Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/Makefile| 28 ++
testcases/kernel/containers/userns/README | 22 +
testcases/kernel/containers/userns/userns01.c | 104 +
testcases/kernel/containers/userns
Hi Cyril,
I have updated the patch according to your comment.
Many thanks for your suggestion.
Yuan
On 2015/6/4 21:02, Cyril Hrubis wrote:
Hi!
Can you also change the error_function() to return void and remove the
return -1 from it?
diff --git
Add return -1 after the error_function execution.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
.../controllers/libcontrollers/libcontrollers.c| 45 +++---
.../controllers/libcontrollers/libcontrollers.h| 4 +-
2 files changed, 33 insertions(+), 16 deletions(-)
diff
...@redhat.com
To: Yuan Sun sunyu...@huawei.com
Cc: ltp-list@lists.sourceforge.net, pleasure...@sina.com
Sent: Thursday, 28 May, 2015 2:33:53 PM
Subject: Re: [LTP] [PATCH V2] containers: new testcase userns02
- Original Message -
From: Yuan Sun sunyu...@huawei.com
To: jstan
, then
ID-outside-ns is defined with respect to the user namespace of the process
opening the file.
If kernel version = 3.19.0, the case will ignore the git check.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/userns03.c | 250 ++
1
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/userns01.c | 31 +++
1 file changed, 17 insertions(+), 14 deletions(-)
diff --git a/testcases/kernel/containers/userns/userns01.c
b/testcases/kernel/containers/userns/userns01.c
index
version.
I plan to create a new case userns04 to cover gid check in kernel
version(=3.19.0).
If you have different opinion, please let me know.
Regards.
Yuan
On 2015/6/5 20:54, Jan Stancek wrote:
On 06/03/2015 09:36 PM, Yuan Sun wrote:
ID-outside-ns is interpreted
Hi Wanlong,
It works well after install the lib.
Many thanks.
Yuan
On 2015/6/25 14:18, Wanlong Gao wrote:
On 06/25/2015 10:50 AM, Yuan Sun wrote:
Hi Cedric,
I encounter the following error in ubuntu14.04. Your patch
syscall/getrandom: Add tests for getrandom leads
AM, Yuan Sun wrote:
Hi Cedric,
I encounter the following error in ubuntu14.04. Your patch
syscall/getrandom: Add tests for getrandom leads to the error.
Do I need to install new libraries?
getrandom() was introduced in version 3.17 of the Linux kernel.
Ubuntu 14.04 gets shipped
Hi Cyril,
You are right. I installed linux-libc-dev with old version.
Thank you. Best regards.
Yuan
On 2015/6/25 20:04, Cyril Hrubis wrote:
Hi!
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
doc/mini-howto-building-ltp-from-git.txt | 2 +-
1 file changed, 1 insertion
Hi Cedric,
I encounter the following error in ubuntu14.04. Your patch
syscall/getrandom: Add tests for getrandom leads to the error.
Do I need to install new libraries?
Could you please check with the issue?
Thanks.
Yuan
make[4]: Entering directory
Hi Cedric,
I encounter the following error in ubuntu14.04. Your patch
syscall/getrandom: Add tests for getrandom leads to the error.
Do I need to install new libraries?
Could you please check with the issue?
Thanks.
Yuan
make[4]: Entering directory
/6/19 21:38, Jan Stancek wrote:
On 06/16/2015 11:28 PM, Yuan Sun wrote:
ID-outside-ns is interpreted according to which process is opening
the file. If the process opening the file is in the same user namespace
as the process PID, then ID-outside-ns is defined with respect to the
parent user
Hi Jan,
Excellent. I didn't think that TEST_LOOPING can't be used in this
case. You are very
professional. I agree with you. Could you please merge the patch v5?
Thank you very much for your help.
Yuan
On 2015/6/24 18:09, Jan Stancek wrote:
From: Yuan Sun sunyu...@huawei.com
A child process has a full set of permitted and effective capabilities,
even though the program was run from an unprivileged account.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/Makefile | 2 +-
testcases/kernel/containers/userns/userns01.c | 18
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
doc/mini-howto-building-ltp-from-git.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/doc/mini-howto-building-ltp-from-git.txt
b/doc/mini-howto-building-ltp-from-git.txt
index 28825c2..7a1062e 100644
--- a/doc/mini-howto
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/pidns/pidns01.c | 2 +-
testcases/kernel/containers/pidns/pidns02.c | 2 +-
testcases/kernel/containers/pidns/pidns03.c | 2 +-
testcases/kernel/containers/pidns/pidns04.c | 2 +-
4 files changed, 4 insertions(+), 4
If a namespace isn't aother namespace's ancestor, the first namespace
does not have the CAP_SYS_ADMIN capability in the second namespace
and the setns() call fails.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/userns04.c | 131 ++
1
If a namespace isn't aother namespace's ancestor, the first namespace
does not have the CAP_SYS_ADMIN capability in the second namespace
and the setns() call fails.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/userns04.c | 134 ++
1
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/userns02.c | 24 +---
1 file changed, 13 insertions(+), 11 deletions(-)
diff --git a/testcases/kernel/containers/userns/userns02.c
b/testcases/kernel/containers/userns/userns02.c
index ad5dda5
On 2015/6/11 21:55, Jan Stancek wrote:
On 06/09/2015 11:01 AM, Yuan Sun wrote:
I'm thinking if we shouldn't replace kernel version check with check that
/proc/self/setgroups exists. Then it would work on kernels that backport
those patches. What do you think?
Hi Jan,
It is better
Hi Jianggang,
Thanks for your comment. I will update code according to
your suggestion.
Yuan
On 2015/6/12 9:42, Wei, Jiangang wrote:
On Thu, 2015-06-11 at 13:47 -0600, Yuan Sun wrote:
If a namespace isn't aother namespace's ancestor, the first namespace
does not have
If a namespace isn't aother namespace's ancestor, the first namespace
does not have the CAP_SYS_ADMIN capability in the second namespace
and the setns() call fails.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/userns04.c | 134 ++
1
On 2015/6/17 20:56, Yuan Sun wrote:
If a namespace isn't aother namespace's ancestor, the first namespace
does not have the CAP_SYS_ADMIN capability in the second namespace
and the setns() call fails.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns
If a namespace isn't aother namespace's ancestor, the first namespace
does not have the CAP_SYS_ADMIN capability in the second namespace
and the setns() call fails.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/userns04.c | 135 ++
1
On 2015/6/1 10:46, Li Wang wrote:
Hi,
- Original Message -
Hi Bixuan,
If the current time is 23:59:59 May 30 23:59:59 2015, we start to run
the case and /var/log/*20150530* file is created.
It has a delay before the program runs the following command added by you.
rm -f
The user ID and group ID, which are inside a container, can
be modified by its parent process.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
runtest/containers| 1 +
testcases/kernel/containers/.gitignore| 1 +
testcases/kernel/containers/userns/userns02
On 2015/5/29 18:23, Jiri Jaburek wrote:
On 05/28/15 14:33, Jan Stancek wrote:
- Original Message -
From: Yuan Sun sunyu...@huawei.com
To: jstan...@redhat.com
Cc: ltp-list@lists.sourceforge.net, pleasure...@sina.com,
sunyu...@huawei.com
Sent: Wednesday, 27 May, 2015 11:00:21 PM
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/userns01.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/testcases/kernel/containers/userns/userns01.c
b/testcases/kernel/containers/userns/userns01.c
index 8c45774..15cde43 100644
I was not familiar with ltp_syscall and didn't have comment. Thanks you
for updating userns04 case.
Regards.
Yuan
On 2015/7/1 14:55, Jan Stancek wrote:
- Original Message -
From: Hangbin Liu liuhang...@gmail.com
To: LTP List ltp-list@lists.sourceforge.net
Cc: Jan Stancek
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/controllers/cpuctl/cpuctl_def_task01.c | 3 +--
testcases/kernel/controllers/cpuctl/cpuctl_def_task02.c | 2 +-
testcases/kernel/controllers/cpuctl/cpuctl_def_task03.c | 2 +-
testcases/kernel/controllers
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/Makefile | 2 +-
testcases/kernel/containers/userns/userns01.c | 31 +--
2 files changed, 26 insertions(+), 7 deletions(-)
diff --git a/testcases/kernel/containers/userns/Makefile
b
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/userns01.c | 43 ++-
1 file changed, 36 insertions(+), 7 deletions(-)
diff --git a/testcases/kernel/containers/userns/userns01.c
b/testcases/kernel/containers/userns/userns01.c
index
, Jan Stancek wrote:
- Original Message -
From: Yuan Sun sunyu...@huawei.com
To: jstan...@redhat.com
Cc: ltp-list@lists.sourceforge.net
Sent: Wednesday, 1 July, 2015 6:22:45 AM
Subject: [PATCH V2] userns01: add capability verification
Signed-off-by: Yuan Sun sunyu...@huawei.com
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/security/filecaps/filecapstest.sh | 8
1 file changed, 8 insertions(+)
diff --git a/testcases/kernel/security/filecaps/filecapstest.sh
b/testcases/kernel/security/filecaps/filecapstest.sh
index 213b095..16b0055 100755
Hi Jan,
The following link is unaccessible because HuaWei's network
security strategy.
Could you please attach the test.c file for me?
http://fpaste.org/239445/35909330/
Thanks.
Yuan
On 2015/7/3 15:43, Jan Stancek wrote:
- Original Message -
From: Yuan Sun
+0800, Yuan Sun wrote:
Hi Jan,
The following link is unaccessible because HuaWei's network
security strategy.
Could you please attach the test.c file for me?
http://fpaste.org/239445/35909330/
Was afraid my web email client would mangle it. Attached.
Regards,
Jan
Log is as follow. I am not clear if new feature is added.
log:
root@ubuntu:~# cat /proc/self/status | grep CapEff
CapEff:001f
On 2015/7/3 17:32, Jan Stancek wrote:
- Original Message -
From: Yuan Sun sunyu...@huawei.com
To: Jan Stancek jstan...@redhat.com
Cc: ltp
I forgot to modify .gitignore file. Please see V2.
On 2015/7/1 13:16, Yuan Sun wrote:
The c.c file is the same as check_simple_capset.c except config.h
is included in check_simple_capset.c. Moreover, it is not correct
to use HAVE_SYS_CAPABILITY_H without including config.h.
Signed-off
The c.c file is the same as check_simple_capset.c except config.h
is included in check_simple_capset.c. Moreover, it is not correct
to use HAVE_SYS_CAPABILITY_H without including config.h.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/security/filecaps/.gitignore | 1
The c.c file is the same as check_simple_capset.c except config.h
is included in check_simple_capset.c. Moreover, it is not correct
to use HAVE_SYS_CAPABILITY_H without including config.h.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/security/filecaps/c.c | 47
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
runtest/containers| 1 +
testcases/kernel/containers/.gitignore| 1 +
testcases/kernel/containers/userns/userns02.c | 94 +++
3 files changed, 96 insertions(+)
create mode 100644
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/libclone/libclone.c | 2 +-
testcases/kernel/containers/libclone/libclone.h | 6 +-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/testcases/kernel/containers/libclone/libclone.c
b/testcases/kernel
It looks fine to me.
On 2015/8/12 10:43, Hangbin Liu wrote:
The new version of iproute2 will show veth device like veth0@veth1, but we
won't get a dev proc entry like this. Fix the dev name to avoid error like
/proc/sys/net/ipv4/conf/veth0@veth1/proxy_arp: No such file or directory
On 2015/8/17 21:33, Jan Stancek wrote:
- Original Message -
From: Yuan Sun sunyu...@huawei.com
To: jstan...@redhat.com
Cc: ltp-list@lists.sourceforge.net
Sent: Friday, 14 August, 2015 10:17:24 AM
Subject: [PATCH V3] container: new testcase pidns32
Kernel imposes a limit of 32
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
runtest/containers| 1 +
testcases/kernel/containers/.gitignore| 1 +
testcases/kernel/containers/userns/userns07.c | 133 ++
3 files changed, 135 insertions(+)
create mode 100644
Hi Cyril,
Thanks for your review. I will update codes according to your
suggestion.
Yuan
On 2015/8/18 20:07, Cyril Hrubis wrote:
Hi!
+/**/
+/*
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/userns03.c | 4 ++--
testcases/kernel/containers/userns/userns06.c | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/testcases/kernel/containers/userns/userns03.c
b/testcases/kernel
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/controllers/cpuctl/cpuctl_test01.c | 2 +-
testcases/kernel/controllers/cpuctl/cpuctl_test02.c | 2 +-
testcases/kernel/controllers/cpuctl/cpuctl_test03.c | 2 +-
testcases/kernel/controllers/cpuctl/cpuctl_test04.c | 2 +-
4 files
Ok. I understand. Thanks you, Cyril.
On 2015/8/3 22:54, Cyril Hrubis wrote:
Hi!
diff --git a/testcases/kernel/containers/libclone/libclone.h
b/testcases/kernel/containers/libclone/libclone.h
index 3a38bc9..60e9e54 100644
--- a/testcases/kernel/containers/libclone/libclone.h
+++
A process created via fork(2) or clone(2) without the CLONE_NEWUSER
flag is a member of the same user namespace as its parent.
When unshare an user namespace, the calling process is moved into a
new user namespace which is not shared with any previously existing
process.
Signed-off-by: Yuan
I forgot to add .gitignore. Please ignore the patch.
On 2015/7/31 14:17, Yuan Sun wrote:
A process created via fork(2) or clone(2) without the CLONE_NEWUSER
flag is a member of the same user namespace as its parent.
When unshare an user namespace, the calling process is moved into a
new
When a process with non-zero user IDs performs an execve(), the
process's capability sets are cleared. When a process with zero
user IDs performs an execve(), the process's capability sets are
set.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
runtest/containers
A process created via fork(2) or clone(2) without the CLONE_NEWUSER
flag is a member of the same user namespace as its parent.
When unshare an user namespace, the calling process is moved into a
new user namespace which is not shared with any previously existing
process.
Signed-off-by: Yuan
Thank you, Jan.
Yuan
On 2015/8/11 15:43, Jan Stancek wrote:
- Original Message -
From: Yuan Sun sunyu...@huawei.com
To: jstan...@redhat.com
Cc: ltp-list@lists.sourceforge.net
Sent: Friday, 7 August, 2015 7:04:00 AM
Subject: [PATCH] container: use tst_record_childstatus
Hi Jan,
See in-line comments.
On 2015/8/11 16:05, Jan Stancek wrote:
- Original Message -
From: Yuan Sun sunyu...@huawei.com
To: jstan...@redhat.com
Cc: ltp-list@lists.sourceforge.net
Sent: Friday, 7 August, 2015 6:55:08 AM
Subject: [PATCH V2] container: new testcase pidns32
Hi Jan and Cyril,
I have send a message in reply.
What is your opinion? If you convinced about this test, I will update
the code.
Or it is unnecessary to update the code.
Thanks.
Yuan
On 2015/8/11 16:33, Cyril Hrubis wrote:
Hi!
Hi,
I'm still not entirely convinced about
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
doc/test-writing-guidelines.txt | 7 +++---
include/test.h| 2 ++
lib/tst_res.c | 31 +++
testcases/kernel/containers/userns/userns01.c | 13
Kernel imposes a limit of 32 nested levels of pid namespaces.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
runtest/containers | 1 +
testcases/kernel/containers/pidns/.gitignore | 1 +
testcases/kernel/containers/pidns/pidns32.c | 96
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/userns02.c | 14 +---
testcases/kernel/containers/userns/userns03.c | 24 ++---
testcases/kernel/containers/userns/userns04.c | 31 ---
3 files changed, 7 insertions
Kernel imposes a limit of 32 nested levels of pid namespaces.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
runtest/containers | 1 +
testcases/kernel/containers/pidns/.gitignore | 1 +
testcases/kernel/containers/pidns/pidns32.c | 103
Hi Cyril,
Yes. You are right. I agree with you.
tst_record_childstatus(NULL, -1); can be used in userns01.
Thank you.
Yuan
On 2015/8/10 20:28, Cyril Hrubis wrote:
Hi!
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
doc/test-writing-guidelines.txt | 7
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/userns01.c | 12 +---
1 file changed, 1 insertion(+), 11 deletions(-)
diff --git a/testcases/kernel/containers/userns/userns01.c
b/testcases/kernel/containers/userns/userns01.c
index ad5c52d..3c55f8a
On 2015/8/11 21:58, Jan Stancek wrote:
- Original Message -
From: Yuan Sun sunyu...@huawei.com
To: Jan Stancek jstan...@redhat.com
Cc: ltp-list@lists.sourceforge.net
Sent: Tuesday, 11 August, 2015 10:43:02 AM
Subject: Re: [PATCH V2] container: new testcase pidns32
Hi Jan
Thank you, Cyril.
Yuan
On 2015/8/11 20:44, Cyril Hrubis wrote:
Hi!
Yes. You are right. I agree with you.
tst_record_childstatus(NULL, -1); can be used in userns01.
FYI: I've just pushed a patch that adds note to the
test-writing-guidelines documentation about this.
Have a look at
inaccessible for a few minutes with 4000 processes.
Regards,
Yuan
On 2015/8/5 20:25, Jan Stancek wrote:
- Original Message -
From: Yuan Sun sunyu...@huawei.com
To: jstan...@redhat.com
Cc: ltp-list@lists.sourceforge.net
Sent: Wednesday, 22 July, 2015 3:00:25 PM
Subject: [PATCH
Many thanks, Jan.
On 2015/8/5 21:21, Jan Stancek wrote:
- Original Message -
From: Yuan Sun sunyu...@huawei.com
To: jstan...@redhat.com
Cc: ltp-list@lists.sourceforge.net
Sent: Friday, 31 July, 2015 11:15:46 AM
Subject: [PATCH V2] containers: new testcase userns06
When
Kernel imposes a limit of 32 nested levels of pid namespaces.
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/pidns/.gitignore | 1 +
testcases/kernel/containers/pidns/pidns32.c | 113 +++
2 files changed, 114 insertions(+)
create mode
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
runtest/containers| 1 +
testcases/kernel/containers/.gitignore| 1 +
testcases/kernel/containers/userns/userns05.c | 167 ++
3 files changed, 169 insertions(+)
create mode 100644
See in-line comment.
On 2015/7/14 17:40, Cyril Hrubis wrote:
Hi!
+echo testing for simple capset
+check_simple_capset
+tmp=$?
+if [ $tmp -ne 0 ]; then
+exit_code=$tmp
+fi
Rather than adding to the script, can we split it so that each of the
binaries can be run separately and that we
Hi Jan,
Many thanks for adding commit message.
Best regard.
Yuan
On 2015/7/16 16:56, Jan Stancek wrote:
- Original Message -
From: Yuan Sun sunyu...@huawei.com
To: jstan...@redhat.com
Cc: ltp-list@lists.sourceforge.net
Sent: Friday, 10 July, 2015 7:16:25 PM
Subject
A process created via fork(2) or clone(2) without the CLONE_NEWUSER
flag is a member of the same user namespace as its parent.
When unshare an user namespace, the calling process is moved into a
new user namespace which is not shared with any previously existing
process.
Signed-off-by: Yuan
: Add userns05
A process created via fork(2) or clone(2) without the CLONE_NEWUSER flag
is a member of the same user namespace as its parent.
...
Signed-off-by: Yuan Sun sunyu...@huawei.com
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
runtest/containers| 1
Signed-off-by: Yuan Sun sunyu...@huawei.com
---
testcases/kernel/containers/userns/userns03.c | 77 +--
1 file changed, 38 insertions(+), 39 deletions(-)
diff --git a/testcases/kernel/containers/userns/userns03.c
b/testcases/kernel/containers/userns/userns03.c
index
Thank you, Jan.
On 2015/9/8 15:48, Jan Stancek wrote:
>
> - Original Message -
>> From: "Yuan Sun" <sunyu...@huawei.com>
>> To: jstan...@redhat.com
>> Cc: ltp-list@lists.sourceforge.net
>> Sent: Thursday, 20 August, 2015 9:20:53 AM
>>
75 matches
Mail list logo
