xref: /unit/test/test_php_isolation.py (revision 1622:773f29e26072)
1import pytest
2
3from unit.applications.lang.php import TestApplicationPHP
4from unit.feature.isolation import TestFeatureIsolation
5from conftest import option
6
7
8class TestPHPIsolation(TestApplicationPHP):
9    prerequisites = {'modules': {'php': 'any'}, 'features': ['isolation']}
10
11    isolation = TestFeatureIsolation()
12
13    @classmethod
14    def setup_class(cls, complete_check=True):
15        unit = super().setup_class(complete_check=False)
16
17        TestFeatureIsolation().check(cls.available, unit.temp_dir)
18
19        return unit if not complete_check else unit.complete()
20
21    def test_php_isolation_rootfs(self, is_su):
22        isolation_features = self.available['features']['isolation'].keys()
23
24        if 'mnt' not in isolation_features:
25            pytest.skip('requires mnt ns')
26
27        if not is_su:
28            if 'user' not in isolation_features:
29                pytest.skip('requires unprivileged userns or root')
30
31            if not 'unprivileged_userns_clone' in isolation_features:
32                pytest.skip('requires unprivileged userns or root')
33
34        isolation = {
35            'namespaces': {'credential': not is_su, 'mount': True},
36            'rootfs': option.test_dir,
37        }
38
39        self.load('phpinfo', isolation=isolation)
40
41        assert 'success' in self.conf(
42            '"/php/phpinfo"', 'applications/phpinfo/root'
43        )
44        assert 'success' in self.conf(
45            '"/php/phpinfo"', 'applications/phpinfo/working_directory'
46        )
47
48        assert self.get()['status'] == 200, 'empty rootfs'
49
50    def test_php_isolation_rootfs_extensions(self, is_su):
51        isolation_features = self.available['features']['isolation'].keys()
52
53        if not is_su:
54            if 'user' not in isolation_features:
55                pytest.skip('requires unprivileged userns or root')
56
57            if not 'unprivileged_userns_clone' in isolation_features:
58                pytest.skip('requires unprivileged userns or root')
59
60            if 'mnt' not in isolation_features:
61                pytest.skip('requires mnt ns')
62
63        isolation = {
64            'rootfs': option.test_dir,
65            'namespaces': {'credential': not is_su, 'mount': not is_su},
66        }
67
68        self.load('list-extensions', isolation=isolation)
69
70        assert 'success' in self.conf(
71            '"/php/list-extensions"', 'applications/list-extensions/root'
72        )
73
74        assert 'success' in self.conf(
75            {'file': '/php/list-extensions/php.ini'},
76            'applications/list-extensions/options',
77        )
78
79        assert 'success' in self.conf(
80            '"/php/list-extensions"',
81            'applications/list-extensions/working_directory',
82        )
83
84        extensions = self.getjson()['body']
85
86        assert 'json' in extensions, 'json in extensions list'
87        assert 'unit' in extensions, 'unit in extensions list'
88