aboutsummaryrefslogtreecommitdiff
path: root/tests/networking.scm
blob: fbf8db7a0262f7b476a11be9f6b34a56b0f8b247 (about) (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019 Maxim Cournoyer <maxim.cournoyer@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (tests networking)
  #:use-module (ice-9 regex)
  #:use-module (gnu services networking)
  #:use-module (srfi srfi-64))

;;; Tests for the (gnu services networking) module.

(test-begin "networking")


;;;
;;; NTP.
;;;

(define ntp-server->string (@@ (gnu services networking) ntp-server->string))

(define %ntp-server-sample
  (ntp-server
   (type 'server)
   (address "some.ntp.server.org")
   ;; Using either strings or symbols for option names is accepted.
   (options `("iburst" (version 3) (maxpoll 16) prefer))))

(test-equal "ntp-server->string"
  "server some.ntp.server.org iburst version 3 maxpoll 16 prefer"
  (ntp-server->string %ntp-server-sample))


;;;
;;; OpenNTPD
;;;

(define openntpd-configuration->string (@@ (gnu services networking)
                                           openntpd-configuration->string))

(define %openntpd-conf-sample
  (openntpd-configuration
   (server '("0.guix.pool.ntp.org" "1.guix.pool.ntp.org"))
   (listen-on '("127.0.0.1" "::1"))
   (sensor '("udcf0 correction 70000"))
   (constraint-from '("www.gnu.org"))
   (constraints-from '("https://www.google.com/"))))

(test-assert "openntpd configuration generation sanity check"

  (begin
    (define (string-match/newline pattern text)
      (regexp-exec (make-regexp pattern regexp/newline) text))

    (define (match-count pattern text)
      (fold-matches (make-regexp pattern regexp/newline) text 0
                    (lambda (match count)
                      (1+ count))))

    (let ((config (openntpd-configuration->string %openntpd-conf-sample)))
      (if (not
           (and (string-match/newline "^listen on 127.0.0.1$" config)
                (string-match/newline "^listen on ::1$" config)
                (string-match/newline "^sensor udcf0 correction 70000$" config)
                (string-match/newline "^constraint from www.gnu.org$" config)
                (string-match/newline "^server 0.guix.pool.ntp.org$" config)
                (string-match/newline
                 "^constraints from \"https://www.google.com/\"$"
                 config)

                ;; Check for issue #3731 (see:
                ;; http://debbugs.gnu.org/cgi/bugreport.cgi?bug=37318).
                (= (match-count "^listen on " config) 2)
                (= (match-count "^sensor " config) 1)
                (= (match-count "^constraint from " config) 1)
                (= (match-count "^server " config) 2)
                (= (match-count "^constraints from " config) 1)))
          (begin
            (format #t "The configuration below failed \
the sanity check:\n~a~%" config)
            #f)
          #t))))

(test-equal "openntpd generated config string ends with a newline"
  "\n"
  (let ((config (openntpd-configuration->string %openntpd-conf-sample)))
    (string-take-right config 1)))

(test-end "networking")
(lambda (port) (format port "~d ~d ~d" guest-uid uid host-uids))) (call-with-output-file (scope "/gid_map") (lambda (port) (format port "~d ~d ~d" guest-gid gid host-uids))))) (define (namespaces->bit-mask namespaces) "Return the number suitable for the 'flags' argument of 'clone' that corresponds to the symbols in NAMESPACES." ;; Use the same flags as fork(3) in addition to the namespace flags. (apply logior SIGCHLD (map (match-lambda ('cgroup CLONE_NEWCGROUP) ('mnt CLONE_NEWNS) ('uts CLONE_NEWUTS) ('ipc CLONE_NEWIPC) ('user CLONE_NEWUSER) ('pid CLONE_NEWPID) ('net CLONE_NEWNET)) namespaces))) (define* (run-container root mounts namespaces host-uids thunk #:key (guest-uid 0) (guest-gid 0)) "Run THUNK in a new container process and return its PID. ROOT specifies the root directory for the container. MOUNTS is a list of <file-system> objects that specify file systems to mount inside the container. NAMESPACES is a list of symbols that correspond to the possible Linux namespaces: mnt, ipc, uts, user, and net. HOST-UIDS specifies the number of host user identifiers to map into the user namespace. GUEST-UID and GUEST-GID specify the first UID (respectively GID) that host UIDs (respectively GIDs) map to in the namespace." ;; The parent process must initialize the user namespace for the child ;; before it can boot. To negotiate this, a pipe is used such that the ;; child process blocks until the parent writes to it. (match (socketpair PF_UNIX (logior SOCK_CLOEXEC SOCK_STREAM) 0) ((child . parent) (let ((flags (namespaces->bit-mask namespaces))) (match (clone flags) (0 (call-with-clean-exit (lambda () (close-port parent) ;; Wait for parent to set things up. (match (read child) ('ready (purify-environment) (when (and (memq 'mnt namespaces) (not (string=? root "/"))) (catch #t (lambda () (mount-file-systems root mounts #:mount-/proc? (memq 'pid namespaces) #:mount-/sys? (memq 'net namespaces))) (lambda args ;; Forward the exception to the parent process. ;; FIXME: SRFI-35 conditions and non-trivial objects ;; cannot be 'read' so they shouldn't be written as is. (write args child) (primitive-exit 3)))) ;; TODO: Manage capabilities. (write 'ready child) (close-port child) (thunk)) (_ ;parent died or something (primitive-exit 2)))))) (pid (close-port child) (when (memq 'user namespaces) (initialize-user-namespace pid host-uids #:guest-uid guest-uid #:guest-gid guest-gid)) ;; TODO: Initialize cgroups. (write 'ready parent) (newline parent) ;; Check whether the child process' setup phase succeeded. (let ((message (read parent))) (close-port parent) (match message ('ready ;success pid) (((? symbol? key) args ...) ;exception (apply throw key args)) (_ ;unexpected termination #f))))))))) ;; FIXME: This is copied from (guix utils), which we cannot use because it ;; would pull (guix config) and all. (define (call-with-temporary-directory proc) "Call PROC with a name of a temporary directory; close the directory and delete it when leaving the dynamic extent of this call." (let* ((directory (or (getenv "TMPDIR") "/tmp")) (template (string-append directory "/guix-directory.XXXXXX")) (tmp-dir (mkdtemp! template))) (dynamic-wind (const #t) (lambda () (proc tmp-dir)) (lambda () (false-if-exception (delete-file-recursively tmp-dir)))))) (define (wait-child-process) "Wait for one child process and return a pair, like 'waitpid', or return #f if there are no child processes left." (catch 'system-error (lambda () (waitpid WAIT_ANY)) (lambda args (if (= ECHILD (system-error-errno args)) #f (apply throw args))))) (define (status->exit-status status) "Reify STATUS as an exit status." (or (status:exit-val status) ;; See <http://www.tldp.org/LDP/abs/html/exitcodes.html#EXITCODESREF>. (+ 128 (or (status:term-sig status) (status:stop-sig status))))) (define* (call-with-container mounts thunk #:key (namespaces %namespaces) (host-uids 1) (guest-uid 0) (guest-gid 0) (relayed-signals (list SIGINT SIGTERM)) (child-is-pid1? #t) (process-spawned-hook (const #t))) "Run THUNK in a new container process and return its exit status; call PROCESS-SPAWNED-HOOK with the PID of the new process that has been spawned. MOUNTS is a list of <file-system> objects that specify file systems to mount inside the container. NAMESPACES is a list of symbols corresponding to the identifiers for Linux namespaces: mnt, ipc, uts, pid, user, and net. By default, all namespaces are used. HOST-UIDS is the number of host user identifiers to map into the container's user namespace, if there is one. By default, only a single uid/gid, that of the current user, is mapped into the container. The host user that creates the container is the root user (uid/gid 0) within the container. Only root can map more than a single uid/gid. GUEST-UID and GUEST-GID specify the first UID (respectively GID) that host UIDs (respectively GIDs) map to in the namespace. RELAYED-SIGNALS is the list of signals that are \"relayed\" to the container process when caught by its parent. When CHILD-IS-PID1? is true, and if NAMESPACES contains 'pid', then the child process runs directly as PID 1. As such, it is responsible for (1) installing signal handlers and (2) reaping terminated processes by calling 'waitpid'. When CHILD-IS-PID1? is false, a new intermediate process is created instead that takes this responsibility. Note that if THUNK needs to load any additional Guile modules, the relevant module files must be present in one of the mappings in MOUNTS and the Guile load path must be adjusted as needed." (define thunk* (if (and (memq 'pid namespaces) (not child-is-pid1?)) (lambda () ;; Behave like an init process: create a sub-process that calls ;; THUNK, and wait for child processes. Furthermore, forward ;; RELAYED-SIGNALS to the child process. (match (primitive-fork) (0 (call-with-clean-exit thunk)) (pid (install-signal-handlers pid) (let loop () (match (wait-child-process) ((child . status) (if (= child pid) (primitive-exit (status->exit-status status)) (loop))) (#f (primitive-exit 128))))))) ;cannot happen thunk)) (define (periodically-schedule-asyncs) ;; XXX: In Guile there's a time window where a signal-handling async could ;; be queued without being processed by the time we enter a blocking ;; syscall like waitpid(2) (info "(guile) Signals"). This terrible hack ;; ensures pending asyncs get a chance to run periodically. (sigaction SIGALRM (lambda _ (alarm 1))) (alarm 1)) (define (install-signal-handlers pid) ;; Install handlers that forward signals to PID. (define (relay-signal signal) (false-if-exception (kill pid signal))) (periodically-schedule-asyncs) (for-each (lambda (signal) (sigaction signal relay-signal)) relayed-signals)) (call-with-temporary-directory (lambda (root) (let ((pid (run-container root mounts namespaces host-uids thunk* #:guest-uid guest-uid #:guest-gid guest-gid))) (install-signal-handlers pid) (process-spawned-hook pid) (match (waitpid pid) ((_ . status) status)))))) (define (container-excursion pid thunk) "Run THUNK as a child process within the namespaces of process PID and return the exit status, an integer as returned by 'waitpid'." (define (namespace-file pid namespace) (string-append "/proc/" (number->string pid) "/ns/" namespace)) (match (primitive-fork) (0 (call-with-clean-exit (lambda () (for-each (lambda (ns) (let ((source (namespace-file (getpid) ns)) (target (namespace-file pid ns))) ;; Joining the namespace that the process already ;; belongs to would throw an error so avoid that. ;; XXX: This /proc interface leads to TOCTTOU. (unless (string=? (readlink source) (readlink target)) (call-with-input-file source (lambda (current-ns-port) (call-with-input-file target (lambda (new-ns-port) (setns (fileno new-ns-port) 0)))))))) ;; It's important that the user namespace is joined first, ;; so that the user will have the privileges to join the ;; other namespaces. Furthermore, it's important that the ;; mount namespace is joined last, otherwise the /proc mount ;; point would no longer be accessible. '("user" "ipc" "uts" "net" "pid" "mnt")) (purify-environment) (chdir "/") ;; Per setns(2), changing the PID namespace only applies to child ;; processes, not to the process itself. Thus fork so that THUNK runs ;; in the right PID namespace, which also gives it access to /proc. (match (primitive-fork) (0 (call-with-clean-exit thunk)) (pid (primitive-exit (match (waitpid pid) ((_ . status) (or (status:exit-val status) 127))))))))) (pid (match (waitpid pid) ((_ . status) status))))) (define (container-excursion* pid thunk) "Like 'container-excursion', but return the return value of THUNK." (match (pipe) ((in . out) ;; Make sure IN and OUT are not inherited if THUNK forks + execs. (fcntl in F_SETFD FD_CLOEXEC) (fcntl out F_SETFD FD_CLOEXEC) (match (container-excursion pid (lambda () (close-port in) (write (thunk) out) (close-port out))) (0 (close-port out) (let ((result (read in))) (close-port in) result)) (_ ;maybe PID died already (close-port out) (close-port in) #f)))))