefore the values in the map are meaningless.
	Features map[string]bool

	// ReleaseBinary is true if the binary provided in SandboxfsBinary was built in release
	// mode, false otherwise.
	ReleaseBinary bool

	// SandboxfsBinary contains the absolute path to the sandboxfs binary to test.
	SandboxfsBinary string

	// UnprivilegedUser is a non-root user to use when the integration tests are run as root,
	// by those tests that require dropping privileges.  May be nil, in which case those tests
	// are skipped.
	UnprivilegedUser *UnixUser
}

Config represents the configuration for the integration tests as provided in the command line.

func GetConfig 

func GetConfig() *Config

GetConfig returns the singleon instance of the test configuration.

type MountState 

type MountState struct {
	// Cmd holds the handle for the running sandboxfs instance.  Can be used by tests to get
	// access to the input and output of the process.
	Cmd *exec.Cmd

	// Stdin is the pipe connected to sandboxfs's stdin.  Most tests don't need to communicate
	// with the sandboxfs process via stdin, so it's fine to just ignore this.
	Stdin io.WriteCloser
	// contains filtered or unexported fields
}

MountState holds runtime information for tests that execute sandboxfs in the background and need to interact with a temporary directory where external files can be placed, and with the mount point.

func MountSetup 

func MountSetup(t *testing.T, args ...string) *MountState

MountSetup initializes a test that runs sandboxfs in the background with default settings.

This is essentially the same as mountSetupFull with stdout and stderr set to the caller's outputs and with rootSetup and the user set to nil. See the documentation for this other function for further details.

func MountSetupWithOutputs 

func MountSetupWithOutputs(t *testing.T, stdout io.Writer, stderr io.Writer, args ...string) *MountState

MountSetupWithOutputs initializes a test that runs sandboxfs in the background with output redirections.

This is essentially the same as mountSetupFull with stdout and stderr set to the caller's provided values and with rootSetup and the user set to nil. See the documentation for this other function for further details.

func MountSetupWithRootSetup 

func MountSetupWithRootSetup(t *testing.T, rootSetup func(string) error, args ...string) *MountState

MountSetupWithRootSetup initializes a test that runs sandboxfs in the background and provides a mechanism to configure the root directory before sandboxfs is started.

This is essentially the same as mountSetupFull with stdout and stderr set to the caller's outputs and with the user set to nil. See the documentation for this other function for further details.

func MountSetupWithUser 

func MountSetupWithUser(t *testing.T, user *UnixUser, args ...string) *MountState

MountSetupWithUser initializes a test that runs sandboxfs in the background with different credentials.

This is essentially the same as mountSetupFull with stdout and stderr set to the caller's outputs, with rootSetup set to nil, and with the user set to the given value. See the documentation for this other function for further details.

func (*MountState) MountPath 

func (s *MountState) MountPath(arg ...string) string

MountPath joins all the given path components and constructs an absolute path within the test's mount point.

func (*MountState) RootPath 

func (s *MountState) RootPath(arg ...string) string

RootPath joins all the given path components and constructs an absolute path within the directory where the test can place files that will later be remapped into the sandbox.

func (*MountState) TearDown 

func (s *MountState) TearDown(t *testing.T) error

TearDown unmounts the sandboxfs instance and cleans up any test files.

Similarly to MountSetup, TearDown takes a testing.T object. The reason here is slightly different though: because TearDown is scheduled to run with "defer", we require a mechanism to report test failures if any cleanup action fails, so getting access to the testing.T object as an argument is the simplest way of doing so.

If tests wish to control the shutdown of the sandboxfs process, they can do so, but then they must set s.Cmd to nil to tell TearDown to not clean up the process a second time. The same applies to s.Stdin.

If tests wish to check if TearDown returned an error, they can do so by avoiding the recommended use of "defer". Note, though, that such tests will only receive the first error encountered by this function, and that the function will run to completion even if there were failures.

func (*MountState) TempPath 

func (s *MountState) TempPath(arg ...string) string

TempPath joins all the given path components and constructs an absolute path to the base temporary directory of the test. Tests should rarely need to use this and should prefer the use of MountPath and RootPath.

type UnixUser 

type UnixUser struct {
	// Username is the login name.
	Username string
	// UID is the numeric user identifier.
	UID int
	// GID is the numeric group identifier.
	GID int
	// Groups is the list of secondary groups this user belongs to.
	Groups []int
}

UnixUser represents a Unix user account. This differs from the standard user.User in that the values of the fields here are in integer form as is customary in Unix.

func LookupUID 

func LookupUID(uid int) (*UnixUser, error)

LookupUID looks up a user by UID.

func LookupUser 

func LookupUser(name string) (*UnixUser, error)

LookupUser looks up a user by username.

func LookupUserOtherThan 

func LookupUserOtherThan(username ...string) (*UnixUser, error)

LookupUserOtherThan searches for a user whose username is different than all given ones.

func RequireRoot 

func RequireRoot(t *testing.T, skipReason string) *UnixUser

RequireRoot checks if the test is running as root and skips the test with the given reason otherwise.

func (*UnixUser) String 

func (u *UnixUser) String() string

String formats the user details for display.

func (*UnixUser) ToCredential 

func (u *UnixUser) ToCredential() *syscall.Credential

ToCredential converts the user details to a credential usable by exec.Cmd.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.