opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-07-04 01:48:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix a potential UID/GID collision in unit tests

Browse Source 
The tests for generating username/passwd entries assume that
UID/GID 123/456 do not exist, which is not a safe assumption on
Debian. If a /etc/passwd entry with that UID/GID already exists,
the test will not add a new one with the same UID/GID, and will
fail. Change UID and GID to be 6 digits, because we're a lot less
likely to collide with UIDs and GIDs in use on the system that
way. Could also go further and randomly generate the UID/GID, but
that feels like overkill.

Fixes #17366

Signed-off-by: Matt Heon <mheon@redhat.com>
This commit is contained in:
Matt Heon
2023-02-06 09:26:51 -05:00
parent 77ab826d02
commit 1916da5962
1 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
libpod/container_internal_linux_test.go
View File

@ -15,7 +15,7 @@ func TestGenerateUserPasswdEntry(t *testing.T) {
config: &ContainerConfig{ config: &ContainerConfig{
Spec: &spec.Spec{}, Spec: &spec.Spec{},
ContainerSecurityConfig: ContainerSecurityConfig{ ContainerSecurityConfig: ContainerSecurityConfig{
User: "123:456", User: "123456:456789",
}, },
}, },
state: &ContainerState{ state: &ContainerState{
@ -26,14 +26,14 @@ func TestGenerateUserPasswdEntry(t *testing.T) {
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
assert.Equal(t, user, "123:*:123:456:container user:/:/bin/sh\n") assert.Equal(t, user, "123456:*:123456:456789:container user:/:/bin/sh\n")
c.config.User = "567" c.config.User = "567890"
user, err = c.generateUserPasswdEntry(0) user, err = c.generateUserPasswdEntry(0)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
assert.Equal(t, user, "567:*:567:0:container user:/:/bin/sh\n") assert.Equal(t, user, "567890:*:567890:0:container user:/:/bin/sh\n")
} }
func TestGenerateUserGroupEntry(t *testing.T) { func TestGenerateUserGroupEntry(t *testing.T) {
@ -41,7 +41,7 @@ func TestGenerateUserGroupEntry(t *testing.T) {
config: &ContainerConfig{ config: &ContainerConfig{
Spec: &spec.Spec{}, Spec: &spec.Spec{},
ContainerSecurityConfig: ContainerSecurityConfig{ ContainerSecurityConfig: ContainerSecurityConfig{
User: "123:456", User: "123456:456789",
}, },
}, },
state: &ContainerState{ state: &ContainerState{
@ -52,12 +52,12 @@ func TestGenerateUserGroupEntry(t *testing.T) {
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
assert.Equal(t, group, "456:x:456:123\n") assert.Equal(t, group, "456789:x:456789:123456\n")
c.config.User = "567" c.config.User = "567890"
group, err = c.generateUserGroupEntry(0) group, err = c.generateUserGroupEntry(0)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
assert.Equal(t, group, "567:x:567:567\n") assert.Equal(t, group, "567890:x:567890:567890\n")
} }