diff --git a/tests/rust-integration-tests/integration_test/src/tests/mounts_recursive/mod.rs b/tests/rust-integration-tests/integration_test/src/tests/mounts_recursive/mod.rs index 279c84c0f6..aba6bd9a07 100644 --- a/tests/rust-integration-tests/integration_test/src/tests/mounts_recursive/mod.rs +++ b/tests/rust-integration-tests/integration_test/src/tests/mounts_recursive/mod.rs @@ -243,6 +243,47 @@ fn check_recursive_noexec() -> TestResult { result } +fn check_recursive_rexec() -> TestResult { + let rnoexec_test_base_dir = PathBuf::from_str("/tmp").unwrap(); + let rnoexec_dir_path = rnoexec_test_base_dir.join("rexec_dir"); + let rnoexec_subdir_path = rnoexec_dir_path.join("rexec_subdir"); + let mount_dest_path = PathBuf::from_str("/mnt").unwrap(); + + let mount_options = vec!["rbind".to_string(), "rexec".to_string()]; + let mut mount_spec = Mount::default(); + mount_spec + .set_destination(mount_dest_path) + .set_typ(None) + .set_source(Some(rnoexec_dir_path.clone())) + .set_options(Some(mount_options)); + let spec = get_spec( + vec![mount_spec], + vec!["runtimetest".to_string(), "mounts_recursive".to_string()], + ); + + let result = test_inside_container(spec, &|bundle_path| { + setup_mount(&rnoexec_dir_path, &rnoexec_subdir_path); + + let executable_file_name = "echo"; + let executable_file_path = bundle_path.join("bin").join(executable_file_name); + let in_container_executable_file_path = rnoexec_dir_path.join(executable_file_name); + let in_container_executable_subdir_file_path = + rnoexec_subdir_path.join(executable_file_name); + + fs::copy(&executable_file_path, in_container_executable_file_path)?; + fs::copy( + &executable_file_path, + in_container_executable_subdir_file_path, + )?; + + Ok(()) + }); + + clean_mount(&rnoexec_dir_path, &rnoexec_subdir_path); + + result +} + /// rdiratime If set in attr_clr, removes the restriction that prevented updating access time for directories. fn check_recursive_rdiratime() -> TestResult { let rdiratime_base_dir = PathBuf::from_str("/tmp/rdiratime").unwrap(); @@ -330,6 +371,34 @@ fn check_recursive_rnodev() -> TestResult { result } +fn check_recursive_readwrite() -> TestResult { + let rrw_test_base_dir = PathBuf::from_str("/tmp").unwrap(); + let rrw_dir_path = rrw_test_base_dir.join("rrw_dir"); + let rrw_subdir_path = rrw_dir_path.join("rrw_subdir"); + let mount_dest_path = PathBuf::from_str("/rrw").unwrap(); + + let mount_options = vec!["rbind".to_string(), "rrw".to_string()]; + let mut mount_spec = Mount::default(); + mount_spec + .set_destination(mount_dest_path) + .set_typ(None) + .set_source(Some(rrw_dir_path.clone())) + .set_options(Some(mount_options)); + let spec = get_spec( + vec![mount_spec], + vec!["runtimetest".to_string(), "mounts_recursive".to_string()], + ); + + let result = test_inside_container(spec, &|_| { + setup_mount(&rrw_dir_path, &rrw_subdir_path); + Ok(()) + }); + + clean_mount(&rrw_dir_path, &rrw_subdir_path); + + result +} + pub fn get_mounts_recursive_test() -> TestGroup { let rro_test = Test::new("rro_test", Box::new(check_recursive_readonly)); let rnosuid_test = Test::new("rnosuid_test", Box::new(check_recursive_nosuid)); @@ -338,6 +407,8 @@ pub fn get_mounts_recursive_test() -> TestGroup { let rdiratime_test = Test::new("rdiratime_test", Box::new(check_recursive_rdiratime)); let rdev_test = Test::new("rdev_test", Box::new(check_recursive_rdev)); let rnodev_test = Test::new("rnodev_test", Box::new(check_recursive_rnodev)); + let rrw_test = Test::new("rrw_test", Box::new(check_recursive_readwrite)); + let rexec_test = Test::new("rexec_test", Box::new(check_recursive_rexec)); let mut tg = TestGroup::new("mounts_recursive"); tg.add(vec![ @@ -348,6 +419,8 @@ pub fn get_mounts_recursive_test() -> TestGroup { Box::new(rnodiratime_test), Box::new(rdev_test), Box::new(rnodev_test), + Box::new(rrw_test), + Box::new(rexec_test), ]); tg diff --git a/tests/rust-integration-tests/runtimetest/src/tests.rs b/tests/rust-integration-tests/runtimetest/src/tests.rs index 4ca6eae432..f86926b8dc 100644 --- a/tests/rust-integration-tests/runtimetest/src/tests.rs +++ b/tests/rust-integration-tests/runtimetest/src/tests.rs @@ -116,6 +116,24 @@ pub fn validate_mounts_recursive(spec: &Spec) { eprintln!("error in testing rro recursive mounting : {e}"); } } + "rrw" => { + if let Err(e) = + do_test_mounts_recursive(mount.destination(), &|test_file_path| { + if utils::test_write_access(test_file_path.to_str().unwrap()) + .is_err() + { + // Return Err if not writeable + bail!( + "path {:?} expected to be writable, found read-only", + test_file_path + ); + } + Ok(()) + }) + { + eprintln!("error in testing rro recursive mounting : {e}"); + } + } "rnoexec" => { if let Err(e) = do_test_mounts_recursive( mount.destination(), @@ -131,6 +149,20 @@ pub fn validate_mounts_recursive(spec: &Spec) { eprintln!("error in testing rnoexec recursive mounting: {e}"); } } + "rexec" => { + if let Err(e) = do_test_mounts_recursive( + mount.destination(), + &|test_file_path| { + if let Err(ee) = utils::test_file_executable(test_file_path.to_str().unwrap()) + { + bail!("path {:?} expected to be executable, found not executable, error: {ee}", test_file_path); + } + Ok(()) + }, + ) { + eprintln!("error in testing rexec recursive mounting: {e}"); + } + } "rdiratime" => { println!("test_dir_update_access_time: {:?}", mount); let rest = utils::test_dir_update_access_time( diff --git a/tests/rust-integration-tests/runtimetest/src/utils.rs b/tests/rust-integration-tests/runtimetest/src/utils.rs index bd78b4c6ff..7e5950cd82 100644 --- a/tests/rust-integration-tests/runtimetest/src/utils.rs +++ b/tests/rust-integration-tests/runtimetest/src/utils.rs @@ -78,6 +78,7 @@ pub fn test_file_executable(path: &str) -> Result<(), std::io::Error> { let mode = fstat.st_mode; if is_file_like(mode) { Command::new(path).output()?; + return Ok(()) } Err(std::io::Error::new(