diff --git a/cmd/hakurei/parse_test.go b/cmd/hakurei/parse_test.go index ae7c8d5..2939ab0 100644 --- a/cmd/hakurei/parse_test.go +++ b/cmd/hakurei/parse_test.go @@ -58,8 +58,8 @@ func TestTryIdentifier(t *testing.T) { } sampleEntry := hst.State{ ID: id, - PID: 0xcafebabe, - ShimPID: 0xdeadbeef, + PID: 0xcafe, + ShimPID: 0xdead, Config: hst.Template(), } diff --git a/cmd/hakurei/print_test.go b/cmd/hakurei/print_test.go index b9344b5..41d9cca 100644 --- a/cmd/hakurei/print_test.go +++ b/cmd/hakurei/print_test.go @@ -22,8 +22,8 @@ var ( } testState = hst.State{ ID: testID, - PID: 0xcafebabe, - ShimPID: 0xdeadbeef, + PID: 0xcafe, + ShimPID: 0xdead, Config: hst.Template(), Time: testAppTime, } @@ -154,7 +154,7 @@ Session bus `, false}, {"instance", &testState, hst.Template(), false, false, `State - Instance: 8e2c76b066dabe574cf073bdb46eb5c1 (3405691582 -> 3735928559) + Instance: 8e2c76b066dabe574cf073bdb46eb5c1 (51966 -> 57005) Uptime: 1h2m32s App @@ -196,7 +196,7 @@ System bus {"instance pd", &testState, new(hst.Config), false, false, `Error: configuration missing container state! State - Instance: 8e2c76b066dabe574cf073bdb46eb5c1 (3405691582 -> 3735928559) + Instance: 8e2c76b066dabe574cf073bdb46eb5c1 (51966 -> 57005) Uptime: 1h2m32s App @@ -209,8 +209,8 @@ App `, true}, {"json instance", &testState, nil, false, true, `{ "instance": "8e2c76b066dabe574cf073bdb46eb5c1", - "pid": 3405691582, - "shim_pid": 3735928559, + "pid": 51966, + "shim_pid": 57005, "id": "org.chromium.Chromium", "enablements": { "wayland": true, @@ -544,12 +544,12 @@ func TestPrintPs(t *testing.T) { {"invalid config", []hst.State{{ID: testID, PID: 1 << 8, Config: new(hst.Config), Time: testAppTime}}, false, false, " Instance PID Application Uptime\n", "check: configuration missing container state\n"}, - {"valid", []hst.State{testStateSmall, testState}, false, false, ` Instance PID Application Uptime - 4cf073bd 3405691582 9 (org.chromium.Chromium) 1h2m32s - aaaaaaaa 48879 1 (app.hakurei.aaaaaaaa) 1h2m28s + {"valid", []hst.State{testStateSmall, testState}, false, false, ` Instance PID Application Uptime + 4cf073bd 51966 9 (org.chromium.Chromium) 1h2m32s + aaaaaaaa 48879 1 (app.hakurei.aaaaaaaa) 1h2m28s `, ""}, - {"valid single", []hst.State{testState}, false, false, ` Instance PID Application Uptime - 4cf073bd 3405691582 9 (org.chromium.Chromium) 1h2m32s + {"valid single", []hst.State{testState}, false, false, ` Instance PID Application Uptime + 4cf073bd 51966 9 (org.chromium.Chromium) 1h2m32s `, ""}, {"valid short", []hst.State{testStateSmall, testState}, true, false, "4cf073bd\naaaaaaaa\n", ""}, @@ -558,8 +558,8 @@ func TestPrintPs(t *testing.T) { {"valid json", []hst.State{testState, testStateSmall}, false, true, `[ { "instance": "8e2c76b066dabe574cf073bdb46eb5c1", - "pid": 3405691582, - "shim_pid": 3735928559, + "pid": 51966, + "shim_pid": 57005, "id": "org.chromium.Chromium", "enablements": { "wayland": true, diff --git a/container/check/absolute_test.go b/container/check/absolute_test.go index 2746ec7..5cb96d7 100644 --- a/container/check/absolute_test.go +++ b/container/check/absolute_test.go @@ -147,7 +147,7 @@ func TestAbsoluteIs(t *testing.T) { type sCheck struct { Pathname *Absolute `json:"val"` - Magic int `json:"magic"` + Magic uint64 `json:"magic"` } func TestCodecAbsolute(t *testing.T) { @@ -169,19 +169,19 @@ func TestCodecAbsolute(t *testing.T) { {"good", MustAbs("/etc"), nil, "\t\x7f\x05\x01\x02\xff\x82\x00\x00\x00\b\xff\x80\x00\x04/etc", - ",\xff\x83\x03\x01\x01\x06sCheck\x01\xff\x84\x00\x01\x02\x01\bPathname\x01\xff\x80\x00\x01\x05Magic\x01\x04\x00\x00\x00\t\x7f\x05\x01\x02\xff\x82\x00\x00\x00\x10\xff\x84\x01\x04/etc\x01\xfb\x01\x81\xda\x00\x00\x00", + ",\xff\x83\x03\x01\x01\x06sCheck\x01\xff\x84\x00\x01\x02\x01\bPathname\x01\xff\x80\x00\x01\x05Magic\x01\x06\x00\x00\x00\t\x7f\x05\x01\x02\xff\x82\x00\x00\x00\x0f\xff\x84\x01\x04/etc\x01\xfc\xc0\xed\x00\x00\x00", `"/etc"`, `{"val":"/etc","magic":3236757504}`}, {"not absolute", nil, &AbsoluteError{Pathname: "etc"}, "\t\x7f\x05\x01\x02\xff\x82\x00\x00\x00\a\xff\x80\x00\x03etc", - ",\xff\x83\x03\x01\x01\x06sCheck\x01\xff\x84\x00\x01\x02\x01\bPathname\x01\xff\x80\x00\x01\x05Magic\x01\x04\x00\x00\x00\t\x7f\x05\x01\x02\xff\x82\x00\x00\x00\x0f\xff\x84\x01\x03etc\x01\xfb\x01\x81\xda\x00\x00\x00", + ",\xff\x83\x03\x01\x01\x06sCheck\x01\xff\x84\x00\x01\x02\x01\bPathname\x01\xff\x80\x00\x01\x05Magic\x01\x06\x00\x00\x00\t\x7f\x05\x01\x02\xff\x82\x00\x00\x00\x0f\xff\x84\x01\x03etc\x01\xfb\x01\x81\xda\x00\x00\x00", `"etc"`, `{"val":"etc","magic":3236757504}`}, {"zero", nil, new(AbsoluteError), "\t\x7f\x05\x01\x02\xff\x82\x00\x00\x00\x04\xff\x80\x00\x00", - ",\xff\x83\x03\x01\x01\x06sCheck\x01\xff\x84\x00\x01\x02\x01\bPathname\x01\xff\x80\x00\x01\x05Magic\x01\x04\x00\x00\x00\t\x7f\x05\x01\x02\xff\x82\x00\x00\x00\f\xff\x84\x01\x00\x01\xfb\x01\x81\xda\x00\x00\x00", + ",\xff\x83\x03\x01\x01\x06sCheck\x01\xff\x84\x00\x01\x02\x01\bPathname\x01\xff\x80\x00\x01\x05Magic\x01\x06\x00\x00\x00\t\x7f\x05\x01\x02\xff\x82\x00\x00\x00\f\xff\x84\x01\x00\x01\xfb\x01\x81\xda\x00\x00\x00", `""`, `{"val":"","magic":3236757504}`}, } diff --git a/container/errors_test.go b/container/errors_test.go index bf74265..5c55af4 100644 --- a/container/errors_test.go +++ b/container/errors_test.go @@ -46,8 +46,8 @@ func TestMessageFromError(t *testing.T) { {"state", OpStateError("overlay"), "impossible overlay state reached", true}, - {"vfs parse", &vfs.DecoderError{Op: "parse", Line: 0xdeadbeef, Err: &strconv.NumError{Func: "Atoi", Num: "meow", Err: strconv.ErrSyntax}}, - `cannot parse mountinfo at line 3735928559: numeric field "meow" invalid syntax`, true}, + {"vfs parse", &vfs.DecoderError{Op: "parse", Line: 0xdead, Err: &strconv.NumError{Func: "Atoi", Num: "meow", Err: strconv.ErrSyntax}}, + `cannot parse mountinfo at line 57005: numeric field "meow" invalid syntax`, true}, {"tmpfs", TmpfsSizeError(-1), "tmpfs size -1 out of bounds", true}, diff --git a/container/init_test.go b/container/init_test.go index 7ab4c91..336c7c4 100644 --- a/container/init_test.go +++ b/container/init_test.go @@ -1,6 +1,7 @@ package container import ( + "math" "os" "syscall" "testing" @@ -66,8 +67,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", SeccompRules: make([]std.NativeRule, 0), SeccompPresets: std.PresetStrict, @@ -90,8 +91,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: (*Ops)(sliceAddr(make(Ops, 1))), SeccompRules: make([]std.NativeRule, 0), @@ -118,8 +119,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: (*Ops)(sliceAddr(make(Ops, 1))), SeccompRules: make([]std.NativeRule, 0), @@ -130,7 +131,7 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, stub.UniqueError(75)), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, stub.UniqueError(75)), call("fatalf", stub.ExpectArgs{"%v", []any{stub.UniqueError(75)}}, nil, nil), }, }, nil}, @@ -147,8 +148,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: (*Ops)(sliceAddr(make(Ops, 1))), SeccompRules: make([]std.NativeRule, 0), @@ -159,7 +160,7 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, stub.UniqueError(73)), call("fatalf", stub.ExpectArgs{"%v", []any{stub.UniqueError(73)}}, nil, nil), }, @@ -177,8 +178,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: (*Ops)(sliceAddr(make(Ops, 1))), SeccompRules: make([]std.NativeRule, 0), @@ -189,9 +190,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, stub.UniqueError(71)), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, stub.UniqueError(71)), call("fatalf", stub.ExpectArgs{"%v", []any{stub.UniqueError(71)}}, nil, nil), }, }, nil}, @@ -208,8 +209,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: (*Ops)(sliceAddr(make(Ops, 1))), SeccompRules: make([]std.NativeRule, 0), @@ -220,9 +221,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, stub.UniqueError(69)), call("fatalf", stub.ExpectArgs{"cannot set SUID_DUMP_DISABLE: %v", []any{stub.UniqueError(69)}}, nil, nil), }, @@ -240,8 +241,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: (*Ops)(sliceAddr(make(Ops, 1))), SeccompRules: make([]std.NativeRule, 0), @@ -252,9 +253,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, stub.UniqueError(67)), @@ -274,8 +275,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: (*Ops)(sliceAddr(make(Ops, 1))), SeccompRules: make([]std.NativeRule, 0), @@ -286,9 +287,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -310,8 +311,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: (*Ops)(sliceAddr(make(Ops, 1))), SeccompRules: make([]std.NativeRule, 0), @@ -322,9 +323,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -348,8 +349,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(nil, nil, std.BindDevice), SeccompRules: make([]std.NativeRule, 0), @@ -360,9 +361,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -386,8 +387,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -398,9 +399,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -425,8 +426,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -437,9 +438,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -464,8 +465,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -476,9 +477,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -504,8 +505,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -516,9 +517,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -545,8 +546,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -557,9 +558,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -587,8 +588,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -599,9 +600,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -630,8 +631,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -642,9 +643,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -674,8 +675,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -686,9 +687,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -719,8 +720,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -731,9 +732,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -765,8 +766,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -777,9 +778,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -820,8 +821,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -832,9 +833,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -875,8 +876,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -887,9 +888,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -931,8 +932,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -943,9 +944,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -988,8 +989,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -1000,9 +1001,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -1029,8 +1030,8 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, stub.UniqueError(37)), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, stub.UniqueError(37)), call("fatalf", stub.ExpectArgs{"cannot open intermediate root: %v", []any{stub.UniqueError(37)}}, nil, nil), }, }, nil}, @@ -1047,8 +1048,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -1059,9 +1060,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -1088,8 +1089,8 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, stub.UniqueError(35)), call("fatalf", stub.ExpectArgs{"cannot enter sysroot: %v", []any{stub.UniqueError(35)}}, nil, nil), }, @@ -1107,8 +1108,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -1119,9 +1120,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -1148,8 +1149,8 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, stub.UniqueError(33)), call("fatalf", stub.ExpectArgs{"cannot pivot into sysroot: %v", []any{stub.UniqueError(33)}}, nil, nil), @@ -1168,8 +1169,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -1180,9 +1181,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -1209,11 +1210,11 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, stub.UniqueError(31)), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, stub.UniqueError(31)), call("fatalf", stub.ExpectArgs{"cannot re-enter intermediate root: %v", []any{stub.UniqueError(31)}}, nil, nil), }, }, nil}, @@ -1230,8 +1231,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -1242,9 +1243,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -1271,11 +1272,11 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, stub.UniqueError(29)), call("fatalf", stub.ExpectArgs{"cannot unmount intermediate root: %v", []any{stub.UniqueError(29)}}, nil, nil), }, @@ -1293,8 +1294,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -1305,9 +1306,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -1334,11 +1335,11 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, stub.UniqueError(27)), call("fatalf", stub.ExpectArgs{"cannot enter root: %v", []any{stub.UniqueError(27)}}, nil, nil), @@ -1357,8 +1358,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -1369,9 +1370,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -1398,14 +1399,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, stub.UniqueError(25)), + call("close", stub.ExpectArgs{math.MaxInt}, nil, stub.UniqueError(25)), call("fatalf", stub.ExpectArgs{"cannot close intermediate root: %v", []any{stub.UniqueError(25)}}, nil, nil), }, }, nil}, @@ -1422,8 +1423,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -1434,9 +1435,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -1463,14 +1464,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, nil), + call("close", stub.ExpectArgs{math.MaxInt}, nil, nil), call("capAmbientClearAll", stub.ExpectArgs{}, nil, stub.UniqueError(23)), call("fatalf", stub.ExpectArgs{"cannot clear the ambient capability set: %v", []any{stub.UniqueError(23)}}, nil, nil), }, @@ -1488,8 +1489,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -1500,9 +1501,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -1529,14 +1530,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, nil), + call("close", stub.ExpectArgs{math.MaxInt}, nil, nil), call("capAmbientClearAll", stub.ExpectArgs{}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x0)}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x1)}, nil, nil), @@ -1562,8 +1563,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -1574,9 +1575,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -1603,14 +1604,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, nil), + call("close", stub.ExpectArgs{math.MaxInt}, nil, nil), call("capAmbientClearAll", stub.ExpectArgs{}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x0)}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x1)}, nil, nil), @@ -1669,8 +1670,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -1681,9 +1682,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -1710,14 +1711,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, nil), + call("close", stub.ExpectArgs{math.MaxInt}, nil, nil), call("capAmbientClearAll", stub.ExpectArgs{}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x0)}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x1)}, nil, nil), @@ -1777,8 +1778,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -1789,9 +1790,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -1818,14 +1819,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, nil), + call("close", stub.ExpectArgs{math.MaxInt}, nil, nil), call("capAmbientClearAll", stub.ExpectArgs{}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x0)}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x1)}, nil, nil), @@ -1888,7 +1889,7 @@ func TestInitEntrypoint(t *testing.T) { ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, Uid: 1 << 24, - Gid: 1 << 47, + Gid: 1 << 23, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -1900,7 +1901,7 @@ func TestInitEntrypoint(t *testing.T) { call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("16777216 1971 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("140737488355328 127 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("8388608 127 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -1927,14 +1928,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, nil), + call("close", stub.ExpectArgs{math.MaxInt}, nil, nil), call("capAmbientClearAll", stub.ExpectArgs{}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x0)}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x1)}, nil, nil), @@ -2002,7 +2003,7 @@ func TestInitEntrypoint(t *testing.T) { ForwardCancel: true, AdoptWaitDelay: 5 * time.Nanosecond, Uid: 1 << 24, - Gid: 1 << 47, + Gid: 1 << 23, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -2014,7 +2015,7 @@ func TestInitEntrypoint(t *testing.T) { call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("16777216 1971 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("140737488355328 127 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("8388608 127 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -2041,14 +2042,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, nil), + call("close", stub.ExpectArgs{math.MaxInt}, nil, nil), call("capAmbientClearAll", stub.ExpectArgs{}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x0)}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x1)}, nil, nil), @@ -2100,7 +2101,7 @@ func TestInitEntrypoint(t *testing.T) { ForwardCancel: true, AdoptWaitDelay: 5 * time.Nanosecond, Uid: 1 << 24, - Gid: 1 << 47, + Gid: 1 << 23, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -2112,7 +2113,7 @@ func TestInitEntrypoint(t *testing.T) { call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("16777216 1971 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("140737488355328 127 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("8388608 127 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -2139,14 +2140,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, nil), + call("close", stub.ExpectArgs{math.MaxInt}, nil, nil), call("capAmbientClearAll", stub.ExpectArgs{}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x0)}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x1)}, nil, nil), @@ -2198,7 +2199,7 @@ func TestInitEntrypoint(t *testing.T) { ForwardCancel: true, AdoptWaitDelay: 5 * time.Nanosecond, Uid: 1 << 24, - Gid: 1 << 47, + Gid: 1 << 23, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -2210,7 +2211,7 @@ func TestInitEntrypoint(t *testing.T) { call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("16777216 1971 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("140737488355328 127 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("8388608 127 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -2237,14 +2238,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, nil), + call("close", stub.ExpectArgs{math.MaxInt}, nil, nil), call("capAmbientClearAll", stub.ExpectArgs{}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x0)}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x1)}, nil, nil), @@ -2289,7 +2290,7 @@ func TestInitEntrypoint(t *testing.T) { ForwardCancel: true, AdoptWaitDelay: 5 * time.Nanosecond, Uid: 1 << 24, - Gid: 1 << 47, + Gid: 1 << 23, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -2301,7 +2302,7 @@ func TestInitEntrypoint(t *testing.T) { call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("16777216 1971 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("140737488355328 127 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("8388608 127 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -2328,14 +2329,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, nil), + call("close", stub.ExpectArgs{math.MaxInt}, nil, nil), call("capAmbientClearAll", stub.ExpectArgs{}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x0)}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x1)}, nil, nil), @@ -2364,7 +2365,7 @@ func TestInitEntrypoint(t *testing.T) { call("wait4", stub.ExpectArgs{-1, syscall.WaitStatus(0xfade01ce), 0, nil}, 0xbad, nil), // this terminates the goroutine at the call, preventing it from leaking while preserving behaviour - call("wait4", stub.ExpectArgs{-1, nil, 0, nil, 0xdeadbeef}, 0, syscall.ECHILD), + call("wait4", stub.ExpectArgs{-1, nil, 0, nil, stub.PanicExit}, 0, syscall.ECHILD), }}}, }, nil}, @@ -2382,7 +2383,7 @@ func TestInitEntrypoint(t *testing.T) { ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, Uid: 1 << 24, - Gid: 1 << 47, + Gid: 1 << 13, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -2394,7 +2395,7 @@ func TestInitEntrypoint(t *testing.T) { call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("16777216 1971 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("140737488355328 127 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("8192 127 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -2421,14 +2422,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, nil), + call("close", stub.ExpectArgs{math.MaxInt}, nil, nil), call("capAmbientClearAll", stub.ExpectArgs{}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x0)}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x1)}, nil, nil), @@ -2482,7 +2483,7 @@ func TestInitEntrypoint(t *testing.T) { ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, Uid: 1 << 24, - Gid: 1 << 47, + Gid: 1 << 23, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -2494,7 +2495,7 @@ func TestInitEntrypoint(t *testing.T) { call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("16777216 1971 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("140737488355328 127 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("8388608 127 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -2521,14 +2522,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, nil), + call("close", stub.ExpectArgs{math.MaxInt}, nil, nil), call("capAmbientClearAll", stub.ExpectArgs{}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x0)}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x1)}, nil, nil), @@ -2617,8 +2618,8 @@ func TestInitEntrypoint(t *testing.T) { Args: []string{"zsh", "-c", "exec vim"}, ForwardCancel: true, AdoptWaitDelay: 5 * time.Second, - Uid: 1 << 32, - Gid: 1 << 31, + Uid: 1 << 16, + Gid: 1 << 15, Hostname: "hakurei-check", Ops: new(Ops).Bind(check.MustAbs("/"), check.MustAbs("/"), std.BindDevice).Proc(check.MustAbs("/proc/")), SeccompRules: make([]std.NativeRule, 0), @@ -2629,9 +2630,9 @@ func TestInitEntrypoint(t *testing.T) { call("swapVerbose", stub.ExpectArgs{true}, false, nil), call("verbose", stub.ExpectArgs{[]any{"received setup parameters"}}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(1)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("4294967296 1000 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/uid_map", []byte("65536 1000 1\n"), os.FileMode(0)}, nil, nil), call("writeFile", stub.ExpectArgs{"/proc/self/setgroups", []byte("deny\n"), os.FileMode(0)}, nil, nil), - call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("2147483648 100 1\n"), os.FileMode(0)}, nil, nil), + call("writeFile", stub.ExpectArgs{"/proc/self/gid_map", []byte("32768 100 1\n"), os.FileMode(0)}, nil, nil), call("setDumpable", stub.ExpectArgs{uintptr(0)}, nil, nil), call("umask", stub.ExpectArgs{0}, 022, nil), call("sethostname", stub.ExpectArgs{[]byte("hakurei-check")}, nil, nil), @@ -2658,14 +2659,14 @@ func TestInitEntrypoint(t *testing.T) { /* end apply */ call("mount", stub.ExpectArgs{"host", "host", "", uintptr(0x4c000), ""}, nil, nil), call("unmount", stub.ExpectArgs{"host", 2}, nil, nil), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, syscall.EINTR), - call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, 1<<35, nil), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, syscall.EINTR), + call("open", stub.ExpectArgs{"/", syscall.O_DIRECTORY | syscall.O_RDONLY, uint32(0)}, math.MaxInt, nil), call("chdir", stub.ExpectArgs{"/sysroot"}, nil, nil), call("pivotRoot", stub.ExpectArgs{".", "."}, nil, nil), - call("fchdir", stub.ExpectArgs{1 << 35}, nil, nil), + call("fchdir", stub.ExpectArgs{math.MaxInt}, nil, nil), call("unmount", stub.ExpectArgs{".", 2}, nil, nil), call("chdir", stub.ExpectArgs{"/"}, nil, nil), - call("close", stub.ExpectArgs{1 << 35}, nil, nil), + call("close", stub.ExpectArgs{math.MaxInt}, nil, nil), call("capAmbientClearAll", stub.ExpectArgs{}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x0)}, nil, nil), call("capBoundingSetDrop", stub.ExpectArgs{uintptr(0x1)}, nil, nil), diff --git a/container/landlock.go b/container/landlock.go index 63d0381..7f0a821 100644 --- a/container/landlock.go +++ b/container/landlock.go @@ -14,7 +14,8 @@ const ( LANDLOCK_CREATE_RULESET_VERSION = 1 << iota ) -type LandlockAccessFS uintptr +// LandlockAccessFS is bitmask of handled filesystem actions. +type LandlockAccessFS uint64 const ( LANDLOCK_ACCESS_FS_EXECUTE LandlockAccessFS = 1 << iota @@ -105,7 +106,8 @@ func (f LandlockAccessFS) String() string { } } -type LandlockAccessNet uintptr +// LandlockAccessNet is bitmask of handled network actions. +type LandlockAccessNet uint64 const ( LANDLOCK_ACCESS_NET_BIND_TCP LandlockAccessNet = 1 << iota @@ -140,7 +142,8 @@ func (f LandlockAccessNet) String() string { } } -type LandlockScope uintptr +// LandlockScope is bitmask of scopes restricting a Landlock domain from accessing outside resources. +type LandlockScope uint64 const ( LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET LandlockScope = 1 << iota @@ -175,6 +178,7 @@ func (f LandlockScope) String() string { } } +// RulesetAttr is equivalent to struct landlock_ruleset_attr. type RulesetAttr struct { // Bitmask of handled filesystem actions. HandledAccessFS LandlockAccessFS diff --git a/container/mount_test.go b/container/mount_test.go index d08efa5..aca6467 100644 --- a/container/mount_test.go +++ b/container/mount_test.go @@ -91,24 +91,24 @@ func TestRemount(t *testing.T) { return newProcPaths(k, hostPath).remount(nil, "/sysroot/nix", syscall.MS_REC|syscall.MS_RDONLY|syscall.MS_NODEV) }, stub.Expect{Calls: []stub.Call{ call("evalSymlinks", stub.ExpectArgs{"/sysroot/nix"}, "/sysroot/nix", nil), - call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdeadbeef, stub.UniqueError(5)), + call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdead, stub.UniqueError(5)), }}, &os.PathError{Op: "open", Path: "/sysroot/nix", Err: stub.UniqueError(5)}}, {"readlink", func(k *kstub) error { return newProcPaths(k, hostPath).remount(nil, "/sysroot/nix", syscall.MS_REC|syscall.MS_RDONLY|syscall.MS_NODEV) }, stub.Expect{Calls: []stub.Call{ call("evalSymlinks", stub.ExpectArgs{"/sysroot/nix"}, "/sysroot/nix", nil), - call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdeadbeef, nil), - call("readlink", stub.ExpectArgs{"/host/proc/self/fd/3735928559"}, "/sysroot/nix", stub.UniqueError(4)), + call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdead, nil), + call("readlink", stub.ExpectArgs{"/host/proc/self/fd/57005"}, "/sysroot/nix", stub.UniqueError(4)), }}, stub.UniqueError(4)}, {"close", func(k *kstub) error { return newProcPaths(k, hostPath).remount(nil, "/sysroot/nix", syscall.MS_REC|syscall.MS_RDONLY|syscall.MS_NODEV) }, stub.Expect{Calls: []stub.Call{ call("evalSymlinks", stub.ExpectArgs{"/sysroot/nix"}, "/sysroot/nix", nil), - call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdeadbeef, nil), - call("readlink", stub.ExpectArgs{"/host/proc/self/fd/3735928559"}, "/sysroot/nix", nil), - call("close", stub.ExpectArgs{0xdeadbeef}, nil, stub.UniqueError(3)), + call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdead, nil), + call("readlink", stub.ExpectArgs{"/host/proc/self/fd/57005"}, "/sysroot/nix", nil), + call("close", stub.ExpectArgs{0xdead}, nil, stub.UniqueError(3)), }}, &os.PathError{Op: "close", Path: "/sysroot/nix", Err: stub.UniqueError(3)}}, {"mountinfo no match", func(k *kstub) error { @@ -116,9 +116,9 @@ func TestRemount(t *testing.T) { }, stub.Expect{Calls: []stub.Call{ call("evalSymlinks", stub.ExpectArgs{"/sysroot/nix"}, "/sysroot/.hakurei", nil), call("verbosef", stub.ExpectArgs{"target resolves to %q", []any{"/sysroot/.hakurei"}}, nil, nil), - call("open", stub.ExpectArgs{"/sysroot/.hakurei", 0x280000, uint32(0)}, 0xdeadbeef, nil), - call("readlink", stub.ExpectArgs{"/host/proc/self/fd/3735928559"}, "/sysroot/.hakurei", nil), - call("close", stub.ExpectArgs{0xdeadbeef}, nil, nil), + call("open", stub.ExpectArgs{"/sysroot/.hakurei", 0x280000, uint32(0)}, 0xdead, nil), + call("readlink", stub.ExpectArgs{"/host/proc/self/fd/57005"}, "/sysroot/.hakurei", nil), + call("close", stub.ExpectArgs{0xdead}, nil, nil), call("openNew", stub.ExpectArgs{"/host/proc/self/mountinfo"}, newConstFile(sampleMountinfoNix), nil), }}, &vfs.DecoderError{Op: "unfold", Line: -1, Err: vfs.UnfoldTargetError("/sysroot/.hakurei")}}, @@ -126,9 +126,9 @@ func TestRemount(t *testing.T) { return newProcPaths(k, hostPath).remount(nil, "/sysroot/nix", syscall.MS_REC|syscall.MS_RDONLY|syscall.MS_NODEV) }, stub.Expect{Calls: []stub.Call{ call("evalSymlinks", stub.ExpectArgs{"/sysroot/nix"}, "/sysroot/nix", nil), - call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdeadbeef, nil), - call("readlink", stub.ExpectArgs{"/host/proc/self/fd/3735928559"}, "/sysroot/nix", nil), - call("close", stub.ExpectArgs{0xdeadbeef}, nil, nil), + call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdead, nil), + call("readlink", stub.ExpectArgs{"/host/proc/self/fd/57005"}, "/sysroot/nix", nil), + call("close", stub.ExpectArgs{0xdead}, nil, nil), call("openNew", stub.ExpectArgs{"/host/proc/self/mountinfo"}, newConstFile("\x00"), nil), }}, &vfs.DecoderError{Op: "parse", Line: 0, Err: vfs.ErrMountInfoFields}}, @@ -136,9 +136,9 @@ func TestRemount(t *testing.T) { return newProcPaths(k, hostPath).remount(nil, "/sysroot/nix", syscall.MS_REC|syscall.MS_RDONLY|syscall.MS_NODEV) }, stub.Expect{Calls: []stub.Call{ call("evalSymlinks", stub.ExpectArgs{"/sysroot/nix"}, "/sysroot/nix", nil), - call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdeadbeef, nil), - call("readlink", stub.ExpectArgs{"/host/proc/self/fd/3735928559"}, "/sysroot/nix", nil), - call("close", stub.ExpectArgs{0xdeadbeef}, nil, nil), + call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdead, nil), + call("readlink", stub.ExpectArgs{"/host/proc/self/fd/57005"}, "/sysroot/nix", nil), + call("close", stub.ExpectArgs{0xdead}, nil, nil), call("openNew", stub.ExpectArgs{"/host/proc/self/mountinfo"}, newConstFile(sampleMountinfoNix), nil), call("mount", stub.ExpectArgs{"none", "/sysroot/nix", "", uintptr(0x209027), ""}, nil, stub.UniqueError(2)), }}, stub.UniqueError(2)}, @@ -147,9 +147,9 @@ func TestRemount(t *testing.T) { return newProcPaths(k, hostPath).remount(nil, "/sysroot/nix", syscall.MS_REC|syscall.MS_RDONLY|syscall.MS_NODEV) }, stub.Expect{Calls: []stub.Call{ call("evalSymlinks", stub.ExpectArgs{"/sysroot/nix"}, "/sysroot/nix", nil), - call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdeadbeef, nil), - call("readlink", stub.ExpectArgs{"/host/proc/self/fd/3735928559"}, "/sysroot/nix", nil), - call("close", stub.ExpectArgs{0xdeadbeef}, nil, nil), + call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdead, nil), + call("readlink", stub.ExpectArgs{"/host/proc/self/fd/57005"}, "/sysroot/nix", nil), + call("close", stub.ExpectArgs{0xdead}, nil, nil), call("openNew", stub.ExpectArgs{"/host/proc/self/mountinfo"}, newConstFile(sampleMountinfoNix), nil), call("mount", stub.ExpectArgs{"none", "/sysroot/nix", "", uintptr(0x209027), ""}, nil, nil), call("mount", stub.ExpectArgs{"none", "/sysroot/nix/.ro-store", "", uintptr(0x209027), ""}, nil, stub.UniqueError(1)), @@ -170,9 +170,9 @@ func TestRemount(t *testing.T) { return newProcPaths(k, hostPath).remount(nil, "/sysroot/nix", syscall.MS_REC|syscall.MS_RDONLY|syscall.MS_NODEV) }, stub.Expect{Calls: []stub.Call{ call("evalSymlinks", stub.ExpectArgs{"/sysroot/nix"}, "/sysroot/nix", nil), - call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdeadbeef, nil), - call("readlink", stub.ExpectArgs{"/host/proc/self/fd/3735928559"}, "/sysroot/nix", nil), - call("close", stub.ExpectArgs{0xdeadbeef}, nil, nil), + call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdead, nil), + call("readlink", stub.ExpectArgs{"/host/proc/self/fd/57005"}, "/sysroot/nix", nil), + call("close", stub.ExpectArgs{0xdead}, nil, nil), call("openNew", stub.ExpectArgs{"/host/proc/self/mountinfo"}, newConstFile(sampleMountinfoNix), nil), call("mount", stub.ExpectArgs{"none", "/sysroot/nix", "", uintptr(0x209027), ""}, nil, nil), call("mount", stub.ExpectArgs{"none", "/sysroot/nix/.ro-store", "", uintptr(0x209027), ""}, nil, syscall.EACCES), @@ -183,9 +183,9 @@ func TestRemount(t *testing.T) { return newProcPaths(k, hostPath).remount(nil, "/sysroot/nix", syscall.MS_RDONLY|syscall.MS_NODEV) }, stub.Expect{Calls: []stub.Call{ call("evalSymlinks", stub.ExpectArgs{"/sysroot/nix"}, "/sysroot/nix", nil), - call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdeadbeef, nil), - call("readlink", stub.ExpectArgs{"/host/proc/self/fd/3735928559"}, "/sysroot/nix", nil), - call("close", stub.ExpectArgs{0xdeadbeef}, nil, nil), + call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdead, nil), + call("readlink", stub.ExpectArgs{"/host/proc/self/fd/57005"}, "/sysroot/nix", nil), + call("close", stub.ExpectArgs{0xdead}, nil, nil), call("openNew", stub.ExpectArgs{"/host/proc/self/mountinfo"}, newConstFile(sampleMountinfoNix), nil), call("mount", stub.ExpectArgs{"none", "/sysroot/nix", "", uintptr(0x209027), ""}, nil, nil), }}, nil}, @@ -194,9 +194,9 @@ func TestRemount(t *testing.T) { return newProcPaths(k, hostPath).remount(nil, "/sysroot/nix", syscall.MS_REC|syscall.MS_RDONLY|syscall.MS_NODEV) }, stub.Expect{Calls: []stub.Call{ call("evalSymlinks", stub.ExpectArgs{"/sysroot/nix"}, "/sysroot/nix", nil), - call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdeadbeef, nil), - call("readlink", stub.ExpectArgs{"/host/proc/self/fd/3735928559"}, "/sysroot/nix", nil), - call("close", stub.ExpectArgs{0xdeadbeef}, nil, nil), + call("open", stub.ExpectArgs{"/sysroot/nix", 0x280000, uint32(0)}, 0xdead, nil), + call("readlink", stub.ExpectArgs{"/host/proc/self/fd/57005"}, "/sysroot/nix", nil), + call("close", stub.ExpectArgs{0xdead}, nil, nil), call("openNew", stub.ExpectArgs{"/host/proc/self/mountinfo"}, newConstFile(sampleMountinfoNix), nil), call("mount", stub.ExpectArgs{"none", "/sysroot/nix", "", uintptr(0x209027), ""}, nil, nil), call("mount", stub.ExpectArgs{"none", "/sysroot/nix/.ro-store", "", uintptr(0x209027), ""}, nil, nil), @@ -208,9 +208,9 @@ func TestRemount(t *testing.T) { }, stub.Expect{Calls: []stub.Call{ call("evalSymlinks", stub.ExpectArgs{"/sysroot/.nix"}, "/sysroot/NIX", nil), call("verbosef", stub.ExpectArgs{"target resolves to %q", []any{"/sysroot/NIX"}}, nil, nil), - call("open", stub.ExpectArgs{"/sysroot/NIX", 0x280000, uint32(0)}, 0xdeadbeef, nil), - call("readlink", stub.ExpectArgs{"/host/proc/self/fd/3735928559"}, "/sysroot/nix", nil), - call("close", stub.ExpectArgs{0xdeadbeef}, nil, nil), + call("open", stub.ExpectArgs{"/sysroot/NIX", 0x280000, uint32(0)}, 0xdead, nil), + call("readlink", stub.ExpectArgs{"/host/proc/self/fd/57005"}, "/sysroot/nix", nil), + call("close", stub.ExpectArgs{0xdead}, nil, nil), call("openNew", stub.ExpectArgs{"/host/proc/self/mountinfo"}, newConstFile(sampleMountinfoNix), nil), call("mount", stub.ExpectArgs{"none", "/sysroot/nix", "", uintptr(0x209027), ""}, nil, nil), call("mount", stub.ExpectArgs{"none", "/sysroot/nix/.ro-store", "", uintptr(0x209027), ""}, nil, nil), diff --git a/container/params_test.go b/container/params_test.go index f74abf1..11d0885 100644 --- a/container/params_test.go +++ b/container/params_test.go @@ -56,7 +56,7 @@ func TestSetupReceive(t *testing.T) { t.Run("setup receive", func(t *testing.T) { check := func(t *testing.T, useNilFdp bool) { const key = "TEST_SETUP_RECEIVE" - payload := []int{syscall.MS_MGC_VAL, syscall.MS_MGC_MSK, syscall.MS_ASYNC, syscall.MS_ACTIVE} + payload := []uint64{syscall.MS_MGC_VAL, syscall.MS_MGC_MSK, syscall.MS_ASYNC, syscall.MS_ACTIVE} encoderDone := make(chan error, 1) extraFiles := make([]*os.File, 0, 1) @@ -86,7 +86,7 @@ func TestSetupReceive(t *testing.T) { } var ( - gotPayload []int + gotPayload []uint64 fdp *uintptr ) if !useNilFdp { diff --git a/container/path_test.go b/container/path_test.go index 5af4c82..d175455 100644 --- a/container/path_test.go +++ b/container/path_test.go @@ -173,8 +173,8 @@ func TestProcPaths(t *testing.T) { } }) t.Run("fd", func(t *testing.T) { - want := "/host/proc/self/fd/9223372036854775807" - if got := hostProc.fd(math.MaxInt64); got != want { + want := "/host/proc/self/fd/2147483647" + if got := hostProc.fd(math.MaxInt32); got != want { t.Errorf("stdout: %q, want %q", got, want) } }) diff --git a/container/stub/errors.go b/container/stub/errors.go index 4d13a67..d97b625 100644 --- a/container/stub/errors.go +++ b/container/stub/errors.go @@ -13,7 +13,7 @@ var ( type UniqueError uintptr func (e UniqueError) Error() string { - return "unique error " + strconv.Itoa(int(e)) + " injected by the test suite" + return "unique error " + strconv.FormatUint(uint64(e), 10) + " injected by the test suite" } func (e UniqueError) Is(target error) bool { diff --git a/container/stub/exit.go b/container/stub/exit.go index 6470fe6..062ee2e 100644 --- a/container/stub/exit.go +++ b/container/stub/exit.go @@ -3,10 +3,10 @@ package stub import "testing" // PanicExit is a magic panic value treated as a simulated exit. -const PanicExit = 0xdeadbeef +const PanicExit = 0xdead const ( - panicFailNow = 0xcafe0000 + iota + panicFailNow = 0xcafe0 + iota panicFatal panicFatalf ) diff --git a/container/stub/exit_test.go b/container/stub/exit_test.go index 15ad31f..5d85075 100644 --- a/container/stub/exit_test.go +++ b/container/stub/exit_test.go @@ -53,7 +53,7 @@ func TestHandleExit(t *testing.T) { } }() defer stub.HandleExit(ot) - panic(0xcafe0000) + panic(0xcafe0) }) t.Run("Fail", func(t *testing.T) { @@ -66,7 +66,7 @@ func TestHandleExit(t *testing.T) { } }() defer handleExitNew(ot) - panic(0xcafe0000) + panic(0xcafe0) }) }) @@ -82,14 +82,14 @@ func TestHandleExit(t *testing.T) { t.Parallel() defer func() { - want := 0xcafebabe + want := 0xcafe if r := recover(); r != want { t.Errorf("recover: %v, want %v", r, want) } }() defer stub.HandleExit(t) - panic(0xcafebabe) + panic(0xcafe) }) t.Run("new", func(t *testing.T) { diff --git a/container/vfs/mountinfo_test.go b/container/vfs/mountinfo_test.go index ecca370..65d062e 100644 --- a/container/vfs/mountinfo_test.go +++ b/container/vfs/mountinfo_test.go @@ -26,11 +26,11 @@ func TestDecoderError(t *testing.T) { target error targetF error }{ - {"errno", &vfs.DecoderError{Op: "parse", Line: 0xdeadbeef, Err: syscall.ENOTRECOVERABLE}, - "parse mountinfo at line 3735928559: state not recoverable", syscall.ENOTRECOVERABLE, syscall.EROFS}, + {"errno", &vfs.DecoderError{Op: "parse", Line: 0xdead, Err: syscall.ENOTRECOVERABLE}, + "parse mountinfo at line 57005: state not recoverable", syscall.ENOTRECOVERABLE, syscall.EROFS}, - {"strconv", &vfs.DecoderError{Op: "parse", Line: 0xdeadbeef, Err: &strconv.NumError{Func: "Atoi", Num: "meow", Err: strconv.ErrSyntax}}, - `parse mountinfo at line 3735928559: numeric field "meow" invalid syntax`, strconv.ErrSyntax, os.ErrInvalid}, + {"strconv", &vfs.DecoderError{Op: "parse", Line: 0xdead, Err: &strconv.NumError{Func: "Atoi", Num: "meow", Err: strconv.ErrSyntax}}, + `parse mountinfo at line 57005: numeric field "meow" invalid syntax`, strconv.ErrSyntax, os.ErrInvalid}, {"unfold", &vfs.DecoderError{Op: "unfold", Line: -1, Err: vfs.UnfoldTargetError("/proc/nonexistent")}, "unfold mountinfo: mount point /proc/nonexistent never appeared in mountinfo", vfs.UnfoldTargetError("/proc/nonexistent"), os.ErrNotExist}, diff --git a/hst/enablement_test.go b/hst/enablement_test.go index ac8810f..75d8d94 100644 --- a/hst/enablement_test.go +++ b/hst/enablement_test.go @@ -80,7 +80,7 @@ func TestEnablements(t *testing.T) { if got, err := json.Marshal(struct { Value *hst.Enablements `json:"value"` - Magic int `json:"magic"` + Magic uint64 `json:"magic"` }{tc.e, syscall.MS_MGC_VAL}); err != nil { t.Fatalf("Marshal: error = %v", err) } else if string(got) != tc.sData { @@ -108,7 +108,7 @@ func TestEnablements(t *testing.T) { { got := *(new(struct { Value *hst.Enablements `json:"value"` - Magic int `json:"magic"` + Magic uint64 `json:"magic"` })) if err := json.Unmarshal([]byte(tc.sData), &got); err != nil { t.Fatalf("Unmarshal: error = %v", err) diff --git a/hst/fs_test.go b/hst/fs_test.go index 10e075b..4b07909 100644 --- a/hst/fs_test.go +++ b/hst/fs_test.go @@ -241,7 +241,7 @@ func (s stubFS) String() string { return "" type sCheck struct { FS hst.FilesystemConfigJSON `json:"fs"` - Magic int `json:"magic"` + Magic uint64 `json:"magic"` } type fsTestCase struct { diff --git a/internal/env/env_test.go b/internal/env/env_test.go index 77ece8d..b3fc398 100644 --- a/internal/env/env_test.go +++ b/internal/env/env_test.go @@ -34,9 +34,9 @@ func TestPaths(t *testing.T) { TempDir: fhs.AbsTmp, }, hst.Paths{ TempDir: fhs.AbsTmp, - SharePath: fhs.AbsTmp.Append("hakurei.3735928559"), - RuntimePath: fhs.AbsTmp.Append("hakurei.3735928559/compat"), - RunDirPath: fhs.AbsTmp.Append("hakurei.3735928559/compat/hakurei"), + SharePath: fhs.AbsTmp.Append("hakurei.57005"), + RuntimePath: fhs.AbsTmp.Append("hakurei.57005/compat"), + RunDirPath: fhs.AbsTmp.Append("hakurei.57005/compat/hakurei"), }, ""}, {"full", &env.Paths{ @@ -44,7 +44,7 @@ func TestPaths(t *testing.T) { RuntimePath: fhs.AbsRunUser.Append("1000"), }, hst.Paths{ TempDir: fhs.AbsTmp, - SharePath: fhs.AbsTmp.Append("hakurei.3735928559"), + SharePath: fhs.AbsTmp.Append("hakurei.57005"), RuntimePath: fhs.AbsRunUser.Append("1000"), RunDirPath: fhs.AbsRunUser.Append("1000/hakurei"), }, ""}, @@ -61,7 +61,7 @@ func TestPaths(t *testing.T) { } var sc hst.Paths - tc.env.Copy(&sc, 0xdeadbeef) + tc.env.Copy(&sc, 0xdead) if !reflect.DeepEqual(&sc, &tc.want) { t.Errorf("Copy: %#v, want %#v", sc, tc.want) } diff --git a/internal/outcome/dispatcher_test.go b/internal/outcome/dispatcher_test.go index 41a2a31..09754b9 100644 --- a/internal/outcome/dispatcher_test.go +++ b/internal/outcome/dispatcher_test.go @@ -36,7 +36,7 @@ func call(name string, args stub.ExpectArgs, ret any, err error) stub.Call { const ( // checkExpectUid is the uid value used by checkOpBehaviour to initialise [system.I]. - checkExpectUid = 0xcafebabe + checkExpectUid = 0xcafe // wantAutoEtcPrefix is the autoetc prefix corresponding to checkExpectInstanceId. wantAutoEtcPrefix = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" // wantInstancePrefix is the SharePath corresponding to checkExpectInstanceId. diff --git a/internal/outcome/hsu.go b/internal/outcome/hsu.go index 3047a2e..c1be676 100644 --- a/internal/outcome/hsu.go +++ b/internal/outcome/hsu.go @@ -86,12 +86,12 @@ func (h *Hsu) MustID(msg message.Msg) int { msg.Verbose("*"+fallback, err) } os.Exit(1) - return -0xdeadbeef // not reached + return -0xbad // not reached } else if m, ok := message.GetMessage(err); ok { log.Fatal(m) - return -0xdeadbeef // not reached + return -0xbad // not reached } else { log.Fatalln(fallback, err) - return -0xdeadbeef // not reached + return -0xbad // not reached } } diff --git a/internal/outcome/main_test.go b/internal/outcome/main_test.go index 861478d..e5b9af1 100644 --- a/internal/outcome/main_test.go +++ b/internal/outcome/main_test.go @@ -701,7 +701,7 @@ type stubNixOS struct { } func (k *stubNixOS) getppid() int { return 0xbad } -func (k *stubNixOS) getpid() int { return 0xdeadbeef } +func (k *stubNixOS) getpid() int { return 0xdead } func (k *stubNixOS) getuid() int { return 1971 } func (k *stubNixOS) getgid() int { return 100 } diff --git a/internal/store/data_test.go b/internal/store/data_test.go index 79faeba..62fd3c9 100644 --- a/internal/store/data_test.go +++ b/internal/store/data_test.go @@ -127,8 +127,8 @@ func TestEntryData(t *testing.T) { func newTemplateState() *hst.State { return &hst.State{ ID: hst.ID(bytes.Repeat([]byte{0xaa}, len(hst.ID{}))), - PID: 0xcafebabe, - ShimPID: 0xdeadbeef, + PID: 0xcafe, + ShimPID: 0xdead, Config: hst.Template(), Time: time.Unix(0, 0), } diff --git a/message/message_test.go b/message/message_test.go index c455b7e..6b07713 100644 --- a/message/message_test.go +++ b/message/message_test.go @@ -63,7 +63,7 @@ func TestDefaultMsg(t *testing.T) { }) t.Run("takeover", func(t *testing.T) { - l := log.New(io.Discard, "\x00", 0xdeadbeef) + l := log.New(io.Discard, "\x00", 0xbeef) got := message.New(l) if logger := got.GetLogger(); logger != l { diff --git a/system/acl/libacl-helper_test.go b/system/acl/libacl-helper_test.go index 78e5776..13d23a3 100644 --- a/system/acl/libacl-helper_test.go +++ b/system/acl/libacl-helper_test.go @@ -46,7 +46,7 @@ func TestNewAclPathError(t *testing.T) { {"acl", container.Nonexistent, -13, syscall.ENOTRECOVERABLE, &os.PathError{Op: "setfacl", Path: container.Nonexistent, Err: syscall.ENOTRECOVERABLE}}, - {"invalid", container.Nonexistent, -0xdeadbeef, nil, + {"invalid", container.Nonexistent, -0xdead, nil, &os.PathError{Op: "setfacl", Path: container.Nonexistent}}, } for _, tc := range testCases { diff --git a/system/acl_test.go b/system/acl_test.go index a7465f2..2202d95 100644 --- a/system/acl_test.go +++ b/system/acl_test.go @@ -14,52 +14,52 @@ func TestACLUpdateOp(t *testing.T) { t.Parallel() checkOpBehaviour(t, []opBehaviourTestCase{ - {"apply aclUpdate", 0xdeadbeef, 0xff, + {"apply aclUpdate", 0xbeef, 0xff, &aclUpdateOp{Process, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"applying ACL", &aclUpdateOp{Process, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}}}, nil, nil), - call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xdeadbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, stub.UniqueError(1)), + call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, stub.UniqueError(1)), }, &OpError{Op: "acl", Err: stub.UniqueError(1)}, nil, nil}, - {"revert aclUpdate", 0xdeadbeef, 0xff, + {"revert aclUpdate", 0xbeef, 0xff, &aclUpdateOp{Process, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"applying ACL", &aclUpdateOp{Process, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}}}, nil, nil), - call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xdeadbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), + call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), }, nil, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"stripping ACL", &aclUpdateOp{Process, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}}}, nil, nil), - call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xdeadbeef, ([]acl.Perm)(nil)}, nil, stub.UniqueError(0)), + call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xbeef, ([]acl.Perm)(nil)}, nil, stub.UniqueError(0)), }, &OpError{Op: "acl", Err: stub.UniqueError(0), Revert: true}}, - {"success revert skip", 0xdeadbeef, Process, + {"success revert skip", 0xbeef, Process, &aclUpdateOp{User, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"applying ACL", &aclUpdateOp{User, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}}}, nil, nil), - call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xdeadbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), + call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), }, nil, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"skipping ACL", &aclUpdateOp{User, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}}}, nil, nil), }, nil}, - {"success revert aclUpdate ENOENT", 0xdeadbeef, 0xff, + {"success revert aclUpdate ENOENT", 0xbeef, 0xff, &aclUpdateOp{Process, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"applying ACL", &aclUpdateOp{Process, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}}}, nil, nil), - call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xdeadbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), + call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), }, nil, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"stripping ACL", &aclUpdateOp{Process, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}}}, nil, nil), - call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xdeadbeef, ([]acl.Perm)(nil)}, nil, &os.PathError{Op: "acl_get_file", Path: "/proc/nonexistent", Err: syscall.ENOENT}), + call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xbeef, ([]acl.Perm)(nil)}, nil, &os.PathError{Op: "acl_get_file", Path: "/proc/nonexistent", Err: syscall.ENOENT}), call("verbosef", stub.ExpectArgs{"target of ACL %s no longer exists", []any{&aclUpdateOp{Process, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}}}, nil, nil), }, nil}, - {"success", 0xdeadbeef, 0xff, + {"success", 0xbeef, 0xff, &aclUpdateOp{Process, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"applying ACL", &aclUpdateOp{Process, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}}}, nil, nil), - call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xdeadbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), + call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), }, nil, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"stripping ACL", &aclUpdateOp{Process, "/proc/nonexistent", []acl.Perm{acl.Read, acl.Write, acl.Execute}}}}, nil, nil), - call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xdeadbeef, ([]acl.Perm)(nil)}, nil, nil), + call("aclUpdate", stub.ExpectArgs{"/proc/nonexistent", 0xbeef, ([]acl.Perm)(nil)}, nil, nil), }, nil}, }) checkOpsBuilder(t, "UpdatePermType", []opsBuilderTestCase{ {"simple", - 0xdeadbeef, + 0xbeef, func(_ *testing.T, sys *I) { sys. UpdatePerm(m("/run/user/1971/hakurei"), acl.Execute). @@ -69,25 +69,25 @@ func TestACLUpdateOp(t *testing.T) { &aclUpdateOp{Process, "/tmp/hakurei.0/tmpdir/150", []acl.Perm{acl.Read, acl.Write, acl.Execute}}, }, stub.Expect{}}, - {"tmpdirp", 0xdeadbeef, func(_ *testing.T, sys *I) { + {"tmpdirp", 0xbeef, func(_ *testing.T, sys *I) { sys.UpdatePermType(User, m("/tmp/hakurei.0/tmpdir"), acl.Execute) }, []Op{ &aclUpdateOp{User, "/tmp/hakurei.0/tmpdir", []acl.Perm{acl.Execute}}, }, stub.Expect{}}, - {"tmpdir", 0xdeadbeef, func(_ *testing.T, sys *I) { + {"tmpdir", 0xbeef, func(_ *testing.T, sys *I) { sys.UpdatePermType(User, m("/tmp/hakurei.0/tmpdir/150"), acl.Read, acl.Write, acl.Execute) }, []Op{ &aclUpdateOp{User, "/tmp/hakurei.0/tmpdir/150", []acl.Perm{acl.Read, acl.Write, acl.Execute}}, }, stub.Expect{}}, - {"share", 0xdeadbeef, func(_ *testing.T, sys *I) { + {"share", 0xbeef, func(_ *testing.T, sys *I) { sys.UpdatePermType(Process, m("/run/user/1971/hakurei/fcb8a12f7c482d183ade8288c3de78b5"), acl.Execute) }, []Op{ &aclUpdateOp{Process, "/run/user/1971/hakurei/fcb8a12f7c482d183ade8288c3de78b5", []acl.Perm{acl.Execute}}, }, stub.Expect{}}, - {"passwd", 0xdeadbeef, func(_ *testing.T, sys *I) { + {"passwd", 0xbeef, func(_ *testing.T, sys *I) { sys. UpdatePermType(Process, m("/tmp/hakurei.0/fcb8a12f7c482d183ade8288c3de78b5/passwd"), acl.Read). UpdatePermType(Process, m("/tmp/hakurei.0/fcb8a12f7c482d183ade8288c3de78b5/group"), acl.Read) @@ -96,7 +96,7 @@ func TestACLUpdateOp(t *testing.T) { &aclUpdateOp{Process, "/tmp/hakurei.0/fcb8a12f7c482d183ade8288c3de78b5/group", []acl.Perm{acl.Read}}, }, stub.Expect{}}, - {"wayland", 0xdeadbeef, func(_ *testing.T, sys *I) { + {"wayland", 0xbeef, func(_ *testing.T, sys *I) { sys.UpdatePermType(hst.EWayland, m("/run/user/1971/wayland-0"), acl.Read, acl.Write, acl.Execute) }, []Op{ &aclUpdateOp{hst.EWayland, "/run/user/1971/wayland-0", []acl.Perm{acl.Read, acl.Write, acl.Execute}}, diff --git a/system/dbus_test.go b/system/dbus_test.go index 5fd9f27..0db0780 100644 --- a/system/dbus_test.go +++ b/system/dbus_test.go @@ -19,7 +19,7 @@ func TestDBusProxyOp(t *testing.T) { t.Parallel() checkOpBehaviour(t, []opBehaviourTestCase{ - {"dbusProxyStart", 0xdeadbeef, 0xff, &dbusProxyOp{ + {"dbusProxyStart", 0xdead, 0xff, &dbusProxyOp{ final: dbusNewFinalSample(4), out: new(linePrefixWriter), // panics on write system: true, @@ -32,7 +32,7 @@ func TestDBusProxyOp(t *testing.T) { Msg: "cannot start message bus proxy: unique error 2 injected by the test suite", }, nil, nil}, - {"dbusProxyWait", 0xdeadbeef, 0xff, &dbusProxyOp{ + {"dbusProxyWait", 0xdead, 0xff, &dbusProxyOp{ final: dbusNewFinalSample(3), }, []stub.Call{ call("verbosef", stub.ExpectArgs{"session bus proxy on %q for upstream %q", []any{"/tmp/hakurei.0/99dd71ee2146369514e0d10783368f8f/bus", "unix:path=/run/user/1000/bus"}}, nil, nil), @@ -48,7 +48,7 @@ func TestDBusProxyOp(t *testing.T) { Msg: "message bus proxy error: unique error 1 injected by the test suite", }}, - {"success dbusProxyWait cancel", 0xdeadbeef, 0xff, &dbusProxyOp{ + {"success dbusProxyWait cancel", 0xdead, 0xff, &dbusProxyOp{ final: dbusNewFinalSample(2), system: true, }, []stub.Call{ @@ -63,7 +63,7 @@ func TestDBusProxyOp(t *testing.T) { call("verbose", stub.ExpectArgs{[]any{"message bus proxy canceled upstream"}}, nil, nil), }, nil}, - {"success", 0xdeadbeef, 0xff, &dbusProxyOp{ + {"success", 0xdead, 0xff, &dbusProxyOp{ final: dbusNewFinalSample(1), system: true, }, []stub.Call{ @@ -80,7 +80,7 @@ func TestDBusProxyOp(t *testing.T) { }) checkOpsBuilder(t, "ProxyDBus", []opsBuilderTestCase{ - {"nil session", 0xcafebabe, func(t *testing.T, sys *I) { + {"nil session", 0xcafe, func(t *testing.T, sys *I) { wantErr := &OpError{ Op: "dbus", Err: ErrDBusConfig, Msg: "attempted to create message bus proxy args without session bus config", @@ -90,7 +90,7 @@ func TestDBusProxyOp(t *testing.T) { } }, nil, stub.Expect{}}, - {"dbusFinalise NUL", 0xcafebabe, func(_ *testing.T, sys *I) { + {"dbusFinalise NUL", 0xcafe, func(_ *testing.T, sys *I) { defer func() { want := "message bus proxy configuration contains NUL byte" if r := recover(); r != want { @@ -121,7 +121,7 @@ func TestDBusProxyOp(t *testing.T) { }, (*dbus.Final)(nil), syscall.EINVAL), }}}, - {"dbusFinalise", 0xcafebabe, func(_ *testing.T, sys *I) { + {"dbusFinalise", 0xcafe, func(_ *testing.T, sys *I) { wantErr := &OpError{ Op: "dbus", Err: stub.UniqueError(0), Msg: "cannot finalise message bus proxy: unique error 0 injected by the test suite", @@ -151,7 +151,7 @@ func TestDBusProxyOp(t *testing.T) { }, (*dbus.Final)(nil), stub.UniqueError(0)), }}}, - {"full", 0xcafebabe, func(_ *testing.T, sys *I) { + {"full", 0xcafe, func(_ *testing.T, sys *I) { sys.MustProxyDBus( &hst.BusConfig{ // use impossible value here as an implicit assert that it goes through the stub diff --git a/system/link_test.go b/system/link_test.go index 065f9fe..d719931 100644 --- a/system/link_test.go +++ b/system/link_test.go @@ -11,12 +11,12 @@ func TestHardlinkOp(t *testing.T) { t.Parallel() checkOpBehaviour(t, []opBehaviourTestCase{ - {"link", 0xdeadbeef, 0xff, &hardlinkOp{hst.EPulse, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}, []stub.Call{ + {"link", 0xbeef, 0xff, &hardlinkOp{hst.EPulse, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"linking", &hardlinkOp{hst.EPulse, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}}}, nil, nil), call("link", stub.ExpectArgs{"/run/user/1000/pulse/native", "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse"}, nil, stub.UniqueError(1)), }, &OpError{Op: "hardlink", Err: stub.UniqueError(1)}, nil, nil}, - {"remove", 0xdeadbeef, 0xff, &hardlinkOp{hst.EPulse, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}, []stub.Call{ + {"remove", 0xbeef, 0xff, &hardlinkOp{hst.EPulse, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"linking", &hardlinkOp{hst.EPulse, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}}}, nil, nil), call("link", stub.ExpectArgs{"/run/user/1000/pulse/native", "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse"}, nil, nil), }, nil, []stub.Call{ @@ -24,14 +24,14 @@ func TestHardlinkOp(t *testing.T) { call("remove", stub.ExpectArgs{"/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse"}, nil, stub.UniqueError(0)), }, &OpError{Op: "hardlink", Err: stub.UniqueError(0), Revert: true}}, - {"success skip", 0xdeadbeef, hst.EWayland | hst.EX11, &hardlinkOp{hst.EPulse, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}, []stub.Call{ + {"success skip", 0xbeef, hst.EWayland | hst.EX11, &hardlinkOp{hst.EPulse, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"linking", &hardlinkOp{hst.EPulse, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}}}, nil, nil), call("link", stub.ExpectArgs{"/run/user/1000/pulse/native", "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse"}, nil, nil), }, nil, []stub.Call{ call("verbosef", stub.ExpectArgs{"skipping hard link %q", []any{"/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse"}}, nil, nil), }, nil}, - {"success", 0xdeadbeef, 0xff, &hardlinkOp{hst.EPulse, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}, []stub.Call{ + {"success", 0xbeef, 0xff, &hardlinkOp{hst.EPulse, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"linking", &hardlinkOp{hst.EPulse, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}}}, nil, nil), call("link", stub.ExpectArgs{"/run/user/1000/pulse/native", "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse"}, nil, nil), }, nil, []stub.Call{ @@ -41,13 +41,13 @@ func TestHardlinkOp(t *testing.T) { }) checkOpsBuilder(t, "LinkFileType", []opsBuilderTestCase{ - {"type", 0xcafebabe, func(_ *testing.T, sys *I) { + {"type", 0xcafe, func(_ *testing.T, sys *I) { sys.LinkFileType(User, m("/run/user/1000/pulse/native"), m("/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse")) }, []Op{ &hardlinkOp{User, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}, }, stub.Expect{}}, - {"link", 0xcafebabe, func(_ *testing.T, sys *I) { + {"link", 0xcafe, func(_ *testing.T, sys *I) { sys.Link(m("/run/user/1000/pulse/native"), m("/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse")) }, []Op{ &hardlinkOp{Process, "/run/user/1000/hakurei/9663730666a44cfc2a81610379e02ed6/pulse", "/run/user/1000/pulse/native"}, diff --git a/system/mkdir_test.go b/system/mkdir_test.go index e2f8c11..e8ffde2 100644 --- a/system/mkdir_test.go +++ b/system/mkdir_test.go @@ -11,18 +11,18 @@ func TestMkdirOp(t *testing.T) { t.Parallel() checkOpBehaviour(t, []opBehaviourTestCase{ - {"mkdir", 0xdeadbeef, 0xff, &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, false}, []stub.Call{ + {"mkdir", 0xbeef, 0xff, &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, false}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"ensuring directory", &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, false}}}, nil, nil), call("mkdir", stub.ExpectArgs{"/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", os.FileMode(0711)}, nil, stub.UniqueError(2)), }, &OpError{Op: "mkdir", Err: stub.UniqueError(2)}, nil, nil}, - {"chmod", 0xdeadbeef, 0xff, &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, false}, []stub.Call{ + {"chmod", 0xbeef, 0xff, &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, false}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"ensuring directory", &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, false}}}, nil, nil), call("mkdir", stub.ExpectArgs{"/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", os.FileMode(0711)}, nil, os.ErrExist), call("chmod", stub.ExpectArgs{"/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", os.FileMode(0711)}, nil, stub.UniqueError(1)), }, &OpError{Op: "mkdir", Err: stub.UniqueError(1)}, nil, nil}, - {"remove", 0xdeadbeef, 0xff, &mkdirOp{Process, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, true}, []stub.Call{ + {"remove", 0xbeef, 0xff, &mkdirOp{Process, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, true}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"ensuring directory", &mkdirOp{Process, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, true}}}, nil, nil), call("mkdir", stub.ExpectArgs{"/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", os.FileMode(0711)}, nil, nil), }, nil, []stub.Call{ @@ -30,25 +30,25 @@ func TestMkdirOp(t *testing.T) { call("remove", stub.ExpectArgs{"/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9"}, nil, stub.UniqueError(0)), }, &OpError{Op: "mkdir", Err: stub.UniqueError(0), Revert: true}}, - {"success exist chmod", 0xdeadbeef, 0xff, &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, false}, []stub.Call{ + {"success exist chmod", 0xbeef, 0xff, &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, false}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"ensuring directory", &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, false}}}, nil, nil), call("mkdir", stub.ExpectArgs{"/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", os.FileMode(0711)}, nil, os.ErrExist), call("chmod", stub.ExpectArgs{"/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", os.FileMode(0711)}, nil, nil), }, nil, nil, nil}, - {"success ensure", 0xdeadbeef, 0xff, &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, false}, []stub.Call{ + {"success ensure", 0xbeef, 0xff, &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, false}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"ensuring directory", &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, false}}}, nil, nil), call("mkdir", stub.ExpectArgs{"/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", os.FileMode(0711)}, nil, nil), }, nil, nil, nil}, - {"success skip", 0xdeadbeef, 0xff, &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, true}, []stub.Call{ + {"success skip", 0xbeef, 0xff, &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, true}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"ensuring directory", &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, true}}}, nil, nil), call("mkdir", stub.ExpectArgs{"/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", os.FileMode(0711)}, nil, nil), }, nil, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"skipping ephemeral directory", &mkdirOp{User, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, true}}}, nil, nil), }, nil}, - {"success", 0xdeadbeef, 0xff, &mkdirOp{Process, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, true}, []stub.Call{ + {"success", 0xbeef, 0xff, &mkdirOp{Process, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, true}, []stub.Call{ call("verbose", stub.ExpectArgs{[]any{"ensuring directory", &mkdirOp{Process, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, true}}}, nil, nil), call("mkdir", stub.ExpectArgs{"/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", os.FileMode(0711)}, nil, nil), }, nil, []stub.Call{ @@ -58,13 +58,13 @@ func TestMkdirOp(t *testing.T) { }) checkOpsBuilder(t, "EnsureEphemeral", []opsBuilderTestCase{ - {"ensure", 0xcafebabe, func(_ *testing.T, sys *I) { + {"ensure", 0xcafe, func(_ *testing.T, sys *I) { sys.Ensure(m("/tmp/hakurei.0"), 0700) }, []Op{ &mkdirOp{User, "/tmp/hakurei.0", 0700, false}, }, stub.Expect{}}, - {"ephemeral", 0xcafebabe, func(_ *testing.T, sys *I) { + {"ephemeral", 0xcafe, func(_ *testing.T, sys *I) { sys.Ephemeral(Process, m("/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9"), 0711) }, []Op{ &mkdirOp{Process, "/tmp/hakurei.0/f2f3bcd492d0266438fa9bf164fe90d9", 0711, true}, diff --git a/system/system_test.go b/system/system_test.go index 2798787..83df9de 100644 --- a/system/system_test.go +++ b/system/system_test.go @@ -106,11 +106,11 @@ func TestNew(t *testing.T) { }) }) - sys := New(t.Context(), message.New(nil), 0xdeadbeef) + sys := New(t.Context(), message.New(nil), 0xbeef) if sys.ctx == nil { t.Error("New: ctx = nil") } - if got := sys.UID(); got != 0xdeadbeef { + if got := sys.UID(); got != 0xbeef { t.Errorf("UID: %d", got) } } diff --git a/system/wayland_test.go b/system/wayland_test.go index 367b1e5..6805b0c 100644 --- a/system/wayland_test.go +++ b/system/wayland_test.go @@ -89,7 +89,7 @@ func TestWaylandOp(t *testing.T) { t.Parallel() checkOpBehaviour(t, []opBehaviourTestCase{ - {"attach", 0xdeadbeef, 0xff, &waylandOp{nil, + {"attach", 0xbeef, 0xff, &waylandOp{nil, "/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", "/run/user/1971/wayland-0", "org.chromium.Chromium", @@ -100,7 +100,7 @@ func TestWaylandOp(t *testing.T) { attachErr: stub.UniqueError(5)}, }, nil, &OpError{Op: "wayland", Err: stub.UniqueError(5)}, nil, nil}, - {"bind", 0xdeadbeef, 0xff, &waylandOp{nil, + {"bind", 0xbeef, 0xff, &waylandOp{nil, "/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", "/run/user/1971/wayland-0", "org.chromium.Chromium", @@ -113,7 +113,7 @@ func TestWaylandOp(t *testing.T) { call("verbosef", stub.ExpectArgs{"wayland attached on %q", []any{"/run/user/1971/wayland-0"}}, nil, nil), }, &OpError{Op: "wayland", Err: stub.UniqueError(4)}, nil, nil}, - {"chmod", 0xdeadbeef, 0xff, &waylandOp{nil, + {"chmod", 0xbeef, 0xff, &waylandOp{nil, "/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", "/run/user/1971/wayland-0", "org.chromium.Chromium", @@ -127,7 +127,7 @@ func TestWaylandOp(t *testing.T) { call("chmod", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", os.FileMode(0)}, nil, stub.UniqueError(3)), }, &OpError{Op: "wayland", Err: stub.UniqueError(3)}, nil, nil}, - {"aclUpdate", 0xdeadbeef, 0xff, &waylandOp{nil, + {"aclUpdate", 0xbeef, 0xff, &waylandOp{nil, "/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", "/run/user/1971/wayland-0", "org.chromium.Chromium", @@ -139,10 +139,10 @@ func TestWaylandOp(t *testing.T) { call("verbosef", stub.ExpectArgs{"wayland attached on %q", []any{"/run/user/1971/wayland-0"}}, nil, nil), call("verbosef", stub.ExpectArgs{"wayland listening on %q", []any{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland"}}, nil, nil), call("chmod", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", os.FileMode(0)}, nil, nil), - call("aclUpdate", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", 0xdeadbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, stub.UniqueError(2)), + call("aclUpdate", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", 0xbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, stub.UniqueError(2)), }, &OpError{Op: "wayland", Err: stub.UniqueError(2)}, nil, nil}, - {"remove", 0xdeadbeef, 0xff, &waylandOp{nil, + {"remove", 0xbeef, 0xff, &waylandOp{nil, "/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", "/run/user/1971/wayland-0", "org.chromium.Chromium", @@ -154,14 +154,14 @@ func TestWaylandOp(t *testing.T) { call("verbosef", stub.ExpectArgs{"wayland attached on %q", []any{"/run/user/1971/wayland-0"}}, nil, nil), call("verbosef", stub.ExpectArgs{"wayland listening on %q", []any{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland"}}, nil, nil), call("chmod", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", os.FileMode(0)}, nil, nil), - call("aclUpdate", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", 0xdeadbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), + call("aclUpdate", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", 0xbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), }, nil, []stub.Call{ call("verbosef", stub.ExpectArgs{"detaching from wayland on %q", []any{"/run/user/1971/wayland-0"}}, nil, nil), call("verbosef", stub.ExpectArgs{"removing wayland socket on %q", []any{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland"}}, nil, nil), call("remove", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland"}, nil, stub.UniqueError(1)), }, &OpError{Op: "wayland", Err: errors.Join(stub.UniqueError(1)), Revert: true}}, - {"close", 0xdeadbeef, 0xff, &waylandOp{nil, + {"close", 0xbeef, 0xff, &waylandOp{nil, "/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", "/run/user/1971/wayland-0", "org.chromium.Chromium", @@ -174,14 +174,14 @@ func TestWaylandOp(t *testing.T) { call("verbosef", stub.ExpectArgs{"wayland attached on %q", []any{"/run/user/1971/wayland-0"}}, nil, nil), call("verbosef", stub.ExpectArgs{"wayland listening on %q", []any{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland"}}, nil, nil), call("chmod", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", os.FileMode(0)}, nil, nil), - call("aclUpdate", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", 0xdeadbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), + call("aclUpdate", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", 0xbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), }, nil, []stub.Call{ call("verbosef", stub.ExpectArgs{"detaching from wayland on %q", []any{"/run/user/1971/wayland-0"}}, nil, nil), call("verbosef", stub.ExpectArgs{"removing wayland socket on %q", []any{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland"}}, nil, nil), call("remove", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland"}, nil, nil), }, &OpError{Op: "wayland", Err: errors.Join(stub.UniqueError(0)), Revert: true}}, - {"success", 0xdeadbeef, 0xff, &waylandOp{nil, + {"success", 0xbeef, 0xff, &waylandOp{nil, "/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", "/run/user/1971/wayland-0", "org.chromium.Chromium", @@ -193,7 +193,7 @@ func TestWaylandOp(t *testing.T) { call("verbosef", stub.ExpectArgs{"wayland attached on %q", []any{"/run/user/1971/wayland-0"}}, nil, nil), call("verbosef", stub.ExpectArgs{"wayland listening on %q", []any{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland"}}, nil, nil), call("chmod", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", os.FileMode(0)}, nil, nil), - call("aclUpdate", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", 0xdeadbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), + call("aclUpdate", stub.ExpectArgs{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland", 0xbeef, []acl.Perm{acl.Read, acl.Write, acl.Execute}}, nil, nil), }, nil, []stub.Call{ call("verbosef", stub.ExpectArgs{"detaching from wayland on %q", []any{"/run/user/1971/wayland-0"}}, nil, nil), call("verbosef", stub.ExpectArgs{"removing wayland socket on %q", []any{"/tmp/hakurei.1971/ebf083d1b175911782d413369b64ce7c/wayland"}}, nil, nil), diff --git a/system/xhost_test.go b/system/xhost_test.go index bcff3a5..759f753 100644 --- a/system/xhost_test.go +++ b/system/xhost_test.go @@ -42,7 +42,7 @@ func TestXHostOp(t *testing.T) { }) checkOpsBuilder(t, "ChangeHosts", []opsBuilderTestCase{ - {"xhost", 0xcafebabe, func(_ *testing.T, sys *I) { + {"xhost", 0xcafe, func(_ *testing.T, sys *I) { sys.ChangeHosts("chronos") }, []Op{ xhostOp("chronos"),