security/hakurei
security/hakurei
5
2
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases 6 Wiki Activity

test/sandbox/tool: marker pathname from flag
All checks were successful
Test / Hakurei (push) Successful in 45s
Details
Test / Create distribution (push) Successful in 37s
Details
Test / Hakurei (race detector) (push) Successful in 45s
Details
Test / Hpkg (push) Successful in 45s
Details
Test / Sandbox (push) Successful in 1m26s
Details
Test / Sandbox (race detector) (push) Successful in 2m10s
Details
Test / Flake checks (push) Successful in 1m32s
Details

Browse Source 
Since this is going to be placed in a shared directory, it needs to be unique to the identity. Instead of trying to figure out identity from mountinfo, just have the test script pass hardcoded values.

Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
Ophestra 2025-09-14 15:57:41 +09:00
parent 83c4f8b767
commit 56aad8dc11
Signed by: cat
SSH Key Fingerprint: SHA256:gQ67O0enBZ7UdZypgtspB2FDM1g3GVw8nX0XSdcFw8Q
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
test/sandbox/tool/main.go
View File

@ -16,11 +16,13 @@ import (
)
var (
flagMarkerPath string
flagTestCase string
flagBpfHash string
)
func init() {
flag.StringVar(&flagMarkerPath, "p", "/tmp/sandbox-ok", "Pathname of completion marker")
flag.StringVar(&flagTestCase, "t", "", "Nix store path to test case file")
flag.StringVar(&flagBpfHash, "s", "", "String representation of expected bpf sha512 hash")
}
@ -37,10 +39,10 @@ func main() {
go func() { <-s; log.Println("exiting on signal (likely from verifier)"); os.Exit(0) }()
(&sandbox.T{FS: os.DirFS("/")}).MustCheckFile(flagTestCase)
if _, err := os.Create("/tmp/sandbox-ok"); err != nil {
if _, err := os.Create(flagMarkerPath); err != nil {
log.Fatalf("cannot create success marker: %v", err)
}
log.Println("blocking for seccomp check")
log.Printf("blocking for seccomp check (%s)", flagMarkerPath)
select {}
return
}