diff options
author | Ludovic Courtès <ludo@gnu.org> | 2020-02-11 12:13:14 +0100 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2020-02-11 12:33:35 +0100 |
commit | 1deca767be1b84b96633e317f3fcdd5165f95df3 (patch) | |
tree | 6ddc18cc2023ba35e419bb7f63f08a1e839cba2d | |
parent | 3d2f29382de2d0ee852745cc002dfe2b5d22e1c2 (diff) | |
download | guix-1deca767be1b84b96633e317f3fcdd5165f95df3.tar.gz |
syscalls: Re-enable 'pivot-root' test.
Fixes <https://bugs.gnu.org/25476>. Reported by Paul Garlick <pgarlick@tourbillion-technology.com>. * tests/syscalls.scm ("pivot-root"): Skip only when PERFORM-CONTAINER-TESTS? is true. Rewrite to use a socket pair instead of a pipe. Synchronize parent and child so that the parent can initialize the child's UID and GID mappings before continuing.
-rw-r--r-- | tests/syscalls.scm | 55 |
1 files changed, 31 insertions, 24 deletions
diff --git a/tests/syscalls.scm b/tests/syscalls.scm index 1b3121e503..7fe0cd1545 100644 --- a/tests/syscalls.scm +++ b/tests/syscalls.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2015 David Thompson <davet@gnu.org> ;;; ;;; This file is part of GNU Guix. @@ -161,29 +161,22 @@ (waitpid fork-pid) result)))))))) -;; XXX: Skip this test when running Linux > 4.7.5 to work around -;; <https://bugzilla.kernel.org/show_bug.cgi?id=183461>. -(when (or (not perform-container-tests?) - (version>? (utsname:release (uname)) "4.7.5") - - ;; Skip on Ubuntu's 4.4 kernels, which contain a backport of the - ;; faulty code: <https://bugs.gnu.org/25476>. - (member (utsname:release (uname)) - '("4.4.0-21-generic" "4.4.0-59-generic" - "4.4.0-116-generic"))) +(when (not perform-container-tests?) (test-skip 1)) (test-equal "pivot-root" - #t - (match (pipe) - ((in . out) + 'success! + (match (socketpair AF_UNIX SOCK_STREAM 0) + ((parent . child) (match (clone (logior CLONE_NEWUSER CLONE_NEWNS SIGCHLD)) (0 (dynamic-wind (const #t) (lambda () - (close in) + (close parent) (call-with-temporary-directory (lambda (root) + (display "ready\n" child) + (read child) ;wait for "go!" (let ((put-old (string-append root "/real-root"))) (mount "none" root "tmpfs") (mkdir put-old) @@ -192,18 +185,32 @@ (display "testing\n" port))) (pivot-root root put-old) ;; The test file should now be located inside the root directory. - (write (file-exists? "/test") out) - (close out))))) + (write (and (file-exists? "/test") 'success!) child) + (close child))))) (lambda () (primitive-exit 0)))) (pid - (close out) - (let ((result (read in))) - (close in) - (and (zero? (match (waitpid pid) - ((_ . status) - (status:exit-val status)))) - (eq? #t result)))))))) + (close child) + (match (read parent) + ('ready + ;; Set up the UID/GID mapping so that we can mkdir on the tmpfs: + ;; <https://bugzilla.kernel.org/show_bug.cgi?id=183461>. + (call-with-output-file (format #f "/proc/~d/setgroups" pid) + (lambda (port) + (display "deny" port))) + (call-with-output-file (format #f "/proc/~d/uid_map" pid) + (lambda (port) + (format port "0 ~d 1" (getuid)))) + (call-with-output-file (format #f "/proc/~d/gid_map" pid) + (lambda (port) + (format port "0 ~d 1" (getgid)))) + (display "go!\n" parent) + (let ((result (read parent))) + (close parent) + (and (zero? (match (waitpid pid) + ((_ . status) + (status:exit-val status)))) + result))))))))) (test-equal "scandir*, ENOENT" ENOENT |