github.com/docker/engine@v22.0.0-20211208180946-d456264580cf+incompatible/pkg/sysinfo/sysinfo_linux_test.go (about)

     1  package sysinfo // import "github.com/docker/docker/pkg/sysinfo"
     2  
     3  import (
     4  	"os"
     5  	"path"
     6  	"path/filepath"
     7  	"testing"
     8  
     9  	"golang.org/x/sys/unix"
    10  	"gotest.tools/v3/assert"
    11  )
    12  
    13  func TestReadProcBool(t *testing.T) {
    14  	tmpDir, err := os.MkdirTemp("", "test-sysinfo-proc")
    15  	assert.NilError(t, err)
    16  	defer os.RemoveAll(tmpDir)
    17  
    18  	procFile := filepath.Join(tmpDir, "read-proc-bool")
    19  	err = os.WriteFile(procFile, []byte("1"), 0644)
    20  	assert.NilError(t, err)
    21  
    22  	if !readProcBool(procFile) {
    23  		t.Fatal("expected proc bool to be true, got false")
    24  	}
    25  
    26  	if err := os.WriteFile(procFile, []byte("0"), 0644); err != nil {
    27  		t.Fatal(err)
    28  	}
    29  	if readProcBool(procFile) {
    30  		t.Fatal("expected proc bool to be false, got true")
    31  	}
    32  
    33  	if readProcBool(path.Join(tmpDir, "no-exist")) {
    34  		t.Fatal("should be false for non-existent entry")
    35  	}
    36  
    37  }
    38  
    39  func TestCgroupEnabled(t *testing.T) {
    40  	cgroupDir, err := os.MkdirTemp("", "cgroup-test")
    41  	assert.NilError(t, err)
    42  	defer os.RemoveAll(cgroupDir)
    43  
    44  	if cgroupEnabled(cgroupDir, "test") {
    45  		t.Fatal("cgroupEnabled should be false")
    46  	}
    47  
    48  	err = os.WriteFile(path.Join(cgroupDir, "test"), []byte{}, 0644)
    49  	assert.NilError(t, err)
    50  
    51  	if !cgroupEnabled(cgroupDir, "test") {
    52  		t.Fatal("cgroupEnabled should be true")
    53  	}
    54  }
    55  
    56  func TestNew(t *testing.T) {
    57  	sysInfo := New()
    58  	assert.Assert(t, sysInfo != nil)
    59  	checkSysInfo(t, sysInfo)
    60  }
    61  
    62  func checkSysInfo(t *testing.T, sysInfo *SysInfo) {
    63  	// Check if Seccomp is supported, via CONFIG_SECCOMP.then sysInfo.Seccomp must be TRUE , else FALSE
    64  	if err := unix.Prctl(unix.PR_GET_SECCOMP, 0, 0, 0, 0); err != unix.EINVAL {
    65  		// Make sure the kernel has CONFIG_SECCOMP_FILTER.
    66  		if err := unix.Prctl(unix.PR_SET_SECCOMP, unix.SECCOMP_MODE_FILTER, 0, 0, 0); err != unix.EINVAL {
    67  			assert.Assert(t, sysInfo.Seccomp)
    68  		}
    69  	} else {
    70  		assert.Assert(t, !sysInfo.Seccomp)
    71  	}
    72  }
    73  
    74  func TestNewAppArmorEnabled(t *testing.T) {
    75  	// Check if AppArmor is supported. then it must be TRUE , else FALSE
    76  	if _, err := os.Stat("/sys/kernel/security/apparmor"); err != nil {
    77  		t.Skip("AppArmor Must be Enabled")
    78  	}
    79  
    80  	sysInfo := New()
    81  	assert.Assert(t, sysInfo.AppArmor)
    82  }
    83  
    84  func TestNewAppArmorDisabled(t *testing.T) {
    85  	// Check if AppArmor is supported. then it must be TRUE , else FALSE
    86  	if _, err := os.Stat("/sys/kernel/security/apparmor"); !os.IsNotExist(err) {
    87  		t.Skip("AppArmor Must be Disabled")
    88  	}
    89  
    90  	sysInfo := New()
    91  	assert.Assert(t, !sysInfo.AppArmor)
    92  }
    93  
    94  func TestNewCgroupNamespacesEnabled(t *testing.T) {
    95  	// If cgroup namespaces are supported in the kernel, then sysInfo.CgroupNamespaces should be TRUE
    96  	if _, err := os.Stat("/proc/self/ns/cgroup"); err != nil {
    97  		t.Skip("cgroup namespaces must be enabled")
    98  	}
    99  
   100  	sysInfo := New()
   101  	assert.Assert(t, sysInfo.CgroupNamespaces)
   102  }
   103  
   104  func TestNewCgroupNamespacesDisabled(t *testing.T) {
   105  	// If cgroup namespaces are *not* supported in the kernel, then sysInfo.CgroupNamespaces should be FALSE
   106  	if _, err := os.Stat("/proc/self/ns/cgroup"); !os.IsNotExist(err) {
   107  		t.Skip("cgroup namespaces must be disabled")
   108  	}
   109  
   110  	sysInfo := New()
   111  	assert.Assert(t, !sysInfo.CgroupNamespaces)
   112  }
   113  
   114  func TestNumCPU(t *testing.T) {
   115  	cpuNumbers := NumCPU()
   116  	if cpuNumbers <= 0 {
   117  		t.Fatal("CPU returned must be greater than zero")
   118  	}
   119  }