From 977ca3ad83949e13a14f2c164727c67130f7c45e Mon Sep 17 00:00:00 2001 From: moriya Date: Sun, 11 Feb 2024 13:29:55 +0000 Subject: [PATCH] linux_mount_label integration test --- tests/contest/contest/src/main.rs | 3 ++ .../linux_mount_label_test.rs | 40 +++++++++++++++++++ .../src/tests/linux_mount_label/mod.rs | 2 + tests/contest/contest/src/tests/mod.rs | 1 + 4 files changed, 46 insertions(+) create mode 100644 tests/contest/contest/src/tests/linux_mount_label/linux_mount_label_test.rs create mode 100644 tests/contest/contest/src/tests/linux_mount_label/mod.rs diff --git a/tests/contest/contest/src/main.rs b/tests/contest/contest/src/main.rs index b1b81281fc..bd46699f20 100644 --- a/tests/contest/contest/src/main.rs +++ b/tests/contest/contest/src/main.rs @@ -7,6 +7,7 @@ use crate::tests::hooks::get_hooks_tests; use crate::tests::hostname::get_hostname_test; use crate::tests::intel_rdt::get_intel_rdt_test; use crate::tests::lifecycle::{ContainerCreate, ContainerLifecycle}; +use crate::tests::linux_mount_label::get_linux_mount_label_test; use crate::tests::linux_ns_itype::get_ns_itype_tests; use crate::tests::mounts_recursive::get_mounts_recursive_test; use crate::tests::pidfile::get_pidfile_test; @@ -107,6 +108,7 @@ fn main() -> Result<()> { let intel_rdt = get_intel_rdt_test(); let sysctl = get_sysctl_test(); let scheduler = get_scheduler_test(); + let linux_mount_label = get_linux_mount_label_test(); tm.add_test_group(Box::new(cl)); tm.add_test_group(Box::new(cc)); @@ -124,6 +126,7 @@ fn main() -> Result<()> { tm.add_test_group(Box::new(seccomp_notify)); tm.add_test_group(Box::new(ro_paths)); tm.add_test_group(Box::new(hostname)); + tm.add_test_group(Box::new(linux_mount_label)); tm.add_test_group(Box::new(mounts_recursive)); tm.add_test_group(Box::new(domainname)); tm.add_test_group(Box::new(intel_rdt)); diff --git a/tests/contest/contest/src/tests/linux_mount_label/linux_mount_label_test.rs b/tests/contest/contest/src/tests/linux_mount_label/linux_mount_label_test.rs new file mode 100644 index 0000000000..d0b5ff4dc7 --- /dev/null +++ b/tests/contest/contest/src/tests/linux_mount_label/linux_mount_label_test.rs @@ -0,0 +1,40 @@ +use test_framework::{Test, TestGroup, TestResult}; +use oci_spec::runtime::{LinuxBuilder, ProcessBuilder, Spec, SpecBuilder}; +use crate::utils::test_inside_container; + +fn create_spec(linux_mount_label: &str) -> Spec { + SpecBuilder::default() + .linux( + // Need to reset the read-only paths + LinuxBuilder::default() + .mount_label(linux_mount_label) + .readonly_paths(vec![]) + .build() + .expect("error in building linux config"), + ) + .process( + ProcessBuilder::default() + .build() + .expect("error in creating process config"), + ) + .build() + .unwrap() +} + +// here we have to manually create and manage the container +// as the test_inside container does not provide a way to set the pid file argument +fn test_linux_mount_label() -> TestResult { + let spec = create_spec("system_u:object_r:svirt_sandbox_file_t:s0:c715,c811"); + test_inside_container(spec, &|_| { + // As long as the container is created, we expect the hostname to be determined + // by the spec, so nothing to prepare prior. + Ok(()) + }) +} + +pub fn get_linux_mount_label_test() -> TestGroup { + let linux_mount_label = Test::new("linux_mount_label", Box::new(test_linux_mount_label)); + let mut tg = TestGroup::new("linux_mount_label"); + tg.add(vec![Box::new(linux_mount_label)]); + tg +} diff --git a/tests/contest/contest/src/tests/linux_mount_label/mod.rs b/tests/contest/contest/src/tests/linux_mount_label/mod.rs new file mode 100644 index 0000000000..bf9758d39c --- /dev/null +++ b/tests/contest/contest/src/tests/linux_mount_label/mod.rs @@ -0,0 +1,2 @@ +mod linux_mount_label_test; +pub use linux_mount_label_test::get_linux_mount_label_test; diff --git a/tests/contest/contest/src/tests/mod.rs b/tests/contest/contest/src/tests/mod.rs index 927fe07c11..ba06126208 100644 --- a/tests/contest/contest/src/tests/mod.rs +++ b/tests/contest/contest/src/tests/mod.rs @@ -5,6 +5,7 @@ pub mod hooks; pub mod hostname; pub mod intel_rdt; pub mod lifecycle; +pub mod linux_mount_label; pub mod linux_ns_itype; pub mod mounts_recursive; pub mod pidfile;