void test_delete_app() { char* app_dir = get_app_directory(TEST_ROOT "/local-2", yarn_username, "app_2"); char* dont_touch = get_app_directory(TEST_ROOT "/local-2", yarn_username, DONT_TOUCH_FILE); char* container_dir = get_container_work_directory(TEST_ROOT "/local-2", yarn_username, "app_2", "container_1"); char buffer[100000]; sprintf(buffer, "mkdir -p %s/who/let/the/dogs/out/who/who", container_dir); run(buffer); sprintf(buffer, "touch %s", dont_touch); run(buffer); // soft link to the canary file from the container directory sprintf(buffer, "ln -s %s %s/who/softlink", dont_touch, container_dir); run(buffer); // hard link to the canary file from the container directory sprintf(buffer, "ln %s %s/who/hardlink", dont_touch, container_dir); run(buffer); // create a dot file in the container directory sprintf(buffer, "touch %s/who/let/.dotfile", container_dir); run(buffer); // create a no permission file sprintf(buffer, "touch %s/who/let/protect", container_dir); run(buffer); sprintf(buffer, "chmod 000 %s/who/let/protect", container_dir); run(buffer); // create a no permission directory sprintf(buffer, "chmod 000 %s/who/let", container_dir); run(buffer); // delete container directory int ret = delete_as_user(yarn_username, app_dir, NULL); if (ret != 0) { printf("FAIL: return code from delete_as_user is %d\n", ret); exit(1); } // check to make sure the container directory is gone if (access(container_dir, R_OK) == 0) { printf("FAIL: failed to delete the directory - %s\n", container_dir); exit(1); } // check to make sure the app directory is gone if (access(app_dir, R_OK) == 0) { printf("FAIL: didn't delete the directory - %s\n", app_dir); exit(1); } // but that the canary is not gone if (access(dont_touch, R_OK) != 0) { printf("FAIL: accidently deleted file %s\n", dont_touch); exit(1); } free(app_dir); free(container_dir); free(dont_touch); }
void test_delete_user() { printf("\nTesting delete_user\n"); char* app_dir = get_app_directory(TEST_ROOT "/local-1", username, "app_3"); if (mkdirs(app_dir, 0700) != 0) { exit(1); } char buffer[100000]; sprintf(buffer, "%s/local-1/usercache/%s", TEST_ROOT, username); if (access(buffer, R_OK) != 0) { printf("FAIL: directory missing before test\n"); exit(1); } if (delete_as_user(username, buffer, NULL) != 0) { exit(1); } if (access(buffer, R_OK) == 0) { printf("FAIL: directory not deleted\n"); exit(1); } if (access(TEST_ROOT "/local-1", R_OK) != 0) { printf("FAIL: local-1 directory does not exist\n"); exit(1); } free(app_dir); }
void test_delete_user() { printf("\nTesting delete_user\n"); char* app_dir = get_app_directory(TEST_ROOT "/local-1", yarn_username, "app_3"); if (mkdirs(app_dir, 0700) != 0) { exit(1); } char buffer[100000]; sprintf(buffer, "%s/test.cfg", app_dir); if (write_config_file(buffer, 1) != 0) { exit(1); } char * dirs[] = {buffer, 0}; int ret = delete_as_user(yarn_username, "file1" , dirs); if (ret == 0) { printf("FAIL: if baseDir is a file, delete_as_user should fail if a subdir is also passed\n"); exit(1); } // Pass a file to delete_as_user in the baseDirs parameter. The file should // be deleted. ret = delete_as_user(yarn_username, "" , dirs); if (ret != 0) { printf("FAIL: delete_as_user could not delete baseDir when baseDir is a file: return code is %d\n", ret); exit(1); } sprintf(buffer, "%s", app_dir); char missing_dir[20]; strcpy(missing_dir, "/some/missing/dir"); char * dirs_with_missing[] = {missing_dir, buffer, 0}; ret = delete_as_user(yarn_username, "" , dirs_with_missing); printf("%d" , ret); if (access(buffer, R_OK) == 0) { printf("FAIL: directory not deleted\n"); exit(1); } sprintf(buffer, "%s/local-1/usercache/%s", TEST_ROOT, yarn_username); if (access(buffer, R_OK) != 0) { printf("FAIL: directory missing before test\n"); exit(1); } if (delete_as_user(yarn_username, buffer, NULL) != 0) { exit(1); } if (access(buffer, R_OK) == 0) { printf("FAIL: directory not deleted\n"); exit(1); } if (access(TEST_ROOT "/local-1", R_OK) != 0) { printf("FAIL: local-1 directory does not exist\n"); exit(1); } free(app_dir); }
void test_get_app_directory() { char *expected = "/tmp/usercache/user/appcache/app_200906101234_0001"; char *app_dir = (char *) get_app_directory("/tmp", "user", "app_200906101234_0001"); if (strcmp(app_dir, expected) != 0) { printf("test_get_app_directory expected %s got %s\n", expected, app_dir); exit(1); } free(app_dir); }
void test_get_container_launcher_file() { char *expected_file = ("/tmp/usercache/user/appcache/app_200906101234_0001" "/launch_container.sh"); char *app_dir = get_app_directory("/tmp", "user", "app_200906101234_0001"); char *container_file = get_container_launcher_file(app_dir); if (strcmp(container_file, expected_file) != 0) { printf("failure to match expected container file %s vs %s\n", container_file, expected_file); exit(1); } free(app_dir); free(container_file); }
/** * Function to prepare the application directories for the container. */ int initialize_app(const char *user, const char *app_id, const char* nmPrivate_credentials_file, char* const* local_dirs, char* const* log_roots, char* const* args) { if (app_id == NULL || user == NULL) { fprintf(LOGFILE, "Either app_id is null or the user passed is null.\n"); return INVALID_ARGUMENT_NUMBER; } // create the user directory on all disks int result = initialize_user(user, local_dirs); if (result != 0) { return result; } ////////////// create the log directories for the app on all disks char* const* log_root; char *any_one_app_log_dir = NULL; for(log_root=log_roots; *log_root != NULL; ++log_root) { char *app_log_dir = get_app_log_directory(*log_root, app_id); if (app_log_dir == NULL) { // try the next one } else if (create_directory_for_user(app_log_dir) != 0) { free(app_log_dir); return -1; } else if (any_one_app_log_dir == NULL) { any_one_app_log_dir = app_log_dir; } else { free(app_log_dir); } } if (any_one_app_log_dir == NULL) { fprintf(LOGFILE, "Did not create any app-log directories\n"); return -1; } free(any_one_app_log_dir); ////////////// End of creating the log directories for the app on all disks // open up the credentials file int cred_file = open_file_as_nm(nmPrivate_credentials_file); if (cred_file == -1) { return -1; } // give up root privs if (change_user(user_detail->pw_uid, user_detail->pw_gid) != 0) { return -1; } // 750 mode_t permissions = S_IRWXU | S_IRGRP | S_IXGRP; char* const* nm_root; char *primary_app_dir = NULL; for(nm_root=local_dirs; *nm_root != NULL; ++nm_root) { char *app_dir = get_app_directory(*nm_root, user, app_id); if (app_dir == NULL) { // try the next one } else if (mkdirs(app_dir, permissions) != 0) { free(app_dir); } else if (primary_app_dir == NULL) { primary_app_dir = app_dir; } else { free(app_dir); } } if (primary_app_dir == NULL) { fprintf(LOGFILE, "Did not create any app directories\n"); return -1; } char *nmPrivate_credentials_file_copy = strdup(nmPrivate_credentials_file); // TODO: FIXME. The user's copy of creds should go to a path selected by // localDirAllocatoir char *cred_file_name = concatenate("%s/%s", "cred file", 2, primary_app_dir, basename(nmPrivate_credentials_file_copy)); if (cred_file_name == NULL) { free(nmPrivate_credentials_file_copy); return -1; } if (copy_file(cred_file, nmPrivate_credentials_file, cred_file_name, S_IRUSR|S_IWUSR) != 0){ free(nmPrivate_credentials_file_copy); return -1; } free(nmPrivate_credentials_file_copy); fclose(stdin); fflush(LOGFILE); if (LOGFILE != stdout) { fclose(stdout); } if (ERRORFILE != stderr) { fclose(stderr); } if (chdir(primary_app_dir) != 0) { fprintf(LOGFILE, "Failed to chdir to app dir - %s\n", strerror(errno)); return -1; } execvp(args[0], args); fprintf(ERRORFILE, "Failure to exec app initialization process - %s\n", strerror(errno)); return -1; }
void test_init_app() { printf("\nTesting init app\n"); if (seteuid(0) != 0) { printf("FAIL: seteuid to root failed - %s\n", strerror(errno)); exit(1); } FILE* creds = fopen(TEST_ROOT "/creds.txt", "w"); if (creds == NULL) { printf("FAIL: failed to create credentials file - %s\n", strerror(errno)); exit(1); } if (fprintf(creds, "secret key\n") < 0) { printf("FAIL: fprintf failed - %s\n", strerror(errno)); exit(1); } if (fclose(creds) != 0) { printf("FAIL: fclose failed - %s\n", strerror(errno)); exit(1); } FILE* job_xml = fopen(TEST_ROOT "/job.xml", "w"); if (job_xml == NULL) { printf("FAIL: failed to create job file - %s\n", strerror(errno)); exit(1); } if (fprintf(job_xml, "<jobconf/>\n") < 0) { printf("FAIL: fprintf failed - %s\n", strerror(errno)); exit(1); } if (fclose(job_xml) != 0) { printf("FAIL: fclose failed - %s\n", strerror(errno)); exit(1); } if (seteuid(user_detail->pw_uid) != 0) { printf("FAIL: failed to seteuid back to user - %s\n", strerror(errno)); exit(1); } fflush(stdout); fflush(stderr); pid_t child = fork(); if (child == -1) { printf("FAIL: failed to fork process for init_app - %s\n", strerror(errno)); exit(1); } else if (child == 0) { char *final_pgm[] = {"touch", "my-touch-file", 0}; if (initialize_app(yarn_username, "app_4", TEST_ROOT "/creds.txt", local_dirs, log_dirs, final_pgm) != 0) { printf("FAIL: failed in child\n"); exit(42); } // should never return exit(1); } int status = 0; if (waitpid(child, &status, 0) <= 0) { printf("FAIL: failed waiting for process %" PRId64 " - %s\n", (int64_t)child, strerror(errno)); exit(1); } if (access(TEST_ROOT "/logs/userlogs/app_4", R_OK) != 0) { printf("FAIL: failed to create app log directory\n"); exit(1); } char* app_dir = get_app_directory(TEST_ROOT "/local-1", yarn_username, "app_4"); if (access(app_dir, R_OK) != 0) { printf("FAIL: failed to create app directory %s\n", app_dir); exit(1); } char buffer[100000]; sprintf(buffer, "%s/creds.txt", app_dir); if (access(buffer, R_OK) != 0) { printf("FAIL: failed to create credentials %s\n", buffer); exit(1); } sprintf(buffer, "%s/my-touch-file", app_dir); if (access(buffer, R_OK) != 0) { printf("FAIL: failed to create touch file %s\n", buffer); exit(1); } free(app_dir); app_dir = get_app_log_directory(TEST_ROOT "/logs/userlogs","app_4"); if (access(app_dir, R_OK) != 0) { printf("FAIL: failed to create app log directory %s\n", app_dir); exit(1); } free(app_dir); }