Merge fix regression test failures for when /tmp is mounted as tmpfs

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1283 Approved-by: John Johansen <john@jjmx.net> Merged-by: John Johansen <john@jjmx.net> (cherry picked from commit 1fc944bb67) Signed-off-by: John Johansen <john.johansen@canonical.com>
2025-03-04 08:24:42 +01:00 · 2024-08-01 04:36:20 +00:00 · 2024-08-01 04:36:20 +00:00 · 3c24bc68b6
commit 3c24bc68b6
parent 0193009b8b
5 changed files with 67 additions and 73 deletions
--- a/tests/regression/apparmor/attach_disconnected.sh
+++ b/tests/regression/apparmor/attach_disconnected.sh
@ -23,12 +23,13 @@ settest unix_fd_server
 disk_img=$tmpdir/disk_img
 new_root=$tmpdir/new_root/
 put_old=${new_root}put_old/
-root_was_shared="no"
 fstype="ext2"
 file=$tmpdir/file
 socket=$tmpdir/unix_fd_test
 att_dis_client=$pwd/attach_disconnected

+. $bin/mount.inc
+
 attach_disconnected_cleanup() {
 	if [ ! -z "$loop_device" ]; then
 		losetup -d $loop_device
@ -39,10 +40,7 @@ attach_disconnected_cleanup() {
 		umount "$new_root"
 	fi

-	if [ "$root_was_shared" = "yes" ] ; then
-		[ -n "$VERBOSE" ] && echo 'notice: re-mounting / as shared'
-		mount --make-shared /
-	fi
+	prop_cleanup
 }
 do_onexit="attach_disconnected_cleanup"

@ -50,24 +48,6 @@ if [ ! -b /dev/loop0 ] ; then
 	modprobe loop
 fi

-# systemd mounts / and everything under it MS_SHARED. This breaks
-# pivot_root entirely, so attempt to detect it, and remount /
-# MS_PRIVATE temporarily.
-FINDMNT=/bin/findmnt
-if [ -x "${FINDMNT}" ] && ${FINDMNT} -no PROPAGATION / > /dev/null 2>&1 ; then
-	if [ "$(${FINDMNT} -no PROPAGATION /)" = "shared" ] ; then
-	root_was_shared="yes"
-	fi
-elif [ "$(ps hp1  -ocomm)" = "systemd" ] ; then
-	# no findmnt or findmnt doesn't know the PROPAGATION column,
-	# but init is systemd so assume rootfs is shared
-	root_was_shared="yes"
-fi
-if [ "${root_was_shared}" = "yes" ] ; then
-	[ -n "$VERBOSE" ] && echo 'notice: re-mounting / as private'
-	mount --make-private /
-fi
-
 dd if=/dev/zero of="$disk_img" bs=1024 count=512 2> /dev/null
 /sbin/mkfs -t "$fstype" -F "$disk_img" > /dev/null 2> /dev/null
 # mounting will be done by the test binary
--- a/tests/regression/apparmor/mount.inc
+++ b/tests/regression/apparmor/mount.inc
@ -0,0 +1,30 @@
+root_was_shared="no"
+root="/"
+
+# systemd mounts / and everything under it MS_SHARED. This breaks
+# pivot_root and mount "move" operations entirely, so attempt to
+# detect from which mount point the test is running from, and remount
+# it MS_PRIVATE temporarily.
+FINDMNT=/bin/findmnt
+if [ -x "${FINDMNT}" ] && ${FINDMNT} -no TARGET,PROPAGATION -T $tmpdir > /dev/null 2>&1 ; then
+	output="$(${FINDMNT} -no TARGET,PROPAGATION -T $tmpdir)"
+	root="$(echo $output | cut -d' ' -f1)"
+	if [ "$(echo $output | cut -d' ' -f2)" == "shared" ] ; then
+		root_was_shared="yes"
+	fi
+elif [ "$(ps hp1  -ocomm)" = "systemd" ] ; then
+	# no findmnt or findmnt doesn't know the PROPAGATION column,
+	# but init is systemd so assume rootfs is shared
+	root_was_shared="yes"
+fi
+if [ "${root_was_shared}" = "yes" ] ; then
+	[ -n "$VERBOSE" ] && echo "notice: re-mounting $root as private"
+	mount --make-private $root
+fi
+
+prop_cleanup() {
+	if [ "${root_was_shared}" = "yes" ] ; then
+		[ -n "$VERBOSE" ] && echo "notice: re-mounting $root as shared"
+		mount --make-shared $root
+	fi
+}
--- a/tests/regression/apparmor/mount.sh
+++ b/tests/regression/apparmor/mount.sh
@ -32,7 +32,8 @@ mount_point2=$tmpdir/mountpoint2
 mount_bad=$tmpdir/mountbad
 loop_device="unset" 
 fstype="ext2"
-root_was_shared="no"
+
+. $bin/mount.inc

 setup_mnt() {
 	/bin/mount -n -t${fstype} ${loop_device} ${mount_point}
@ -59,9 +60,7 @@ mount_cleanup() {
 	then
 		/sbin/losetup -d ${loop_device} &> /dev/null
 	fi
-	if [ "${root_was_shared}" = "yes" ] ; then
-		mount --make-shared /
-	fi
+	prop_cleanup
 }
 do_onexit="mount_cleanup"

@ -81,23 +80,6 @@ fi
 loop_device=$(losetup -f) || fatalerror 'Unable to find a free loop device'
 /sbin/losetup "$loop_device" ${mount_file} > /dev/null 2> /dev/null

-# systemd mounts / and everything under it MS_SHARED which does
-# not work with "move", so attempt to detect it, and remount /
-# MS_PRIVATE temporarily. snippet from pivot_root.sh
-FINDMNT=/bin/findmnt
-if [ -x "${FINDMNT}" ] && ${FINDMNT} -no PROPAGATION / > /dev/null 2>&1 ; then
-	if [ "$(${FINDMNT} -no PROPAGATION /)" == "shared" ] ; then
-		root_was_shared="yes"
-	fi
-elif [ "$(ps hp1  -ocomm)" = "systemd" ] ; then
-	# no findmnt or findmnt doesn't know the PROPAGATION column,
-	# but init is systemd so assume rootfs is shared
-	root_was_shared="yes"
-fi
-if [ "${root_was_shared}" = "yes" ] ; then
-	mount --make-private /
-fi
-
 options=(
 	# default and non-default options
 	"rw,ro"
--- a/tests/regression/apparmor/pivot_root.sh
+++ b/tests/regression/apparmor/pivot_root.sh
@ -25,7 +25,8 @@ put_old=${new_root}put_old/
 bad=$tmpdir/BAD/
 proc=$new_root/proc
 fstype="ext2"
-root_was_shared="no"
+
+. $bin/mount.inc

 pivot_root_cleanup() {
 	mountpoint -q "$proc"
@ -38,10 +39,7 @@ pivot_root_cleanup() {
 		umount "$new_root"
 	fi

-	if [ "${root_was_shared}" = "yes" ] ; then
-		[ -n "$VERBOSE" ] && echo 'notice: re-mounting / as shared'
-		mount --make-shared /
-	fi
+	prop_cleanup
 }
 do_onexit="pivot_root_cleanup"

@ -50,24 +48,6 @@ if [ ! -b /dev/loop0 ] ; then
 	modprobe loop
 fi

-# systemd mounts / and everything under it MS_SHARED. This breaks
-# pivot_root entirely, so attempt to detect it, and remount /
-# MS_PRIVATE temporarily.
-FINDMNT=/bin/findmnt
-if [ -x "${FINDMNT}" ] && ${FINDMNT} -no PROPAGATION / > /dev/null 2>&1 ; then
-	if [ "$(${FINDMNT} -no PROPAGATION /)" = "shared" ] ; then
-		root_was_shared="yes"
-	fi
-elif [ "$(ps hp1  -ocomm)" = "systemd" ] ; then
-	# no findmnt or findmnt doesn't know the PROPAGATION column,
-	# but init is systemd so assume rootfs is shared
-	root_was_shared="yes"
-fi
-if [ "${root_was_shared}" = "yes" ] ; then
-	[ -n "$VERBOSE" ] && echo 'notice: re-mounting / as private'
-	mount --make-private /
-fi
-
 # Create disk image since pivot_root doesn't allow old root and new root to be
 # on the same filesystem
 dd if=/dev/zero of="$disk_img" bs=1024 count=512 2> /dev/null
--- a/tests/regression/apparmor/swap.sh
+++ b/tests/regression/apparmor/swap.sh
@ -27,16 +27,38 @@ bin=$pwd
 ## A. SWAP
 ##

-# check if we can run the test at all
+swap_file=$tmpdir/swapfile
+
+# check if we can run the test in tmpdir
 fstype=$(stat -f --format '%T' "${tmpdir}")
 if [ "${fstype}" = "tmpfs" ] ; then
-	echo "ERROR: tmpdir '${tmpdir}' is of type tmpfs; can't mount a swapfile on it" 1>&2
-	echo "ERROR: skipping swap tests" 1>&2
-	num_testfailures=1
-	exit
+	# create a mountpoint not tmpfs
+	mount_file=$tmpdir/mountfile
+	mount_point=$tmpdir/mountpoint
+	fstype="ext2"
+	dd if=/dev/zero of=${mount_file} bs=1024 count=900 2> /dev/null
+	/sbin/mkfs -t${fstype} -F ${mount_file} > /dev/null 2> /dev/null
+	/bin/mkdir ${mount_point}
+
+	loop_device=$(losetup -f) || fatalerror 'Unable to find a free loop device'
+	/sbin/losetup "$loop_device" ${mount_file} > /dev/null 2> /dev/null
+
+	/bin/mount -n -t${fstype} ${loop_device} ${mount_point}
+
+	swap_file=$mount_point/swapfile
 fi

-swap_file=$tmpdir/swapfile
+remove_mnt() {
+	mountpoint -q "${mount_point}"
+	if [ $? -eq 0 ] ; then
+		/bin/umount -t${fstype} ${mount_point}
+	fi
+	if [ -n "$loop_device" ]
+	then
+		/sbin/losetup -d ${loop_device} &> /dev/null
+	fi
+}
+do_onexit="remove_mnt"

 # ppc64el wants this to be larger than 640KiB
 # arm/small machines want this as small as possible