github.com/kaisenlinux/docker.io@v0.0.0-20230510090727-ea55db55fac7/engine/pkg/sysinfo/sysinfo_linux_test.go (about) 1 package sysinfo // import "github.com/docker/docker/pkg/sysinfo" 2 3 import ( 4 "os" 5 "path" 6 "path/filepath" 7 "testing" 8 9 "golang.org/x/sys/unix" 10 "gotest.tools/v3/assert" 11 ) 12 13 func TestReadProcBool(t *testing.T) { 14 tmpDir, err := os.MkdirTemp("", "test-sysinfo-proc") 15 assert.NilError(t, err) 16 defer os.RemoveAll(tmpDir) 17 18 procFile := filepath.Join(tmpDir, "read-proc-bool") 19 err = os.WriteFile(procFile, []byte("1"), 0644) 20 assert.NilError(t, err) 21 22 if !readProcBool(procFile) { 23 t.Fatal("expected proc bool to be true, got false") 24 } 25 26 if err := os.WriteFile(procFile, []byte("0"), 0644); err != nil { 27 t.Fatal(err) 28 } 29 if readProcBool(procFile) { 30 t.Fatal("expected proc bool to be false, got true") 31 } 32 33 if readProcBool(path.Join(tmpDir, "no-exist")) { 34 t.Fatal("should be false for non-existent entry") 35 } 36 37 } 38 39 func TestCgroupEnabled(t *testing.T) { 40 cgroupDir, err := os.MkdirTemp("", "cgroup-test") 41 assert.NilError(t, err) 42 defer os.RemoveAll(cgroupDir) 43 44 if cgroupEnabled(cgroupDir, "test") { 45 t.Fatal("cgroupEnabled should be false") 46 } 47 48 err = os.WriteFile(path.Join(cgroupDir, "test"), []byte{}, 0644) 49 assert.NilError(t, err) 50 51 if !cgroupEnabled(cgroupDir, "test") { 52 t.Fatal("cgroupEnabled should be true") 53 } 54 } 55 56 func TestNew(t *testing.T) { 57 sysInfo := New(false) 58 assert.Assert(t, sysInfo != nil) 59 checkSysInfo(t, sysInfo) 60 61 sysInfo = New(true) 62 assert.Assert(t, sysInfo != nil) 63 checkSysInfo(t, sysInfo) 64 } 65 66 func checkSysInfo(t *testing.T, sysInfo *SysInfo) { 67 // Check if Seccomp is supported, via CONFIG_SECCOMP.then sysInfo.Seccomp must be TRUE , else FALSE 68 if err := unix.Prctl(unix.PR_GET_SECCOMP, 0, 0, 0, 0); err != unix.EINVAL { 69 // Make sure the kernel has CONFIG_SECCOMP_FILTER. 70 if err := unix.Prctl(unix.PR_SET_SECCOMP, unix.SECCOMP_MODE_FILTER, 0, 0, 0); err != unix.EINVAL { 71 assert.Assert(t, sysInfo.Seccomp) 72 } 73 } else { 74 assert.Assert(t, !sysInfo.Seccomp) 75 } 76 } 77 78 func TestNewAppArmorEnabled(t *testing.T) { 79 // Check if AppArmor is supported. then it must be TRUE , else FALSE 80 if _, err := os.Stat("/sys/kernel/security/apparmor"); err != nil { 81 t.Skip("App Armor Must be Enabled") 82 } 83 84 sysInfo := New(true) 85 assert.Assert(t, sysInfo.AppArmor) 86 } 87 88 func TestNewAppArmorDisabled(t *testing.T) { 89 // Check if AppArmor is supported. then it must be TRUE , else FALSE 90 if _, err := os.Stat("/sys/kernel/security/apparmor"); !os.IsNotExist(err) { 91 t.Skip("App Armor Must be Disabled") 92 } 93 94 sysInfo := New(true) 95 assert.Assert(t, !sysInfo.AppArmor) 96 } 97 98 func TestNewCgroupNamespacesEnabled(t *testing.T) { 99 // If cgroup namespaces are supported in the kernel, then sysInfo.CgroupNamespaces should be TRUE 100 if _, err := os.Stat("/proc/self/ns/cgroup"); err != nil { 101 t.Skip("cgroup namespaces must be enabled") 102 } 103 104 sysInfo := New(true) 105 assert.Assert(t, sysInfo.CgroupNamespaces) 106 } 107 108 func TestNewCgroupNamespacesDisabled(t *testing.T) { 109 // If cgroup namespaces are *not* supported in the kernel, then sysInfo.CgroupNamespaces should be FALSE 110 if _, err := os.Stat("/proc/self/ns/cgroup"); !os.IsNotExist(err) { 111 t.Skip("cgroup namespaces must be disabled") 112 } 113 114 sysInfo := New(true) 115 assert.Assert(t, !sysInfo.CgroupNamespaces) 116 } 117 118 func TestNumCPU(t *testing.T) { 119 cpuNumbers := NumCPU() 120 if cpuNumbers <= 0 { 121 t.Fatal("CPU returned must be greater than zero") 122 } 123 }