aboutsummaryrefslogtreecommitdiff
path: root/tests/containers.scm
Commit message (Collapse)AuthorAge
* linux-container: 'container-excursion' forks to join the PID namespace.Ludovic Courtès2023-01-30
| | | | | | | | | | Fixes <https://issues.guix.gnu.org/61156>. * gnu/build/linux-container.scm (container-excursion): Add extra call to 'primitive-fork' and invoke THUNK in the child process. * tests/containers.scm ("container-excursion"): Remove extra 'primitive-fork' call, now unnecessary. ("container-excursion*, /proc"): New test.
* container: Correctly report exit status.Ludovic Courtès2023-01-30
| | | | | | | | | * gnu/build/linux-container.scm (container-excursion): Return the raw status value. * tests/containers.scm ("container-excursion, same namespaces"): Add 'status:exit-val' call. * guix/scripts/container/exec.scm (guix-container-exec): Correctly handle the different cases.
* linux-container: Reset jailed root permissions.Jelle Licht2020-10-01
| | | | | | * gnu/build/linux-container.scm (mount-file-systems): Add 'chmod' call. * tests/containers.scm ("call-with-container, mnt namespace, root permissions"): New test.
* tests: Skip container test when lacking kernel support.Ludovic Courtès2019-10-15
| | | | | | | This is a followup to 96b35998e610c7fc37bf87bf9e07e63d3bebd0a3. * tests/containers.scm ("eval/container, non-empty load path"): Add missing 'skip-if-unsupported' call.
* linux-container: 'eval/container' correctly passes -L and -C flags.Ludovic Courtès2019-09-18
| | | | | | | | This fixes a type error. * gnu/system/linux-container.scm (eval/container): Use 'append-map', not 'map'. * tests/containers.scm ("eval/container, non-empty load path"): New test.
* linux-container: Add 'eval/container'.Ludovic Courtès2019-07-19
| | | | | | * gnu/system/linux-container.scm (eval/container): New procedure. * tests/containers.scm ("eval/container, exit status") ("eval/container, writable user mapping"): New tests.
* linux-container: Make the guest UID and GID a parameter.Ludovic Courtès2019-04-02
| | | | | | | | | * gnu/build/linux-container.scm (initialize-user-namespace): Add #:guest-uid and #:guest-gid parameters and honor them. (run-container): Likewise. (call-with-container): Likewise. * tests/containers.scm ("call-with-container, user namespace, guest UID/GID"): New test.
* tests: Fix race condition in 'container-excursion*' test.Ludovic Courtès2017-05-31
| | | | | * tests/containers.scm ("container-excursion*"): Move (namespace pid) call before (kill pid SIGKILL).
* linux-container: Add 'container-excursion*'.Ludovic Courtès2017-02-07
| | | | | | * gnu/build/linux-container.scm (container-excursion*): New procedure. * tests/containers.scm ("container-excursion*") ("container-excursion*, same namespaces"): New tests.
* tests: Don't check file-systems in container tests.Andy Patterson2016-11-13
| | | | | | | | | | | | | | | | | | | | | | Hello, The containers test was hanging for me, and this patch fixed the problem. -- Andy From 945ad44acf489b7f3a398d4ab739ec2b48477502 Mon Sep 17 00:00:00 2001 From: Andy Patterson <ajpatter@uwaterloo.ca> Date: Sat, 12 Nov 2016 22:10:01 -0500 Subject: [PATCH] tests: Don't check file-systems in container tests. * tests/containers.scm ("call-with-container, mnt namespace"): Don't check file-system in 'call-with-container' call. * tests/containers.scm ("call-with-container, mnt namespace, wrong bindmount"): Likewise. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* container: Pass a list of <file-system> objects as things to mount.Ludovic Courtès2016-11-10
| | | | | | | | | | | | | | | * gnu/build/linux-container.scm (mount-file-systems): 'mounts' is now a list of <file-system> objects instead of a list of lists ("specs"). Add call to 'file-system->spec' as the argument to 'mount-file-system'. (run-container, call-with-container): Adjust docstring accordingly. * gnu/system/file-systems.scm (spec->file-system): New procedure. * gnu/system/linux-container.scm (container-script)[script]: Call 'spec->file-system' inside gexp. * guix/scripts/environment.scm (launch-environment/container): Remove call to 'file-system->spec'. * tests/containers.scm ("call-with-container, mnt namespace") ("call-with-container, mnt namespace, wrong bind mount"): Pass a list of <file-system> objects.
* container: Allow 'container-excursion' to the same namespaces.Ludovic Courtès2016-10-19
| | | | | | | | | | | Before that, 'container-excursion' would call 'setns' even when the target namespace is the one the caller is already in, which would fail. * gnu/build/linux-container.scm (container-excursion): Introduce 'source' and 'target'. Compare the result of 'readlink' on these instead of comparing file descriptors to decide whether to call 'setns'. * tests/containers.scm ("container-excursion, same namespace"): New test.
* tests: Skip all the container tests when needed.Ludovic Courtès2016-06-25
| | | | | | | | Reported by myglc2 <myglc2@gmail.com> at <http://bugs.gnu.org/23836>. * tests/containers.scm (skip-if-unsupported): New procedure. Call it before each test.
* container: Gracefully report mount errors in the child process.Ludovic Courtès2016-05-31
| | | | | | | | | | | | | Fixes <http://bugs.gnu.org/23306>. * gnu/build/linux-container.scm (run-container): Use 'socketpair' instead of 'pipe'. Rename 'in' to 'child' and 'out' to 'parent'. Send a 'ready message or an exception argument list from the child to the parent; adjust the parent accordingly. * tests/containers.scm ("call-with-container, mnt namespace, wrong bind mount"): New test. * tests/guix-environment-container.sh: Add test with --expose=/does-not-exist.
* build: Add a Guile custom test driver using SRFI-64.Mathieu Lirzin2016-04-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before that '.log' files for scheme tests were fragmented and not included in test-suite.log. This unifies the semantics of SRFI-64 API with Automake test suite. * build-aux/test-driver.scm: New file. * Makefile.am (SCM_LOG_DRIVER, AM_SCM_LOG_DRIVER_FLAGS): New variables. (SCM_LOG_COMPILER, AM_SCM_LOG_FLAGS): Delete variables. (AM_TESTS_ENVIRONMENT): Set GUILE_AUTO_COMPILE to 0. * test-env.in: Silence guix-daemon. * doc/guix.texi (Running the Test Suite): Describe how to display the detailed results. Bug reports require only 'test-suite.log' file. * tests/base32.scm, tests/build-utils.scm, tests/builders.scm, tests/challenge.scm, tests/cpan.scm, tests/cpio.scm, tests/cran.scm, tests/cve.scm, tests/derivations.scm, tests/elpa.scm, tests/file-systems.scm, tests/gem.scm, tests/gexp.scm, tests/gnu-maintenance.scm, tests/grafts.scm, tests/graph.scm, tests/gremlin.scm, tests/hackage.scm, tests/hash.scm, tests/import-utils.scm, tests/lint.scm, tests/monads.scm, tests/nar.scm, tests/packages.scm, tests/pk-crypto.scm, tests/pki.scm, tests/profiles.scm, tests/publish.scm, tests/pypi.scm, tests/records.scm, tests/scripts-build.scm, tests/scripts.scm, tests/services.scm, tests/sets.scm, tests/size.scm, tests/snix.scm, tests/store.scm, tests/substitute.scm, tests/syscalls.scm, tests/system.scm, tests/ui.scm, tests/union.scm, tests/upstream.scm, tests/utils.scm: Don't exit at the end of test groups. * tests/containers.scm: Likewise. Use 'test-skip' instead of exiting with error code 77.
* build: container: Add feature test predicates.David Thompson2015-11-03
| | | | | | | | * gnu/build/linux-container.scm (user-namespace-supported?, unprivileged-user-namespace-supported?, setgroups-supported?): New procedures. * tests/container.scm: Use predicates. * tests/syscalls.scm: Likewise.
* build: container: Fix call-with-clean-exit.David Thompson2015-10-10
| | | | | | | | Before, call-with-clean-exit would *always* return an exit code of 1. * gnu/build/linux-container.scm (call-with-clean-exit): Exit with status code of 0 if thunk does not throw an exception. * tests/containers.scm: Add test.
* tests: containers: Skip if setgroups file does not exist.David Thompson2015-08-11
| | | | | | | | | | | | Fixes bug #21226. Linux 3.19 introduced a fix for a security vulnerability in user namespaces. This fix introduced a new proc file called 'setgroups' and was backported to many older kernels. However, some users run a kernel that is new enough to support user namespaces yet old enough to not include the patch, so we must skip the tests. * tests/containers.scm: Skip all tests if /proc/self/setgroups does not exist.
* build: container: Add #:host-uids argument to call-with-container.David Thompson2015-08-08
| | | | | | | | | | | | It's not always possible to map 65536 uids when creating a container as the root user within another user namespace. This is true when building Guix within the build daemon's container. By using a uid range of 1 by default, even as the root user, the tests now pass. * gnu/build/linux-container.scm (initialize-user-namespace, run-container): Add 'host-uids' argument. (call-with-container): Add #:host-uids keyword argument. * tests/containers.scm ("container-excursion"): Update 'run-container' call.
* tests: Skip container tests if namespaces are not available.David Thompson2015-07-20
| | | | * tests/containers.scm: Skip all tests if user namespaces do not exist.
* gnu: build: Add Linux container module.David Thompson2015-07-09
* gnu/build/linux-container.scm: New file. * gnu-system.am (GNU_SYSTEM_MODULES): Add it. * .dir-locals.el: Add Scheme indent rules for 'call-with-container', and 'container-excursion'. * tests/containers.scm: New file. * Makefile.am (SCM_TESTS): Add it.