github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/controller/internal/processmon/processmon_linux_test.go (about) 1 // +build linux,!rhel6 2 3 package processmon 4 5 import ( 6 "context" 7 "fmt" 8 "os" 9 "os/exec" 10 "path/filepath" 11 "runtime" 12 "testing" 13 14 . "github.com/smartystreets/goconvey/convey" 15 "go.aporeto.io/enforcerd/trireme-lib/controller/internal/enforcer/utils/rpcwrapper" 16 "go.aporeto.io/enforcerd/trireme-lib/controller/pkg/env" 17 "go.aporeto.io/enforcerd/trireme-lib/policy" 18 ) 19 20 const ( 21 testDirBase = "/tmp" 22 ) 23 24 func TestLaunchProcess(t *testing.T) { 25 26 Convey("Given a test setup for launch", t, func() { 27 //Will use refPid to be 1 (init) guaranteed to be there 28 //Normal case should launch a process 29 30 refPid := 1 31 dir, _ := os.Getwd() 32 refNSPath := "" 33 34 err := os.MkdirAll("/tmp/1/ns/net", os.ModePerm) 35 So(err, ShouldBeNil) 36 defer func() { 37 os.RemoveAll("/tmp/1/ns/net") // nolint errcheck 38 }() 39 40 err = os.Chdir("testbinary") 41 So(err, ShouldBeNil) 42 defer os.Chdir(dir) // nolint 43 44 buildCmd := fmt.Sprintf("GOOS=%s GOARCH=%s go build", runtime.GOOS, runtime.GOARCH) 45 46 err = exec.Command("bash", "-c", buildCmd).Run() 47 So(err, ShouldBeNil) 48 49 err = exec.Command("cp", "-p", filepath.Join(dir, "testbinary/testbinary"), testDirBase).Run() 50 So(err, ShouldBeNil) 51 52 ctx, cancel := context.WithCancel(context.TODO()) 53 defer cancel() 54 55 errChannel := make(chan *policy.RuntimeError) 56 defer cleanupErrChannel(errChannel) 57 58 rpchdl := rpcwrapper.NewTestRPCClient() 59 contextID := "pu1" 60 61 pm := New(ctx, &env.RemoteParameters{}, errChannel, rpchdl, 0) 62 p, ok := pm.(*RemoteMonitor) 63 So(ok, ShouldBeTrue) 64 65 Convey("if the process is already activated, then it should return with initialize false and no error", func() { 66 p.activeProcesses.AddOrUpdate(contextID, &processInfo{}) 67 68 initialize, err := p.LaunchRemoteEnforcer(contextID, refPid, refNSPath, "", "mysecret", testDirBase, policy.EnforcerMapping) 69 So(err, ShouldBeNil) 70 So(initialize, ShouldBeFalse) 71 }) 72 73 Convey("if the process is not already activated and stat fails, it should error and cleanup", func() { 74 initialize, err := p.LaunchRemoteEnforcer(contextID, refPid, "", "", "my secret", "/badpath", policy.EnforcerMapping) 75 So(err, ShouldNotBeNil) 76 So(initialize, ShouldBeFalse) 77 78 _, err = p.activeProcesses.Get(contextID) 79 So(err, ShouldNotBeNil) 80 81 }) 82 83 Convey("if the process is not already activated and pid stat fails, it should error and cleanup", func() { 84 initialize, err := p.LaunchRemoteEnforcer(contextID, 10000, refNSPath, "", "my secret", "/badpath", policy.EnforcerMapping) 85 So(err, ShouldNotBeNil) 86 So(initialize, ShouldBeFalse) 87 88 _, err = p.activeProcesses.Get(contextID) 89 So(err, ShouldNotBeNil) 90 91 }) 92 93 Convey("if the process is not already activated and this is the host namespace, it should fail and cleanup", func() { 94 rpchdl.MockGetRPCClient(t, func(string) (*rpcwrapper.RPCHdl, error) { 95 return nil, nil 96 }) 97 initialize, err := p.LaunchRemoteEnforcer(contextID, refPid, refNSPath, "", "my secret", testDirBase, policy.EnforcerMapping) 98 So(err, ShouldNotBeNil) 99 So(initialize, ShouldBeFalse) 100 101 _, err = p.activeProcesses.Get(contextID) 102 So(err, ShouldNotBeNil) 103 104 }) 105 106 Convey("if the process is not already activated and the namespace is there", func() { 107 rpchdl.MockGetRPCClient(t, func(string) (*rpcwrapper.RPCHdl, error) { 108 return nil, nil 109 }) 110 pid := launchContainer(testDirBase) 111 defer killContainer() 112 113 execCommand = fakeExecCommand 114 initialize, err := p.LaunchRemoteEnforcer(contextID, pid, refNSPath, "", "my secret", testDirBase, policy.EnforcerMapping) 115 So(err, ShouldBeNil) 116 So(initialize, ShouldBeTrue) 117 118 _, err = p.activeProcesses.Get(contextID) 119 So(err, ShouldBeNil) 120 121 }) 122 123 }) 124 125 }