Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(78)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/services/namespace_utils_unittest.cc

Issue 849893004: Move a couple of utility functions to a new namespace_utils class. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rename to SupportsUnprivilegedNamespace, which always checks for user namespace support Created 5 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« sandbox/linux/services/namespace_utils.cc ('K') | « sandbox/linux/services/namespace_utils.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "sandbox/linux/services/namespace_utils.h"
6
7 #include <errno.h>
8 #include <sched.h>
9 #include <sys/types.h>
10 #include <sys/wait.h>
11
12 #include "base/posix/eintr_wrapper.h"
13 #include "base/process/launch.h"
14 #include "sandbox/linux/tests/unit_tests.h"
15 #include "testing/gtest/include/gtest/gtest.h"
16
17 namespace sandbox {
18
19 namespace {
20
21 SANDBOX_TEST(NamespaceUtils, SupportsUnprivilegedNamespace) {
22 bool supports_user_ns =
23 NamespaceUtils::SupportsUnprivilegedNamespace(CLONE_NEWUSER);
24 errno = 0;
25 pid_t pid = base::ForkWithFlags(CLONE_NEWUSER, nullptr, nullptr);
26 if (pid == 0) {
27 _exit(0);
28 }
29
30 bool fork_succeeded = pid > 0;
31 if (fork_succeeded) {
32 int status;
33 EXPECT_EQ(pid, HANDLE_EINTR(waitpid(pid, &status, 0)));
34 EXPECT_EQ(0, status);
35 } else {
36 EXPECT_EQ(EINTR, errno);
37 }
38
39 EXPECT_EQ(supports_user_ns, fork_succeeded);
jln (very slow on Chromium) 2015/01/23 02:48:23 This will break from inside a chroot. fork_succeed
rickyz (no longer on Chrome) 2015/01/23 23:59:37 Done.
40 }
41
42 SANDBOX_TEST(NamespaceUtils, WriteToIdMapFile) {
43 if (!NamespaceUtils::SupportsUnprivilegedNamespace(CLONE_NEWUSER)) {
44 return;
45 }
46
47 pid_t pid = base::ForkWithFlags(CLONE_NEWUSER, nullptr, nullptr);
48 ASSERT_NE(-1, pid);
jln (very slow on Chromium) 2015/01/23 02:48:23 Same remark, this will fail inside a chroot().
rickyz (no longer on Chrome) 2015/01/23 23:59:37 Done.
49
50 uid_t uid = getuid();
51 gid_t gid = getgid();
52 if (pid == 0) {
53 EXPECT_NE(uid, getuid());
54 NamespaceUtils::WriteToIdMapFile("/proc/self/uid_map", uid);
55 EXPECT_EQ(uid, getuid());
56
57 EXPECT_NE(gid, getgid());
58 NamespaceUtils::WriteToIdMapFile("/proc/self/gid_map", gid);
59 EXPECT_EQ(gid, getgid());
60
61 _exit(0);
62 }
63
64 int status;
65 EXPECT_EQ(pid, HANDLE_EINTR(waitpid(pid, &status, 0)));
66 EXPECT_EQ(0, status);
67 }
68
69 } // namespace.
70
71 } // namespace sandbox.
OLDNEW
« sandbox/linux/services/namespace_utils.cc ('K') | « sandbox/linux/services/namespace_utils.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698