root
/
buildah
mirror of https://github.com/containers/buildah.git
1
0
Fork 0
Code Issues Actions 3 Packages Projects Releases Wiki Activity
buildah/copier/copier_linux_test.go

197 lines
6.0 KiB
Go
Raw Normal View History

copier: add GetOptions.IgnoreUnreadable Add an IgnoreUnreadable flag to copier.GetOptions to suppress errors from copier.Get() that would pass the os.IsPermission() test, if they're encountered while attempting to read files or descend into directories. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-03-04 05:45:43 +08:00
package copier
import (
"archive/tar"
"bytes"
"encoding/json"
Switch to golang native error wrapping We now use the golang error wrapping format specifier `%w` instead of the deprecated github.com/pkg/errors package. Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
2022-07-06 17:14:06 +08:00
"errors"
copier: add GetOptions.IgnoreUnreadable Add an IgnoreUnreadable flag to copier.GetOptions to suppress errors from copier.Get() that would pass the os.IsPermission() test, if they're encountered while attempting to read files or descend into directories. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-03-04 05:45:43 +08:00
"fmt"
"io"
"io/ioutil"
"os"
"path/filepath"
"testing"
copier: add GetOptions.NoCrossDevice Add a NoCrossDevice flag to GetOptions, telling it to ignore subdirectories on devices different than the top reference directory that we start from, i.e., ignore the contents of mounted filesystems. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-04-14 02:09:21 +08:00
"github.com/containers/storage/pkg/mount"
copier: add GetOptions.IgnoreUnreadable Add an IgnoreUnreadable flag to copier.GetOptions to suppress errors from copier.Get() that would pass the os.IsPermission() test, if they're encountered while attempting to read files or descend into directories. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-03-04 05:45:43 +08:00
"github.com/containers/storage/pkg/reexec"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/syndtr/gocapability/capability"
copier: add GetOptions.NoCrossDevice Add a NoCrossDevice flag to GetOptions, telling it to ignore subdirectories on devices different than the top reference directory that we start from, i.e., ignore the contents of mounted filesystems. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-04-14 02:09:21 +08:00
"golang.org/x/sys/unix"
copier: add GetOptions.IgnoreUnreadable Add an IgnoreUnreadable flag to copier.GetOptions to suppress errors from copier.Get() that would pass the os.IsPermission() test, if they're encountered while attempting to read files or descend into directories. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-03-04 05:45:43 +08:00
)
func init() {
reexec.Register("get", getWrappedMain)
}
type getWrappedOptions struct {
Root, Directory string
GetOptions GetOptions
Globs []string
DropCaps []capability.Cap
}
func getWrapped(root string, directory string, getOptions GetOptions, globs []string, dropCaps []capability.Cap, bulkWriter io.Writer) error {
options := getWrappedOptions{
Root: root,
Directory: directory,
GetOptions: getOptions,
Globs: globs,
DropCaps: dropCaps,
}
encoded, err := json.Marshal(&options)
if err != nil {
Fix stutters Podman adds an Error: to every error message. So starting an error message with "error" ends up being reported to the user as Error: error ... This patch removes the stutter. Also ioutil.ReadFile errors report the Path, so wrapping the err message with the path causes a stutter. Signed-off-by: Daniel J Walsh dwalsh@redhat.com [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2022-09-18 18:36:08 +08:00
return fmt.Errorf("marshalling options: %w", err)
copier: add GetOptions.IgnoreUnreadable Add an IgnoreUnreadable flag to copier.GetOptions to suppress errors from copier.Get() that would pass the os.IsPermission() test, if they're encountered while attempting to read files or descend into directories. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-03-04 05:45:43 +08:00
}
cmd := reexec.Command("get")
cmd.Env = append(cmd.Env, "OPTIONS="+string(encoded))
cmd.Stdout = bulkWriter
stderrBuf := bytes.Buffer{}
cmd.Stderr = &stderrBuf
err = cmd.Run()
if stderrBuf.Len() > 0 {
if err != nil {
return fmt.Errorf("%v: %s", err, stderrBuf.String())
}
return fmt.Errorf("%s", stderrBuf.String())
}
return err
}
func getWrappedMain() {
var options getWrappedOptions
if err := json.Unmarshal([]byte(os.Getenv("OPTIONS")), &options); err != nil {
fmt.Fprintf(os.Stderr, "%v", err)
os.Exit(1)
}
if len(options.DropCaps) > 0 {
all: fix capabilities.NewPid deprecation warnings Since commit 3eef1ed0bd12bcccf (January 2019) using capabilities.NewPid() is deprecated. Replace with NewPid2(). Note that in chroot/run.go we used to load then clear all capabilities bits. With NewPid2, this is no longer needed -- we do not load caps, so there is no need to clear. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2022-01-18 11:02:22 +08:00
caps, err := capability.NewPid2(0)
copier: add GetOptions.IgnoreUnreadable Add an IgnoreUnreadable flag to copier.GetOptions to suppress errors from copier.Get() that would pass the os.IsPermission() test, if they're encountered while attempting to read files or descend into directories. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-03-04 05:45:43 +08:00
if err != nil {
fmt.Fprintf(os.Stderr, "%v", err)
os.Exit(1)
}
all: fix capabilities.NewPid deprecation warnings Since commit 3eef1ed0bd12bcccf (January 2019) using capabilities.NewPid() is deprecated. Replace with NewPid2(). Note that in chroot/run.go we used to load then clear all capabilities bits. With NewPid2, this is no longer needed -- we do not load caps, so there is no need to clear. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2022-01-18 11:02:22 +08:00
if err := caps.Load(); err != nil {
fmt.Fprintf(os.Stderr, "%v", err)
os.Exit(1)
}
copier: add GetOptions.IgnoreUnreadable Add an IgnoreUnreadable flag to copier.GetOptions to suppress errors from copier.Get() that would pass the os.IsPermission() test, if they're encountered while attempting to read files or descend into directories. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-03-04 05:45:43 +08:00
for _, capType := range []capability.CapType{
capability.AMBIENT,
capability.BOUNDING,
capability.INHERITABLE,
capability.PERMITTED,
capability.EFFECTIVE,
} {
for _, cap := range options.DropCaps {
if caps.Get(capType, cap) {
caps.Unset(capType, cap)
}
}
if err := caps.Apply(capType); err != nil {
fmt.Fprintf(os.Stderr, "error dropping capability %+v: %v", options.DropCaps, err)
os.Exit(1)
}
}
}
if err := Get(options.Root, options.Directory, options.GetOptions, options.Globs, os.Stdout); err != nil {
fmt.Fprintf(os.Stderr, "%v", err)
os.Exit(1)
}
}
func TestGetPermissionErrorNoChroot(t *testing.T) {
couldChroot := canChroot
canChroot = false
testGetPermissionError(t)
canChroot = couldChroot
}
func TestGetPermissionErrorChroot(t *testing.T) {
if uid != 0 {
t.Skipf("chroot() requires root privileges, skipping")
}
couldChroot := canChroot
canChroot = true
testGetPermissionError(t)
canChroot = couldChroot
}
func testGetPermissionError(t *testing.T) {
dropCaps := []capability.Cap{capability.CAP_DAC_OVERRIDE, capability.CAP_DAC_READ_SEARCH}
test: use `T.TempDir` to create temporary test directory This commit replaces `ioutil.TempDir` with `t.TempDir` in tests. The directory created by `t.TempDir` is automatically removed when the test and all its subtests complete. Prior to this commit, temporary directory created using `ioutil.TempDir` needs to be removed manually by calling `os.RemoveAll`, which is omitted in some tests. The error handling boilerplate e.g. defer func() { if err := os.RemoveAll(dir); err != nil { t.Fatal(err) } } is also tedious, but `t.TempDir` handles this for us nicely. Reference: https://pkg.go.dev/testing#T.TempDir Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-20 15:02:40 +08:00
tmp := t.TempDir()
err := os.Mkdir(filepath.Join(tmp, "unreadable-directory"), 0000)
copier: add GetOptions.IgnoreUnreadable Add an IgnoreUnreadable flag to copier.GetOptions to suppress errors from copier.Get() that would pass the os.IsPermission() test, if they're encountered while attempting to read files or descend into directories. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-03-04 05:45:43 +08:00
require.NoError(t, err, "error creating an unreadable directory")
err = os.Mkdir(filepath.Join(tmp, "readable-directory"), 0755)
require.NoError(t, err, "error creating a readable directory")
err = os.Mkdir(filepath.Join(tmp, "readable-directory", "unreadable-subdirectory"), 0000)
require.NoError(t, err, "error creating an unreadable subdirectory")
err = ioutil.WriteFile(filepath.Join(tmp, "unreadable-file"), []byte("hi, i'm a file that you can't read"), 0000)
require.NoError(t, err, "error creating an unreadable file")
err = ioutil.WriteFile(filepath.Join(tmp, "readable-file"), []byte("hi, i'm also a file, and you can read me"), 0644)
require.NoError(t, err, "error creating a readable file")
err = ioutil.WriteFile(filepath.Join(tmp, "readable-directory", "unreadable-file"), []byte("hi, i'm also a file that you can't read"), 0000)
require.NoError(t, err, "error creating an unreadable file in a readable directory")
for _, ignore := range []bool{false, true} {
t.Run(fmt.Sprintf("ignore=%v", ignore), func(t *testing.T) {
var buf bytes.Buffer
err = getWrapped(tmp, tmp, GetOptions{IgnoreUnreadable: ignore}, []string{"."}, dropCaps, &buf)
if ignore {
assert.NoError(t, err, "expected no errors")
tr := tar.NewReader(&buf)
items := 0
_, err := tr.Next()
for err == nil {
items++
_, err = tr.Next()
}
assert.True(t, errors.Is(err, io.EOF), "expected EOF to finish read contents")
assert.Equalf(t, 2, items, "expected two readable items, got %d", items)
} else {
assert.Error(t, err, "expected an error")
assert.Truef(t, errorIsPermission(err), "expected the error (%v) to be a permission error", err)
}
})
}
}
copier: add GetOptions.NoCrossDevice Add a NoCrossDevice flag to GetOptions, telling it to ignore subdirectories on devices different than the top reference directory that we start from, i.e., ignore the contents of mounted filesystems. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-04-14 02:09:21 +08:00
func TestGetNoCrossDevice(t *testing.T) {
if uid != 0 {
t.Skip("test requires root privileges, skipping")
}
test: use `T.TempDir` to create temporary test directory This commit replaces `ioutil.TempDir` with `t.TempDir` in tests. The directory created by `t.TempDir` is automatically removed when the test and all its subtests complete. Prior to this commit, temporary directory created using `ioutil.TempDir` needs to be removed manually by calling `os.RemoveAll`, which is omitted in some tests. The error handling boilerplate e.g. defer func() { if err := os.RemoveAll(dir); err != nil { t.Fatal(err) } } is also tedious, but `t.TempDir` handles this for us nicely. Reference: https://pkg.go.dev/testing#T.TempDir Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-20 15:02:40 +08:00
tmpdir := t.TempDir()
copier: add GetOptions.NoCrossDevice Add a NoCrossDevice flag to GetOptions, telling it to ignore subdirectories on devices different than the top reference directory that we start from, i.e., ignore the contents of mounted filesystems. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-04-14 02:09:21 +08:00
test: use `T.TempDir` to create temporary test directory This commit replaces `ioutil.TempDir` with `t.TempDir` in tests. The directory created by `t.TempDir` is automatically removed when the test and all its subtests complete. Prior to this commit, temporary directory created using `ioutil.TempDir` needs to be removed manually by calling `os.RemoveAll`, which is omitted in some tests. The error handling boilerplate e.g. defer func() { if err := os.RemoveAll(dir); err != nil { t.Fatal(err) } } is also tedious, but `t.TempDir` handles this for us nicely. Reference: https://pkg.go.dev/testing#T.TempDir Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-20 15:02:40 +08:00
err := unix.Unshare(unix.CLONE_NEWNS)
copier: add GetOptions.NoCrossDevice Add a NoCrossDevice flag to GetOptions, telling it to ignore subdirectories on devices different than the top reference directory that we start from, i.e., ignore the contents of mounted filesystems. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-04-14 02:09:21 +08:00
require.NoError(t, err, "error creating new mount namespace")
subdir := filepath.Join(tmpdir, "subdir")
err = os.Mkdir(subdir, 0755)
require.NoErrorf(t, err, "error creating %q", subdir)
err = mount.Mount("tmpfs", subdir, "tmpfs", "rw")
require.NoErrorf(t, err, "error mounting tmpfs at %q", subdir)
defer func() {
err := mount.Unmount(subdir)
assert.NoErrorf(t, err, "error unmounting %q", subdir)
}()
skipped := filepath.Join(subdir, "skipped.txt")
err = ioutil.WriteFile(skipped, []byte("this file should have been skipped\n"), 0644)
require.NoErrorf(t, err, "error writing file at %q", skipped)
var buf bytes.Buffer
err = Get(tmpdir, tmpdir, GetOptions{NoCrossDevice: true}, []string{"/"}, &buf) // grab contents of tmpdir
require.NoErrorf(t, err, "error reading contents at %q", tmpdir)
tr := tar.NewReader(&buf)
th, err := tr.Next() // should be the "subdir" directory
require.NoError(t, err, "error reading first entry archived")
assert.Equal(t, "subdir", th.Name, `first entry in archive was not named "subdir"`)
th, err = tr.Next()
assert.Error(t, err, "should not have gotten a second entry in archive")
assert.True(t, errors.Is(err, io.EOF), "expected an EOF trying to read a second entry in archive")
if err == nil {
t.Logf("got unexpected entry for %q", th.Name)
}
}