diff options
author | Helmut Grohne <helmut@subdivi.de> | 2024-05-28 09:57:55 +0200 |
---|---|---|
committer | Helmut Grohne <helmut@subdivi.de> | 2024-05-28 09:57:55 +0200 |
commit | 50653db0e915eeae9a26e23cf759e5a1a03ab554 (patch) | |
tree | d8522debb9d3240d09989a1f6d2a44c6765c1442 | |
parent | e409043556c6fe54efc213daa083d679a37c2a03 (diff) | |
download | python-linuxnamespaces-50653db0e915eeae9a26e23cf759e5a1a03ab554.tar.gz |
tests/test_simple.py: support coverage generation
Two tests were failing pytest --cov, because they would sandbox
themselves in a way that writing the coverage db would be impossible.
Change them such that they retain access to the coverage database.
-rw-r--r-- | tests/test_simple.py | 53 |
1 files changed, 34 insertions, 19 deletions
diff --git a/tests/test_simple.py b/tests/test_simple.py index 0c4e2b9..878e985 100644 --- a/tests/test_simple.py +++ b/tests/test_simple.py @@ -228,39 +228,54 @@ class UnshareIdmapTest(unittest.TestCase): @pytest.mark.forked def test_unshare_user_idmap(self) -> None: - overflowuid = int(pathlib.Path("/proc/sys/fs/overflowuid").read_text()) - uidmap = linuxnamespaces.IDMapping( - 0, self.uidalloc.allocate(65536), 65536 - ) - self.assertNotEqual(os.getuid(), uidmap.outerstart) - gidmap = linuxnamespaces.IDMapping( - 0, self.gidalloc.allocate(65536), 65536 - ) + uidmaps = [ + linuxnamespaces.IDMapping( + 0, self.uidalloc.allocate(65536), 65536 + ), + linuxnamespaces.IDMapping(65536, os.getuid(), 1), + ] + self.assertNotEqual(os.getuid(), uidmaps[0].outerstart) + gidmaps = [ + linuxnamespaces.IDMapping( + 0, self.gidalloc.allocate(65536), 65536 + ), + linuxnamespaces.IDMapping(65536, os.getgid(), 1), + ] pid = os.getpid() @linuxnamespaces.run_in_fork def setup() -> None: - linuxnamespaces.newidmaps(pid, [uidmap], [gidmap]) + linuxnamespaces.newidmaps(pid, uidmaps, gidmaps) linuxnamespaces.unshare(linuxnamespaces.CloneFlags.NEWUSER) setup() - self.assertEqual(os.getuid(), overflowuid) + self.assertEqual(os.getuid(), 65536) os.setuid(0) self.assertEqual(os.getuid(), 0) - os.setuid(1) + # Keep root in saved-set for later setuid + os.setresuid(1, 1, 0) self.assertEqual(os.getuid(), 1) + # Regain root and a full set of capabilities to save test coverage + os.setuid(0) @pytest.mark.forked def test_populate_dev(self) -> None: - uidmap = linuxnamespaces.IDMapping( - 0, self.uidalloc.allocate(65536), 65536 - ) - self.assertNotEqual(os.getuid(), uidmap.outerstart) - gidmap = linuxnamespaces.IDMapping( - 0, self.gidalloc.allocate(65536), 65536 - ) + uidmaps = [ + linuxnamespaces.IDMapping( + 0, self.uidalloc.allocate(65536), 65536 + ), + # Also map our own uid to make coverage testing work + linuxnamespaces.IDMapping(65536, os.getuid(), 1), + ] + self.assertNotEqual(os.getuid(), uidmaps[0].outerstart) + gidmaps = [ + linuxnamespaces.IDMapping( + 0, self.gidalloc.allocate(65536), 65536 + ), + linuxnamespaces.IDMapping(65536, os.getgid(), 1), + ] pid = os.getpid() @linuxnamespaces.run_in_fork def setup() -> None: - linuxnamespaces.newidmaps(pid, [uidmap], [gidmap]) + linuxnamespaces.newidmaps(pid, uidmaps, gidmaps) linuxnamespaces.unshare( linuxnamespaces.CloneFlags.NEWUSER | linuxnamespaces.CloneFlags.NEWNS |