diff options
author | Thomas Haller <thaller@redhat.com> | 2023-09-06 13:52:19 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2023-09-07 19:35:21 +0200 |
commit | 34f87e82f38adaefb1db617a5d618ca7ab140733 (patch) | |
tree | 74d4962460e0b95b5a2fe6b23d9f335c5f9ce556 /tests/shell/run-tests.sh | |
parent | df6f1a3e08030c90510c6a817a1771276439efed (diff) |
tests/shell: skip test in rootless that hit socket buffer size limit
The socket buffer limits like /proc/sys/net/core/{rmem_max,wmem_max}
can cause tests to fail, when running rootless. That's because real-root
can override those limits, rootless cannot.
Add an environment variable NFT_TEST_HAS_SOCKET_LIMITS=*|n which is
automatically set by "run-tests.sh".
Certain tests will check for [ "$NFT_TEST_HAS_SOCKET_LIMITS" = y ] and
skip the test.
The user may manually bump those limits (requires root), and set
NFT_TEST_HAS_SOCKET_LIMITS=n to get the tests to pass even as rootless.
For example, the test passes with root:
sudo ./tests/shell/run-tests.sh -- tests/shell/testcases/sets/automerge_0
Without root, it would fail. Skip it instead:
./tests/shell/run-tests.sh -- tests/shell/testcases/sets/automerge_0
...
I: [SKIPPED] tests/shell/testcases/sets/automerge_0
Or bump the limit:
$ echo 3000000 | sudo tee /proc/sys/net/core/wmem_max
$ NFT_TEST_HAS_SOCKET_LIMITS=n ./tests/shell/run-tests.sh -- tests/shell/testcases/sets/automerge_0
...
I: [OK] tests/shell/testcases/sets/automerge_0
Signed-off-by: Thomas Haller <thaller@redhat.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'tests/shell/run-tests.sh')
-rwxr-xr-x | tests/shell/run-tests.sh | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/tests/shell/run-tests.sh b/tests/shell/run-tests.sh index 97c82991..423c5465 100755 --- a/tests/shell/run-tests.sh +++ b/tests/shell/run-tests.sh @@ -28,6 +28,17 @@ msg_info() { _msg I "$@" } +bool_n() { + case "$1" in + n|N|no|No|NO|0|false|False|FALSE) + printf n + ;; + *) + printf y + ;; + esac +} + bool_y() { case "$1" in y|Y|yes|Yes|YES|1|true|True|TRUE) @@ -78,6 +89,12 @@ usage() { echo " e.g. due to limited /proc/sys/net/core/{wmem_max,rmem_max}." echo " Checks that cannot pass in such environment should check for" echo " [ \"\$NFT_TEST_HAS_REALROOT\" != y ] and skip gracefully." + echo " NFT_TEST_HAS_SOCKET_LIMITS=*|n : some tests will fail if /proc/sys/net/core/{wmem_max,rmem_max} is" + echo " too small. When running as real root, then test can override those limits. However," + echo " with rootless the test would fail. Tests will check for [ "\$NFT_TEST_HAS_SOCKET_LIMITS" = y ]" + echo " and skip. You may set NFT_TEST_HAS_SOCKET_LIMITS=n if you ensure those limits are" + echo " suitable to run the test rootless. Otherwise will be autodetected." + echo " Set /proc/sys/net/core/{wmem_max,rmem_max} to at least 2MB to get them to pass automatically." echo " NFT_TEST_UNSHARE_CMD=cmd : when set, this is the command line for an unshare" echo " command, which is used to sandbox each test invocation. By" echo " setting it to empty, no unsharing is done." @@ -202,6 +219,20 @@ else fi export NFT_TEST_HAS_REALROOT +if [ "$NFT_TEST_HAS_SOCKET_LIMITS" = "" ] ; then + if [ "$NFT_TEST_HAS_REALROOT" = y ] ; then + NFT_TEST_HAS_SOCKET_LIMITS=n + elif [ "$(cat /proc/sys/net/core/wmem_max 2>/dev/null)" -ge $((2000*1024)) ] 2>/dev/null && \ + [ "$(cat /proc/sys/net/core/rmem_max 2>/dev/null)" -ge $((2000*1024)) ] 2>/dev/null ; then + NFT_TEST_HAS_SOCKET_LIMITS=n + else + NFT_TEST_HAS_SOCKET_LIMITS=y + fi +else + NFT_TEST_HAS_SOCKET_LIMITS="$(bool_n "$NFT_TEST_HAS_SOCKET_LIMITS")" +fi +export NFT_TEST_HAS_SOCKET_LIMITS + detect_unshare() { if ! $1 true &>/dev/null ; then return 1 @@ -316,6 +347,7 @@ msg_info "conf: DUMPGEN=$(printf '%q' "$DUMPGEN")" msg_info "conf: VALGRIND=$(printf '%q' "$VALGRIND")" msg_info "conf: KMEMLEAK=$(printf '%q' "$KMEMLEAK")" msg_info "conf: NFT_TEST_HAS_REALROOT=$(printf '%q' "$NFT_TEST_HAS_REALROOT")" +msg_info "conf: NFT_TEST_HAS_SOCKET_LIMITS=$(printf '%q' "$NFT_TEST_HAS_SOCKET_LIMITS")" msg_info "conf: NFT_TEST_UNSHARE_CMD=$(printf '%q' "$NFT_TEST_UNSHARE_CMD")" msg_info "conf: NFT_TEST_HAS_UNSHARED=$(printf '%q' "$NFT_TEST_HAS_UNSHARED")" msg_info "conf: NFT_TEST_HAS_UNSHARED_MOUNT=$(printf '%q' "$NFT_TEST_HAS_UNSHARED_MOUNT")" |