search

binpash / try

Inspect a command's effects before modifying your live system
MIT License
5.18k stars 66 forks source link

Reuse sandbox and add tests #85

Closed angelhof closed 1 year ago

angelhof commented 1 year ago

This PR adds tests and fixes to address #41. Currently, the sandbox_valid check is not adequately extensive and we need to make it stricter.

In particular, one check that feels relevant is to determine whether the directory is already used by another overlay (which is supposedly not allowed based on the overlayfs documentation). This actually comes up in practice (I paste a manual test below) but I can't figure out how to determine it ahead of time (e.g., the workdir contains a work directory if the overlayfs is mounted or not).

Erroneous test where overlay is in use:

## In one terminal start an overlay and leave it running
kallas@node0:~/try$ ./try -D ../foo bash
Warning: Failed mounting /proj as an overlay, see /tmp/tmp.2qrQ08c0Un
Warning: Failed mounting /sys/kernel/tracing as an overlay, see /tmp/tmp.2qrQ08c0Un
Warning: Failed mounting /proj/pash-PG0 as an overlay, see /tmp/tmp.2qrQ08c0Un
root@node0:~/try# 

## In another terminal
kallas@node0:~/try$ ./try -D ../foo echo "README" > README
Warning: Failed mounting /proj as an overlay, see /tmp/tmp.2qrQ08c0Un
Warning: Failed mounting /sys/kernel/tracing as an overlay, see /tmp/tmp.2qrQ08c0Un
Warning: Failed mounting /proj/pash-PG0 as an overlay, see /tmp/tmp.2qrQ08c0Un
kallas@node0:~/try$ 

## The error: no summary shown or commit prompt.
mgree commented 1 year ago

I don't 100% understand... does the _problematic case not fail when it should?

If we want to know what's mounted as what, /proc/mount may be the easiest way to do that.

angelhof commented 1 year ago

I don't 100% understand... does the _problematic case not fail when it should?

The problematic test does not lead to a crash or issue by overlay (even though it sounds pretty bad to just create a file in temproot). At the moment it only serves the purpose of testing that try exits early if something unpredictable has happened to the overlay directories.

If we want to know what's mounted as what, /proc/mount may be the easiest way to do that.

Great, I made a new issue to exercise this behavior in a test.