diff --git a/cmd/runtimetest/main.go b/cmd/runtimetest/main.go index 5e38e44f7..32a6eca74 100644 --- a/cmd/runtimetest/main.go +++ b/cmd/runtimetest/main.go @@ -81,38 +81,11 @@ func loadSpecConfig(path string) (spec *rspec.Spec, err error) { return spec, nil } -// should be included by other platform specified process validation -func validateGeneralProcess(spec *rspec.Spec) error { - if spec.Process.Cwd != "" { - cwd, err := os.Getwd() - if err != nil { - return err - } - if cwd != spec.Process.Cwd { - return fmt.Errorf("Cwd expected: %v, actual: %v", spec.Process.Cwd, cwd) - } - } - - for _, env := range spec.Process.Env { - parts := strings.Split(env, "=") - key := parts[0] - expectedValue := parts[1] - actualValue := os.Getenv(key) - if actualValue != expectedValue { - return fmt.Errorf("Env %v expected: %v, actual: %v", key, expectedValue, actualValue) - } - } - - return nil -} - -func validateLinuxProcess(spec *rspec.Spec) error { +func validatePosixUser(spec *rspec.Spec) error { if spec.Process == nil { return nil } - validateGeneralProcess(spec) - uid := os.Getuid() if uint32(uid) != spec.Process.User.UID { return fmt.Errorf("UID expected: %v, actual: %v", spec.Process.User.UID, uid) @@ -138,6 +111,38 @@ func validateLinuxProcess(spec *rspec.Spec) error { } } + return nil +} + +func validateProcess(spec *rspec.Spec) error { + if spec.Process.Cwd != "" { + cwd, err := os.Getwd() + if err != nil { + return err + } + if cwd != spec.Process.Cwd { + return fmt.Errorf("Cwd expected: %v, actual: %v", spec.Process.Cwd, cwd) + } + } + + for _, env := range spec.Process.Env { + parts := strings.Split(env, "=") + key := parts[0] + expectedValue := parts[1] + actualValue := os.Getenv(key) + if actualValue != expectedValue { + return fmt.Errorf("Env %v expected: %v, actual: %v", key, expectedValue, actualValue) + } + } + + return nil +} + +func validateLinuxProcess(spec *rspec.Spec) error { + if spec.Process == nil { + return nil + } + cmdlineBytes, err := ioutil.ReadFile("/proc/self/cmdline") if err != nil { return err @@ -267,10 +272,6 @@ func validateHostname(spec *rspec.Spec) error { } func validateRlimits(spec *rspec.Spec) error { - if runtime.GOOS == "windows" { - return nil - } - if spec.Process == nil { return nil } @@ -632,12 +633,7 @@ func mountMatch(configMount rspec.Mount, sysMount *mount.Info) error { return nil } -func validateMounts(spec *rspec.Spec) error { - if runtime.GOOS == "windows" { - logrus.Warnf("mounts validation not yet implemented for OS %q", runtime.GOOS) - return nil - } - +func validatePosixMounts(spec *rspec.Spec) error { mountInfos, err := mount.GetMounts() if err != nil { return err @@ -730,9 +726,20 @@ func run(context *cli.Context) error { description: "hostname", }, { - test: validateMounts, + test: validateProcess, + description: "process", + }, + } + + posixValidations := []validation{ + { + test: validatePosixMounts, description: "mounts", }, + { + test: validatePosixUser, + description: "user", + }, { test: validateRlimits, description: "rlimits", @@ -811,6 +818,19 @@ func run(context *cli.Context) error { } } + if platform == "linux" || platform == "solaris" { + for _, v := range posixValidations { + err := v.test(spec) + t.Ok(err == nil, v.description) + if err != nil { + if e, ok := err.(*specerror.Error); ok && e.Err.Level < complianceLevel { + continue + } + validationErrors = multierror.Append(validationErrors, err) + } + } + } + if platform == "linux" { for _, v := range linuxValidations { err := v.test(spec)