xref: /unit/test/test_python_isolation_chroot.py (revision 2073:bc6ad31ce286)
11596Szelenkov@nginx.comimport pytest
21490St.nateldemoura@f5.comfrom unit.applications.lang.python import TestApplicationPython
31490St.nateldemoura@f5.com
41490St.nateldemoura@f5.com
51490St.nateldemoura@f5.comclass TestPythonIsolation(TestApplicationPython):
61490St.nateldemoura@f5.com    prerequisites = {'modules': {'python': 'any'}}
71490St.nateldemoura@f5.com
81654Szelenkov@nginx.com    def test_python_isolation_chroot(self, is_su, temp_dir):
91596Szelenkov@nginx.com        if not is_su:
101596Szelenkov@nginx.com            pytest.skip('requires root')
111490St.nateldemoura@f5.com
121490St.nateldemoura@f5.com        isolation = {
131654Szelenkov@nginx.com            'rootfs': temp_dir,
141490St.nateldemoura@f5.com        }
151490St.nateldemoura@f5.com
161490St.nateldemoura@f5.com        self.load('ns_inspect', isolation=isolation)
171490St.nateldemoura@f5.com
181596Szelenkov@nginx.com        assert (
191654Szelenkov@nginx.com            self.getjson(url='/?path=' + temp_dir)['body']['FileExists']
201596Szelenkov@nginx.com            == False
211596Szelenkov@nginx.com        ), 'temp_dir does not exists in rootfs'
221490St.nateldemoura@f5.com
231596Szelenkov@nginx.com        assert (
241848Szelenkov@nginx.com            self.getjson(url='/?path=/proc/self')['body']['FileExists'] == True
251596Szelenkov@nginx.com        ), 'no /proc/self'
261490St.nateldemoura@f5.com
271596Szelenkov@nginx.com        assert (
281596Szelenkov@nginx.com            self.getjson(url='/?path=/dev/pts')['body']['FileExists'] == False
291596Szelenkov@nginx.com        ), 'no /dev/pts'
301596Szelenkov@nginx.com
311596Szelenkov@nginx.com        assert (
321596Szelenkov@nginx.com            self.getjson(url='/?path=/sys/kernel')['body']['FileExists']
331596Szelenkov@nginx.com            == False
341596Szelenkov@nginx.com        ), 'no /sys/kernel'
351490St.nateldemoura@f5.com
361490St.nateldemoura@f5.com        ret = self.getjson(url='/?path=/app/python/ns_inspect')
371490St.nateldemoura@f5.com
38*2073Szelenkov@nginx.com        assert ret['body']['FileExists'] == True, 'application exists in rootfs'
39