github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/cmd/snap-update-ns/system_test.go

github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/cmd/snap-update-ns/system_test.go (about)

     1  // -*- Mode: Go; indent-tabs-mode: t -*-
     2  
     3  /*
     4   * Copyright (C) 2019 Canonical Ltd
     5   *
     6   * This program is free software: you can redistribute it and/or modify
     7   * it under the terms of the GNU General Public License version 3 as
     8   * published by the Free Software Foundation.
     9   *
    10   * This program is distributed in the hope that it will be useful,
    11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13   * GNU General Public License for more details.
    14   *
    15   * You should have received a copy of the GNU General Public License
    16   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17   *
    18   */
    19  
    20  package main_test
    21  
    22  import (
    23  	"bytes"
    24  	"io/ioutil"
    25  	"os"
    26  	"path/filepath"
    27  
    28  	. "gopkg.in/check.v1"
    29  
    30  	update "github.com/snapcore/snapd/cmd/snap-update-ns"
    31  	"github.com/snapcore/snapd/dirs"
    32  	"github.com/snapcore/snapd/osutil"
    33  	"github.com/snapcore/snapd/testutil"
    34  )
    35  
    36  type systemSuite struct{}
    37  
    38  var _ = Suite(&systemSuite{})
    39  
    40  func (s *systemSuite) TestLock(c *C) {
    41  	dirs.SetRootDir(c.MkDir())
    42  	defer dirs.SetRootDir("/")
    43  
    44  	upCtx := update.NewSystemProfileUpdateContext("foo", false)
    45  	unlock, err := upCtx.Lock()
    46  	c.Assert(err, IsNil)
    47  	c.Check(unlock, NotNil)
    48  	unlock()
    49  }
    50  
    51  func (s *systemSuite) TestAssumptions(c *C) {
    52  	// Non-instances can access /tmp, /var/snap and /snap/$SNAP_NAME
    53  	upCtx := update.NewSystemProfileUpdateContext("foo", false)
    54  	as := upCtx.Assumptions()
    55  	c.Check(as.UnrestrictedPaths(), DeepEquals, []string{"/tmp", "/var/snap", "/snap/foo"})
    56  
    57  	// Instances can, in addition, access /snap/$SNAP_INSTANCE_NAME
    58  	upCtx = update.NewSystemProfileUpdateContext("foo_instance", false)
    59  	as = upCtx.Assumptions()
    60  	c.Check(as.UnrestrictedPaths(), DeepEquals, []string{"/tmp", "/var/snap", "/snap/foo_instance", "/snap/foo"})
    61  }
    62  
    63  func (s *systemSuite) TestLoadDesiredProfile(c *C) {
    64  	// Mock directories.
    65  	dirs.SetRootDir(c.MkDir())
    66  	defer dirs.SetRootDir("/")
    67  
    68  	upCtx := update.NewSystemProfileUpdateContext("foo", false)
    69  	text := "/snap/foo/42/dir /snap/bar/13/dir none bind,rw 0 0\n"
    70  
    71  	// Write a desired system mount profile for snap "foo".
    72  	path := update.DesiredSystemProfilePath(upCtx.InstanceName())
    73  	c.Assert(os.MkdirAll(filepath.Dir(path), 0755), IsNil)
    74  	c.Assert(ioutil.WriteFile(path, []byte(text), 0644), IsNil)
    75  
    76  	// Ask the system profile update helper to read the desired profile.
    77  	profile, err := upCtx.LoadDesiredProfile()
    78  	c.Assert(err, IsNil)
    79  	builder := &bytes.Buffer{}
    80  	profile.WriteTo(builder)
    81  
    82  	c.Check(builder.String(), Equals, text)
    83  }
    84  
    85  func (s *systemSuite) TestLoadCurrentProfile(c *C) {
    86  	// Mock directories.
    87  	dirs.SetRootDir(c.MkDir())
    88  	defer dirs.SetRootDir("/")
    89  
    90  	upCtx := update.NewSystemProfileUpdateContext("foo", false)
    91  	text := "/snap/foo/42/dir /snap/bar/13/dir none bind,rw 0 0\n"
    92  
    93  	// Write a current system mount profile for snap "foo".
    94  	path := update.CurrentSystemProfilePath(upCtx.InstanceName())
    95  	c.Assert(os.MkdirAll(filepath.Dir(path), 0755), IsNil)
    96  	c.Assert(ioutil.WriteFile(path, []byte(text), 0644), IsNil)
    97  
    98  	// Ask the system profile update helper to read the current profile.
    99  	profile, err := upCtx.LoadCurrentProfile()
   100  	c.Assert(err, IsNil)
   101  	builder := &bytes.Buffer{}
   102  	profile.WriteTo(builder)
   103  
   104  	// The profile is returned unchanged.
   105  	c.Check(builder.String(), Equals, text)
   106  }
   107  
   108  func (s *systemSuite) TestSaveCurrentProfile(c *C) {
   109  	// Mock directories and create directory for runtime mount profiles.
   110  	dirs.SetRootDir(c.MkDir())
   111  	defer dirs.SetRootDir("/")
   112  	c.Assert(os.MkdirAll(dirs.SnapRunNsDir, 0755), IsNil)
   113  
   114  	upCtx := update.NewSystemProfileUpdateContext("foo", false)
   115  	text := "/snap/foo/42/dir /snap/bar/13/dir none bind,rw 0 0\n"
   116  
   117  	// Prepare a mount profile to be saved.
   118  	profile, err := osutil.LoadMountProfileText(text)
   119  	c.Assert(err, IsNil)
   120  
   121  	// Ask the system profile update to write the current profile.
   122  	c.Assert(upCtx.SaveCurrentProfile(profile), IsNil)
   123  	c.Check(update.CurrentSystemProfilePath(upCtx.InstanceName()), testutil.FileEquals, text)
   124  }
   125  
   126  func (s *systemSuite) TestDesiredSystemProfilePath(c *C) {
   127  	c.Check(update.DesiredSystemProfilePath("foo"), Equals, "/var/lib/snapd/mount/snap.foo.fstab")
   128  }
   129  
   130  func (s *systemSuite) TestCurrentSystemProfilePath(c *C) {
   131  	c.Check(update.CurrentSystemProfilePath("foo"), Equals, "/run/snapd/ns/snap.foo.fstab")
   132  }