-
Notifications
You must be signed in to change notification settings - Fork 25
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #501 from pengshanyu/attempts-to-access-forbidden-…
…file-system-resource Attempts to access forbidden file system resource
- Loading branch information
Showing
26 changed files
with
328 additions
and
0 deletions.
There are no files selected for viewing
20 changes: 20 additions & 0 deletions
20
tests/ffi/attempts_to_access_forbidden_file_system_resource/devices/PURPOSE
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| Title: | ||
| Validate that some devices are not available inside the QM partition. | ||
|
|
||
| Description: | ||
| The QM partition configuration defines a set of available filesystem resources (devices, networks, shared memory, etc). | ||
| These and only these resources are expected to be present in the QM partition's file system. | ||
|
|
||
| Input: | ||
| This test set executes the following commands respectively: | ||
| `podman exec qm test -c /dev/console` | ||
| `podman exec qm test -d /dev/disk` | ||
| `podman exec qm test -c /dev/kmsg` | ||
|
|
||
| Expected Result: | ||
| out: [ INFO ] PASS: check_dev_console_not_available: As expected, /dev/console is not available in the QM partition. | ||
| out: [ INFO ] PASS: check_dev_disk_not_available: As expected, /dev/disk is not available in the QM partition. | ||
| out: [ INFO ] PASS: check_dev_kmsg_not_available: As expected, /dev/kmsg is not available in the QM partition. | ||
|
|
||
| Jira: | ||
| https://issues.redhat.com/browse/VROOM-21932 |
9 changes: 9 additions & 0 deletions
9
tests/ffi/attempts_to_access_forbidden_file_system_resource/devices/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| # FFI - attempts_to_access_forbidden_file_system_resource/devices | ||
|
|
||
| This test is intended to confirm that resources (devices, networks, shared memory, etc) present in the file system match the expectations based on the QM partition configuration. | ||
|
|
||
| ## This Test Set includes these tests | ||
|
|
||
| 1. Confirm that the device /dev/console is not available in the QM partition. | ||
| 2. Confirm that the device /dev/disk is not available in the QM partition. | ||
| 3. Confirm that the device /dev/kmsg is not available in the QM partition. |
5 changes: 5 additions & 0 deletions
5
tests/ffi/attempts_to_access_forbidden_file_system_resource/devices/check_dev_console.fmf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| summary: Test that the device /dev/console is not available in the QM partition. | ||
| test: /bin/bash ./check_dev_console.sh | ||
| duration: 10m | ||
| tag: ffi | ||
| framework: shell |
18 changes: 18 additions & 0 deletions
18
tests/ffi/attempts_to_access_forbidden_file_system_resource/devices/check_dev_console.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| #!/bin/bash -euvx | ||
|
|
||
| # shellcheck disable=SC1091 | ||
| . ../../../e2e/lib/utils | ||
|
|
||
| check_dev_console_not_available(){ | ||
| # Check /dev/console is not available in the QM partition | ||
| if podman exec qm test -c /dev/console; then | ||
| info_message "Found /dev/console in the QM partition: $(podman exec -t qm ls -l /dev/console)" | ||
| info_message "FAIL: check_dev_console_not_available: Check for /dev/console in the QM partition failed, it should not be available." | ||
| exit 1 | ||
| else | ||
| info_message "PASS: check_dev_console_not_available: As expected, /dev/console is not available in the QM partition." | ||
| exit 0 | ||
| fi | ||
| } | ||
|
|
||
| check_dev_console_not_available |
5 changes: 5 additions & 0 deletions
5
tests/ffi/attempts_to_access_forbidden_file_system_resource/devices/check_dev_disk.fmf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| summary: Test that the device /dev/disk is not available in the QM partition. | ||
| test: /bin/bash ./check_dev_disk.sh | ||
| duration: 10m | ||
| tag: ffi | ||
| framework: shell |
18 changes: 18 additions & 0 deletions
18
tests/ffi/attempts_to_access_forbidden_file_system_resource/devices/check_dev_disk.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| #!/bin/bash -euvx | ||
|
|
||
| # shellcheck disable=SC1091 | ||
| . ../../../e2e/lib/utils | ||
|
|
||
| check_dev_disk_not_available(){ | ||
| # Check /dev/disk is not available in the QM partition | ||
| if podman exec qm test -d /dev/disk; then | ||
| info_message "Found /dev/disk in the QM partition: $(podman exec -t qm ls -l /dev/disk)" | ||
| info_message "FAIL: check_dev_disk_not_available: Check for /dev/disk in the QM partition failed, it should not be available." | ||
| exit 1 | ||
| else | ||
| info_message "PASS: check_dev_disk_not_available: As expected, /dev/disk is not available in the QM partition." | ||
| exit 0 | ||
| fi | ||
| } | ||
|
|
||
| check_dev_disk_not_available |
5 changes: 5 additions & 0 deletions
5
tests/ffi/attempts_to_access_forbidden_file_system_resource/devices/check_dev_kmsg.fmf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| summary: Test that the device /dev/kmsg is not available in the QM partition. | ||
| test: /bin/bash ./check_dev_kmsg.sh | ||
| duration: 10m | ||
| tag: ffi | ||
| framework: shell |
18 changes: 18 additions & 0 deletions
18
tests/ffi/attempts_to_access_forbidden_file_system_resource/devices/check_dev_kmsg.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| #!/bin/bash -euvx | ||
|
|
||
| # shellcheck disable=SC1091 | ||
| . ../../../e2e/lib/utils | ||
|
|
||
| check_dev_kmsg_not_available(){ | ||
| # Check /dev/kmsg is not available in the QM partition | ||
| if podman exec qm test -c /dev/kmsg; then | ||
| info_message "Found /dev/kmsg in the QM partition: $(podman exec -t qm ls -l /dev/kmsg)" | ||
| info_message "FAIL: check_dev_kmsg_not_available: Check for /dev/kmsg in the QM partition failed, it should not be available." | ||
| exit 1 | ||
| else | ||
| info_message "PASS: check_dev_kmsg_not_available: As expected, /dev/kmsg is not available in the QM partition." | ||
| exit 0 | ||
| fi | ||
| } | ||
|
|
||
| check_dev_kmsg_not_available |
19 changes: 19 additions & 0 deletions
19
tests/ffi/attempts_to_access_forbidden_file_system_resource/regular_os_files/PURPOSE
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| Title: | ||
| Validate that the QM directories on the host are not accessible inside the QM partition. | ||
|
|
||
| Description: | ||
| The qm package is not installed in the QM partition (its only on the host). So check that you cannot access its directories. | ||
|
|
||
| Input: | ||
| This test set executes the following commands respectively: | ||
| `podman exec qm test -d /etc/qm` | ||
| `podman exec qm test -d /usr/lib/qm` | ||
| `podman exec qm test -d /usr/share/qm` | ||
|
|
||
| Expected Result: | ||
| out: [ INFO ] PASS: check_etc_qm_not_accessible: As expected, /etc/qm is not accessible in the QM partition. | ||
| out: [ INFO ] PASS: check_usr_lib_qm_not_accessible: As expected, /usr/lib/qm is not accessible in the QM partition. | ||
| out: [ INFO ] PASS: check_usr_share_qm_not_accessible: As expected, /usr/share/qm is not accessible in the QM partition. | ||
|
|
||
| Jira: | ||
| https://issues.redhat.com/browse/VROOM-21932 |
9 changes: 9 additions & 0 deletions
9
...fi/attempts_to_access_forbidden_file_system_resource/regular_os_files/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| # FFI - attempts_to_access_forbidden_file_system_resource/regular_os_files | ||
|
|
||
| This test is intended to confirm that resources (devices, networks, shared memory, etc) present in the file system match the expectations based on the QM partition configuration. | ||
|
|
||
| ## This Test Set includes these tests | ||
|
|
||
| 1. Confirm that the directory /etc/qm cannot be accessed in the QM partition. | ||
| 2. Confirm that the directory /usr/lib/qm cannot be accessed in the QM partition. | ||
| 3. Confirm that the directory /usr/share/qm cannot be accessed in the QM partition. |
5 changes: 5 additions & 0 deletions
5
...s/ffi/attempts_to_access_forbidden_file_system_resource/regular_os_files/check_etc_qm.fmf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| summary: Test that the directory /etc/qm cannot be accessed in the QM partition. | ||
| test: /bin/bash ./check_etc_qm.sh | ||
| duration: 10m | ||
| tag: ffi | ||
| framework: shell |
18 changes: 18 additions & 0 deletions
18
tests/ffi/attempts_to_access_forbidden_file_system_resource/regular_os_files/check_etc_qm.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| #!/bin/bash -euvx | ||
|
|
||
| # shellcheck disable=SC1091 | ||
| . ../../../e2e/lib/utils | ||
|
|
||
| check_etc_qm_not_accessible(){ | ||
| # Check /etc/qm is not accessible in the QM partition | ||
| if podman exec qm test -d /etc/qm; then | ||
| info_message "Found /etc/qm in the QM partition: $(podman exec -t qm ls -l /etc/qm)" | ||
| info_message "FAIL: check_etc_qm_not_accessible: Check for /etc/qm in the QM partition failed, it should not be accessible." | ||
| exit 1 | ||
| else | ||
| info_message "PASS: check_etc_qm_not_accessible: As expected, /etc/qm is not accessible in the QM partition." | ||
| exit 0 | ||
| fi | ||
| } | ||
|
|
||
| check_etc_qm_not_accessible |
5 changes: 5 additions & 0 deletions
5
...i/attempts_to_access_forbidden_file_system_resource/regular_os_files/check_usr_lib_qm.fmf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| summary: Test that the directory /usr/lib/qm cannot be accessed in the QM partition. | ||
| test: /bin/bash ./check_usr_lib_qm.sh | ||
| duration: 10m | ||
| tag: ffi | ||
| framework: shell |
18 changes: 18 additions & 0 deletions
18
...fi/attempts_to_access_forbidden_file_system_resource/regular_os_files/check_usr_lib_qm.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| #!/bin/bash -euvx | ||
|
|
||
| # shellcheck disable=SC1091 | ||
| . ../../../e2e/lib/utils | ||
|
|
||
| check_usr_lib_qm_not_accessible(){ | ||
| # Check /usr/lib/qm is not accessible in the QM partition | ||
| if podman exec qm test -d /usr/lib/qm; then | ||
| info_message "Found /usr/lib/qm in the QM partition: $(podman exec -t qm ls -l /usr/lib/qm)" | ||
| info_message "FAIL: check_usr_lib_qm_not_accessible: Check for /usr/lib/qm in the QM partition failed, it should not be accessible." | ||
| exit 1 | ||
| else | ||
| info_message "PASS: check_usr_lib_qm_not_accessible: As expected, /usr/lib/qm is not accessible in the QM partition." | ||
| exit 0 | ||
| fi | ||
| } | ||
|
|
||
| check_usr_lib_qm_not_accessible |
5 changes: 5 additions & 0 deletions
5
...attempts_to_access_forbidden_file_system_resource/regular_os_files/check_usr_share_qm.fmf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| summary: Test that the directory /usr/share/qm cannot be accessed in the QM partition. | ||
| test: /bin/bash ./check_usr_share_qm.sh | ||
| duration: 10m | ||
| tag: ffi | ||
| framework: shell |
18 changes: 18 additions & 0 deletions
18
.../attempts_to_access_forbidden_file_system_resource/regular_os_files/check_usr_share_qm.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| #!/bin/bash -euvx | ||
|
|
||
| # shellcheck disable=SC1091 | ||
| . ../../../e2e/lib/utils | ||
|
|
||
| check_usr_share_qm_not_accessible(){ | ||
| # Check /usr/share/qm is not accessible in the QM partition | ||
| if podman exec qm test -d /usr/share/qm; then | ||
| info_message "Found /usr/share/qm in the QM partition: $(podman exec -t qm ls -l /usr/share/qm)" | ||
| info_message "FAIL: check_usr_share_qm_not_accessible: Check for /usr/share/qm in the QM partition failed, it should not be accessible." | ||
| exit 1 | ||
| else | ||
| info_message "PASS: check_usr_share_qm_not_accessible: As expected, /usr/share/qm is not accessible in the QM partition." | ||
| exit 0 | ||
| fi | ||
| } | ||
|
|
||
| check_usr_share_qm_not_accessible |
15 changes: 15 additions & 0 deletions
15
tests/ffi/attempts_to_access_forbidden_file_system_resource/shared_memory_files/PURPOSE
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| Title: | ||
| Validate that SharedMemory files present in the file system match the expectations based on the QM partition configuration. | ||
|
|
||
| Description: | ||
| Create a file /dev/shm/on-host outside the QM partition, ensure it is not visible in /dev/shm inside the QM partition. | ||
|
|
||
| Input: | ||
| `touch /dev/shm/on-host` | ||
|
|
||
| Expected Result: | ||
| out: [ INFO ] Successfully created the file /dev/shm/on-host outside the QM partition. | ||
| out: [ INFO ] PASS: check_dev_shm_file_not_visible_in_qm: As expected, /dev/shm/on-host is not visible in the QM partition. | ||
|
|
||
| Jira: | ||
| https://issues.redhat.com/browse/VROOM-21932 |
7 changes: 7 additions & 0 deletions
7
...attempts_to_access_forbidden_file_system_resource/shared_memory_files/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| # FFI - attempts_to_access_forbidden_file_system_resource/shared_memory_files | ||
|
|
||
| This test is intended to confirm that resources (devices, networks, shared memory, etc) present in the file system match the expectations based on the QM partition configuration. | ||
|
|
||
| ## This Test Set includes these tests | ||
|
|
||
| 1. Confirm that the file created in /dev/shm/ outside the QM partition that are not visible in /dev/shm inside the QM partition. |
5 changes: 5 additions & 0 deletions
5
...i/attempts_to_access_forbidden_file_system_resource/shared_memory_files/check_dev_shm.fmf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| summary: Test that the file created in /dev/shm/ outside the QM partition that are not visible in /dev/shm inside the QM partition. | ||
| test: /bin/bash ./check_dev_shm.sh | ||
| duration: 10m | ||
| tag: ffi | ||
| framework: shell |
27 changes: 27 additions & 0 deletions
27
...fi/attempts_to_access_forbidden_file_system_resource/shared_memory_files/check_dev_shm.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| #!/bin/bash -euvx | ||
|
|
||
| # shellcheck disable=SC1091 | ||
| . ../../../e2e/lib/utils | ||
|
|
||
| check_dev_shm_file_not_visible_in_qm(){ | ||
| # Create a file /dev/shm/on-host outside the QM partition | ||
| touch /dev/shm/on-host | ||
| if test -e /dev/shm/on-host; then | ||
| info_message "Successfully created the file /dev/shm/on-host outside the QM partition." | ||
| else | ||
| info_message "FAIL: check_dev_shm_file_not_visible_in_qm: Failed to create /dev/shm/on-host outside the QM partition." | ||
| exit 1 | ||
| fi | ||
|
|
||
| # Check for file /dev/shm/on-host is not visible inside the QM partition. | ||
| if podman exec qm test -e /dev/shm/on-host; then | ||
| info_message "Found /dev/shm/on-host in the QM partition: $(podman exec -t qm ls -l /dev/shm/on-host)" | ||
| info_message "FAIL: check_dev_shm_file_not_visible_in_qm: Check for /dev/shm/on-host failed, it should not be visible in the QM partition." | ||
| exit 1 | ||
| else | ||
| info_message "PASS: check_dev_shm_file_not_visible_in_qm: As expected, /dev/shm/on-host is not visible in the QM partition." | ||
| exit 0 | ||
| fi | ||
| } | ||
|
|
||
| check_dev_shm_file_not_visible_in_qm |
18 changes: 18 additions & 0 deletions
18
tests/ffi/attempts_to_access_forbidden_file_system_resource/sockets/PURPOSE
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| Title: | ||
| Validate that the network resources present in the file system match the expectations based on the QM partition configuration. | ||
|
|
||
| Description: | ||
| Check that /run/systemd/journal/socket have different inode number inside and outside of the QM partition. Various sockets should not be available in the QM container, check that /run/udev/control doesn't exists. | ||
|
|
||
| Input: | ||
| This test set executes the following commands: | ||
| `stat --printf='%i' /run/systemd/journal/socket` | ||
| `podman exec qm stat --printf='%i' /run/systemd/journal/socket` | ||
| `podman exec qm test -e /run/udev/control` | ||
|
|
||
| Expected Result: | ||
| out: [ INFO ] PASS: check_run_systemd_journal_socket_inode_number: As expected, /run/systemd/journal/socket have different inode number inside and outside of the QM partition. | ||
| out: [ INFO ] PASS: check_run_udev_control_not_exist: As expected, /run/udev/control dose not exist in the QM partition. | ||
|
|
||
| Jira: | ||
| https://issues.redhat.com/browse/VROOM-21932 |
8 changes: 8 additions & 0 deletions
8
tests/ffi/attempts_to_access_forbidden_file_system_resource/sockets/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| # FFI - attempts_to_access_forbidden_file_system_resource/sockets | ||
|
|
||
| This test is intended to confirm that resources (devices, networks, shared memory, etc) present in the file system match the expectations based on the QM partition configuration. | ||
|
|
||
| ## This Test Set includes these tests | ||
|
|
||
| 1. Confirm that /run/systemd/journal/socket have different inode number inside and outside of the QM partition. | ||
| 2. Confirm that the socket /run/udev/control does not exist in the QM partition. |
5 changes: 5 additions & 0 deletions
5
...pts_to_access_forbidden_file_system_resource/sockets/check_run_systemd_journal_socket.fmf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| summary: Test that /run/systemd/journal/socket have different inode number inside and outside of the QM partition. | ||
| test: /bin/bash ./check_run_systemd_journal_socket.sh | ||
| duration: 10m | ||
| tag: ffi | ||
| framework: shell |
25 changes: 25 additions & 0 deletions
25
...mpts_to_access_forbidden_file_system_resource/sockets/check_run_systemd_journal_socket.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| #!/bin/bash -euvx | ||
|
|
||
| # shellcheck disable=SC1091 | ||
| . ../../../e2e/lib/utils | ||
|
|
||
| check_run_systemd_journal_socket_inode_number(){ | ||
| # Get inode number of /run/systemd/journal/socket inside and outside of the QM partition. | ||
| inode_number_in_host=$(stat --printf='%i' /run/systemd/journal/socket) | ||
| inode_number_in_qm=$(podman exec qm stat --printf='%i' /run/systemd/journal/socket) | ||
|
|
||
| # Check if the inode numbers inside and outside of the QM partition are different. | ||
| if [ "$inode_number_in_host" -eq "$inode_number_in_qm" ]; then | ||
| info_message "In the host, inode number of /run/systemd/journal/socket is: ${inode_number_in_host}" | ||
| info_message "In the QM partition, inode number of /run/systemd/journal/socket is: ${inode_number_in_qm}" | ||
| info_message "FAIL: check_run_systemd_journal_socket_inode_number: Checking inode number of /run/systemd/journal/socket failed, \ | ||
| it should have different inode number inside and outside of the QM partition." | ||
| exit 1 | ||
| else | ||
| info_message "PASS: check_run_systemd_journal_socket_inode_number: As expected, /run/systemd/journal/socket have different \ | ||
| inode number inside and outside of the QM partition." | ||
| exit 0 | ||
| fi | ||
| } | ||
|
|
||
| check_run_systemd_journal_socket_inode_number |
5 changes: 5 additions & 0 deletions
5
.../ffi/attempts_to_access_forbidden_file_system_resource/sockets/check_run_udev_control.fmf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| summary: Test that the socket /run/udev/control does not exist in the QM partition. | ||
| test: /bin/bash ./check_run_udev_control.sh | ||
| duration: 10m | ||
| tag: ffi | ||
| framework: shell |
18 changes: 18 additions & 0 deletions
18
...s/ffi/attempts_to_access_forbidden_file_system_resource/sockets/check_run_udev_control.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| #!/bin/bash -euvx | ||
|
|
||
| # shellcheck disable=SC1091 | ||
| . ../../../e2e/lib/utils | ||
|
|
||
| check_run_udev_control_not_exist(){ | ||
| # Check /run/udev/control is not exist in the QM partition | ||
| if podman exec qm test -e /run/udev/control; then | ||
| info_message "Found /run/udev/control in the QM partition: $(podman exec -t qm ls -l /run/udev/control)" | ||
| info_message "FAIL: check_run_udev_control_not_exist: Check for /run/udev/control in the QM partition failed, it should not exist." | ||
| exit 1 | ||
| else | ||
| info_message "PASS: check_run_udev_control_not_exist: As expected, /run/udev/control dose not exist in the QM partition." | ||
| exit 0 | ||
| fi | ||
| } | ||
|
|
||
| check_run_udev_control_not_exist |