]> git.ipfire.org Git - thirdparty/systemd.git/blame - test/TEST-13-NSPAWN-SMOKE/test.sh
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #11827 from keszybz/pkgconfig-variables
[thirdparty/systemd.git] / test / TEST-13-NSPAWN-SMOKE / test.sh
CommitLineData
c7934185
EV		 1#!/bin/bash
2# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
3# ex: ts=8 sw=4 sts=4 et filetype=sh
818567fc 4set -e
c7934185 5TEST_DESCRIPTION="systemd-nspawn smoke test"
054ee249 6TEST_NO_NSPAWN=1
c2d4da00 7
c7934185
EV		 8. $TEST_BASE_DIR/test-functions
9
c7934185
EV		 10test_setup() {
11 create_empty_image
12 mkdir -p $TESTDIR/root
13 mount ${LOOPDEV}p1 $TESTDIR/root
14
15 # Create what will eventually be our root filesystem onto an overlay
16 (
17 LOG_LEVEL=5
18 eval $(udevadm info --export --query=env --name=${LOOPDEV}p2)
19
20 setup_basic_environment
67f5c0c7 21 dracut_install busybox chmod rmdir unshare ip sysctl
c7934185 22
056ae881
YW		 23 # mask some services that we do not want to run in these tests
24 ln -fs /dev/null $initdir/etc/systemd/system/systemd-hwdb-update.service
25 ln -fs /dev/null $initdir/etc/systemd/system/systemd-journal-catalog-update.service
26 ln -fs /dev/null $initdir/etc/systemd/system/systemd-networkd.service
27 ln -fs /dev/null $initdir/etc/systemd/system/systemd-networkd.socket
28 ln -fs /dev/null $initdir/etc/systemd/system/systemd-resolved.service
29 ln -fs /dev/null $initdir/etc/systemd/system/systemd-machined.service
30
c7934185
EV		 31 cp create-busybox-container $initdir/
32
9bcef206 33 ./create-busybox-container $initdir/nc-container
f3d33947 34 initdir="$initdir/nc-container" dracut_install nc ip
9bcef206 35
c7934185
EV		 36 # setup the testsuite service
37 cat >$initdir/etc/systemd/system/testsuite.service <<EOF
38[Unit]
39Description=Testsuite service
c7934185
EV		 40
41[Service]
42ExecStart=/test-nspawn.sh
43Type=oneshot
f3d33947
ILG		 44StandardOutput=tty
45StandardError=tty
c7934185
EV		 46EOF
47
48 cat >$initdir/test-nspawn.sh <<'EOF'
49#!/bin/bash
50set -x
51set -e
52set -u
53set -o pipefail
54
55export SYSTEMD_LOG_LEVEL=debug
56
57# check cgroup-v2
58is_v2_supported=no
59mkdir -p /tmp/cgroup2
60if mount -t cgroup2 cgroup2 /tmp/cgroup2; then
61 is_v2_supported=yes
62 umount /tmp/cgroup2
63fi
64rmdir /tmp/cgroup2
65
66# check cgroup namespaces
67is_cgns_supported=no
68if [[ -f /proc/1/ns/cgroup ]]; then
69 is_cgns_supported=yes
70fi
71
8e391ada 72is_user_ns_supported=no
67f5c0c7
FS		 73# On some systems (e.g. CentOS 7) the default limit for user namespaces
74# is set to 0, which causes the following unshare syscall to fail, even
75# with enabled user namespaces support. By setting this value explicitly
76# we can ensure the user namespaces support to be detected correctly.
77sysctl -w user.max_user_namespaces=10000
8e391ada
EV		 78if unshare -U sh -c :; then
79 is_user_ns_supported=yes
80fi
81
c9fd9872
EV		 82function check_bind_tmp_path {
83 # https://github.com/systemd/systemd/issues/4789
84 local _root="/var/lib/machines/bind-tmp-path"
85 /create-busybox-container "$_root"
86 >/tmp/bind
87 systemd-nspawn --register=no -D "$_root" --bind=/tmp/bind /bin/sh -c 'test -e /tmp/bind'
88}
89
9bcef206
EV		 90function check_notification_socket {
91 # https://github.com/systemd/systemd/issues/4944
92 local _cmd='echo a | $(busybox which nc) -U -u -w 1 /run/systemd/nspawn/notify'
93 systemd-nspawn --register=no -D /nc-container /bin/sh -x -c "$_cmd"
94 systemd-nspawn --register=no -D /nc-container -U /bin/sh -x -c "$_cmd"
95}
96
c7934185
EV		 97function run {
98 if [[ "$1" = "yes" && "$is_v2_supported" = "no" ]]; then
99 printf "Unified cgroup hierarchy is not supported. Skipping.\n" >&2
100 return 0
101 fi
102 if [[ "$2" = "yes" && "$is_cgns_supported" = "no" ]]; then
103 printf "Cgroup namespaces are not supported. Skipping.\n" >&2
104 return 0
105 fi
106
8e391ada 107 local _root="/var/lib/machines/unified-$1-cgns-$2-api-vfs-writable-$3"
c7934185 108 /create-busybox-container "$_root"
8e391ada
EV		 109 UNIFIED_CGROUP_HIERARCHY="$1" SYSTEMD_NSPAWN_USE_CGNS="$2" SYSTEMD_NSPAWN_API_VFS_WRITABLE="$3" systemd-nspawn --register=no -D "$_root" -b
110 UNIFIED_CGROUP_HIERARCHY="$1" SYSTEMD_NSPAWN_USE_CGNS="$2" SYSTEMD_NSPAWN_API_VFS_WRITABLE="$3" systemd-nspawn --register=no -D "$_root" --private-network -b
111
112 if UNIFIED_CGROUP_HIERARCHY="$1" SYSTEMD_NSPAWN_USE_CGNS="$2" SYSTEMD_NSPAWN_API_VFS_WRITABLE="$3" systemd-nspawn --register=no -D "$_root" -U -b; then
113 [[ "$is_user_ns_supported" = "yes" && "$3" = "network" ]] && return 1
114 else
115 [[ "$is_user_ns_supported" = "no" && "$3" = "network" ]] && return 1
116 fi
117
118 if UNIFIED_CGROUP_HIERARCHY="$1" SYSTEMD_NSPAWN_USE_CGNS="$2" SYSTEMD_NSPAWN_API_VFS_WRITABLE="$3" systemd-nspawn --register=no -D "$_root" --private-network -U -b; then
119 [[ "$is_user_ns_supported" = "yes" && "$3" = "yes" ]] && return 1
120 else
121 [[ "$is_user_ns_supported" = "no" && "$3" = "yes" ]] && return 1
122 fi
c7934185 123
25fd8143
DP		 124 local _netns_opt="--network-namespace-path=/proc/self/ns/net"
125
126 # --network-namespace-path and network-related options cannot be used together
127 if UNIFIED_CGROUP_HIERARCHY="$1" SYSTEMD_NSPAWN_USE_CGNS="$2" SYSTEMD_NSPAWN_API_VFS_WRITABLE="$3" systemd-nspawn --register=no -D "$_root" "$_netns_opt" --network-interface=lo -b; then
128 return 1
129 fi
130
131 if UNIFIED_CGROUP_HIERARCHY="$1" SYSTEMD_NSPAWN_USE_CGNS="$2" SYSTEMD_NSPAWN_API_VFS_WRITABLE="$3" systemd-nspawn --register=no -D "$_root" "$_netns_opt" --network-macvlan=lo -b; then
132 return 1
133 fi
134
135 if UNIFIED_CGROUP_HIERARCHY="$1" SYSTEMD_NSPAWN_USE_CGNS="$2" SYSTEMD_NSPAWN_API_VFS_WRITABLE="$3" systemd-nspawn --register=no -D "$_root" "$_netns_opt" --network-ipvlan=lo -b; then
136 return 1
137 fi
138
139 if UNIFIED_CGROUP_HIERARCHY="$1" SYSTEMD_NSPAWN_USE_CGNS="$2" SYSTEMD_NSPAWN_API_VFS_WRITABLE="$3" systemd-nspawn --register=no -D "$_root" "$_netns_opt" --network-veth -b; then
140 return 1
141 fi
142
143 if UNIFIED_CGROUP_HIERARCHY="$1" SYSTEMD_NSPAWN_USE_CGNS="$2" SYSTEMD_NSPAWN_API_VFS_WRITABLE="$3" systemd-nspawn --register=no -D "$_root" "$_netns_opt" --network-veth-extra=lo -b; then
144 return 1
145 fi
146
147 if UNIFIED_CGROUP_HIERARCHY="$1" SYSTEMD_NSPAWN_USE_CGNS="$2" SYSTEMD_NSPAWN_API_VFS_WRITABLE="$3" systemd-nspawn --register=no -D "$_root" "$_netns_opt" --network-bridge=lo -b; then
148 return 1
149 fi
150
151 if UNIFIED_CGROUP_HIERARCHY="$1" SYSTEMD_NSPAWN_USE_CGNS="$2" SYSTEMD_NSPAWN_API_VFS_WRITABLE="$3" systemd-nspawn --register=no -D "$_root" "$_netns_opt" --network-zone=zone -b; then
152 return 1
153 fi
154
155 if UNIFIED_CGROUP_HIERARCHY="$1" SYSTEMD_NSPAWN_USE_CGNS="$2" SYSTEMD_NSPAWN_API_VFS_WRITABLE="$3" systemd-nspawn --register=no -D "$_root" "$_netns_opt" --private-network -b; then
156 return 1
157 fi
158
f3d33947
ILG		 159 # test --network-namespace-path works with a network namespace created by "ip netns"
160 ip netns add nspawn_test
161 _netns_opt="--network-namespace-path=/run/netns/nspawn_test"
c4b0c459 162 UNIFIED_CGROUP_HIERARCHY="$1" SYSTEMD_NSPAWN_USE_CGNS="$2" SYSTEMD_NSPAWN_API_VFS_WRITABLE="$3" systemd-nspawn --register=no -D "$_root" "$_netns_opt" /bin/ip a | grep -v -E '^1: lo.*UP'
f3d33947
ILG		 163 local r=$?
164 ip netns del nspawn_test
165
166 if [ $r -ne 0 ]; then
167 return 1
168 fi
169
c7934185
EV		 170 return 0
171}
172
c9fd9872
EV		 173check_bind_tmp_path
174
9bcef206
EV		 175check_notification_socket
176
8e391ada
EV		 177for api_vfs_writable in yes no network; do
178 run no no $api_vfs_writable
179 run yes no $api_vfs_writable
180 run no yes $api_vfs_writable
181 run yes yes $api_vfs_writable
182done
c7934185
EV		 183
184touch /testok
185EOF
186
187 chmod 0755 $initdir/test-nspawn.sh
188 setup_testsuite
189 ) || return 1
190
191 ddebug "umount $TESTDIR/root"
192 umount $TESTDIR/root
193}
194
c7934185 195do_test "$@"
Unnamed repository; edit this file 'description' to name the repository.