11490St.nateldemoura@f5.comimport os
21490St.nateldemoura@f5.comimport subprocess
31635Szelenkov@nginx.com
41596Szelenkov@nginx.comimport pytest
51490St.nateldemoura@f5.com
61635Szelenkov@nginx.comfrom conftest import option
71490St.nateldemoura@f5.comfrom unit.applications.lang.java import TestApplicationJava
81490St.nateldemoura@f5.com
91490St.nateldemoura@f5.com
101490St.nateldemoura@f5.comclass TestJavaIsolationRootfs(TestApplicationJava):
111490St.nateldemoura@f5.com    prerequisites = {'modules': {'java': 'all'}}
121490St.nateldemoura@f5.com
131596Szelenkov@nginx.com    def setup_method(self, is_su):
141596Szelenkov@nginx.com        if not is_su:
151490St.nateldemoura@f5.com            return
161490St.nateldemoura@f5.com
17*1654Szelenkov@nginx.com        os.makedirs(option.temp_dir + '/jars')
18*1654Szelenkov@nginx.com        os.makedirs(option.temp_dir + '/tmp')
19*1654Szelenkov@nginx.com        os.chmod(option.temp_dir + '/tmp', 0o777)
201490St.nateldemoura@f5.com
211490St.nateldemoura@f5.com        try:
221490St.nateldemoura@f5.com            process = subprocess.Popen(
231490St.nateldemoura@f5.com                [
241490St.nateldemoura@f5.com                    "mount",
251490St.nateldemoura@f5.com                    "--bind",
261621Szelenkov@nginx.com                    option.current_dir + "/build",
27*1654Szelenkov@nginx.com                    option.temp_dir + "/jars",
281490St.nateldemoura@f5.com                ],
291490St.nateldemoura@f5.com                stderr=subprocess.STDOUT,
301490St.nateldemoura@f5.com            )
311490St.nateldemoura@f5.com
321490St.nateldemoura@f5.com            process.communicate()
331490St.nateldemoura@f5.com
341490St.nateldemoura@f5.com        except:
351596Szelenkov@nginx.com            pytest.fail('Cann\'t run mount process.')
361490St.nateldemoura@f5.com
371596Szelenkov@nginx.com    def teardown_method(self, is_su):
381596Szelenkov@nginx.com        if not is_su:
391490St.nateldemoura@f5.com            return
401490St.nateldemoura@f5.com
411490St.nateldemoura@f5.com        try:
421490St.nateldemoura@f5.com            process = subprocess.Popen(
43*1654Szelenkov@nginx.com                ["umount", "--lazy", option.temp_dir + "/jars"],
441490St.nateldemoura@f5.com                stderr=subprocess.STDOUT,
451490St.nateldemoura@f5.com            )
461490St.nateldemoura@f5.com
471490St.nateldemoura@f5.com            process.communicate()
481490St.nateldemoura@f5.com
491490St.nateldemoura@f5.com        except:
501596Szelenkov@nginx.com            pytest.fail('Cann\'t run mount process.')
511490St.nateldemoura@f5.com
52*1654Szelenkov@nginx.com    def test_java_isolation_rootfs_chroot_war(self, is_su, temp_dir):
531596Szelenkov@nginx.com        if not is_su:
541596Szelenkov@nginx.com            pytest.skip('require root')
551490St.nateldemoura@f5.com
561490St.nateldemoura@f5.com        isolation = {
57*1654Szelenkov@nginx.com            'rootfs': temp_dir,
581490St.nateldemoura@f5.com        }
591490St.nateldemoura@f5.com
601490St.nateldemoura@f5.com        self.load('empty_war', isolation=isolation)
611490St.nateldemoura@f5.com
621596Szelenkov@nginx.com        assert 'success' in self.conf(
631596Szelenkov@nginx.com            '"/"', '/config/applications/empty_war/working_directory',
641490St.nateldemoura@f5.com        )
651490St.nateldemoura@f5.com
661596Szelenkov@nginx.com        assert 'success' in self.conf(
671596Szelenkov@nginx.com            '"/jars"', 'applications/empty_war/unit_jars'
681490St.nateldemoura@f5.com        )
691596Szelenkov@nginx.com        assert 'success' in self.conf(
701596Szelenkov@nginx.com            '"/java/empty.war"', 'applications/empty_war/webapp'
711490St.nateldemoura@f5.com        )
721490St.nateldemoura@f5.com
731596Szelenkov@nginx.com        assert self.get()['status'] == 200, 'war'
74