-
Notifications
You must be signed in to change notification settings - Fork 23
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Let's get rid of mocklibc and replace it with a simple combination of mount & user namespaces + bind mount to replace the host's /etc with our own version. This means we don't $LD_PRELOAD the mocklibc DSO, but instead run each unit test through a very simple python wrapper that sets up a temporary user & mount namespace through the unshare() syscall, gains "fake" root using uid_map and gid_map, overmounts /etc in this new namespace (with our own custom test files), and then executes the test binary itself. Check user_namespaces(7) for more information about the namespace shenanigans.
- Loading branch information
Showing
13 changed files
with
66 additions
and
255 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
Binary file not shown.
Binary file not shown.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
79 changes: 0 additions & 79 deletions
79
test/polkitbackend/polkitbackendjsauthoritytest-wrapper.py
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
#!/usr/bin/env python3 | ||
|
||
import argparse | ||
import atexit | ||
import os | ||
import subprocess | ||
import sys | ||
|
||
import dbus | ||
import dbus.mainloop.glib | ||
import dbusmock | ||
|
||
|
||
def setup_test_namespace(data_dir): | ||
print(f"Test data dir: {data_dir}") | ||
|
||
# Setup a new mount & user namespace, so we can use mount() unprivileged (see user_namespaces(7)) | ||
euid = os.geteuid() | ||
egid = os.getegid() | ||
os.unshare(os.CLONE_NEWNS|os.CLONE_NEWUSER) | ||
# Map root to the original EUID and EGID, so we can actually call mount() inside our namespace | ||
with open("/proc/self/uid_map", "w") as f: | ||
f.write(f"0 {euid} 1") | ||
with open("/proc/self/setgroups", "w") as f: | ||
f.write("deny") | ||
with open("/proc/self/gid_map", "w") as f: | ||
f.write(f"0 {egid} 1") | ||
|
||
# Overmount /etc with our own version | ||
subprocess.check_call(["mount", "--bind", os.path.join(data_dir, "etc"), "/etc"]) | ||
|
||
if __name__ == "__main__": | ||
parser = argparse.ArgumentParser() | ||
parser.add_argument("test_executable", | ||
help="test executable to run in our own test namespace") | ||
parser.add_argument("--data-dir", type=str, required=True, | ||
help="path to test data directory (with our own /etc/{passwd,group,...} files)") | ||
parser.add_argument("--mock-dbus", action="store_true", | ||
help="set up a mock system D-Bus using dbusmock") | ||
args = parser.parse_args() | ||
|
||
setup_test_namespace(args.data_dir) | ||
|
||
if args.mock_dbus: | ||
dbus.mainloop.glib.DBusGMainLoop(set_as_default=True) | ||
dbusmock.DBusTestCase.start_system_bus() | ||
atexit.register(dbusmock.DBusTestCase.stop_dbus, dbusmock.DBusTestCase.system_bus_pid) | ||
|
||
print(f"Executing '{args.test_executable}'") | ||
sys.stdout.flush() | ||
os.environ["POLKIT_TEST_DATA"] = args.data_dir | ||
subprocess.check_call(args.test_executable, shell=True) |