Changeset View
Changeset View
Standalone View
Standalone View
usr.sbin/jail/tests/jail_basic_test.sh
# | # | ||||
# SPDX-License-Identifier: BSD-2-Clause-FreeBSD | # SPDX-License-Identifier: BSD-2-Clause-FreeBSD | ||||
# | # | ||||
# Copyright (c) 2019 Michael Zhilin | # Copyright (c) 2019 Michael Zhilin | ||||
# | # | ||||
# Redistribution and use in source and binary forms, with or without | # Redistribution and use in source and binary forms, with or without | ||||
# modification, are permitted provided that the following conditions | # modification, are permitted provided that the following conditions | ||||
Context not available. | |||||
# $FreeBSD$ | # $FreeBSD$ | ||||
atf_test_case "basic" "cleanup" | atf_test_case "basic" "cleanup" | ||||
atf_test_case "remove" "cleanup" | |||||
atf_test_case "nested" "cleanup" | atf_test_case "nested" "cleanup" | ||||
atf_test_case "commands" "cleanup" | atf_test_case "commands" "cleanup" | ||||
Context not available. | |||||
jail -r basejail | jail -r basejail | ||||
} | } | ||||
remove_head() | |||||
{ | |||||
atf_set descr 'Basic jail with ipv4.addr removal test' | |||||
atf_set require.user root | |||||
} | |||||
remove_body() | |||||
{ | |||||
# Configure custom loopback IP | |||||
atf_check -s exit:0 ifconfig lo0 inet 172.254.254.254/32 alias | |||||
asomers: This looks like a valid public IP address. You should use an RFC 5735 address instead, like 192. | |||||
jlduran_gmail.comUnsubmitted Not Done Inline ActionsMaybe s/172/127/g would suffice? jlduran_gmail.com: Maybe `s/172/127/g` would suffice? | |||||
# Create the jail | |||||
atf_check -s exit:0 -o ignore jail -c name=removejail persist ip4.addr=172.254.254.254 | |||||
# Display ifconfig (trigger jail leak) | |||||
# https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264981 | |||||
atf_check -s exit:0 -o ignore jexec removejail ifconfig lo0 | |||||
# Stop jail | |||||
atf_check -s exit:0 -o ignore jail -R removejail | |||||
# This jail should be no more after few seconds (not stuck in dying state) | |||||
sleep 5 | |||||
atf_check -s exit:1 -o ignore -e ignore jls -d -j removejail | |||||
} | |||||
remove_cleanup() | |||||
{ | |||||
ifconfig lo0 inet 172.254.254.254/32 -alias | |||||
} | |||||
nested_head() | nested_head() | ||||
{ | { | ||||
atf_set descr 'Hierarchical jails test' | atf_set descr 'Hierarchical jails test' | ||||
Context not available. | |||||
atf_check -s exit:1 -o empty -e inline:"jail: prison limit exceeded\n"\ | atf_check -s exit:1 -o empty -e inline:"jail: prison limit exceeded\n"\ | ||||
jexec basejail \ | jexec basejail \ | ||||
jail -c name=secondnestedjail persist ip4.addr=192.0.1.1 | jail -c name=secondnestedjail persist ip4.addr=192.0.1.1 | ||||
# Check output of jls | # Check output of jls | ||||
atf_check -s exit:0 -o ignore \ | atf_check -s exit:0 -o ignore \ | ||||
jexec basejail jls | jexec basejail jls | ||||
Context not available. | |||||
atf_check -s exit:1 -o empty \ | atf_check -s exit:1 -o empty \ | ||||
-e inline:"jail: jail_set: Operation not permitted\n" \ | -e inline:"jail: jail_set: Operation not permitted\n" \ | ||||
jexec basejail_nochild \ | jexec basejail_nochild \ | ||||
jail -c name=nestedjail persist ip4.addr=192.0.1.1 | jail -c name=nestedjail persist ip4.addr=192.0.1.1 | ||||
} | } | ||||
nested_cleanup() | nested_cleanup() | ||||
Context not available. | |||||
jail -f $(atf_get_srcdir)/commands.jail.conf -qc basejail | jail -f $(atf_get_srcdir)/commands.jail.conf -qc basejail | ||||
# exec.prestop by jailname | # exec.prestop by jailname | ||||
atf_check -s exit:0 -o inline:"STOP\n" \ | atf_check -s exit:0 -o inline:"STOP\n" \ | ||||
jail -f $(atf_get_srcdir)/commands.jail.conf -qr basejail | jail -f $(atf_get_srcdir)/commands.jail.conf -qr basejail | ||||
# exec.prestop by jid | # exec.prestop by jid | ||||
jail -f $(atf_get_srcdir)/commands.jail.conf -qc basejail | jail -f $(atf_get_srcdir)/commands.jail.conf -qc basejail | ||||
atf_check -s exit:0 -o inline:"STOP\n" \ | atf_check -s exit:0 -o inline:"STOP\n" \ | ||||
jail -f $(atf_get_srcdir)/commands.jail.conf -qr `jls -j basejail jid` | jail -f $(atf_get_srcdir)/commands.jail.conf -qr `jls -j basejail jid` | ||||
} | } | ||||
commands_cleanup() | commands_cleanup() | ||||
{ | { | ||||
jls -j basejail > /dev/null 2>&1 | jls -j basejail > /dev/null 2>&1 | ||||
if [ $? -e 0 ] | if [ $? -e 0 ] | ||||
then | then | ||||
jail -r basejail | jail -r basejail | ||||
fi | fi | ||||
Context not available. | |||||
atf_init_test_cases() | atf_init_test_cases() | ||||
{ | { | ||||
atf_add_test_case "basic" | atf_add_test_case "basic" | ||||
atf_add_test_case "remove" | |||||
atf_add_test_case "nested" | atf_add_test_case "nested" | ||||
atf_add_test_case "commands" | atf_add_test_case "commands" | ||||
} | } | ||||
Context not available. |
This looks like a valid public IP address. You should use an RFC 5735 address instead, like 192.0.2.0/24.