summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHelmut Grohne <helmut@subdivi.de>2024-05-28 09:57:55 +0200
committerHelmut Grohne <helmut@subdivi.de>2024-05-28 09:57:55 +0200
commit50653db0e915eeae9a26e23cf759e5a1a03ab554 (patch)
treed8522debb9d3240d09989a1f6d2a44c6765c1442
parente409043556c6fe54efc213daa083d679a37c2a03 (diff)
downloadpython-linuxnamespaces-50653db0e915eeae9a26e23cf759e5a1a03ab554.tar.gz
tests/test_simple.py: support coverage generation
Two tests were failing pytest --cov, because they would sandbox themselves in a way that writing the coverage db would be impossible. Change them such that they retain access to the coverage database.
-rw-r--r--tests/test_simple.py53
1 files changed, 34 insertions, 19 deletions
diff --git a/tests/test_simple.py b/tests/test_simple.py
index 0c4e2b9..878e985 100644
--- a/tests/test_simple.py
+++ b/tests/test_simple.py
@@ -228,39 +228,54 @@ class UnshareIdmapTest(unittest.TestCase):
@pytest.mark.forked
def test_unshare_user_idmap(self) -> None:
- overflowuid = int(pathlib.Path("/proc/sys/fs/overflowuid").read_text())
- uidmap = linuxnamespaces.IDMapping(
- 0, self.uidalloc.allocate(65536), 65536
- )
- self.assertNotEqual(os.getuid(), uidmap.outerstart)
- gidmap = linuxnamespaces.IDMapping(
- 0, self.gidalloc.allocate(65536), 65536
- )
+ uidmaps = [
+ linuxnamespaces.IDMapping(
+ 0, self.uidalloc.allocate(65536), 65536
+ ),
+ linuxnamespaces.IDMapping(65536, os.getuid(), 1),
+ ]
+ self.assertNotEqual(os.getuid(), uidmaps[0].outerstart)
+ gidmaps = [
+ linuxnamespaces.IDMapping(
+ 0, self.gidalloc.allocate(65536), 65536
+ ),
+ linuxnamespaces.IDMapping(65536, os.getgid(), 1),
+ ]
pid = os.getpid()
@linuxnamespaces.run_in_fork
def setup() -> None:
- linuxnamespaces.newidmaps(pid, [uidmap], [gidmap])
+ linuxnamespaces.newidmaps(pid, uidmaps, gidmaps)
linuxnamespaces.unshare(linuxnamespaces.CloneFlags.NEWUSER)
setup()
- self.assertEqual(os.getuid(), overflowuid)
+ self.assertEqual(os.getuid(), 65536)
os.setuid(0)
self.assertEqual(os.getuid(), 0)
- os.setuid(1)
+ # Keep root in saved-set for later setuid
+ os.setresuid(1, 1, 0)
self.assertEqual(os.getuid(), 1)
+ # Regain root and a full set of capabilities to save test coverage
+ os.setuid(0)
@pytest.mark.forked
def test_populate_dev(self) -> None:
- uidmap = linuxnamespaces.IDMapping(
- 0, self.uidalloc.allocate(65536), 65536
- )
- self.assertNotEqual(os.getuid(), uidmap.outerstart)
- gidmap = linuxnamespaces.IDMapping(
- 0, self.gidalloc.allocate(65536), 65536
- )
+ uidmaps = [
+ linuxnamespaces.IDMapping(
+ 0, self.uidalloc.allocate(65536), 65536
+ ),
+ # Also map our own uid to make coverage testing work
+ linuxnamespaces.IDMapping(65536, os.getuid(), 1),
+ ]
+ self.assertNotEqual(os.getuid(), uidmaps[0].outerstart)
+ gidmaps = [
+ linuxnamespaces.IDMapping(
+ 0, self.gidalloc.allocate(65536), 65536
+ ),
+ linuxnamespaces.IDMapping(65536, os.getgid(), 1),
+ ]
pid = os.getpid()
@linuxnamespaces.run_in_fork
def setup() -> None:
- linuxnamespaces.newidmaps(pid, [uidmap], [gidmap])
+ linuxnamespaces.newidmaps(pid, uidmaps, gidmaps)
linuxnamespaces.unshare(
linuxnamespaces.CloneFlags.NEWUSER
| linuxnamespaces.CloneFlags.NEWNS