Cross Reference: /lxc/src/tests/lxc-test-unpriv

	lxc-test-unpriv revision d08363afbb40a7a8f579fe1ce60e40ffeaee5959
0N/A#!/bin/bash
2362N/A
0N/A# lxc: linux Container library
0N/A
0N/A# Authors:
0N/A# Serge Hallyn <serge.hallyn@ubuntu.com>
2362N/A#
0N/A# This is a test script for unprivileged containers
2362N/A
0N/A# This library is free software; you can redistribute it and/or
0N/A# modify it under the terms of the GNU Lesser General Public
0N/A# License as published by the Free Software Foundation; either
0N/A# version 2.1 of the License, or (at your option) any later version.
0N/A
0N/A# This library is distributed in the hope that it will be useful,
0N/A# but WITHOUT ANY WARRANTY; without even the implied warranty of
0N/A# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
0N/A# Lesser General Public License for more details.
0N/A
0N/A# You should have received a copy of the GNU Lesser General Public
2362N/A# License along with this library; if not, write to the Free Software
2362N/A# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
2362N/A
0N/Aif [ $(id -u) -ne 0 ]; then
0N/A    echo 'run as root'
0N/A    exit 1
0N/Afi
0N/Awhich newuidmap >/dev/null 2>&1 || { echo "'newuidmap' command is missing" >&2; exit 1; }
0N/A
0N/ADONE=0
2080N/Acleanup() {
0N/A    lxc-stop -P $HDIR/lxcbase -n c1
0N/A    sed -i '/usernic-user/d' /var/run/lxc/nics /etc/lxc/lxc-usernet
0N/A    sed -i '/^lxcunpriv:/d' /etc/subuid /etc/subgid
0N/A    sudo deluser $TUSER
0N/A    rm -rf $HDIR
2106N/A    if [ $DONE -eq 0 ]; then
0N/A        exit $1
0N/A    fi
0N/A}
0N/A
2106N/A# create a test user
2106N/ATUSER=lxcunpriv
0N/AHDIR=/home/$TUSER
0N/A
0N/Atrap cleanup EXIT SIGHUP SIGINT SIGTERM
0N/A
0N/Adeluser $TUSER || true
0N/Auseradd $TUSER
0N/Asudo mkdir -p $HDIR
2157N/Asudo chown $TUSER $HDIR
2157N/Aecho "$TUSER veth lxcbr0 2" > /etc/lxc/lxc-usernet
0N/Ased -i '/^lxcunpriv:/d' /etc/subuid /etc/subgid
0N/Ausermod -v 910000-919999 -w 910000-919999 $TUSER
0N/Amkdir -p $HDIR/lxcbase
0N/Achown $TUSER $HDIR/lxcbase
0N/Auid=$(id -u $TUSER)
0N/Acat >> $HDIR/.bashrc << EOF
0N/Aexport HOME=$HDIR
0N/Aexport USER=$TUSER
EOF
chown $TUSER $HDIR/.bashrc

cat > $HDIR/lxc-usernic.conf << EOF
lxc.network.type = veth
lxc.network.link = lxcbr0
lxc.id_map = u 0 910000 9999
lxc.id_map = g 0 910000 9999
EOF
chown $TUSER $HDIR/lxc-usernic.conf
rm -rf /run/lock/lxc/home/$TUSER
mkdir -p /run/lock/lxc/home/$TUSER
chown $TUSER /run/lock/lxc/home/$TUSER

for d in /sys/fs/cgroup/*; do
    mkdir $d/lxctest
    chown -R $TUSER $d/lxctest
    echo $$ > $d/lxctest/tasks
done
cd $HDIR
#export HOME=$HDIR
env | awk -F= '{print $1}' | while read line; do export ${line}=; done
echo "DOING: lxc-create -P $HDIR/lxcbase -t ubuntu-cloud -n c1 -f $HDIR/lxc-usernic.conf"
sudo --set-home -u $TUSER lxc-create -P $HDIR/lxcbase -t ubuntu-cloud -n c1 -f $HDIR/lxc-usernic.conf -l outout -o /tmp/o1
#read -p "c1 created, check it now" x
sudo --set-home -u $TUSER lxc-start -P $HDIR/lxcbase -n c1 -d

p1=`lxc-info -P $HDIR/lxcbase -n c1 -p | awk -F: '{ print $2 }'`
[ "$p1" != "-1" ] || { echo "Failed to start container c1"; false; }
lxc-attach -P $HDIR/lxcbase -n c1 -- ping -c 1 google.com

echo "All tests passed"
DONE=1