2018-02-05 16:05:59 -05:00
|
|
|
package sysinfo // import "github.com/docker/docker/pkg/sysinfo"
|
2015-06-16 22:36:20 -04:00
|
|
|
|
|
|
|
import (
|
|
|
|
"io/ioutil"
|
|
|
|
"os"
|
|
|
|
"path"
|
|
|
|
"path/filepath"
|
|
|
|
"testing"
|
2017-06-05 04:50:15 -04:00
|
|
|
|
2017-07-17 04:36:46 -04:00
|
|
|
"golang.org/x/sys/unix"
|
2018-06-11 09:32:11 -04:00
|
|
|
"gotest.tools/assert"
|
2015-06-16 22:36:20 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
func TestReadProcBool(t *testing.T) {
|
|
|
|
tmpDir, err := ioutil.TempDir("", "test-sysinfo-proc")
|
2018-03-13 15:28:34 -04:00
|
|
|
assert.NilError(t, err)
|
2015-06-16 22:36:20 -04:00
|
|
|
defer os.RemoveAll(tmpDir)
|
|
|
|
|
|
|
|
procFile := filepath.Join(tmpDir, "read-proc-bool")
|
2017-06-05 04:50:15 -04:00
|
|
|
err = ioutil.WriteFile(procFile, []byte("1"), 0644)
|
2018-03-13 15:28:34 -04:00
|
|
|
assert.NilError(t, err)
|
2015-06-16 22:36:20 -04:00
|
|
|
|
|
|
|
if !readProcBool(procFile) {
|
|
|
|
t.Fatal("expected proc bool to be true, got false")
|
|
|
|
}
|
|
|
|
|
2017-06-01 22:27:10 -04:00
|
|
|
if err := ioutil.WriteFile(procFile, []byte("0"), 0644); err != nil {
|
2015-06-16 22:36:20 -04:00
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
if readProcBool(procFile) {
|
2017-06-01 20:13:06 -04:00
|
|
|
t.Fatal("expected proc bool to be false, got true")
|
2015-06-16 22:36:20 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
if readProcBool(path.Join(tmpDir, "no-exist")) {
|
|
|
|
t.Fatal("should be false for non-existent entry")
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestCgroupEnabled(t *testing.T) {
|
|
|
|
cgroupDir, err := ioutil.TempDir("", "cgroup-test")
|
2018-03-13 15:28:34 -04:00
|
|
|
assert.NilError(t, err)
|
2015-06-16 22:36:20 -04:00
|
|
|
defer os.RemoveAll(cgroupDir)
|
|
|
|
|
|
|
|
if cgroupEnabled(cgroupDir, "test") {
|
|
|
|
t.Fatal("cgroupEnabled should be false")
|
|
|
|
}
|
|
|
|
|
2017-06-05 04:50:15 -04:00
|
|
|
err = ioutil.WriteFile(path.Join(cgroupDir, "test"), []byte{}, 0644)
|
2018-03-13 15:28:34 -04:00
|
|
|
assert.NilError(t, err)
|
2015-06-16 22:36:20 -04:00
|
|
|
|
|
|
|
if !cgroupEnabled(cgroupDir, "test") {
|
|
|
|
t.Fatal("cgroupEnabled should be true")
|
|
|
|
}
|
|
|
|
}
|
2017-06-05 04:50:15 -04:00
|
|
|
|
|
|
|
func TestNew(t *testing.T) {
|
|
|
|
sysInfo := New(false)
|
2018-03-13 15:28:34 -04:00
|
|
|
assert.Assert(t, sysInfo != nil)
|
2017-06-05 04:50:15 -04:00
|
|
|
checkSysInfo(t, sysInfo)
|
|
|
|
|
|
|
|
sysInfo = New(true)
|
2018-03-13 15:28:34 -04:00
|
|
|
assert.Assert(t, sysInfo != nil)
|
2017-06-05 04:50:15 -04:00
|
|
|
checkSysInfo(t, sysInfo)
|
|
|
|
}
|
|
|
|
|
|
|
|
func checkSysInfo(t *testing.T, sysInfo *SysInfo) {
|
|
|
|
// Check if Seccomp is supported, via CONFIG_SECCOMP.then sysInfo.Seccomp must be TRUE , else FALSE
|
2017-07-17 04:36:46 -04:00
|
|
|
if err := unix.Prctl(unix.PR_GET_SECCOMP, 0, 0, 0, 0); err != unix.EINVAL {
|
2017-06-05 04:50:15 -04:00
|
|
|
// Make sure the kernel has CONFIG_SECCOMP_FILTER.
|
2017-07-17 04:36:46 -04:00
|
|
|
if err := unix.Prctl(unix.PR_SET_SECCOMP, unix.SECCOMP_MODE_FILTER, 0, 0, 0); err != unix.EINVAL {
|
2018-03-13 15:28:34 -04:00
|
|
|
assert.Assert(t, sysInfo.Seccomp)
|
2017-06-05 04:50:15 -04:00
|
|
|
}
|
|
|
|
} else {
|
2018-03-13 15:28:34 -04:00
|
|
|
assert.Assert(t, !sysInfo.Seccomp)
|
2017-06-05 04:50:15 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestNewAppArmorEnabled(t *testing.T) {
|
|
|
|
// Check if AppArmor is supported. then it must be TRUE , else FALSE
|
|
|
|
if _, err := os.Stat("/sys/kernel/security/apparmor"); err != nil {
|
|
|
|
t.Skip("App Armor Must be Enabled")
|
|
|
|
}
|
|
|
|
|
|
|
|
sysInfo := New(true)
|
2018-03-13 15:28:34 -04:00
|
|
|
assert.Assert(t, sysInfo.AppArmor)
|
2017-06-05 04:50:15 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestNewAppArmorDisabled(t *testing.T) {
|
|
|
|
// Check if AppArmor is supported. then it must be TRUE , else FALSE
|
|
|
|
if _, err := os.Stat("/sys/kernel/security/apparmor"); !os.IsNotExist(err) {
|
|
|
|
t.Skip("App Armor Must be Disabled")
|
|
|
|
}
|
|
|
|
|
|
|
|
sysInfo := New(true)
|
2018-03-13 15:28:34 -04:00
|
|
|
assert.Assert(t, !sysInfo.AppArmor)
|
2017-06-05 04:50:15 -04:00
|
|
|
}
|
|
|
|
|
2018-12-14 18:07:19 -05:00
|
|
|
func TestNewCgroupNamespacesEnabled(t *testing.T) {
|
|
|
|
// If cgroup namespaces are supported in the kernel, then sysInfo.CgroupNamespaces should be TRUE
|
|
|
|
if _, err := os.Stat("/proc/self/ns/cgroup"); err != nil {
|
|
|
|
t.Skip("cgroup namespaces must be enabled")
|
|
|
|
}
|
|
|
|
|
|
|
|
sysInfo := New(true)
|
|
|
|
assert.Assert(t, sysInfo.CgroupNamespaces)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestNewCgroupNamespacesDisabled(t *testing.T) {
|
|
|
|
// If cgroup namespaces are *not* supported in the kernel, then sysInfo.CgroupNamespaces should be FALSE
|
|
|
|
if _, err := os.Stat("/proc/self/ns/cgroup"); !os.IsNotExist(err) {
|
|
|
|
t.Skip("cgroup namespaces must be disabled")
|
|
|
|
}
|
|
|
|
|
|
|
|
sysInfo := New(true)
|
|
|
|
assert.Assert(t, !sysInfo.CgroupNamespaces)
|
|
|
|
}
|
|
|
|
|
2017-06-05 04:50:15 -04:00
|
|
|
func TestNumCPU(t *testing.T) {
|
|
|
|
cpuNumbers := NumCPU()
|
|
|
|
if cpuNumbers <= 0 {
|
|
|
|
t.Fatal("CPU returned must be greater than zero")
|
|
|
|
}
|
|
|
|
}
|