xref: /freebsd/usr.sbin/jail/tests/jail_basic_test.sh (revision d8f021add40c321c4578da55dae52fb93c7ccb5f) 
1#
2# SPDX-License-Identifier: BSD-2-Clause
3#
4# Copyright (c) 2019 Michael Zhilin
5#
6# Redistribution and use in source and binary forms, with or without
7# modification, are permitted provided that the following conditions
8# are met:
9# 1. Redistributions of source code must retain the above copyright
10#    notice, this list of conditions and the following disclaimer.
11# 2. Redistributions in binary form must reproduce the above copyright
12#    notice, this list of conditions and the following disclaimer in the
13#    documentation and/or other materials provided with the distribution.
14#
15# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25# SUCH DAMAGE.
26
27atf_test_case "basic" "cleanup"
28basic_head()
29{
30	atf_set descr 'Basic jail test'
31	atf_set require.user root
32}
33
34basic_body()
35{
36	# Create the jail
37	atf_check -s exit:0 -o ignore jail -c name=basejail persist ip4.addr=192.0.1.1
38	# Check output of jls
39	atf_check -s exit:0 -o ignore jls
40	atf_check -s exit:0 -o ignore jls -v
41	atf_check -s exit:0 -o ignore jls -n
42	# Stop jail
43	atf_check -s exit:0 -o ignore jail -r basejail
44	jail -c name=basejail persist ip4.addr=192.0.1.1
45	# Stop jail by jid
46	atf_check -s exit:0 -o ignore jail -r `jls -j basejail jid`
47	# Recreate
48	atf_check -s exit:0 -o ignore jail -cm name=basejail persist ip4.addr=192.0.1.1
49	# Restart
50	atf_check -s exit:0 -o ignore jail -rc name=basejail persist ip4.addr=192.0.1.1
51}
52
53basic_cleanup()
54{
55	jail -r basejail
56}
57
58atf_test_case "list" "cleanup"
59list_head()
60{
61	atf_set descr 'Specify some jail parameters as lists'
62	atf_set require.user root
63}
64
65list_body()
66{
67	if [ "$(sysctl -qn kern.features.vimage)" -ne 1 ]; then
68		atf_skip "cannot create VNET jails"
69	fi
70	atf_check -o save:epair ifconfig epair create
71
72	epair=$(cat epair)
73	atf_check jail -c name=basejail vnet persist vnet.interface=${epair},${epair%a}b
74
75	atf_check -o ignore jexec basejail ifconfig ${epair}
76	atf_check -o ignore jexec basejail ifconfig ${epair%a}b
77}
78
79list_cleanup()
80{
81	jail -r basejail
82	if [ -f epair ]; then
83		ifconfig $(cat epair) destroy
84	fi
85}
86
87atf_test_case "nested" "cleanup"
88nested_head()
89{
90	atf_set descr 'Hierarchical jails test'
91	atf_set require.user root
92}
93
94nested_body()
95{
96	# Create the first jail
97	jail -c name=basejail persist ip4.addr=192.0.1.1 children.max=1
98	atf_check -s exit:0 -o empty \
99		jexec basejail \
100			jail -c name=nestedjail persist ip4.addr=192.0.1.1
101
102	atf_check -s exit:1 -o empty -e inline:"jail: prison limit exceeded\n"\
103		jexec basejail \
104			jail -c name=secondnestedjail persist ip4.addr=192.0.1.1
105	# Check output of jls
106	atf_check -s exit:0 -o ignore \
107		jexec basejail jls
108	atf_check -s exit:0 -o ignore \
109		jexec basejail jls -v
110	atf_check -s exit:0 -o ignore \
111		jexec basejail jls -n
112	# Create jail with no child - children.max should be 0 by default
113	jail -c name=basejail_nochild persist ip4.addr=192.0.1.1
114	atf_check -s exit:1 -o empty \
115		-e inline:"jail: jail_set: Operation not permitted\n" \
116		jexec basejail_nochild \
117			jail -c name=nestedjail persist ip4.addr=192.0.1.1
118}
119
120nested_cleanup()
121{
122	jail -r nestedjail
123	jail -r basejail
124	jail -r basejail_nochild
125}
126
127atf_test_case "commands" "cleanup"
128commands_head()
129{
130	atf_set descr 'Commands jail test'
131	atf_set require.user root
132	mkdir /tmp/test_basejail_root
133}
134
135commands_body()
136{
137	# exec.prestart (START) and exec.poststart (env)
138	atf_check -s exit:0 -o save:stdout -e empty \
139		jail -f $(atf_get_srcdir)/commands.jail.conf -qc basejail
140	grep -E '^START$' stdout || atf_fail "exec.prestart output not found"
141	grep -E '^JID=[0-9]+' stdout || atf_fail "JID not found in exec.poststart env output"
142	grep -E '^JNAME=basejail$' stdout || atf_fail "JNAME not found in exec.poststart env output"
143	grep -E '^JPATH=/tmp/test_basejail_root$' stdout || atf_fail "JPATH not found in exec.poststart env output"
144
145	# exec.prestop by jailname
146	atf_check -s exit:0 -o inline:"STOP\n" \
147		jail -f $(atf_get_srcdir)/commands.jail.conf -qr basejail
148	# exec.prestop by jid
149	jail -f $(atf_get_srcdir)/commands.jail.conf -qc basejail
150	atf_check -s exit:0 -o inline:"STOP\n" \
151		jail -f $(atf_get_srcdir)/commands.jail.conf -qr `jls -j basejail jid`
152}
153
154commands_cleanup()
155{
156	jls -j basejail > /dev/null 2>&1
157	if [ $? -e 0 ]
158	then
159	    jail -r basejail
160	fi
161	rmdir /tmp/test_basejail_root
162}
163
164atf_init_test_cases()
165{
166	atf_add_test_case "basic"
167	atf_add_test_case "list"
168	atf_add_test_case "nested"
169	atf_add_test_case "commands"
170}
171