security/hakurei
6
3
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

container/check: move absolute pathname
All checks were successful
Test / Create distribution (push) Successful in 34s
Details
Test / Hpkg (push) Successful in 4m3s
Details
Test / Sandbox (race detector) (push) Successful in 4m26s
Details
Test / Hakurei (race detector) (push) Successful in 5m19s
Details
Test / Sandbox (push) Successful in 1m28s
Details
Test / Hakurei (push) Successful in 2m16s
Details
Test / Flake checks (push) Successful in 1m37s
Details

Browse Source 
This allows use of absolute pathname values without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
Ophestra
2025-10-07 20:06:26 +09:00
parent d23b4dc9e6
commit 0e6c1a5026
72 changed files with 815 additions and 742 deletions
Download Patch File Download Diff File Expand all files Collapse all files

293
container/init_test.go
View File

@@ -7,6 +7,7 @@ import (
"time"
"hakurei.app/container/bits"
"hakurei.app/container/check"
"hakurei.app/container/seccomp"
"hakurei.app/container/stub"
)
@@ -58,9 +59,9 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
@@ -82,9 +83,9 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
@@ -110,9 +111,9 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
@@ -139,9 +140,9 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
@@ -169,9 +170,9 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
@@ -200,9 +201,9 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
@@ -232,9 +233,9 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
@@ -266,9 +267,9 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
@@ -302,9 +303,9 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
@@ -340,9 +341,9 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
@@ -378,16 +379,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -417,16 +418,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -456,16 +457,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -496,16 +497,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -537,16 +538,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -579,16 +580,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -622,16 +623,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -666,16 +667,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -711,16 +712,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -757,16 +758,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -798,7 +799,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, stub.UniqueError(44)),
call("fatalf", stub.ExpectArgs{"cannot apply op at index %d: %v", []any{1, stub.UniqueError(44)}}, nil, nil),
@@ -812,16 +813,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -853,7 +854,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, &MountError{"proc", "/sysroot/proc", "proc", uintptr(0xe), "", syscall.ENOTRECOVERABLE}),
call("fatal", stub.ExpectArgs{[]any{"cannot mount proc on /sysroot/proc: state not recoverable"}}, nil, nil),
@@ -867,16 +868,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -908,7 +909,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -923,16 +924,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -964,7 +965,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -980,16 +981,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -1021,7 +1022,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -1039,16 +1040,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -1080,7 +1081,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -1099,16 +1100,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -1140,7 +1141,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -1160,16 +1161,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -1201,7 +1202,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -1222,16 +1223,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -1263,7 +1264,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -1285,16 +1286,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -1326,7 +1327,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -1349,16 +1350,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -1390,7 +1391,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -1414,16 +1415,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -1455,7 +1456,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -1480,16 +1481,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -1521,7 +1522,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -1554,16 +1555,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -1595,7 +1596,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -1661,16 +1662,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -1702,7 +1703,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -1769,16 +1770,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -1810,7 +1811,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -1880,15 +1881,15 @@ func TestInitEntrypoint(t *testing.T) {
call("setPtracer", stub.ExpectArgs{uintptr(0)}, 0, stub.UniqueError(14)),
call("verbosef", stub.ExpectArgs{"cannot enable ptrace protection via Yama LSM: %v", []any{stub.UniqueError(14)}}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei/nonexistent"),
Path: MustAbs("/run/current-system/sw/bin/bash"),
Dir: check.MustAbs("/.hakurei/nonexistent"),
Path: check.MustAbs("/run/current-system/sw/bin/bash"),
Args: []string{"bash", "-c", "false"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 24,
Gid: 1 << 47,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompDisable: true,
ParentPerm: 0750,
@@ -1919,7 +1920,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0750)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -1980,7 +1981,7 @@ func TestInitEntrypoint(t *testing.T) {
call("newFile", stub.ExpectArgs{uintptr(0x3a), "extra file 0"}, (*os.File)(nil), nil),
call("newFile", stub.ExpectArgs{uintptr(0x3b), "extra file 1"}, (*os.File)(nil), nil),
call("umask", stub.ExpectArgs{022}, 0, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
call("start", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent"}, nil, stub.UniqueError(12)),
call("fatalf", stub.ExpectArgs{"%v", []any{stub.UniqueError(12)}}, nil, nil),
},
@@ -1994,15 +1995,15 @@ func TestInitEntrypoint(t *testing.T) {
call("setPtracer", stub.ExpectArgs{uintptr(0)}, 0, stub.UniqueError(11)),
call("verbosef", stub.ExpectArgs{"cannot enable ptrace protection via Yama LSM: %v", []any{stub.UniqueError(11)}}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei/nonexistent"),
Path: MustAbs("/run/current-system/sw/bin/bash"),
Dir: check.MustAbs("/.hakurei/nonexistent"),
Path: check.MustAbs("/run/current-system/sw/bin/bash"),
Args: []string{"bash", "-c", "false"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Nanosecond,
Uid: 1 << 24,
Gid: 1 << 47,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompDisable: true,
ParentPerm: 0750,
@@ -2033,7 +2034,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0750)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -2058,7 +2059,7 @@ func TestInitEntrypoint(t *testing.T) {
call("newFile", stub.ExpectArgs{uintptr(0x3a), "extra file 0"}, (*os.File)(nil), nil),
call("newFile", stub.ExpectArgs{uintptr(0x3b), "extra file 1"}, (*os.File)(nil), nil),
call("umask", stub.ExpectArgs{022}, 0, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
call("start", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent"}, &os.Process{Pid: 0xbad}, nil),
call("suspend", stub.ExpectArgs{}, true, nil),
call("printf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(10)}}, nil, nil),
@@ -2094,15 +2095,15 @@ func TestInitEntrypoint(t *testing.T) {
call("setPtracer", stub.ExpectArgs{uintptr(0)}, 0, stub.UniqueError(8)),
call("verbosef", stub.ExpectArgs{"cannot enable ptrace protection via Yama LSM: %v", []any{stub.UniqueError(8)}}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei/nonexistent"),
Path: MustAbs("/run/current-system/sw/bin/bash"),
Dir: check.MustAbs("/.hakurei/nonexistent"),
Path: check.MustAbs("/run/current-system/sw/bin/bash"),
Args: []string{"bash", "-c", "false"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Nanosecond,
Uid: 1 << 24,
Gid: 1 << 47,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompDisable: true,
ParentPerm: 0750,
@@ -2133,7 +2134,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0750)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -2158,7 +2159,7 @@ func TestInitEntrypoint(t *testing.T) {
call("newFile", stub.ExpectArgs{uintptr(0x3a), "extra file 0"}, (*os.File)(nil), nil),
call("newFile", stub.ExpectArgs{uintptr(0x3b), "extra file 1"}, (*os.File)(nil), nil),
call("umask", stub.ExpectArgs{022}, 0, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
call("start", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent"}, &os.Process{Pid: 0xbad}, nil),
call("suspend", stub.ExpectArgs{}, true, nil),
call("printf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(7)}}, nil, nil),
@@ -2185,15 +2186,15 @@ func TestInitEntrypoint(t *testing.T) {
call("setPtracer", stub.ExpectArgs{uintptr(0)}, 0, stub.UniqueError(6)),
call("verbosef", stub.ExpectArgs{"cannot enable ptrace protection via Yama LSM: %v", []any{stub.UniqueError(6)}}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei/nonexistent"),
Path: MustAbs("/run/current-system/sw/bin/bash"),
Dir: check.MustAbs("/.hakurei/nonexistent"),
Path: check.MustAbs("/run/current-system/sw/bin/bash"),
Args: []string{"bash", "-c", "false"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Nanosecond,
Uid: 1 << 24,
Gid: 1 << 47,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompDisable: true,
ParentPerm: 0750,
@@ -2224,7 +2225,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0750)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -2249,7 +2250,7 @@ func TestInitEntrypoint(t *testing.T) {
call("newFile", stub.ExpectArgs{uintptr(0x3a), "extra file 0"}, (*os.File)(nil), nil),
call("newFile", stub.ExpectArgs{uintptr(0x3b), "extra file 1"}, (*os.File)(nil), nil),
call("umask", stub.ExpectArgs{022}, 0, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
call("start", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent"}, &os.Process{Pid: 0xbad}, nil),
call("suspend", stub.ExpectArgs{}, true, nil),
call("printf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(5)}}, nil, nil),
@@ -2278,15 +2279,15 @@ func TestInitEntrypoint(t *testing.T) {
call("setPtracer", stub.ExpectArgs{uintptr(0)}, 0, stub.UniqueError(4)),
call("verbosef", stub.ExpectArgs{"cannot enable ptrace protection via Yama LSM: %v", []any{stub.UniqueError(4)}}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei/nonexistent"),
Path: MustAbs("/run/current-system/sw/bin/bash"),
Dir: check.MustAbs("/.hakurei/nonexistent"),
Path: check.MustAbs("/run/current-system/sw/bin/bash"),
Args: []string{"bash", "-c", "false"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 24,
Gid: 1 << 47,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompDisable: true,
ParentPerm: 0750,
@@ -2317,7 +2318,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0750)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -2342,7 +2343,7 @@ func TestInitEntrypoint(t *testing.T) {
call("newFile", stub.ExpectArgs{uintptr(0x3a), "extra file 0"}, (*os.File)(nil), nil),
call("newFile", stub.ExpectArgs{uintptr(0x3b), "extra file 1"}, (*os.File)(nil), nil),
call("umask", stub.ExpectArgs{022}, 0, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
call("start", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent"}, &os.Process{Pid: 0xbad}, nil),
call("suspend", stub.ExpectArgs{}, true, nil),
call("printf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(3)}}, nil, nil),
@@ -2378,15 +2379,15 @@ func TestInitEntrypoint(t *testing.T) {
call("setPtracer", stub.ExpectArgs{uintptr(0)}, 0, stub.UniqueError(2)),
call("verbosef", stub.ExpectArgs{"cannot enable ptrace protection via Yama LSM: %v", []any{stub.UniqueError(2)}}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei/nonexistent"),
Path: MustAbs("/run/current-system/sw/bin/bash"),
Dir: check.MustAbs("/.hakurei/nonexistent"),
Path: check.MustAbs("/run/current-system/sw/bin/bash"),
Args: []string{"bash", "-c", "false"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 24,
Gid: 1 << 47,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompDisable: true,
ParentPerm: 0750,
@@ -2417,7 +2418,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0750)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -2478,7 +2479,7 @@ func TestInitEntrypoint(t *testing.T) {
call("newFile", stub.ExpectArgs{uintptr(0x3a), "extra file 0"}, (*os.File)(nil), nil),
call("newFile", stub.ExpectArgs{uintptr(0x3b), "extra file 1"}, (*os.File)(nil), nil),
call("umask", stub.ExpectArgs{022}, 0, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
call("start", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent"}, &os.Process{Pid: 0xbad}, nil),
call("suspend", stub.ExpectArgs{}, true, nil),
call("printf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(1)}}, nil, nil),
@@ -2513,16 +2514,16 @@ func TestInitEntrypoint(t *testing.T) {
call("getpid", stub.ExpectArgs{}, 1, nil),
call("setPtracer", stub.ExpectArgs{uintptr(0)}, nil, nil),
call("receive", stub.ExpectArgs{"HAKUREI_SETUP", new(initParams), new(uintptr), &initParams{Params{
Dir: MustAbs("/.hakurei"),
Dir: check.MustAbs("/.hakurei"),
Env: []string{"DISPLAY=:0"},
Path: MustAbs("/bin/zsh"),
Path: check.MustAbs("/bin/zsh"),
Args: []string{"zsh", "-c", "exec vim"},
ForwardCancel: true,
AdoptWaitDelay: 5 * time.Second,
Uid: 1 << 32,
Gid: 1 << 31,
Hostname: "hakurei-check",
Ops: new(Ops).Bind(MustAbs("/"), MustAbs("/"), BindDevice).Proc(MustAbs("/proc/")),
Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), BindDevice).Proc(check.MustAbs("/proc/")),
SeccompRules: make([]seccomp.NativeRule, 0),
SeccompPresets: bits.PresetStrict,
RetainSession: true,
@@ -2554,7 +2555,7 @@ func TestInitEntrypoint(t *testing.T) {
call("mkdirAll", stub.ExpectArgs{"/sysroot", os.FileMode(0700)}, nil, nil),
call("verbosef", stub.ExpectArgs{"mounting %q flags %#x", []any{"/sysroot", uintptr(0x4001)}}, nil, nil),
call("bindMount", stub.ExpectArgs{"/host", "/sysroot", uintptr(0x4001), false}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: MustAbs("/proc/")}}}, nil, nil),
call("verbosef", stub.ExpectArgs{"%s %s", []any{"mounting", &MountProcOp{Target: check.MustAbs("/proc/")}}}, nil, nil),
call("mkdirAll", stub.ExpectArgs{"/sysroot/proc", os.FileMode(0755)}, nil, nil),
call("mount", stub.ExpectArgs{"proc", "/sysroot/proc", "proc", uintptr(0xe), ""}, nil, nil),
/* end apply */
@@ -2618,7 +2619,7 @@ func TestInitEntrypoint(t *testing.T) {
call("newFile", stub.ExpectArgs{uintptr(11), "extra file 1"}, (*os.File)(nil), nil),
call("newFile", stub.ExpectArgs{uintptr(12), "extra file 2"}, (*os.File)(nil), nil),
call("umask", stub.ExpectArgs{022}, 0, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{MustAbs("/bin/zsh")}}, nil, nil),
call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/bin/zsh")}}, nil, nil),
call("start", stub.ExpectArgs{"/bin/zsh", []string{"zsh", "-c", "exec vim"}, []string{"DISPLAY=:0"}, "/.hakurei"}, &os.Process{Pid: 0xcafe}, nil),
call("suspend", stub.ExpectArgs{}, true, nil),
call("printf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(0)}}, nil, nil),