Commit graph

1156 commits

Author SHA1 Message Date
Debarshi Ray
5ac8567bad test/system: Specify an explit return value
This removes any ambiguities and makes it clear what value is being
returned.

https://github.com/containers/toolbox/pull/1377
2023-09-25 16:08:14 +02:00
Debarshi Ray
61e2c970f8 test/system: Make it easier to spot failures to download & cache images
Currently, if 'skopeo copy ...' fails to download and cache an OCI image
during setup_suite(), the test suite doesn't immediately fail, but
continues.  It only fails later when trying to set up the Docker
registry and contains a lot of noise:
  not ok 1 setup_suite
  # (from function `assert_success' in file
       test/system/libs/bats-assert/src/assert.bash, line 114,
  #  from function `_setup_docker_registry' in file
       test/system/libs/helpers.bash, line 211,
  #  from function `setup_suite' in test file
       test/system/setup_suite.bash, line 59)
  #   `_setup_docker_registry' failed
  # Failed to cache image registry.fedoraproject.org/fedora-toolbox:38
      to /tmp/bats-run-GyTP7A/image-cache/fedora-toolbox-38
  #
  # -- command failed --
  # status : 1
  # output : time="2023-09-25T12:19:52+02:00" level=fatal
      msg="initializing source
        docker://registry.fedoraproject.org/fedora-toolbox:38-foo:
        reading manifest 38-foo in
        registry.fedoraproject.org/fedora-toolbox: manifest unknown"
  # --
  #
  # Failed to cache image quay.io/toolbx/arch-toolbox:latest to
      /tmp/bats-run-GyTP7A/image-cache/arch-toolbox-latest
  #
  # -- command failed --
  # status : 1
  # output : time="2023-09-25T12:20:48+02:00" level=fatal
      msg="initializing source
        docker://quay.io/toolbx/arch-toolbox:latest-foo: reading
        manifest latest-foo in quay.io/toolbx/arch-toolbox: manifest
        unknown"
  # --
  #
  # Failed to cache image registry.fedoraproject.org/fedora-toolbox:34
      to /tmp/bats-run-GyTP7A/image-cache/fedora-toolbox-34
  #
  # -- command failed --
  # status : 1
  # output : time="2023-09-25T12:21:42+02:00" level=fatal
      msg="initializing source
        docker://registry.fedoraproject.org/fedora-toolbox:34-foo:
        reading manifest 34-foo in
        registry.fedoraproject.org/fedora-toolbox: manifest unknown"
  # --
  #
  # ...
  #
  # -- command failed --
  # status : 1
  # output : time="2023-09-25T12:26:33+02:00" level=fatal
      msg="determining manifest MIME type for
        dir:/tmp/bats-run-GyTP7A/image-cache/fedora-toolbox-34: open
        /tmp/bats-run-GyTP7A/image-cache/fedora-toolbox-34/manifest.json:
        no such file or directory"
  # --
  #
  # docker-registry
  # 27fa141e291e64e4c7a148c88ddab219ff2bfb5802a2982dc4188dc11f41692d
  # Untagged: quay.io/toolbox_tests/registry:latest
  # Deleted: fea5a12cde107bb407bc44ede6dd9edea1d2b4171cd8e52b0cb330bf45e517e1

It makes it look as if the root cause of the failure is related to
setting up the Docker registry, which it isn't, and all that noise makes
it difficult to spot the actual problem.

Instead, from now on, it will be more obvious:
  not ok 1 setup_suite
  # (from function `setup_suite' in test file
       test/system/setup_suite.bash, line 44)
  #   `_pull_and_cache_distro_image "$system_id" "$system_version" ||
         false' failed
  # Failed to cache image registry.fedoraproject.org/fedora-toolbox:38
      to /tmp/bats-run-62b8CU/image-cache/fedora-toolbox-38
  # time="2023-09-25T13:55:42+02:00" level=fatal msg="initializing
      source docker://registry.fedoraproject.org/fedora-toolbox:38-foo:
      reading manifest 38-foo in
      registry.fedoraproject.org/fedora-toolbox: manifest unknown"

Note that Bats' 'run' helper [1] isn't designed to work inside
setup_suite().  eg., 'run --separate-stderr' doesn't work because
BATS_TEST_TMPDIR isn't defined.

[1] https://bats-core.readthedocs.io/en/stable/writing-tests.html

https://github.com/containers/toolbox/pull/1377
2023-09-25 16:02:25 +02:00
Debarshi Ray
74bf1af983 test/system: Remove stray 'podman ...' error in setup_suite() failures
If setup_suite() fails for some reason, then an unrelated message from
'podman system reset' would show up:
  not ok 1 setup_suite
  # (from function `setup_suite' in test file
       test/system/setup_suite.bash, line 43)
  #   `_pull_and_cache_distro_image foo || false' failed
  # Requested distro (foo) does not have a matching image
  #  A "/home/rishi/.cache/toolbox/system-test-storage/storage.conf"
       config file exists.
  # Remove this file if you did not modify the configuration.

This extra error message from 'podman system reset' serves no purpose
because it's not related to the cause of the setup_suite() failure.
It's just noise and it's better to silence it.

https://github.com/containers/toolbox/pull/1375
2023-09-23 00:29:36 +02:00
Debarshi Ray
9415797e8b test/system: Use long options, instead of their shorter aliases
The long options are easier to grep(1) for in the sources than their
shorter aliases.

https://github.com/containers/toolbox/pull/1375
2023-09-23 00:19:56 +02:00
Debarshi Ray
66a7ad7c97 test/system: Remove stray 'podman stop' error in setup_suite() failures
If setup_suite() fails for some reason, causing the Docker registry to
not be created, then an unrelated message from 'podman stop' would show
up:
  not ok 1 setup_suite
  # (from function `setup_suite' in test file
       test/system/setup_suite.bash, line 43)
  #   `_pull_and_cache_distro_image foo || false' failed
  # Requested distro (foo) does not have a matching image
  # Error: no container with name or ID "docker-registry" found: no such
      container
  # ...
  # ...

This extra error message from 'podman stop' serves no purpose because
it's not related to the cause of the setup_suite() failure.  It's just
noise and it's better to silence it.

https://github.com/containers/toolbox/pull/1375
2023-09-23 00:19:56 +02:00
Debarshi Ray
e1745ef9c2 test/system: Ensure failure if an invalid distribution is specified
Contrary to what the documentation might seem to imply [1], Bats' 'fail'
helper only aborts a test case under certain circumstances.  eg., when
called from setup_suite(), but not from within a child function, and a
@test case, but not from within the 'run' helper.

If 'fail' is called from within 'run', then the code after it will
continue to execute.  The test case will only fail if 'run' eventually
catches a non-zero exit code that's caught by 'assert_success' [2].
Similarly, it doesn't abort if called from within a child function in
setup_suite().

Currently, _pull_and_cache_distro_image() is a child function called
from setup_suite().  So 'fail' won't abort if an invalid distribution is
specified.

Fortunately, pull_distro_image() is being called from within @test
cases, but outside 'run'.  So, there's no problem with it now.  However,
some future code changes can unknowingly alter this reality and it too
can run into unexpected behaviour.

Therefore, it's better to be safe, and explicitly specify a non-zero
exit code after 'fail'.  It will ensure that it works as expected under
all circumstances.

[1] https://github.com/bats-core/bats-support

[2] https://github.com/bats-core/bats-assert

https://github.com/containers/toolbox/pull/1375
2023-09-23 00:04:32 +02:00
Debarshi Ray
a7feb00996 test/system: Make it easier to debug why a container didn't initialize
Currently, if a Toolbx container's entry point fails to initialize the
container, there's no way to see the debug logs and error messages from
the entry point:
  not ok 106 container: Check container starts without issues
  # (from function `assert_success' in file
       test/system/libs/bats-assert/src/assert.bash, line 114,
  #  in test file test/system/103-container.bats, line 39)
  #   `assert_success' failed
  #
  # -- command failed --
  # status : 1
  # output :
  # --
  #

Instead, from now on, they will be visible:
  not ok 106 container: Check container starts without issues
  # (from function `assert_success' in file
       test/system/libs/bats-assert/src/assert.bash, line 114,
  #  in test file test/system/103-container.bats, line 39)
  #   `assert_success' failed
  #
  # -- command failed --
  # status : 1
  # output (90 lines):
  #   Failed to initialize container fedora-toolbox-38
  #   level=debug msg="Running as real user ID 0"
  #   level=debug msg="Resolved absolute path to the executable as
        /usr/bin/toolbox"
  #   level=debug msg="TOOLBOX_PATH is /opt/bin/toolbox"
  #   level=debug msg="Migrating to newer Podman"
  #   level=debug msg="Migration not needed: running inside a container"
  #   level=debug msg="Setting up configuration"
  #   ...
  # --
  #

https://github.com/containers/toolbox/pull/1374
2023-09-22 18:24:54 +02:00
Debarshi Ray
6e5bffe9a0 test/system: Style fix
https://github.com/containers/toolbox/pull/1374
2023-09-22 18:24:50 +02:00
Debarshi Ray
0146d223d5 test/system: Make it easier to debug 'podman logs' failures
Bats' 'run' helper returns with an exit code of 0 even when the command
that it was given to run failed with a non-zero exit code [1].  This is
to enable making further assertions about the command after 'run' has
finished.  If there's nothing that checks for failures, then it will
continue as if everything is alright.

Therefore, currently, if 'podman logs' fails, there's no indication of
it and the test only fails later because it thinks that the container
failed to initialize:
  not ok 106 container: Check container starts without issues
  # (from function `assert_success' in file
       test/system/libs/bats-assert/src/assert.bash, line 114,
  #  in test file test/system/103-container.bats, line 39)
  #   `assert_success' failed
  #
  # -- command failed --
  # status : 1
  # output :
  # --
  #

Instead, from now on, it will be more obvious:
  not ok 106 container: Check container starts without issues
  # (from function `assert_success' in file
       test/system/libs/bats-assert/src/assert.bash, line 114,
  #  in test file test/system/103-container.bats, line 39)
  #   `assert_success' failed
  #
  # -- command failed --
  # status : 125
  # output (2 lines):
  #   Failed to invoke '/usr/bin/podman logs'
  #   Error: no container with name or ID "foo" found: no such container
  # --
  #

One alternative was to use 'assert_success' [2] to assert that the
command given to 'run' succeeded.  That would show the 'podman logs'
failure as:
  not ok 106 container: Check container starts without issues
  # (from function `assert_success' in file
       test/system/libs/bats-assert/src/assert.bash, line 114,
  #  in test file test/system/103-container.bats, line 39)
  #   `assert_success' failed
  #
  # -- command failed --
  # status : 1
  # output (29 lines):
  #
  #   -- command failed --
  #   status : 125
  #   output : Error: no container with name or ID "foo" found: no such
        container
  #   --
  #
  # ...
  #
  #   -- command failed --
  #   status : 125
  #   output : Error: no container with name or ID "foo" found: no such
        container
  #   --
  # --
  #

However, it's a bit too noisy because of the 'assert_success' not
terminating container_started() and continuing to loop for the remaining
attempts.

[1] https://bats-core.readthedocs.io/en/stable/writing-tests.html

[2] https://github.com/bats-core/bats-assert

https://github.com/containers/toolbox/pull/1372
2023-09-22 18:21:08 +02:00
Debarshi Ray
a27b480cef test/system: Rename a variable
A subsequent commit will use this variable to set the return value for a
different condition.  Therefore, the name needs to be changed to suit
the purpose.

https://github.com/containers/toolbox/pull/1372
2023-09-22 18:21:08 +02:00
Debarshi Ray
d3161ea60e test/system: Limit the scope of the return value to the function
This should prevent this function from overwriting variables of the
same name beyond the function and causing hard-to-debug problems.

https://github.com/containers/toolbox/pull/1372
2023-09-22 18:20:43 +02:00
Debarshi Ray
12da2b845f test/system: Limit the scope of the loop counters to the functions
This should prevent these functions from overwriting variables of the
same name beyond the function and causing hard-to-debug problems [1].

[1] Bats commit 502dc47dd063c187
    https://github.com/bats-core/bats-core/commit/502dc47dd063c187
    https://github.com/bats-core/bats-core/issues/726

https://github.com/containers/toolbox/pull/1373
2023-09-21 22:14:58 +02:00
Debarshi Ray
8f6e47a191 test/system: Avoid future problems caused by Bat's 'run' overwriting 'i'
Until Bats 1.10.0, 'run' with options had a bug where it would overwrite
the value of the 'i' variable even outside 'run' [1].

In these particular instances, no options are being passed to 'run',
and, hence, currently there's no problem.  However, in case a future
commit adds an option, then it could lead to hard-to-debug problems.
eg., --separate-stderr sets 'i' to 1, --show-output-of-passing-tests
sets it to 2, etc..  Therefore, depending on the flag and the loop, the
loop might get terminated prematurely or run infinitely or something
else.

Moreover, Bats 1.10.0 is only available in Fedora >= 39 and is absent
from Fedoras 37 and 38.  Therefore, it's not possible to consider this
bug fixed.

Hence, it's better to preemptively work around it to avoid any future
issues.

[1] Bats commit 502dc47dd063c187
    https://github.com/bats-core/bats-core/commit/502dc47dd063c187
    https://github.com/bats-core/bats-core/issues/726

https://github.com/containers/toolbox/pull/1373
2023-09-21 19:22:24 +02:00
Debarshi Ray
c586cc9278 test/commit: Simplify a 'for' loop
An ascending 'for' loop is more idiomatic than its descending
counterpart.

https://github.com/containers/toolbox/pull/1373
2023-09-21 19:22:17 +02:00
Debarshi Ray
5c0372e959 test/system: Silence SC2034
Otherwise https://www.shellcheck.net/ would complain:
  Line 442:
  for TRIES in 1 2 3 4 5; do
  ^-^ SC2034 (warning): TRIES appears unused. Verify use (or export if
      used externally).

See: https://www.shellcheck.net/wiki/SC2034

This also makes the code consistent with the rest.

https://github.com/containers/toolbox/pull/1371
2023-09-20 15:16:50 +02:00
Debarshi Ray
d528301b7f test/system: Silence SC2155
Otherwise https://www.shellcheck.net/ would complain:
  Line 624:
  local system_id="$(get_system_id)"
        ^-------^ SC2155 (warning): Declare and assign separately to
                  avoid masking return values.

See: https://www.shellcheck.net/wiki/SC2155

https://github.com/containers/toolbox/pull/1370
2023-09-20 10:24:29 +02:00
Debarshi Ray
7d24e98070 test/system: Silence SC2154
Otherwise https://www.shellcheck.net/ would complain:
  Line 33:
  assert [ ${#stderr_lines[@]} -eq 0 ]
           ^-----------------^ SC2154 (warning): stderr_lines is
                               referenced but not assigned.

See: https://www.shellcheck.net/wiki/SC2154

https://github.com/containers/toolbox/pull/1369
2023-09-20 01:33:29 +02:00
Debarshi Ray
74d2f2180d test/system: Silence SC1090
Otherwise https://www.shellcheck.net/ would complain:
  Line 505:
  . "$os_release"
    ^-----------^ SC1090 (warning): ShellCheck can't follow non-constant
                  source. Use a directive to specify location.

See: https://www.shellcheck.net/wiki/SC1090

https://github.com/containers/toolbox/pull/1368
2023-09-20 00:04:49 +02:00
Debarshi Ray
363c3f83ca test/system: Style fix
https://github.com/containers/toolbox/pull/1367
2023-09-19 23:40:42 +02:00
Debarshi Ray
5c6b566371 test/system: Use existing wrapper for 'podman start'
https://github.com/containers/toolbox/pull/1367
2023-09-19 23:40:36 +02:00
Debarshi Ray
3d14504e62 test/system: Simplify checking if the container started or not
Bats' 'run' helper is not necessary to merely check if a command
succeeded or not [1].  It also complicates using pipes to feed the
output of 'podman logs' into grep(1) [1].

In this case, it's idiomatic to pipe the 'output' directly to grep(1)
and use it as the condition for an 'if' branch.

[1] https://bats-core.readthedocs.io/en/stable/writing-tests.html

https://github.com/containers/toolbox/pull/1367
2023-09-19 19:46:28 +02:00
Debarshi Ray
6589bdd779 test/system: Silence SC2088
Otherwise https://www.shellcheck.net/ would complain:
  Line 141:
  assert_line --index 0 "~/.bash_profile read"
                        ^------------------^ SC2088 (warning): Tilde
                                             does not expand in quotes.
                                             Use $HOME.

See: https://www.shellcheck.net/wiki/SC2088

This is a false positive.  There's no need for the tilde to be expanded
because it's not being used for any file system operation.  It's merely
a human-readable string.

However, it's easier to change the string to use $HOME than littering
the file with ShellCheck's inline 'disable' directives.

https://github.com/containers/toolbox/pull/1366
2023-09-19 17:01:01 +02:00
Debarshi Ray
d6bcbc49dd test/system: Silence SC2046
Otherwise https://www.shellcheck.net/ would complain:
  Line 336:
  pull_distro_image $(get_system_id) $(get_system_version)
                    ^--------------^ SC2046 (warning): Quote this to
                                     prevent word splitting.

See: https://www.shellcheck.net/wiki/SC2046

https://github.com/containers/toolbox/pull/1366
2023-09-19 17:00:53 +02:00
Debarshi Ray
3c2adf57aa test/system: Silence SC2086
Otherwise https://www.shellcheck.net/ would complain:
  Line 28:
  run --separate-stderr $TOOLBOX --version
                        ^------^ SC2086 (info): Double quote to prevent
                                 globbing and word splitting.

See: https://www.shellcheck.net/wiki/SC2086

https://github.com/containers/toolbox/pull/1365
2023-09-19 14:29:17 +02:00
Debarshi Ray
fd7ca125fc test/system: Replace the shebangs with 'shell' directives
These files aren't marked as executable, and shouldn't be, because they
aren't meant to be standalone executable scripts.  They're meant to be
part of a test suite driven by Bats.  Therefore, it doesn't make sense
for them to have shebangs, because it gives the opposite impression.

The shebangs were actually being used by external tools like Coverity to
deduce the shell when running shellcheck(1).  Shellcheck's inline
'shell' directive is a more obvious way to achieve that.

https://github.com/containers/toolbox/pull/1363
2023-09-14 15:18:04 +02:00
Debarshi Ray
776562235a test/system: Fix the shebang
The setup_suite.bash file is meant to be written in Bash, and is not
supposed to have any Bats-specific syntax.  That's why it has the *.bash
suffix, not *.bats.  If Bats finds a setup_suite.bash file, when running
the test suite, it uses Bash's source(1) builtin to read the file.

This is a cosmetic change.  The Bats syntax is a superset of the Bash
syntax.  Therefore, it didn't make a difference to external tools like
Coverity that use the shebang to deduce the shell for shellcheck(1).
Secondly setup_suite.bash isn't meant to be an executable script and,
hence, the shebang has no effect on how the file is used.  However, it's
still a commonly used hint about the contents of the file, and it's
better to be accurate than misleading.

A subsequent commit will replace the shebangs in the test suite with
ShellCheck's 'shell' directives.

Fallout from 7a387dcc8b

https://github.com/containers/toolbox/pull/1363
2023-09-14 15:16:35 +02:00
Debarshi Ray
b1b1d459ed cmd/initContainer: Simplify removing the user's password
It's one less invocation of an external command, which is good because
spawning a new process is generally expensive.

One positive side-effect of this is that on some Active Directory
set-ups, the entry point no longer fails with:
  Error: failed to remove password for user login@company.com: failed
      to invoke passwd(1)

... because of:
  # passwd --delete login@company.com
  passwd: Libuser error at line: 210 - name contains invalid char `@'.

This is purely an accident, and isn't meant to be an intential change to
support Active Directory.  Tools like useradd(8) and usermod(8) from
Shadow aren't meant to work with Active Directory users, and, hence, it
can still break in other ways.  For that, one option is to expose $USER
from the host operating system to the Toolbx container through a Varlink
interface that can be used by nss-systemd inside the container.

Based on an idea from Si.

https://github.com/containers/toolbox/issues/585
2023-08-24 21:03:52 +02:00
Debarshi Ray
983e07adf6 Revert "playbooks: Add workaround for Fedora Rawhide"
The DNF5 Change [1] was dropped from Fedora 39 (and Rawhide) [2] and
postponed for a later Fedora.  Therefore, there's no need for this
workaround.

This reverts commit 96791726a3.

[1] https://fedoraproject.org/wiki/Changes/ReplaceDnfWithDnf5

[2] https://pagure.io/fesco/issue/3039

https://github.com/containers/toolbox/pull/1344
2023-08-24 16:34:44 +02:00
Debarshi Ray
6bd7c87932 cmd/initContainer: Simplify code by removing a function parameter
Until now, configureUsers() was pushing the burden of deciding whether
to add a new user or modify an existing one on the callers, even though
it can trivially decide itself.  Involving the caller loosens the
encapsulation of the user configuration logic by spreading it across
configureUsers() and it's caller, and adds an extra function parameter
that needs to be carefully set and is vulnerable to programmer errors.

Fallout from 9ea6fe5852

https://github.com/containers/toolbox/pull/1356
2023-08-22 22:47:33 +02:00
Jordan Petridis
219f5b4be4 cmd/initContainer: Be aware of security hardened / or /etc
On new builds of GNOME OS [1], the host's / is mounted with 'nodev,...'
and those flags are also inherited by /etc because it's not a separate
mount point.  This leads to the same problem with /etc/machine-id that
was seen before with /var/lib/flatpak, /var/lib/systemd/coredump and
/var/log/journal [2].

Therefore, use the same approach [2] to handle /etc/machine-id.

[1] https://gitlab.gnome.org/GNOME/gnome-build-meta/-/issues/718

[2] Commit 1cc9e07b7c
    https://github.com/containers/toolbox/commit/1cc9e07b7c36fe9f
    https://github.com/containers/toolbox/pull/1340

https://github.com/containers/toolbox/issues/911
https://github.com/containers/toolbox/pull/1354

Signed-off-by: Jordan Petridis <jordan@centricular.com>
2023-08-22 22:32:48 +02:00
Nieves Montero
a0514cba12 test/system: Test that D-Bus works
https://github.com/containers/toolbox/issues/1330

Signed-off-by: Nieves Montero <nmontero@redhat.com>
2023-08-22 17:11:59 +02:00
Debarshi Ray
58134f8497 test/system: Test that group and user IDs work
These tests assume that the group and user information on the host
operating system can be provided by different plugins for the GNU Name
Service Switch (or NSS) functionality of the GNU C Library.  eg., on
enterprise FreeIPA set-ups.  However, it's expected that everything
inside the Toolbx container will be provided by /etc/group, /etc/passwd,
/etc/shadow, etc..

While /etc/group and /etc/passwd can be read by any user, /etc/shadow
can only be read by root.  However, it's awkward to use sudo(8) in the
test cases involving /etc/shadow, because they ensure that root and
$USER don't need passwords to authenticate inside the container, and
sudo(8) itself depends on that.  If sudo(8) is used, the test suite can
behave unexpectedly if Toolbx didn't set up the container correctly.
eg., it can get blocked waiting for a password.

Hence, 'podman unshare' is used instead to enter the container's initial
user namespace, where $USER from the host appears as root.  This is
sufficient because the test cases only need to read /etc/shadow inside
the Toolbx container.

https://github.com/containers/toolbox/pull/1355
2023-08-22 16:01:08 +02:00
Debarshi Ray
8ef3dd997e .github/workflows: Bump Bats to 1.10.0 for CI on Ubuntu 22.04
https://github.com/containers/toolbox/pull/1352
2023-08-18 07:01:41 +02:00
Debarshi Ray
f716b23914 test/system: Unbreak the line count checks with Bats >= 1.10.0
Until Bats 1.10.0, 'run --keep-empty-lines' had a bug where it counted
the trailing newline on the last line as a separate line [1].  However,
Bats 1.10.0 is only available in Fedora >= 39 and is absent from Fedoras
37 and 38.

[1] Bats commit 6648e2143bffb933
    https://github.com/bats-core/bats-core/commit/6648e2143bffb933
    https://github.com/bats-core/bats-core/issues/708

https://github.com/containers/toolbox/pull/1352
2023-08-18 06:21:40 +02:00
Debarshi Ray
1cc9e07b7c cmd/initContainer: Be aware of security hardened mount points
Sometimes locations such as /var/lib/flatpak, /var/lib/systemd/coredump
and /var/log/journal sit on security hardened mount points that are
marked as 'nosuid,nodev,noexec' [1].  In such cases, when Toolbx is used
rootless, an attempt to bind mount these locations read-only at runtime
with mount(8) fails because of permission problems:
  # mount --rbind -o ro <source> <containerPath>
  mount: <containerPath>: filesystem was mounted, but any subsequent
      operation failed: Unknown error 5005.

(Note that the above error message from mount(8) was subsequently
improved to show something more meaningful than 'Unknown error' [2].)

The problem is that 'init-container' is running inside the container's
mount and user namespace, and the source paths were mounted inside the
host's namespace with 'nosuid,nodev,noexec'.  The above mount(8) call
tries to remove the 'nosuid,nodev,noexec' flags from the mount point and
replace them with only 'ro', which is something that can't be done from
a child namespace.

Note that this doesn't fail when Toolbx is running as root.  This is
because the container uses the host's user namespace and is able to
remove the 'nosuid,nodev,noexec' flags from the mount point and replace
them with only 'ro'.  Even though it doesn't fail, the flags shouldn't
get replaced like that inside the container, because it removes the
security hardening of those mount points.

There's actually no benefit in bind mounting these paths as read-only.
It was historically done this way 'just to be safe' because a user isn't
expected to write to these locations from inside a container.  However,
Toolbx doesn't intend to provide any heightened security beyond what's
already available on the host.

Hence, it's better to get out of the way and leave it to the permissions
on the source location from the host operating system to guard the
castle.  This is accomplished by not passing any file system options to
mount(8) [1].

Based on an idea from Si.

[1] https://man7.org/linux/man-pages/man8/mount.8.html

[2] util-linux commit 9420ca34dc8b6f0f
    https://github.com/util-linux/util-linux/commit/9420ca34dc8b6f0f
    https://github.com/util-linux/util-linux/pull/2376

https://github.com/containers/toolbox/issues/911
2023-08-11 17:28:32 +02:00
Debarshi Ray
a055e78d42 test/system: Silence SC2004
Otherwise https://www.shellcheck.net/ would complain
  Line 110:
  for ((i = ${num_of_retries}; i > 0; i--)); do
            ^---------------^ SC2004 (style): $/${} is unnecessary on
                              arithmetic variables.

See: https://www.shellcheck.net/wiki/SC2004

https://github.com/containers/toolbox/pull/1347
2023-08-11 17:21:55 +02:00
Debarshi Ray
41349f4ee4 test/system: Silence SC1090
Otherwise https://www.shellcheck.net/ would complain:
  Line 218:
  source <(echo "$output")
         ^---------------^ SC1090 (warning): ShellCheck can't follow
                           non-constant source. Use a directive to
                           specify location.

See: https://www.shellcheck.net/wiki/SC1090

https://github.com/containers/toolbox/pull/1347
2023-08-11 17:20:47 +02:00
Debarshi Ray
341ae55f9d test/system: Avoid conditionals only supported by Bash's built-in 'test'
The '[' and 'test' implementations from GNU coreutils don't support '-v'
as a way to check if a shell variable is set [1].  Only Bash's built-in
implementations do.

This is quite confusing and makes it difficult to find out what '-v'
actually does.  eg., 'man --all test' only shows the manual for the GNU
coreutils version, which doesn't list '-v' [1], and, 'man --all [' only
shows the manual for Bash's built-ins, which also doesn't list '-v'.
One has to go to the bash(1) manual to find it [2].

Elsewhere in the code base [3], the same thing is accomplished with '-z'
and parameter substitution, which are more widely supported and, hence,
easier to find documentation for.

[1] https://manpages.debian.org/testing/coreutils/test.1.en.html

[2] https://linux.die.net/man/1/bash

[3] Commit 84ae385f33
    https://github.com/containers/toolbox/pull/1334

https://github.com/containers/toolbox/pull/1341
2023-07-14 00:17:48 +02:00
Debarshi Ray
21299a3c5b test/system: Fix typos in conditional expressions
'[' is a command that's the same as 'test' and they might be implemented
as standalone executables or shell built-ins.  Therefore, the negation
(ie., '!') has to cover the entire command to operate on its exit code.
Instead, if it's writtten as '[ ! ... ]', then the negation becomes an
argument to '[', which isn't the same thing.

Fallout from 54a2ca1ead

https://github.com/containers/toolbox/pull/1341
2023-07-14 00:17:02 +02:00
Debarshi Ray
c846b6d844 test/system: Simplify the check for Fedora Rawhide
First, it's not a good idea to use awk(1) as a grep(1) replacement.
Unless one really needs the AWK programming language, it's better to
stick to grep(1) because it's simpler.

Secondly, it's better to look for a specific os-release(5) field instead
of looking for the occurrence of 'rawhide' anywhere in the file, because
it lowers the possibility of false positives.

https://github.com/containers/toolbox/pull/1336
2023-07-11 20:30:35 +02:00
Daniel Pawlik
96791726a3 playbooks: Add workaround for Fedora Rawhide
The Zuul executor contains Ansible 2.13.7 whose 'dnf' module is not
working as it should with Fedora Rawhide because of the DNF5 Change [1].
Unlike DNF4, DNF5 no longer pulls in the python3-dnf RPM, which causes:
  TASK [Install RPM packages]
  fedora-rawhide | ERROR
  fedora-rawhide | {
  fedora-rawhide |   "msg": "Could not import the dnf python module
      using /usr/bin/python3 (3.12.0b3 (main, Jun 21 2023, 00:00:00)
      [GCC 13.1.1 20230614 (Red Hat 13.1.1-4)]). Please install
      `python3-dnf` or `python2-dnf` package or ensure you have
      specified the correct ansible_python_interpreter. (attempted
      ['/usr/libexec/platform-python', '/usr/bin/python3',
      '/usr/bin/python2', '/usr/bin/python'])",
  fedora-rawhide |   "results": []
  fedora-rawhide | }

This adds a workaround that explicitly installs the python3-dnf RPM
using Ansible's 'command' module.  It should be removed after Zuul
contains a newer release of Ansible.

[1] https://fedoraproject.org/wiki/Changes/ReplaceDnfWithDnf5

https://github.com/containers/toolbox/pull/1338

Signed-off-by: Daniel Pawlik <dpawlik@redhat.com>
2023-07-11 19:40:07 +02:00
Debarshi Ray
84ae385f33 test/system: Silence SC2154
Otherwise https://www.shellcheck.net/ would complain:
  Line 202:
  run echo "$name"
            ^---^ SC2154 (warning): name is referenced but not assigned.

See: https://www.shellcheck.net/wiki/SC2154

Note that there's no need to use Bats' 'run' helper to merely check if
the command succeeded or not, because 'set -e' is set for all tests [1].

[1] https://bats-core.readthedocs.io/en/stable/writing-tests.html

https://github.com/containers/toolbox/pull/1334
2023-07-07 17:36:44 +02:00
Osama Albahrani
7e4e78067b CODE-OF-CONDUCT.md Update URL
https://github.com/containers/common/issues/549
https://github.com/containers/toolbox/pull/1322
2023-07-05 14:32:01 +02:00
Debarshi Ray
db9a906b50 test/system: Simplify the check for Fedora Rawhide
First, it's not a good idea to use awk(1) as a grep(1) replacement.
Unless one really needs the AWK programming language, it's better to
stick to grep(1) because it's simpler.

Secondly, it's better to look for a specific os-release(5) field instead
of looking for the occurrence of 'rawhide' anywhere in the file, because
it lowers the possibility of false positives.

https://github.com/containers/toolbox/pull/1332
2023-07-04 18:20:59 +02:00
Debarshi Ray
569b4df24d test/system: Test the resource limits
The following caveats must be noted:

  * Podman sets the Toolbx container's soft limit for the maximum number
    of open file descriptors to the host's hard limit, which is often
    greater than the host's soft limit [1].

  * The ulimit(1) options -P, -T, -b, and -k don't work on Fedora 38
    because the corresponding resource arguments for getrlimit(2) are
    absent from the operating system.  These are RLIMIT_NPTS,
    RLIMIT_PTHREAD, RLIMIT_SBSIZE and RLIMIT_KQUEUES respectively.

[1] https://github.com/containers/podman/issues/17681

https://github.com/containers/toolbox/issues/213
2023-07-04 15:34:21 +02:00
Debarshi Ray
ea91335ebb test/system: Limit the scope of temporary files used by a single test
BATS_TMPDIR is the base directory used by Bats for all temporary files
and directories, and BATS_TEST_TMPDIR is unique to each test [1].  It's
better to limit the scope of the tests' temporary files as much as
possible to avoid unexpected collisions with Bats' own internal
temporary files.

[1] https://bats-core.readthedocs.io/en/stable/writing-tests.html

https://github.com/containers/toolbox/pull/1327
2023-06-30 20:45:48 +02:00
Debarshi Ray
c43cf5d763 test/system: Test that interprocess communication works
Note that 'run --keep-empty-lines' counts the trailing newline on the
last line as a separate line.

https://github.com/containers/toolbox/pull/1326
2023-06-30 20:30:48 +02:00
Debarshi Ray
41215cf82e test/system: Test that networking works
Note that 'run --keep-empty-lines' counts the trailing newline on the
last line as a separate line.

https://github.com/containers/toolbox/pull/1325
2023-06-30 19:53:31 +02:00
Debarshi Ray
d7d2fd90cb test/system: Remove stray newline
https://github.com/containers/toolbox/pull/1325
2023-06-30 14:45:21 +02:00
Debarshi Ray
a23b411a1b SECURITY.md: Update URL
https://github.com/containers/common/issues/549
https://github.com/containers/toolbox/pull/1324
2023-06-27 17:20:43 +02:00