2014-12-30 17:22:31 -05:00
// +build !test_no_exec
2014-09-18 17:36:34 -04:00
package main
import (
"bufio"
2015-01-15 13:37:30 -05:00
"fmt"
2015-07-09 23:57:03 -04:00
"net/http"
2014-11-05 18:12:24 -05:00
"os"
2014-09-18 17:36:34 -04:00
"os/exec"
2015-01-19 15:11:19 -05:00
"path/filepath"
2015-01-15 13:37:30 -05:00
"reflect"
"sort"
2014-09-18 17:36:34 -04:00
"strings"
2015-01-15 13:37:30 -05:00
"sync"
2014-09-18 17:36:34 -04:00
"time"
2015-04-18 12:46:47 -04:00
"github.com/go-check/check"
2014-09-18 17:36:34 -04:00
)
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestExec ( c * check . C ) {
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "run" , "-d" , "--name" , "testing" , "busybox" , "sh" , "-c" , "echo test > /tmp/file && top" )
2015-02-20 01:56:02 -05:00
2015-07-20 02:55:40 -04:00
out , _ := dockerCmd ( c , "exec" , "testing" , "cat" , "/tmp/file" )
2014-09-18 17:36:34 -04:00
out = strings . Trim ( out , "\r\n" )
2015-07-20 02:55:40 -04:00
if out != "test" {
c . Errorf ( "container exec should've printed test but printed %q" , out )
2014-09-18 17:36:34 -04:00
}
}
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestExecInteractive ( c * check . C ) {
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "run" , "-d" , "--name" , "testing" , "busybox" , "sh" , "-c" , "echo test > /tmp/file && top" )
2014-09-18 17:36:34 -04:00
execCmd := exec . Command ( dockerBinary , "exec" , "-i" , "testing" , "sh" )
stdin , err := execCmd . StdinPipe ( )
if err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2014-09-18 17:36:34 -04:00
}
stdout , err := execCmd . StdoutPipe ( )
if err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2014-09-18 17:36:34 -04:00
}
if err := execCmd . Start ( ) ; err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2014-09-18 17:36:34 -04:00
}
if _ , err := stdin . Write ( [ ] byte ( "cat /tmp/file\n" ) ) ; err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2014-09-18 17:36:34 -04:00
}
r := bufio . NewReader ( stdout )
line , err := r . ReadString ( '\n' )
if err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2014-09-18 17:36:34 -04:00
}
line = strings . TrimSpace ( line )
if line != "test" {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "Output should be 'test', got '%q'" , line )
2014-09-18 17:36:34 -04:00
}
if err := stdin . Close ( ) ; err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2014-09-18 17:36:34 -04:00
}
2015-04-27 13:29:48 -04:00
errChan := make ( chan error )
2014-09-18 17:36:34 -04:00
go func ( ) {
2015-04-27 13:29:48 -04:00
errChan <- execCmd . Wait ( )
close ( errChan )
2014-09-18 17:36:34 -04:00
} ( )
select {
2015-04-27 13:29:48 -04:00
case err := <- errChan :
c . Assert ( err , check . IsNil )
2014-09-18 17:36:34 -04:00
case <- time . After ( 1 * time . Second ) :
2015-04-18 12:46:47 -04:00
c . Fatal ( "docker exec failed to exit on stdin close" )
2014-09-18 17:36:34 -04:00
}
}
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestExecAfterContainerRestart ( c * check . C ) {
2015-07-20 02:55:40 -04:00
out , _ := dockerCmd ( c , "run" , "-d" , "busybox" , "top" )
2015-04-06 09:21:18 -04:00
cleanedContainerID := strings . TrimSpace ( out )
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "restart" , cleanedContainerID )
2014-09-18 17:36:34 -04:00
2015-07-20 02:55:40 -04:00
out , _ = dockerCmd ( c , "exec" , cleanedContainerID , "echo" , "hello" )
2014-09-18 17:36:34 -04:00
outStr := strings . TrimSpace ( out )
if outStr != "hello" {
2015-04-18 12:46:47 -04:00
c . Errorf ( "container should've printed hello, instead printed %q" , outStr )
2014-09-18 17:36:34 -04:00
}
}
2015-04-25 22:47:42 -04:00
func ( s * DockerDaemonSuite ) TestExecAfterDaemonRestart ( c * check . C ) {
2015-04-18 12:46:47 -04:00
testRequires ( c , SameHostDaemon )
2015-02-20 01:56:02 -05:00
2015-04-25 22:47:42 -04:00
if err := s . d . StartWithBusybox ( ) ; err != nil {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "Could not start daemon with busybox: %v" , err )
2014-09-18 17:36:34 -04:00
}
2015-04-25 22:47:42 -04:00
if out , err := s . d . Cmd ( "run" , "-d" , "--name" , "top" , "-p" , "80" , "busybox:latest" , "top" ) ; err != nil {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "Could not run top: err=%v\n%s" , err , out )
2014-09-18 17:36:34 -04:00
}
2015-04-25 22:47:42 -04:00
if err := s . d . Restart ( ) ; err != nil {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "Could not restart daemon: %v" , err )
2014-09-18 17:36:34 -04:00
}
2015-04-25 22:47:42 -04:00
if out , err := s . d . Cmd ( "start" , "top" ) ; err != nil {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "Could not start top after daemon restart: err=%v\n%s" , err , out )
2014-09-18 17:36:34 -04:00
}
2015-04-25 22:47:42 -04:00
out , err := s . d . Cmd ( "exec" , "top" , "echo" , "hello" )
2014-09-18 17:36:34 -04:00
if err != nil {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "Could not exec on container top: err=%v\n%s" , err , out )
2014-09-18 17:36:34 -04:00
}
outStr := strings . TrimSpace ( string ( out ) )
if outStr != "hello" {
2015-04-18 12:46:47 -04:00
c . Errorf ( "container should've printed hello, instead printed %q" , outStr )
2014-09-18 17:36:34 -04:00
}
}
2014-11-14 12:37:04 -05:00
2015-03-13 05:12:02 -04:00
// Regression test for #9155, #9044
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestExecEnv ( c * check . C ) {
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "run" , "-e" , "LALA=value1" , "-e" , "LALA=value2" ,
2014-11-14 12:37:04 -05:00
"-d" , "--name" , "testing" , "busybox" , "top" )
2015-07-20 02:55:40 -04:00
out , _ := dockerCmd ( c , "exec" , "testing" , "env" )
2014-11-14 12:37:04 -05:00
if strings . Contains ( out , "LALA=value1" ) ||
! strings . Contains ( out , "LALA=value2" ) ||
! strings . Contains ( out , "HOME=/root" ) {
2015-04-18 12:46:47 -04:00
c . Errorf ( "exec env(%q), expect %q, %q" , out , "LALA=value2" , "HOME=/root" )
2014-11-14 12:37:04 -05:00
}
}
2014-11-17 18:50:09 -05:00
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestExecExitStatus ( c * check . C ) {
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "run" , "-d" , "--name" , "top" , "busybox" , "top" )
2014-11-17 18:50:09 -05:00
// Test normal (non-detached) case first
cmd := exec . Command ( dockerBinary , "exec" , "top" , "sh" , "-c" , "exit 23" )
ec , _ := runCommand ( cmd )
if ec != 23 {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "Should have had an ExitCode of 23, not: %d" , ec )
2014-11-17 18:50:09 -05:00
}
}
2014-11-27 11:08:39 -05:00
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestExecPausedContainer ( c * check . C ) {
2014-11-27 11:08:39 -05:00
defer unpauseAllContainers ( )
2015-07-20 02:55:40 -04:00
out , _ := dockerCmd ( c , "run" , "-d" , "--name" , "testing" , "busybox" , "top" )
2015-04-06 09:21:18 -04:00
ContainerID := strings . TrimSpace ( out )
2014-11-27 11:08:39 -05:00
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "pause" , "testing" )
2015-07-27 14:13:25 -04:00
out , _ , err := dockerCmdWithError ( "exec" , "-i" , "-t" , ContainerID , "echo" , "hello" )
2014-11-27 11:08:39 -05:00
if err == nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( "container should fail to exec new command if it is paused" )
2014-11-27 11:08:39 -05:00
}
expected := ContainerID + " is paused, unpause the container before exec"
if ! strings . Contains ( out , expected ) {
2015-04-18 12:46:47 -04:00
c . Fatal ( "container should not exec new command if it is paused" )
2014-11-27 11:08:39 -05:00
}
}
2014-12-03 20:27:39 -05:00
// regression test for #9476
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestExecTtyCloseStdin ( c * check . C ) {
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "run" , "-d" , "-it" , "--name" , "exec_tty_stdin" , "busybox" )
2014-12-03 20:27:39 -05:00
2015-07-20 02:55:40 -04:00
cmd := exec . Command ( dockerBinary , "exec" , "-i" , "exec_tty_stdin" , "cat" )
2014-12-03 20:27:39 -05:00
stdinRw , err := cmd . StdinPipe ( )
if err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2014-12-03 20:27:39 -05:00
}
stdinRw . Write ( [ ] byte ( "test" ) )
stdinRw . Close ( )
if out , _ , err := runCommandWithOutput ( cmd ) ; err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( out , err )
2014-12-03 20:27:39 -05:00
}
2015-07-20 02:55:40 -04:00
out , _ := dockerCmd ( c , "top" , "exec_tty_stdin" )
2014-12-03 20:27:39 -05:00
outArr := strings . Split ( out , "\n" )
if len ( outArr ) > 3 || strings . Contains ( out , "nsenter-exec" ) {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "exec process left running\n\t %s" , out )
2014-12-03 20:27:39 -05:00
}
}
2014-12-05 19:50:56 -05:00
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestExecTtyWithoutStdin ( c * check . C ) {
2015-07-20 02:55:40 -04:00
out , _ := dockerCmd ( c , "run" , "-d" , "-ti" , "busybox" )
2014-12-05 19:50:56 -05:00
id := strings . TrimSpace ( out )
2015-08-11 03:41:11 -04:00
c . Assert ( waitRun ( id ) , check . IsNil )
2014-12-05 19:50:56 -05:00
2015-04-27 13:29:48 -04:00
errChan := make ( chan error )
2014-12-05 19:50:56 -05:00
go func ( ) {
2015-04-27 13:29:48 -04:00
defer close ( errChan )
2014-12-05 19:50:56 -05:00
cmd := exec . Command ( dockerBinary , "exec" , "-ti" , id , "true" )
if _ , err := cmd . StdinPipe ( ) ; err != nil {
2015-04-27 13:29:48 -04:00
errChan <- err
return
2014-12-05 19:50:56 -05:00
}
expected := "cannot enable tty mode"
if out , _ , err := runCommandWithOutput ( cmd ) ; err == nil {
2015-04-27 13:29:48 -04:00
errChan <- fmt . Errorf ( "exec should have failed" )
return
2014-12-05 19:50:56 -05:00
} else if ! strings . Contains ( out , expected ) {
2015-04-27 13:29:48 -04:00
errChan <- fmt . Errorf ( "exec failed with error %q: expected %q" , out , expected )
return
2014-12-05 19:50:56 -05:00
}
} ( )
select {
2015-04-27 13:29:48 -04:00
case err := <- errChan :
c . Assert ( err , check . IsNil )
2014-12-05 19:50:56 -05:00
case <- time . After ( 3 * time . Second ) :
2015-04-18 12:46:47 -04:00
c . Fatal ( "exec is running but should have failed" )
2014-12-05 19:50:56 -05:00
}
}
2014-12-23 14:16:23 -05:00
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestExecParseError ( c * check . C ) {
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "run" , "-d" , "--name" , "top" , "busybox" , "top" )
2014-12-23 14:16:23 -05:00
// Test normal (non-detached) case first
cmd := exec . Command ( dockerBinary , "exec" , "top" )
2015-01-06 10:44:36 -05:00
if _ , stderr , code , err := runCommandWithStdoutStderr ( cmd ) ; err == nil || ! strings . Contains ( stderr , "See '" + dockerBinary + " exec --help'" ) || code == 0 {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "Should have thrown error & point to help: %s" , stderr )
2014-12-23 14:16:23 -05:00
}
}
2014-12-26 20:19:23 -05:00
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestExecStopNotHanging ( c * check . C ) {
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "run" , "-d" , "--name" , "testing" , "busybox" , "top" )
2014-12-26 20:19:23 -05:00
if err := exec . Command ( dockerBinary , "exec" , "testing" , "top" ) . Start ( ) ; err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2014-12-26 20:19:23 -05:00
}
2015-04-27 13:29:48 -04:00
type dstop struct {
out [ ] byte
err error
}
ch := make ( chan dstop )
2014-12-26 20:19:23 -05:00
go func ( ) {
2015-04-27 13:29:48 -04:00
out , err := exec . Command ( dockerBinary , "stop" , "testing" ) . CombinedOutput ( )
ch <- dstop { out , err }
close ( ch )
2014-12-26 20:19:23 -05:00
} ( )
select {
case <- time . After ( 3 * time . Second ) :
2015-04-18 12:46:47 -04:00
c . Fatal ( "Container stop timed out" )
2015-04-27 13:29:48 -04:00
case s := <- ch :
c . Assert ( s . err , check . IsNil )
2014-12-26 20:19:23 -05:00
}
}
2015-01-15 13:37:30 -05:00
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestExecCgroup ( c * check . C ) {
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "run" , "-d" , "--name" , "testing" , "busybox" , "top" )
2015-01-15 13:37:30 -05:00
2015-07-20 02:55:40 -04:00
out , _ := dockerCmd ( c , "exec" , "testing" , "cat" , "/proc/1/cgroup" )
containerCgroups := sort . StringSlice ( strings . Split ( out , "\n" ) )
2015-01-15 13:37:30 -05:00
var wg sync . WaitGroup
2015-04-18 12:46:47 -04:00
var mu sync . Mutex
2015-01-15 13:37:30 -05:00
execCgroups := [ ] sort . StringSlice { }
2015-04-27 13:29:48 -04:00
errChan := make ( chan error )
2015-01-15 13:37:30 -05:00
// exec a few times concurrently to get consistent failure
for i := 0 ; i < 5 ; i ++ {
wg . Add ( 1 )
go func ( ) {
2015-07-27 14:13:25 -04:00
out , _ , err := dockerCmdWithError ( "exec" , "testing" , "cat" , "/proc/self/cgroup" )
2015-01-15 13:37:30 -05:00
if err != nil {
2015-04-27 13:29:48 -04:00
errChan <- err
return
2015-01-15 13:37:30 -05:00
}
2015-07-20 02:55:40 -04:00
cg := sort . StringSlice ( strings . Split ( out , "\n" ) )
2015-01-15 13:37:30 -05:00
2015-04-18 12:46:47 -04:00
mu . Lock ( )
2015-01-15 13:37:30 -05:00
execCgroups = append ( execCgroups , cg )
2015-04-18 12:46:47 -04:00
mu . Unlock ( )
2015-01-15 13:37:30 -05:00
wg . Done ( )
} ( )
}
wg . Wait ( )
2015-04-27 13:29:48 -04:00
close ( errChan )
for err := range errChan {
c . Assert ( err , check . IsNil )
}
2015-01-15 13:37:30 -05:00
for _ , cg := range execCgroups {
if ! reflect . DeepEqual ( cg , containerCgroups ) {
fmt . Println ( "exec cgroups:" )
for _ , name := range cg {
fmt . Printf ( " %s\n" , name )
}
fmt . Println ( "container cgroups:" )
for _ , name := range containerCgroups {
fmt . Printf ( " %s\n" , name )
}
2015-04-18 12:46:47 -04:00
c . Fatal ( "cgroups mismatched" )
2015-01-15 13:37:30 -05:00
}
}
}
2014-12-30 17:05:00 -05:00
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestInspectExecID ( c * check . C ) {
2015-07-20 02:55:40 -04:00
out , _ := dockerCmd ( c , "run" , "-d" , "busybox" , "top" )
2014-12-30 17:05:00 -05:00
id := strings . TrimSuffix ( out , "\n" )
2015-07-20 02:55:40 -04:00
out , err := inspectField ( id , "ExecIDs" )
2014-12-30 17:05:00 -05:00
if err != nil {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "failed to inspect container: %s, %v" , out , err )
2014-12-30 17:05:00 -05:00
}
2015-03-26 15:43:00 -04:00
if out != "[]" {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "ExecIDs should be empty, got: %s" , out )
2014-12-30 17:05:00 -05:00
}
2015-08-04 07:08:30 -04:00
// Start an exec, have it block waiting so we can do some checking
cmd := exec . Command ( dockerBinary , "exec" , id , "sh" , "-c" ,
"while ! test -e /tmp/execid1; do sleep 1; done" )
2015-07-09 23:57:03 -04:00
if err = cmd . Start ( ) ; err != nil {
c . Fatalf ( "failed to start the exec cmd: %q" , err )
}
// Give the exec 10 chances/seconds to start then give up and stop the test
tries := 10
for i := 0 ; i < tries ; i ++ {
2015-07-17 20:30:24 -04:00
// Since its still running we should see exec as part of the container
out , err = inspectField ( id , "ExecIDs" )
if err != nil {
c . Fatalf ( "failed to inspect container: %s, %v" , out , err )
}
2015-07-09 23:57:03 -04:00
out = strings . TrimSuffix ( out , "\n" )
if out != "[]" && out != "<no value>" {
break
}
2015-07-17 09:46:37 -04:00
if i + 1 == tries {
2015-07-09 23:57:03 -04:00
c . Fatalf ( "ExecIDs should not be empty, got: %s" , out )
}
time . Sleep ( 1 * time . Second )
}
// Save execID for later
execID , err := inspectFilter ( id , "index .ExecIDs 0" )
if err != nil {
2015-07-16 23:26:54 -04:00
c . Fatalf ( "failed to get the exec id: %v" , err )
2014-12-30 17:05:00 -05:00
}
2015-08-04 07:08:30 -04:00
// End the exec by creating the missing file
err = exec . Command ( dockerBinary , "exec" , id ,
"sh" , "-c" , "touch /tmp/execid1" ) . Run ( )
if err != nil {
c . Fatalf ( "failed to run the 2nd exec cmd: %q" , err )
}
// Wait for 1st exec to complete
2015-07-09 23:57:03 -04:00
cmd . Wait ( )
// All execs for the container should be gone now
2014-12-30 17:05:00 -05:00
out , err = inspectField ( id , "ExecIDs" )
if err != nil {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "failed to inspect container: %s, %v" , out , err )
2014-12-30 17:05:00 -05:00
}
out = strings . TrimSuffix ( out , "\n" )
2015-07-09 23:57:03 -04:00
if out != "[]" && out != "<no value>" {
c . Fatalf ( "ExecIDs should be empty, got: %s" , out )
}
// But we should still be able to query the execID
sc , body , err := sockRequest ( "GET" , "/exec/" + execID + "/json" , nil )
if sc != http . StatusOK {
2015-07-12 13:12:48 -04:00
c . Fatalf ( "received status != 200 OK: %d\n%s" , sc , body )
2014-12-30 17:05:00 -05:00
}
2015-07-09 22:39:57 -04:00
// Now delete the container and then an 'inspect' on the exec should
// result in a 404 (not 'container not running')
out , ec := dockerCmd ( c , "rm" , "-f" , id )
if ec != 0 {
c . Fatalf ( "error removing container: %s" , out )
}
sc , body , err = sockRequest ( "GET" , "/exec/" + execID + "/json" , nil )
if sc != http . StatusNotFound {
2015-08-18 23:06:05 -04:00
c . Fatalf ( "received status != 404: %d\n%s" , sc , body )
2015-07-09 22:39:57 -04:00
}
2014-12-30 17:05:00 -05:00
}
2015-01-19 15:11:19 -05:00
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestLinksPingLinkedContainersOnRename ( c * check . C ) {
2015-01-19 15:11:19 -05:00
var out string
2015-04-18 12:46:47 -04:00
out , _ = dockerCmd ( c , "run" , "-d" , "--name" , "container1" , "busybox" , "top" )
2015-04-06 09:21:18 -04:00
idA := strings . TrimSpace ( out )
2015-01-19 15:11:19 -05:00
if idA == "" {
2015-04-18 12:46:47 -04:00
c . Fatal ( out , "id should not be nil" )
2015-01-19 15:11:19 -05:00
}
2015-04-18 12:46:47 -04:00
out , _ = dockerCmd ( c , "run" , "-d" , "--link" , "container1:alias1" , "--name" , "container2" , "busybox" , "top" )
2015-04-06 09:21:18 -04:00
idB := strings . TrimSpace ( out )
2015-01-19 15:11:19 -05:00
if idB == "" {
2015-04-18 12:46:47 -04:00
c . Fatal ( out , "id should not be nil" )
2015-01-19 15:11:19 -05:00
}
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "exec" , "container2" , "ping" , "-c" , "1" , "alias1" , "-W" , "1" )
2015-04-18 12:46:47 -04:00
dockerCmd ( c , "rename" , "container1" , "container_new" )
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "exec" , "container2" , "ping" , "-c" , "1" , "alias1" , "-W" , "1" )
2015-01-19 15:11:19 -05:00
}
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestRunExecDir ( c * check . C ) {
testRequires ( c , SameHostDaemon )
2015-07-20 02:55:40 -04:00
out , _ := dockerCmd ( c , "run" , "-d" , "busybox" , "top" )
2015-01-19 15:11:19 -05:00
id := strings . TrimSpace ( out )
execDir := filepath . Join ( execDriverPath , id )
stateFile := filepath . Join ( execDir , "state.json" )
{
fi , err := os . Stat ( execDir )
if err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2015-01-19 15:11:19 -05:00
}
if ! fi . IsDir ( ) {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "%q must be a directory" , execDir )
2015-01-19 15:11:19 -05:00
}
fi , err = os . Stat ( stateFile )
if err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2015-01-19 15:11:19 -05:00
}
}
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "stop" , id )
2015-01-19 15:11:19 -05:00
{
2015-03-05 12:55:14 -05:00
_ , err := os . Stat ( execDir )
2015-01-19 15:11:19 -05:00
if err == nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2015-01-19 15:11:19 -05:00
}
if err == nil {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "Exec directory %q exists for removed container!" , execDir )
2015-01-19 15:11:19 -05:00
}
if ! os . IsNotExist ( err ) {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "Error should be about non-existing, got %s" , err )
2015-01-19 15:11:19 -05:00
}
}
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "start" , id )
2015-01-19 15:11:19 -05:00
{
fi , err := os . Stat ( execDir )
if err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2015-01-19 15:11:19 -05:00
}
if ! fi . IsDir ( ) {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "%q must be a directory" , execDir )
2015-01-19 15:11:19 -05:00
}
fi , err = os . Stat ( stateFile )
if err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2015-01-19 15:11:19 -05:00
}
}
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "rm" , "-f" , id )
2015-01-19 15:11:19 -05:00
{
_ , err := os . Stat ( execDir )
if err == nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2015-01-19 15:11:19 -05:00
}
if err == nil {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "Exec directory %q is exists for removed container!" , execDir )
2015-01-19 15:11:19 -05:00
}
if ! os . IsNotExist ( err ) {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "Error should be about non-existing, got %s" , err )
2015-01-19 15:11:19 -05:00
}
}
}
2015-01-26 20:17:08 -05:00
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestRunMutableNetworkFiles ( c * check . C ) {
testRequires ( c , SameHostDaemon )
2015-01-26 20:17:08 -05:00
for _ , fn := range [ ] string { "resolv.conf" , "hosts" } {
deleteAllContainers ( )
content , err := runCommandAndReadContainerFile ( fn , exec . Command ( dockerBinary , "run" , "-d" , "--name" , "c1" , "busybox" , "sh" , "-c" , fmt . Sprintf ( "echo success >/etc/%s && top" , fn ) ) )
if err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2015-01-26 20:17:08 -05:00
}
if strings . TrimSpace ( string ( content ) ) != "success" {
2015-04-18 12:46:47 -04:00
c . Fatal ( "Content was not what was modified in the container" , string ( content ) )
2015-01-26 20:17:08 -05:00
}
2015-07-20 02:55:40 -04:00
out , _ := dockerCmd ( c , "run" , "-d" , "--name" , "c2" , "busybox" , "top" )
2015-01-26 20:17:08 -05:00
contID := strings . TrimSpace ( out )
netFilePath := containerStorageFile ( contID , fn )
f , err := os . OpenFile ( netFilePath , os . O_WRONLY | os . O_SYNC | os . O_APPEND , 0644 )
if err != nil {
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2015-01-26 20:17:08 -05:00
}
if _ , err := f . Seek ( 0 , 0 ) ; err != nil {
f . Close ( )
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2015-01-26 20:17:08 -05:00
}
if err := f . Truncate ( 0 ) ; err != nil {
f . Close ( )
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2015-01-26 20:17:08 -05:00
}
if _ , err := f . Write ( [ ] byte ( "success2\n" ) ) ; err != nil {
f . Close ( )
2015-04-18 12:46:47 -04:00
c . Fatal ( err )
2015-01-26 20:17:08 -05:00
}
f . Close ( )
2015-07-20 02:55:40 -04:00
res , _ := dockerCmd ( c , "exec" , contID , "cat" , "/etc/" + fn )
if res != "success2\n" {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "Expected content of %s: %q, got: %q" , fn , "success2\n" , res )
2015-01-26 20:17:08 -05:00
}
}
}
2015-04-10 23:04:24 -04:00
2015-04-18 12:46:47 -04:00
func ( s * DockerSuite ) TestExecWithUser ( c * check . C ) {
2015-07-20 02:55:40 -04:00
dockerCmd ( c , "run" , "-d" , "--name" , "parent" , "busybox" , "top" )
2015-04-10 23:04:24 -04:00
2015-07-20 02:55:40 -04:00
out , _ := dockerCmd ( c , "exec" , "-u" , "1" , "parent" , "id" )
2015-04-10 23:04:24 -04:00
if ! strings . Contains ( out , "uid=1(daemon) gid=1(daemon)" ) {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "exec with user by id expected daemon user got %s" , out )
2015-04-10 23:04:24 -04:00
}
2015-07-20 02:55:40 -04:00
out , _ = dockerCmd ( c , "exec" , "-u" , "root" , "parent" , "id" )
2015-04-10 23:04:24 -04:00
if ! strings . Contains ( out , "uid=0(root) gid=0(root)" ) {
2015-04-18 12:46:47 -04:00
c . Fatalf ( "exec with user by root expected root user got %s" , out )
2015-04-10 23:04:24 -04:00
}
}
2015-06-26 18:06:37 -04:00
2015-06-19 02:01:50 -04:00
func ( s * DockerSuite ) TestExecWithPrivileged ( c * check . C ) {
2015-06-21 23:06:07 -04:00
// Start main loop which attempts mknod repeatedly
dockerCmd ( c , "run" , "-d" , "--name" , "parent" , "--cap-drop=ALL" , "busybox" , "sh" , "-c" , ` while (true); do if [ -e /exec_priv ]; then cat /exec_priv && mknod /tmp/sda b 8 0 && echo "Success"; else echo "Privileged exec has not run yet"; fi; usleep 10000; done ` )
2015-06-19 02:01:50 -04:00
2015-06-21 23:06:07 -04:00
// Check exec mknod doesn't work
cmd := exec . Command ( dockerBinary , "exec" , "parent" , "sh" , "-c" , "mknod /tmp/sdb b 8 16" )
2015-06-19 02:01:50 -04:00
out , _ , err := runCommandWithOutput ( cmd )
if err == nil || ! strings . Contains ( out , "Operation not permitted" ) {
2015-06-21 23:06:07 -04:00
c . Fatalf ( "exec mknod in --cap-drop=ALL container without --privileged should fail" )
2015-06-19 02:01:50 -04:00
}
2015-06-21 23:06:07 -04:00
// Check exec mknod does work with --privileged
cmd = exec . Command ( dockerBinary , "exec" , "--privileged" , "parent" , "sh" , "-c" , ` echo "Running exec --privileged" > /exec_priv && mknod /tmp/sdb b 8 16 && usleep 50000 && echo "Finished exec --privileged" > /exec_priv && echo ok ` )
2015-06-19 02:01:50 -04:00
out , _ , err = runCommandWithOutput ( cmd )
if err != nil {
c . Fatal ( err , out )
}
if actual := strings . TrimSpace ( out ) ; actual != "ok" {
c . Fatalf ( "exec mknod in --cap-drop=ALL container with --privileged failed: %v, output: %q" , err , out )
}
2015-06-21 23:06:07 -04:00
// Check subsequent unprivileged exec cannot mknod
cmd = exec . Command ( dockerBinary , "exec" , "parent" , "sh" , "-c" , "mknod /tmp/sdc b 8 32" )
out , _ , err = runCommandWithOutput ( cmd )
if err == nil || ! strings . Contains ( out , "Operation not permitted" ) {
c . Fatalf ( "repeating exec mknod in --cap-drop=ALL container after --privileged without --privileged should fail" )
}
// Confirm at no point was mknod allowed
logCmd := exec . Command ( dockerBinary , "logs" , "parent" )
if out , _ , err := runCommandWithOutput ( logCmd ) ; err != nil || strings . Contains ( out , "Success" ) {
c . Fatal ( out , err )
}
2015-06-19 02:01:50 -04:00
}
2015-06-26 18:06:37 -04:00
func ( s * DockerSuite ) TestExecWithImageUser ( c * check . C ) {
name := "testbuilduser"
_ , err := buildImage ( name ,
` FROM busybox
RUN echo ' dockerio : x : 1001 : 1001 : : / bin : / bin / false ' >> / etc / passwd
USER dockerio ` ,
true )
if err != nil {
c . Fatalf ( "Could not build image %s: %v" , name , err )
}
dockerCmd ( c , "run" , "-d" , "--name" , "dockerioexec" , name , "top" )
out , _ := dockerCmd ( c , "exec" , "dockerioexec" , "whoami" )
if ! strings . Contains ( out , "dockerio" ) {
c . Fatalf ( "exec with user by id expected dockerio user got %s" , out )
}
}
2015-07-30 13:26:45 -04:00
func ( s * DockerSuite ) TestExecOnReadonlyContainer ( c * check . C ) {
dockerCmd ( c , "run" , "-d" , "--read-only" , "--name" , "parent" , "busybox" , "top" )
if _ , status := dockerCmd ( c , "exec" , "parent" , "true" ) ; status != 0 {
c . Fatalf ( "exec into a read-only container failed with exit status %d" , status )
}
}
2015-08-21 08:39:26 -04:00
// #15750
func ( s * DockerSuite ) TestExecStartFails ( c * check . C ) {
name := "exec-15750"
dockerCmd ( c , "run" , "-d" , "--name" , name , "busybox" , "top" )
_ , errmsg , status := dockerCmdWithStdoutStderr ( nil , "exec" , name , "no-such-cmd" )
if status == 255 && ! strings . Contains ( errmsg , "executable file not found" ) {
c . Fatal ( "exec error message not received. The daemon might had crashed" )
}
}