test(m, "exec-privatenetwork-yes-privatemounts-yes.service", status, CLD_EXITED);
}
+static void test_exec_networknamespacepath(Manager *m) {
+ int r;
+
+ r = find_executable("ip", NULL);
+ if (r < 0) {
+ log_notice_errno(r, "Skipping %s, could not find ip binary: %m", __func__);
+ return;
+ }
+
+ test(m, "exec-networknamespacepath-privatemounts-no.service", MANAGER_IS_SYSTEM(m) ? EXIT_SUCCESS : EXIT_FAILURE, CLD_EXITED);
+ test(m, "exec-networknamespacepath-privatemounts-yes.service", can_unshare ? EXIT_SUCCESS : EXIT_FAILURE, CLD_EXITED);
+}
+
static void test_exec_oomscoreadjust(Manager *m) {
test(m, "exec-oomscoreadjust-positive.service", 0, CLD_EXITED);
entry(test_exec_inaccessiblepaths),
entry(test_exec_ioschedulingclass),
entry(test_exec_mount_apivfs),
+ entry(test_exec_networknamespacepath),
entry(test_exec_noexecpaths),
entry(test_exec_oomscoreadjust),
entry(test_exec_passenvironment),
/* Create dummy network interface for testing PrivateNetwork=yes */
(void) system("ip link add dummy-test-exec type dummy");
+ /* Create a network namespace and a dummy interface in it for NetworkNamespacePath= */
+ (void) system("ip netns add test-execute-netns");
+ (void) system("ip netns exec test-execute-netns ip link add dummy-test-ns type dummy");
+
return EXIT_SUCCESS;
}
static int outro(void) {
(void) system("ip link del dummy-test-exec");
+ (void) system("ip netns del test-execute-netns");
(void) rmdir(PRIVATE_UNIT_DIR);
return EXIT_SUCCESS;
--- /dev/null
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for NetworkNamespacePath= without mount namespacing
+
+[Service]
+ExecStart=/bin/sh -x -c '! ip link show dummy-test-exec'
+ExecStart=/bin/sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
+# Without mount namespacing, we can access the dummy-test-exec interface through sysfs.
+ExecStart=/bin/sh -x -c 'test -e /sys/class/net/dummy-test-exec'
+ExecStart=/bin/sh -x -c 'ip link show dummy-test-ns'
+ExecStart=/bin/sh -x -c 'test -e /proc/sys/net/ipv4/conf/dummy-test-ns'
+# Without mount namespacing, we cannot access the dummy-test-ns interface through sysfs.
+ExecStart=/bin/sh -x -c 'test ! -e /sys/class/net/dummy-test-ns'
+Type=oneshot
+NetworkNamespacePath=/run/netns/test-execute-netns
+PrivateMounts=no
--- /dev/null
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for NetworkNamespacePath= with mount namespacing
+
+[Service]
+ExecStart=/bin/sh -x -c '! ip link show dummy-test-exec'
+ExecStart=/bin/sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
+# With mount namespacing, we cannot access the dummy-test-exec interface through sysfs.
+ExecStart=/bin/sh -x -c 'test ! -e /sys/class/net/dummy-test-exec'
+ExecStart=/bin/sh -x -c 'ip link show dummy-test-ns'
+ExecStart=/bin/sh -x -c 'test -e /proc/sys/net/ipv4/conf/dummy-test-ns'
+# With mount namespacing, we can access the dummy-test-ns interface through sysfs.
+ExecStart=/bin/sh -x -c 'test -e /sys/class/net/dummy-test-ns'
+Type=oneshot
+NetworkNamespacePath=/run/netns/test-execute-netns
+# NetworkNamespacePath= implies PrivateMounts=yes
projects / thirdparty / systemd.git / commitdiff
