github.com/docker/engine@v22.0.0-20211208180946-d456264580cf+incompatible/pkg/sysinfo/sysinfo_linux_test.go (about) 1 package sysinfo // import "github.com/docker/docker/pkg/sysinfo" 2 3 import ( 4 "os" 5 "path" 6 "path/filepath" 7 "testing" 8 9 "golang.org/x/sys/unix" 10 "gotest.tools/v3/assert" 11 ) 12 13 func TestReadProcBool(t *testing.T) { 14 tmpDir, err := os.MkdirTemp("", "test-sysinfo-proc") 15 assert.NilError(t, err) 16 defer os.RemoveAll(tmpDir) 17 18 procFile := filepath.Join(tmpDir, "read-proc-bool") 19 err = os.WriteFile(procFile, []byte("1"), 0644) 20 assert.NilError(t, err) 21 22 if !readProcBool(procFile) { 23 t.Fatal("expected proc bool to be true, got false") 24 } 25 26 if err := os.WriteFile(procFile, []byte("0"), 0644); err != nil { 27 t.Fatal(err) 28 } 29 if readProcBool(procFile) { 30 t.Fatal("expected proc bool to be false, got true") 31 } 32 33 if readProcBool(path.Join(tmpDir, "no-exist")) { 34 t.Fatal("should be false for non-existent entry") 35 } 36 37 } 38 39 func TestCgroupEnabled(t *testing.T) { 40 cgroupDir, err := os.MkdirTemp("", "cgroup-test") 41 assert.NilError(t, err) 42 defer os.RemoveAll(cgroupDir) 43 44 if cgroupEnabled(cgroupDir, "test") { 45 t.Fatal("cgroupEnabled should be false") 46 } 47 48 err = os.WriteFile(path.Join(cgroupDir, "test"), []byte{}, 0644) 49 assert.NilError(t, err) 50 51 if !cgroupEnabled(cgroupDir, "test") { 52 t.Fatal("cgroupEnabled should be true") 53 } 54 } 55 56 func TestNew(t *testing.T) { 57 sysInfo := New() 58 assert.Assert(t, sysInfo != nil) 59 checkSysInfo(t, sysInfo) 60 } 61 62 func checkSysInfo(t *testing.T, sysInfo *SysInfo) { 63 // Check if Seccomp is supported, via CONFIG_SECCOMP.then sysInfo.Seccomp must be TRUE , else FALSE 64 if err := unix.Prctl(unix.PR_GET_SECCOMP, 0, 0, 0, 0); err != unix.EINVAL { 65 // Make sure the kernel has CONFIG_SECCOMP_FILTER. 66 if err := unix.Prctl(unix.PR_SET_SECCOMP, unix.SECCOMP_MODE_FILTER, 0, 0, 0); err != unix.EINVAL { 67 assert.Assert(t, sysInfo.Seccomp) 68 } 69 } else { 70 assert.Assert(t, !sysInfo.Seccomp) 71 } 72 } 73 74 func TestNewAppArmorEnabled(t *testing.T) { 75 // Check if AppArmor is supported. then it must be TRUE , else FALSE 76 if _, err := os.Stat("/sys/kernel/security/apparmor"); err != nil { 77 t.Skip("AppArmor Must be Enabled") 78 } 79 80 sysInfo := New() 81 assert.Assert(t, sysInfo.AppArmor) 82 } 83 84 func TestNewAppArmorDisabled(t *testing.T) { 85 // Check if AppArmor is supported. then it must be TRUE , else FALSE 86 if _, err := os.Stat("/sys/kernel/security/apparmor"); !os.IsNotExist(err) { 87 t.Skip("AppArmor Must be Disabled") 88 } 89 90 sysInfo := New() 91 assert.Assert(t, !sysInfo.AppArmor) 92 } 93 94 func TestNewCgroupNamespacesEnabled(t *testing.T) { 95 // If cgroup namespaces are supported in the kernel, then sysInfo.CgroupNamespaces should be TRUE 96 if _, err := os.Stat("/proc/self/ns/cgroup"); err != nil { 97 t.Skip("cgroup namespaces must be enabled") 98 } 99 100 sysInfo := New() 101 assert.Assert(t, sysInfo.CgroupNamespaces) 102 } 103 104 func TestNewCgroupNamespacesDisabled(t *testing.T) { 105 // If cgroup namespaces are *not* supported in the kernel, then sysInfo.CgroupNamespaces should be FALSE 106 if _, err := os.Stat("/proc/self/ns/cgroup"); !os.IsNotExist(err) { 107 t.Skip("cgroup namespaces must be disabled") 108 } 109 110 sysInfo := New() 111 assert.Assert(t, !sysInfo.CgroupNamespaces) 112 } 113 114 func TestNumCPU(t *testing.T) { 115 cpuNumbers := NumCPU() 116 if cpuNumbers <= 0 { 117 t.Fatal("CPU returned must be greater than zero") 118 } 119 }