From a2d557374950d77cfda22eaf7aff04de720f148f Mon Sep 17 00:00:00 2001 From: Johannes Schauer Marin Rodrigues Date: Thu, 2 Feb 2023 07:57:58 +0100 Subject: [PATCH] tests: drop qemu requirements for tests that only use it to create a user by defaulting to SUDO_USER --- coverage.py | 4 +- coverage.txt | 30 +++++++------ tests/as-debootstrap-unshare-wrapper | 18 +++++--- ...eck-for-bit-by-bit-identical-format-output | 37 +++++++-------- tests/chrootless-fakeroot | 22 +++++---- tests/create-arm64-tarball | 18 +++++--- tests/create-gzip-compressed-tarball | 18 +++++--- tests/create-tarball-dry-run | 7 ++- tests/custom-tmpdir | 24 ++++++---- ...-directory-not-accessible-by-unshared-user | 27 +++++++---- tests/dev-ptmx | 18 ++++---- tests/install-doc-debian | 23 ++++++---- tests/install-doc-debian-and-output-tarball | 23 ++++++---- tests/install-doc-debian-and-test-hooks | 23 ++++++---- tests/install-libmagic-mgc-on-arm64 | 23 ++++++---- tests/jessie-or-older | 45 ++++++++++--------- tests/missing-dev-sys-proc-inside-the-chroot | 21 ++++++--- tests/no-sbin-in-path | 24 ++++++---- tests/pivot_root | 20 ++++----- tests/root-mode-inside-unshare-chroot | 29 +++++++----- tests/special-hooks-with-mode-mode | 18 +++++--- tests/unpack-doc-debian | 22 +++++---- tests/unshare-include-deb | 15 ++++--- 23 files changed, 313 insertions(+), 196 deletions(-) diff --git a/coverage.py b/coverage.py index cf6f30f..0ea034f 100755 --- a/coverage.py +++ b/coverage.py @@ -271,14 +271,14 @@ def main(): tt = "qemu" elif test.get("Needs-QEMU", "false") == "true": tt = ("skip", "test needs QEMU") + elif mode == "unshare" and not have_unshare: + tt = ("skip", "test needs unshare") elif test.get("Needs-Root", "false") == "true": tt = "sudo" elif mode == "auto" and not have_unshare: tt = "sudo" elif mode == "root": tt = "sudo" - elif mode == "unshare" and not have_unshare: - tt = ("skip", "test needs unshare") else: tt = "null" tests.append((tt, name, dist, mode, variant, fmt)) diff --git a/coverage.txt b/coverage.txt index ff18622..cc7c2ab 100644 --- a/coverage.txt +++ b/coverage.txt @@ -4,7 +4,7 @@ Variants: minbase buildd - Needs-Root: true Test: as-debootstrap-unshare-wrapper -Needs-QEMU: true +Modes: unshare Test: help @@ -34,7 +34,7 @@ Test: root-mode-inside-chroot Needs-Root: true Test: root-mode-inside-unshare-chroot -Needs-QEMU: true +Modes: unshare Test: root-without-cap-sys-admin Needs-Root: true @@ -43,7 +43,8 @@ Test: mount-is-missing Needs-QEMU: true Test: check-for-bit-by-bit-identical-format-output -Needs-QEMU: true +Needs-Root: true +Modes: unshare fakechroot Formats: tar squashfs ext2 Variants: essential apt minbase buildd - standard Skip-If: @@ -51,6 +52,7 @@ Skip-If: variant == "important" and dist == "oldstable" # /var/lib/systemd/catalog/database differs fmt == "squashfs" and dist == "oldstable" # squashfs-tools-ng is not available fmt == "ext2" and dist == "oldstable" # genext2fs does not support SOURCE_DATE_EPOCH + mode == "fakechroot" and variant in ["-", "standard"] # no extended attributes Test: tarfilter-idshift Needs-QEMU: true @@ -74,19 +76,21 @@ Test: missing-device-nodes-outside-the-chroot Needs-QEMU: true Test: missing-dev-sys-proc-inside-the-chroot -Needs-QEMU: true +Modes: unshare +Variants: custom Test: chroot-directory-not-accessible-by-apt-user Needs-Root: true Test: cwd-directory-not-accessible-by-unshared-user -Needs-QEMU: true +Needs-Root: true +Modes: unshare Test: create-gzip-compressed-tarball -Needs-QEMU: true Test: custom-tmpdir -Needs-QEMU: true +Needs-Root: true +Modes: unshare Test: xz-compressed-tarball @@ -233,7 +237,6 @@ Needs-Root: true Test: special-hooks-with-mode-mode Modes: root unshare fakechroot -Needs-QEMU: true Test: debootstrap-no-op-options Needs-Root: true @@ -280,7 +283,6 @@ Variants: any Modes: any Test: unpack-doc-debian -Needs-QEMU: true Modes: any Variants: extract @@ -298,7 +300,6 @@ Skip-If: Test: chrootless-fakeroot Variants: essential Modes: chrootless -Needs-QEMU: true Skip-If: dist in ["oldstable", "stable"] @@ -320,6 +321,8 @@ Variants: custom Modes: chrootless Test: install-libmagic-mgc-on-arm64 +Variants: custom +Modes: chrootless Skip-If: hostarch != "amd64" not have_binfmt @@ -339,7 +342,6 @@ Modes: fakechroot Test: dev-ptmx Modes: root unshare -Needs-QEMU: true Test: error-if-stdout-is-tty @@ -349,14 +351,14 @@ Test: include-deb-file Test: unshare-include-deb Modes: unshare -Needs-QEMU: true Test: pivot_root Modes: root unshare -Needs-QEMU: true +Skip-If: not have_unshare Test: jessie-or-older -Needs-QEMU: true +Needs-Root: true +Modes: root unshare fakechroot Variants: essential apt minbase Test: apt-patterns diff --git a/tests/as-debootstrap-unshare-wrapper b/tests/as-debootstrap-unshare-wrapper index 75295b8..e928f33 100644 --- a/tests/as-debootstrap-unshare-wrapper +++ b/tests/as-debootstrap-unshare-wrapper @@ -2,12 +2,20 @@ set -eu export LC_ALL=C.UTF-8 export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }} -if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" + fi + prefix="runuser -u ${SUDO_USER:-user} --" fi -useradd --home-dir /home/user --create-home user -runuser -u user -- {{ CMD }} --variant=custom --mode=unshare --setup-hook='env container=lxc debootstrap unstable "$1" {{ MIRROR }}' - /tmp/debian-mm.tar {{ MIRROR }} + +$prefix {{ CMD }} --variant=custom --mode={{ MODE }} --setup-hook='env container=lxc debootstrap unstable "$1" {{ MIRROR }}' - /tmp/debian-mm.tar {{ MIRROR }} mkdir /tmp/debian-mm tar --xattrs --xattrs-include='*' -C /tmp/debian-mm -xf /tmp/debian-mm.tar diff --git a/tests/check-for-bit-by-bit-identical-format-output b/tests/check-for-bit-by-bit-identical-format-output index 76b448e..39641c4 100644 --- a/tests/check-for-bit-by-bit-identical-format-output +++ b/tests/check-for-bit-by-bit-identical-format-output @@ -1,12 +1,21 @@ #!/bin/sh set -eu export LC_ALL=C.UTF-8 -if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 -fi -useradd --home-dir /home/user --create-home user export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }} + +trap "rm -f /tmp/debian-chroot-{{ MODE }}.{{ FORMAT }} /tmp/debian-chroot-root.{{ FORMAT }}" EXIT INT TERM + +[ "$(id -u)" -eq 0 ] + +if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" +fi +prefix="runuser -u ${SUDO_USER:-user} --" + {{ CMD }} --mode=root --variant={{ VARIANT }} {{ DIST }} /tmp/debian-chroot-root.{{ FORMAT }} {{ MIRROR }} if [ "{{ FORMAT }}" = tar ]; then printf 'ustar ' | cmp --bytes=6 --ignore-initial=257:0 /tmp/debian-chroot-root.tar - @@ -18,19 +27,11 @@ else echo "unknown format: {{ FORMAT }}" >&2 exit 1 fi -runuser -u user -- {{ CMD }} --mode=unshare --variant={{ VARIANT }} {{ DIST }} /tmp/debian-chroot-unshare.{{ FORMAT }} {{ MIRROR }} -cmp /tmp/debian-chroot-root.{{ FORMAT }} /tmp/debian-chroot-unshare.{{ FORMAT }} -rm /tmp/debian-chroot-unshare.{{ FORMAT }} -case {{ VARIANT }} in essential|apt|minbase|buildd) - # variants important and standard differ because permissions drwxr-sr-x - # and extended attributes of ./var/log/journal/ cannot be preserved - # in fakechroot mode - runuser -u user -- {{ CMD }} --mode=fakechroot --variant={{ VARIANT }} {{ DIST }} /tmp/debian-chroot-fakechroot.{{ FORMAT }} {{ MIRROR }} - cmp /tmp/debian-chroot-root.{{ FORMAT }} /tmp/debian-chroot-fakechroot.{{ FORMAT }} - rm /tmp/debian-chroot-fakechroot.{{ FORMAT }} - ;; -esac + +$prefix {{ CMD }} --mode={{ MODE }} --variant={{ VARIANT }} {{ DIST }} /tmp/debian-chroot-{{ MODE }}.{{ FORMAT }} {{ MIRROR }} +cmp /tmp/debian-chroot-root.{{ FORMAT }} /tmp/debian-chroot-{{ MODE }}.{{ FORMAT }} \ + || diffoscope /tmp/debian-chroot-root.{{ FORMAT }} /tmp/debian-chroot-{{ MODE }}.{{ FORMAT }} + # we cannot test chrootless mode here, because mmdebstrap relies on the # usrmerge package to set up merged-/usr and that doesn't work in chrootless # mode -rm /tmp/debian-chroot-root.{{ FORMAT }} diff --git a/tests/chrootless-fakeroot b/tests/chrootless-fakeroot index 67c1e20..aa799dd 100644 --- a/tests/chrootless-fakeroot +++ b/tests/chrootless-fakeroot @@ -3,15 +3,21 @@ set -eu export LC_ALL=C.UTF-8 export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }} trap "rm -f /tmp/chrootless.tar /tmp/root.tar" EXIT INT TERM -if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then - if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +[ {{ MODE }} = chrootless ] + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" fi - useradd --home-dir /home/user --create-home user + prefix="runuser -u ${SUDO_USER:-user} --" fi -prefix= -[ "$(id -u)" -eq 0 ] && prefix="runuser -u user --" + # we need --hook-dir=./hooks/merged-usr because usrmerge does not understand # DPKG_ROOT # permissions drwxr-sr-x and extended attributes of ./var/log/journal/ cannot @@ -21,7 +27,7 @@ for INCLUDE in '' 'apt' 'apt,build-essential' 'systemd-sysv'; do --customize-hook='if [ -d "$1"/var/log/journal ]; then rmdir "$1"/var/log/journal; mkdir --mode=2755 "$1"/var/log/journal; chroot "$1" chown root:systemd-journal /var/log/journal; fi' \ ${INCLUDE:+--include="$INCLUDE"} \ {{ DIST }} /tmp/root.tar {{ MIRROR }} - $prefix fakeroot {{ CMD }} --mode=chrootless --variant={{ VARIANT }} --hook-dir=./hooks/merged-usr \ + $prefix fakeroot {{ CMD }} --mode={{ MODE }} --variant={{ VARIANT }} --hook-dir=./hooks/merged-usr \ ${INCLUDE:+--include="$INCLUDE"} \ {{ DIST }} /tmp/chrootless.tar {{ MIRROR }} cmp /tmp/root.tar /tmp/chrootless.tar diff --git a/tests/create-arm64-tarball b/tests/create-arm64-tarball index 5dfe679..db7f54b 100644 --- a/tests/create-arm64-tarball +++ b/tests/create-arm64-tarball @@ -1,15 +1,19 @@ #!/bin/sh set -eu export LC_ALL=C.UTF-8 -if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then - if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" fi - useradd --home-dir /home/user --create-home user + prefix="runuser -u ${SUDO_USER:-user} --" fi -prefix= -[ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && prefix="runuser -u user --" + [ "{{ MODE }}" = "fakechroot" ] && prefix="$prefix fakechroot fakeroot" $prefix {{ CMD }} --mode={{ MODE }} --variant=apt --architectures=arm64 {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }} # we ignore differences between architectures by ignoring some files diff --git a/tests/create-gzip-compressed-tarball b/tests/create-gzip-compressed-tarball index dc7deed..cbf772c 100644 --- a/tests/create-gzip-compressed-tarball +++ b/tests/create-gzip-compressed-tarball @@ -1,12 +1,20 @@ #!/bin/sh set -eu export LC_ALL=C.UTF-8 -if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" + fi + prefix="runuser -u ${SUDO_USER:-user} --" fi -useradd --home-dir /home/user --create-home user -runuser -u user -- {{ CMD }} --mode=unshare --variant=apt {{ DIST }} /tmp/debian-chroot.tar.gz {{ MIRROR }} + +$prefix {{ CMD }} --mode={{ MODE }} --variant=apt {{ DIST }} /tmp/debian-chroot.tar.gz {{ MIRROR }} printf '\037\213\010' | cmp --bytes=3 /tmp/debian-chroot.tar.gz - tar -tf /tmp/debian-chroot.tar.gz | sort | diff -u tar1.txt - rm /tmp/debian-chroot.tar.gz diff --git a/tests/create-tarball-dry-run b/tests/create-tarball-dry-run index 997e827..91bee4a 100644 --- a/tests/create-tarball-dry-run +++ b/tests/create-tarball-dry-run @@ -8,15 +8,14 @@ export LC_ALL=C.UTF-8 prefix= include=, if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != root ] && [ "{{ MODE }}" != auto ]; then - # this must be qemu - if ! id -u user >/dev/null 2>&1; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then if [ ! -e /mmdebstrap-testenv ]; then echo "this test modifies the system and should only be run inside a container" >&2 exit 1 fi - useradd --home-dir /home/user --create-home user + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" fi - prefix="runuser -u user --" + prefix="runuser -u ${SUDO_USER:-user} --" if [ "{{ VARIANT }}" = extract ] || [ "{{ VARIANT }}" = custom ]; then include="$(tr '\n' ',' < pkglist.txt)" fi diff --git a/tests/custom-tmpdir b/tests/custom-tmpdir index 3d3ac4d..628cb37 100644 --- a/tests/custom-tmpdir +++ b/tests/custom-tmpdir @@ -1,25 +1,33 @@ #!/bin/sh set -eu export LC_ALL=C.UTF-8 -if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +[ "$(id -u)" -eq 0 ] +[ {{ MODE }} = "unshare" ] + +if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" fi +prefix="runuser -u ${SUDO_USER:-user} --" + # https://www.etalabs.net/sh_tricks.html quote () { printf %s\\n "$1" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/'/" ; } -useradd --home-dir /home/user --create-home user -homedir=$(runuser -u user -- sh -c 'cd && pwd') +homedir=$($prefix sh -c 'cd && pwd') # apt:test/integration/test-apt-key TMPDIR_ADD="This is fü\$\$ing cràzy, \$(apt -v)\$!" -runuser -u user -- mkdir "$homedir/$TMPDIR_ADD" +$prefix mkdir "$homedir/$TMPDIR_ADD" # make sure the unshared user can traverse into the TMPDIR chmod 711 "$homedir" # set permissions and sticky bit like the real /tmp chmod 1777 "$homedir/$TMPDIR_ADD" -runuser -u user -- env TMPDIR="$homedir/$TMPDIR_ADD" {{ CMD }} --mode=unshare --variant=apt \ +$prefix env TMPDIR="$homedir/$TMPDIR_ADD" {{ CMD }} --mode={{ MODE }} --variant=apt \ --setup-hook='case "$1" in '"$(quote "$homedir/$TMPDIR_ADD/mmdebstrap.")"'??????????) exit 0;; *) echo "$1"; exit 1;; esac' \ {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }} tar -tf /tmp/debian-chroot.tar | sort | diff -u tar1.txt - # use rmdir as a quick check that nothing is remaining in TMPDIR -runuser -u user -- rmdir "$homedir/$TMPDIR_ADD" +$prefix rmdir "$homedir/$TMPDIR_ADD" rm /tmp/debian-chroot.tar diff --git a/tests/cwd-directory-not-accessible-by-unshared-user b/tests/cwd-directory-not-accessible-by-unshared-user index 0bb06c3..5312e01 100644 --- a/tests/cwd-directory-not-accessible-by-unshared-user +++ b/tests/cwd-directory-not-accessible-by-unshared-user @@ -1,21 +1,30 @@ #!/bin/sh set -eu export LC_ALL=C.UTF-8 -if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +[ "$(id -u)" -eq 0 ] +[ {{ MODE }} = "unshare" ] + +if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" fi -useradd --home-dir /home/user --create-home user +prefix="runuser -u ${SUDO_USER:-user} --" + mkdir /tmp/debian-chroot chmod 700 /tmp/debian-chroot -chown user:user /tmp/debian-chroot +chown "${SUDO_USER:-user}:${SUDO_USER:-user}" /tmp/debian-chroot +set -- env --chdir=/tmp/debian-chroot if [ "{{ CMD }}" = "./mmdebstrap" ]; then - set -- "$(realpath --canonicalize-existing ./mmdebstrap)" + set -- "$@" "$(realpath --canonicalize-existing ./mmdebstrap)" elif [ "{{ CMD }}" = "perl -MDevel::Cover=-silent,-nogcov ./mmdebstrap" ]; then - set -- perl -MDevel::Cover=-silent,-nogcov "$(realpath --canonicalize-existing ./mmdebstrap)" + set -- "$@" perl -MDevel::Cover=-silent,-nogcov "$(realpath --canonicalize-existing ./mmdebstrap)" else - set -- {{ CMD }} + set -- "$@" {{ CMD }} fi -env --chdir=/tmp/debian-chroot runuser -u user -- "$@" --mode=unshare --variant=apt {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }} +$prefix "$@" --mode={{ MODE }} --variant=apt {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }} tar -tf /tmp/debian-chroot.tar | sort | diff -u tar1.txt - rm /tmp/debian-chroot.tar diff --git a/tests/dev-ptmx b/tests/dev-ptmx index f96e204..2636ed4 100644 --- a/tests/dev-ptmx +++ b/tests/dev-ptmx @@ -7,15 +7,17 @@ if [ {{ MODE }} != unshare ] && [ {{ MODE }} != root ]; then exit 1 fi -if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 -fi -if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then - useradd --home-dir /home/user --create-home user -fi prefix= -[ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && prefix="runuser -u user --" +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" + fi + prefix="runuser -u ${SUDO_USER:-user} --" +fi # this mimics what apt does in apt-pkg/deb/dpkgpm.cc/pkgDPkgPM::StartPtyMagic() cat > /tmp/test.c << 'END' diff --git a/tests/install-doc-debian b/tests/install-doc-debian index 10bfe8a..12d1084 100644 --- a/tests/install-doc-debian +++ b/tests/install-doc-debian @@ -1,16 +1,23 @@ #!/bin/sh set -eu export LC_ALL=C.UTF-8 -if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then - if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +[ {{ VARIANT }} = "custom" ] +[ {{ MODE }} = "chrootless" ] + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" fi - useradd --home-dir /home/user --create-home user + prefix="runuser -u ${SUDO_USER:-user} --" fi -prefix= -[ "$(id -u)" -eq 0 ] && prefix="runuser -u user --" -$prefix {{ CMD }} --mode=chrootless --variant=custom --include=doc-debian {{ DIST }} /tmp/debian-chroot {{ MIRROR }} + +$prefix {{ CMD }} --mode={{ MODE }} --variant={{ VARIANT }} --include=doc-debian {{ DIST }} /tmp/debian-chroot {{ MIRROR }} tar -C /tmp/debian-chroot --owner=0 --group=0 --numeric-owner --sort=name --clamp-mtime --mtime="$(date --utc --date=@{{ SOURCE_DATE_EPOCH }} --iso-8601=seconds)" -cf /tmp/debian-chroot.tar . tar tvf /tmp/debian-chroot.tar > doc-debian.tar.list rm /tmp/debian-chroot.tar diff --git a/tests/install-doc-debian-and-output-tarball b/tests/install-doc-debian-and-output-tarball index c218d97..c9e0fbb 100644 --- a/tests/install-doc-debian-and-output-tarball +++ b/tests/install-doc-debian-and-output-tarball @@ -2,15 +2,22 @@ set -eu export LC_ALL=C.UTF-8 export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }} -if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then - if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +[ {{ VARIANT }} = "custom" ] +[ {{ MODE }} = "chrootless" ] + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" fi - useradd --home-dir /home/user --create-home user + prefix="runuser -u ${SUDO_USER:-user} --" fi -prefix= -[ "$(id -u)" -eq 0 ] && prefix="runuser -u user --" -$prefix {{ CMD }} --mode=chrootless --variant=custom --include=doc-debian {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }} + +$prefix {{ CMD }} --mode={{ MODE }} --variant={{ VARIANT }} --include=doc-debian {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }} tar tvf /tmp/debian-chroot.tar | grep -v ' ./dev' | diff -u doc-debian.tar.list - rm /tmp/debian-chroot.tar diff --git a/tests/install-doc-debian-and-test-hooks b/tests/install-doc-debian-and-test-hooks index bc2efb0..7c1e0c7 100644 --- a/tests/install-doc-debian-and-test-hooks +++ b/tests/install-doc-debian-and-test-hooks @@ -2,16 +2,23 @@ set -eu export LC_ALL=C.UTF-8 export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }} -if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then - if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +[ {{ VARIANT }} = "custom" ] +[ {{ MODE }} = "chrootless" ] + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" fi - useradd --home-dir /home/user --create-home user + prefix="runuser -u ${SUDO_USER:-user} --" fi -prefix= -[ "$(id -u)" -eq 0 ] && prefix="runuser -u user --" -$prefix {{ CMD }} --mode=chrootless --skip=cleanup/tmp --variant=custom --include=doc-debian --setup-hook='touch "$1/tmp/setup"' --customize-hook='touch "$1/tmp/customize"' {{ DIST }} /tmp/debian-chroot {{ MIRROR }} + +$prefix {{ CMD }} --mode={{ MODE }} --skip=cleanup/tmp --variant={{ VARIANT }} --include=doc-debian --setup-hook='touch "$1/tmp/setup"' --customize-hook='touch "$1/tmp/customize"' {{ DIST }} /tmp/debian-chroot {{ MIRROR }} rm /tmp/debian-chroot/tmp/setup rm /tmp/debian-chroot/tmp/customize tar -C /tmp/debian-chroot --owner=0 --group=0 --numeric-owner --sort=name --clamp-mtime --mtime="$(date --utc --date=@{{ SOURCE_DATE_EPOCH }} --iso-8601=seconds)" -cf /tmp/debian-chroot.tar . diff --git a/tests/install-libmagic-mgc-on-arm64 b/tests/install-libmagic-mgc-on-arm64 index f070f21..a1349a2 100644 --- a/tests/install-libmagic-mgc-on-arm64 +++ b/tests/install-libmagic-mgc-on-arm64 @@ -1,16 +1,23 @@ #!/bin/sh set -eu export LC_ALL=C.UTF-8 -if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then - if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +[ {{ VARIANT }} = "custom" ] +[ {{ MODE }} = "chrootless" ] + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" fi - useradd --home-dir /home/user --create-home user + prefix="runuser -u ${SUDO_USER:-user} --" fi -prefix= -[ "$(id -u)" -eq 0 ] && prefix="runuser -u user --" -$prefix {{ CMD }} --mode=chrootless --variant=custom --architectures=arm64 --include=libmagic-mgc {{ DIST }} /tmp/debian-chroot {{ MIRROR }} + +$prefix {{ CMD }} --mode={{ MODE }} --variant={{ VARIANT }} --architectures=arm64 --include=libmagic-mgc {{ DIST }} /tmp/debian-chroot {{ MIRROR }} # delete contents of libmagic-mgc rm /tmp/debian-chroot/usr/lib/file/magic.mgc rm /tmp/debian-chroot/usr/share/doc/libmagic-mgc/README.Debian diff --git a/tests/jessie-or-older b/tests/jessie-or-older index 6538563..a624547 100644 --- a/tests/jessie-or-older +++ b/tests/jessie-or-older @@ -1,15 +1,30 @@ #!/bin/sh set -eu export LC_ALL=C.UTF-8 -if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 -fi -useradd --home-dir /home/user --create-home user export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }} +trap "rm -f /tmp/debian-chroot-{{ MODE }}.tar /tmp/debian-chroot-root-normal.tar" EXIT INT TERM + +[ "$(id -u)" -eq 0 ] + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" + fi + prefix="runuser -u ${SUDO_USER:-user} --" +fi + +MMTARFILTER= +[ -x /usr/bin/mmtarfilter ] && MMTARFILTER=/usr/bin/mmtarfilter +[ -x ./tarfilter ] && MMTARFILTER=./tarfilter + filter() { - ./tarfilter \ + "$MMTARFILTER" \ --path-exclude=/usr/bin/uncompress \ --path-exclude=/var/cache/debconf/config.dat-old \ --path-exclude=/var/cache/debconf/templates.dat-old \ @@ -20,19 +35,7 @@ filter() { } # base for comparison without jessie-or-older hook -{{ CMD }} --mode=root --variant={{ VARIANT }} {{ DIST }} - {{ MIRROR }} | filter > /tmp/debian-chroot-root-normal.tar - -# root -{{ CMD }} --mode=root --variant={{ VARIANT }} --hook-dir=./hooks/jessie-or-older {{ DIST }} - {{ MIRROR }} | filter > /tmp/debian-chroot-root.tar -cmp /tmp/debian-chroot-root-normal.tar /tmp/debian-chroot-root.tar -rm /tmp/debian-chroot-root.tar -# unshare -runuser -u user -- {{ CMD }} --mode=unshare --variant={{ VARIANT }} --hook-dir=./hooks/jessie-or-older {{ DIST }} - {{ MIRROR }} | filter > /tmp/debian-chroot-unshare.tar -cmp /tmp/debian-chroot-root-normal.tar /tmp/debian-chroot-unshare.tar -rm /tmp/debian-chroot-unshare.tar -# fakechroot -runuser -u user -- {{ CMD }} --mode=fakechroot --variant={{ VARIANT }} --hook-dir=./hooks/jessie-or-older {{ DIST }} - {{ MIRROR }} | filter > /tmp/debian-chroot-fakechroot.tar -cmp /tmp/debian-chroot-root-normal.tar /tmp/debian-chroot-fakechroot.tar -rm /tmp/debian-chroot-fakechroot.tar +{{ CMD }} --mode=root --variant={{ VARIANT }} {{ DIST }} - {{ MIRROR }} > /tmp/debian-chroot-root-normal.tar -rm /tmp/debian-chroot-root-normal.tar +$prefix {{ CMD }} --mode={{ MODE }} --variant={{ VARIANT }} --hook-dir=./hooks/jessie-or-older {{ DIST }} - {{ MIRROR }} | filter > /tmp/debian-chroot-{{ MODE }}.tar +filter < /tmp/debian-chroot-root-normal.tar | cmp - /tmp/debian-chroot-{{ MODE }}.tar diff --git a/tests/missing-dev-sys-proc-inside-the-chroot b/tests/missing-dev-sys-proc-inside-the-chroot index 7007d09..91cced3 100644 --- a/tests/missing-dev-sys-proc-inside-the-chroot +++ b/tests/missing-dev-sys-proc-inside-the-chroot @@ -1,9 +1,20 @@ #!/bin/sh set -eu export LC_ALL=C.UTF-8 -if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +[ {{ MODE }} = "unshare" ] +[ {{ VARIANT }} = "custom" ] + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" + fi + prefix="runuser -u ${SUDO_USER:-user} --" fi -useradd --home-dir /home/user --create-home user -runuser -u user -- {{ CMD }} --mode=unshare --variant=custom --include=dpkg,dash,diffutils,coreutils,libc-bin,sed {{ DIST }} /dev/null {{ MIRROR }} + +$prefix {{ CMD }} --mode={{ MODE }} --variant={{ VARIANT }} --include=dpkg,dash,diffutils,coreutils,libc-bin,sed {{ DIST }} /dev/null {{ MIRROR }} diff --git a/tests/no-sbin-in-path b/tests/no-sbin-in-path index abceb23..f101b1e 100644 --- a/tests/no-sbin-in-path +++ b/tests/no-sbin-in-path @@ -7,16 +7,22 @@ set -eu export LC_ALL=C.UTF-8 -[ "{{ MODE }}" = "fakechroot" ] + trap "rm -f /tmp/debian-chroot.tar" EXIT INT TERM -if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then - if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +[ "{{ MODE }}" = "fakechroot" ] + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" fi - useradd --home-dir /home/user --create-home user + prefix="runuser -u ${SUDO_USER:-user} --" fi -prefix= -[ "$(id -u)" -eq 0 ] && prefix="runuser -u user --" -$prefix env PATH=/usr/bin:/bin fakechroot fakeroot {{ CMD }} --mode=fakechroot --variant=apt {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }} + +$prefix env PATH=/usr/bin:/bin fakechroot fakeroot {{ CMD }} --mode={{ MODE }} --variant=apt {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }} tar -tf /tmp/debian-chroot.tar | sort | diff -u tar1.txt - diff --git a/tests/pivot_root b/tests/pivot_root index b6a0947..f51e221 100644 --- a/tests/pivot_root +++ b/tests/pivot_root @@ -4,17 +4,17 @@ export LC_ALL=C.UTF-8 export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }} trap "rm -f /tmp/chroot1.tar /tmp/chroot2.tar /tmp/chroot3.tar /tmp/mmdebstrap" EXIT INT TERM -if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 -fi - -if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then - useradd --home-dir /home/user --create-home user -fi - prefix= -[ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && prefix="runuser -u user --" +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" + fi + prefix="runuser -u ${SUDO_USER:-user} --" +fi MMDEBSTRAP= [ -e /usr/bin/mmdebstrap ] && MMDEBSTRAP=/usr/bin/mmdebstrap diff --git a/tests/root-mode-inside-unshare-chroot b/tests/root-mode-inside-unshare-chroot index 461de27..634cca0 100644 --- a/tests/root-mode-inside-unshare-chroot +++ b/tests/root-mode-inside-unshare-chroot @@ -5,13 +5,22 @@ set -eu export LC_ALL=C.UTF-8 -if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +[ {{ MODE }} = "unshare" ] + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" + fi + prefix="runuser -u ${SUDO_USER:-user} --" fi -[ "$(whoami)" = "root" ] -useradd --home-dir /home/user --create-home user -cat << 'SCRIPT' > script.sh + +cat << 'SCRIPT' > /tmp/script.sh #!/bin/sh set -eu rootfs="$1" @@ -22,10 +31,10 @@ chroot "$rootfs" env --chdir=/mnt \ {{ CMD }} --mode=root --variant=apt \ {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }} SCRIPT -chmod +x script.sh -runuser -u user -- {{ CMD }} --mode=unshare --variant=apt --include=perl,mount \ - --customize-hook=./script.sh \ +chmod +x /tmp/script.sh +$prefix {{ CMD }} --mode={{ MODE }} --variant=apt --include=perl,mount \ + --customize-hook=/tmp/script.sh \ --customize-hook="download /tmp/debian-chroot.tar /tmp/debian-chroot.tar" \ {{ DIST }} /dev/null {{ MIRROR }} tar -tf /tmp/debian-chroot.tar | sort | diff -u tar1.txt - -rm /tmp/debian-chroot.tar script.sh +rm /tmp/debian-chroot.tar /tmp/script.sh diff --git a/tests/special-hooks-with-mode-mode b/tests/special-hooks-with-mode-mode index 60d5d85..b8b9b39 100644 --- a/tests/special-hooks-with-mode-mode +++ b/tests/special-hooks-with-mode-mode @@ -1,15 +1,19 @@ #!/bin/sh set -eu export LC_ALL=C.UTF-8 -if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then - if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" fi - useradd --home-dir /home/user --create-home user + prefix="runuser -u ${SUDO_USER:-user} --" fi -prefix= -[ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && prefix="runuser -u user --" + [ "{{ MODE }}" = "fakechroot" ] && prefix="$prefix fakechroot fakeroot" symlinktarget=/real [ "{{ MODE }}" = "fakechroot" ] && symlinktarget='$1/real' diff --git a/tests/unpack-doc-debian b/tests/unpack-doc-debian index cbf2bbd..cc48fa8 100644 --- a/tests/unpack-doc-debian +++ b/tests/unpack-doc-debian @@ -1,17 +1,23 @@ #!/bin/sh set -eu export LC_ALL=C.UTF-8 -if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then - if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 + +[ {{ VARIANT }} = extract ] + +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" fi - useradd --home-dir /home/user --create-home user + prefix="runuser -u ${SUDO_USER:-user} --" fi -prefix= -[ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && prefix="runuser -u user --" + [ "{{ MODE }}" = "fakechroot" ] && prefix="$prefix fakechroot fakeroot" -$prefix {{ CMD }} --mode={{ MODE }} --variant=extract --include=doc-debian {{ DIST }} /tmp/debian-chroot {{ MIRROR }} +$prefix {{ CMD }} --mode={{ MODE }} --variant={{ VARIANT }} --include=doc-debian {{ DIST }} /tmp/debian-chroot {{ MIRROR }} # delete contents of doc-debian rm /tmp/debian-chroot/usr/share/doc-base/debian-* rm -r /tmp/debian-chroot/usr/share/doc/debian diff --git a/tests/unshare-include-deb b/tests/unshare-include-deb index 6cca99d..a4daaf9 100644 --- a/tests/unshare-include-deb +++ b/tests/unshare-include-deb @@ -5,14 +5,17 @@ export LC_ALL=C.UTF-8 [ "{{ MODE }}" = unshare ] -if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then - if [ ! -e /mmdebstrap-testenv ]; then - echo "this test modifies the system and should only be run inside a container" >&2 - exit 1 +prefix= +if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then + if ! id "${SUDO_USER:-user}" 2>/dev/null; then + if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 + fi + useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}" fi - useradd --home-dir /home/user --create-home user + prefix="runuser -u ${SUDO_USER:-user} --" fi -[ "$(id -u)" -eq 0 ] && prefix="runuser -u user --" # instead of obtaining a .deb from our cache, we create a new package because # otherwise apt might decide to download the package with the same name and