github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-19 17:26:28 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #2022 from justincormack/sys-in-getty

Browse Source 
mount /sys in getty container and add and fix kernel tests
This commit is contained in:
Riyaz Faizullabhoy 2017-06-12 09:29:44 -07:00 committed by GitHub
commit 35977c53d6
19 changed files with 117 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
examples/docker.yml
View File

@ -20,7 +20,7 @@ onboot:
command: ["/mount.sh", "/var/lib/docker"] command: ["/mount.sh", "/var/lib/docker"]
services: services:
- name: getty - name: getty
image: "linuxkit/getty:148946d72d1c96df3ea91cb8ee4f9583cd3cc5c2" image: "linuxkit/getty:ef9d667af71089326419fb08e9cc9d567cf15748"
env: env:
- INSECURE=true - INSECURE=true
- name: rngd - name: rngd

2
examples/gcp.yml
View File

@ -16,7 +16,7 @@ onboot:
image: "linuxkit/metadata:31a0b0f5557c6123beaa9c33e3400ae3c03447e0" image: "linuxkit/metadata:31a0b0f5557c6123beaa9c33e3400ae3c03447e0"
services: services:
- name: getty - name: getty
image: "linuxkit/getty:148946d72d1c96df3ea91cb8ee4f9583cd3cc5c2" image: "linuxkit/getty:ef9d667af71089326419fb08e9cc9d567cf15748"
env: env:
- INSECURE=true - INSECURE=true
- name: rngd - name: rngd

2
examples/getty.yml
View File

@ -14,7 +14,7 @@ onboot:
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services: services:
- name: getty - name: getty
image: "linuxkit/getty:148946d72d1c96df3ea91cb8ee4f9583cd3cc5c2" image: "linuxkit/getty:ef9d667af71089326419fb08e9cc9d567cf15748"
# to make insecure with passwordless root login, uncomment following lines # to make insecure with passwordless root login, uncomment following lines
#env: #env:
# - INSECURE=true # - INSECURE=true

2
examples/minimal.yml
View File

@ -11,7 +11,7 @@ onboot:
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services: services:
- name: getty - name: getty
image: "linuxkit/getty:148946d72d1c96df3ea91cb8ee4f9583cd3cc5c2" image: "linuxkit/getty:ef9d667af71089326419fb08e9cc9d567cf15748"
env: env:
- INSECURE=true - INSECURE=true
trust: trust:

2
examples/node_exporter.yml
View File

@ -7,7 +7,7 @@ init:
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a - linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
services: services:
- name: getty - name: getty
image: "linuxkit/getty:148946d72d1c96df3ea91cb8ee4f9583cd3cc5c2" image: "linuxkit/getty:ef9d667af71089326419fb08e9cc9d567cf15748"
env: env:
- INSECURE=true - INSECURE=true
- name: rngd - name: rngd

2
examples/redis-os.yml
View File

@ -13,7 +13,7 @@ onboot:
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services: services:
- name: getty - name: getty
image: "linuxkit/getty:148946d72d1c96df3ea91cb8ee4f9583cd3cc5c2" image: "linuxkit/getty:ef9d667af71089326419fb08e9cc9d567cf15748"
env: env:
- INSECURE=true - INSECURE=true
- name: redis - name: redis

2
examples/sshd.yml
View File

@ -11,7 +11,7 @@ onboot:
image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
services: services:
- name: getty - name: getty
image: "linuxkit/getty:148946d72d1c96df3ea91cb8ee4f9583cd3cc5c2" image: "linuxkit/getty:ef9d667af71089326419fb08e9cc9d567cf15748"
env: env:
- INSECURE=true - INSECURE=true
- name: rngd - name: rngd

2
examples/swap.yml
View File

@ -24,7 +24,7 @@ onboot:
command: ["/swap.sh", "--path", "/var/external/swap", "--size", "1G", "--encrypt"] command: ["/swap.sh", "--path", "/var/external/swap", "--size", "1G", "--encrypt"]
services: services:
- name: getty - name: getty
image: "linuxkit/getty:148946d72d1c96df3ea91cb8ee4f9583cd3cc5c2" image: "linuxkit/getty:ef9d667af71089326419fb08e9cc9d567cf15748"
env: env:
- INSECURE=true - INSECURE=true
- name: rngd - name: rngd

2
examples/vmware.yml
View File

@ -11,7 +11,7 @@ onboot:
image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
services: services:
- name: getty - name: getty
image: "linuxkit/getty:148946d72d1c96df3ea91cb8ee4f9583cd3cc5c2" image: "linuxkit/getty:ef9d667af71089326419fb08e9cc9d567cf15748"
env: env:
- INSECURE=true - INSECURE=true
- name: rngd - name: rngd

2
linuxkit.yml
View File

@ -16,7 +16,7 @@ onboot:
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services: services:
- name: getty - name: getty
image: "linuxkit/getty:148946d72d1c96df3ea91cb8ee4f9583cd3cc5c2" image: "linuxkit/getty:ef9d667af71089326419fb08e9cc9d567cf15748"
env: env:
- INSECURE=true - INSECURE=true
- name: rngd - name: rngd

2
pkg/getty/Dockerfile
View File

@ -17,4 +17,4 @@ COPY --from=mirror /out/ /
COPY usr/ /usr/ COPY usr/ /usr/
COPY etc/ /etc/ COPY etc/ /etc/
CMD ["/usr/bin/rungetty.sh"] CMD ["/usr/bin/rungetty.sh"]
LABEL org.mobyproject.config='{"pid": "host", "net":"host", "binds": ["/run:/run", "/etc:/hostroot/etc","/tmp/ctr:/tmp/ctr", "/usr/bin/ctr:/usr/bin/ctr", "/usr/bin/runc:/usr/bin/runc", "/usr/bin/dist:/usr/bin/dist", "/var:/var","/containers:/containers","/dev:/dev"], "capabilities": ["all"]}' LABEL org.mobyproject.config='{"pid": "host", "net":"host", "binds": ["/run:/run", "/etc:/hostroot/etc","/tmp/ctr:/tmp/ctr", "/usr/bin/ctr:/usr/bin/ctr", "/usr/bin/runc:/usr/bin/runc", "/usr/bin/dist:/usr/bin/dist", "/var:/var","/containers:/containers","/dev:/dev","/sys:/sys"], "capabilities": ["all"]}'

2
test/cases/020_kernel/000_config_4.4.x/test-kernel-config.yml
View File

@ -7,7 +7,7 @@ init:
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a - linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
onboot: onboot:
- name: check-kernel-config - name: check-kernel-config
image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c" image: "linuxkit/test-kernel-config:2acaa564c1801dd2ae1546c70c472dc58ac030a1"
readonly: true readonly: true
- name: poweroff - name: poweroff
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28" image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"

2
test/cases/020_kernel/001_config_4.9.x/test-kernel-config.yml
View File

@ -7,7 +7,7 @@ init:
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a - linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
onboot: onboot:
- name: check-kernel-config - name: check-kernel-config
image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c" image: "linuxkit/test-kernel-config:2acaa564c1801dd2ae1546c70c472dc58ac030a1"
readonly: true readonly: true
- name: poweroff - name: poweroff
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28" image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"

2
test/cases/020_kernel/003_config_4.11.x/test-kernel-config.yml
View File

@ -7,7 +7,7 @@ init:
- linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a - linuxkit/containerd:b50181bc6e0084e5fcd6b6ad3cf433c4f66cae5a
onboot: onboot:
- name: check-kernel-config - name: check-kernel-config
image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c" image: "linuxkit/test-kernel-config:2acaa564c1801dd2ae1546c70c472dc58ac030a1"
readonly: true readonly: true
- name: poweroff - name: poweroff
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28" image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"

2
test/hack/test.yml
View File

@ -12,7 +12,7 @@ onboot:
image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: check-kernel-config - name: check-kernel-config
image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c" image: "linuxkit/test-kernel-config:2acaa564c1801dd2ae1546c70c472dc58ac030a1"
readonly: true readonly: true
- name: poweroff - name: poweroff
image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28" image: "linuxkit/poweroff:7404cf2295df89ccfa2dda41997a28307a90cf28"

2
test/pkg/kernel-config/Makefile
View File

@ -5,7 +5,7 @@ IMAGE=test-kernel-config
default: push default: push
hash: Dockerfile check.sh check-kernel-config.sh etc/linuxkit hash: Dockerfile check.sh check-kernel-config.sh
DOCKER_CONTENT_TRUST=1 docker pull $(BASE) DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
tar cf - $^ | docker build --no-cache -t $(IMAGE):build - tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
docker run --rm --entrypoint=/bin/sh $(IMAGE):build -c "cat $^ /lib/apk/db/installed | sha1sum" | sed 's/ .*//' > hash docker run --rm --entrypoint=/bin/sh $(IMAGE):build -c "cat $^ /lib/apk/db/installed | sha1sum" | sed 's/ .*//' > hash

138
test/pkg/kernel-config/check-kernel-config.sh
View File

@ -2,6 +2,11 @@
set -e set -e
function fail {
printf "FAILURE: $1\n"
FAILED=1
}
echo "starting kernel config sanity test with ${1:-/proc/config.gz}" echo "starting kernel config sanity test with ${1:-/proc/config.gz}"
if [ -n "$1" ]; then if [ -n "$1" ]; then
@ -19,59 +24,116 @@ kernelMinor="${kernelMinor%%.*}"
# Most tests against https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project # Most tests against https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project
# Positive cases # Positive cases
echo $UNZIPPED_CONFIG | grep -q CONFIG_BUG=y || (echo "CONFIG_BUG=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_BUG=y || fail "CONFIG_BUG=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_KERNEL=y || (echo "CONFIG_DEBUG_KERNEL=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_KERNEL=y || fail "CONFIG_DEBUG_KERNEL=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_RODATA=y || (echo "CONFIG_DEBUG_RODATA=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_CC_STACKPROTECTOR=y || fail "CONFIG_CC_STACKPROTECTOR=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_CC_STACKPROTECTOR=y || (echo "CONFIG_CC_STACKPROTECTOR=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_CC_STACKPROTECTOR_STRONG=y || fail "CONFIG_CC_STACKPROTECTOR_STRONG=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_CC_STACKPROTECTOR_STRONG=y || (echo "CONFIG_CC_STACKPROTECTOR_STRONG=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_STRICT_DEVMEM=y || fail "CONFIG_STRICT_DEVMEM=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_STRICT_DEVMEM=y || (echo "CONFIG_STRICT_DEVMEM=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_SYN_COOKIES=y || fail "CONFIG_SYN_COOKIES=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_SYN_COOKIES=y || (echo "CONFIG_SYN_COOKIES=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_CREDENTIALS=y || fail "CONFIG_DEBUG_CREDENTIALS=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_CREDENTIALS=y || (echo "CONFIG_DEBUG_CREDENTIALS=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_NOTIFIERS=y || fail "CONFIG_DEBUG_NOTIFIERS=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_NOTIFIERS=y || (echo "CONFIG_DEBUG_NOTIFIERS=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_LIST=y || fail "CONFIG_DEBUG_LIST=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_LIST=y || (echo "CONFIG_DEBUG_LIST=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_SECCOMP=y || fail "CONFIG_SECCOMP=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_SECCOMP=y || (echo "CONFIG_SECCOMP=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_SECCOMP_FILTER=y || fail "CONFIG_SECCOMP_FILTER=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_SECCOMP_FILTER=y || (echo "CONFIG_SECCOMP_FILTER=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_SECURITY=y || fail "CONFIG_SECURITY=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_SECURITY=y || (echo "CONFIG_SECURITY=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_SECURITY_YAMA=y || fail "CONFIG_SECURITY_YAMA=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_SECURITY_YAMA=y || (echo "CONFIG_SECURITY_YAMA=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_PANIC_ON_OOPS=y || fail "CONFIG_PANIC_ON_OOPS=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_PANIC_ON_OOPS=y || (echo "CONFIG_PANIC_ON_OOPS=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_SYN_COOKIES=y || fail "CONFIG_SYN_COOKIES=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_SET_MODULE_RONX=y || (echo "CONFIG_DEBUG_SET_MODULE_RONX=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_LEGACY_VSYSCALL_NONE=y || fail "CONFIG_LEGACY_VSYSCALL_NONE=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_SYN_COOKIES=y || (echo "CONFIG_SYN_COOKIES=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_RANDOMIZE_BASE=y || fail "CONFIG_RANDOMIZE_BASE=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_LEGACY_VSYSCALL_NONE=y || (echo "CONFIG_LEGACY_VSYSCALL_NONE=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_RANDOMIZE_BASE=y || (echo "CONFIG_RANDOMIZE_BASE=y" && exit 1)
# Conditional on kernel version # Conditional on kernel version
if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 5 ]; then if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 5 ]; then
echo $UNZIPPED_CONFIG | grep -q CONFIG_IO_STRICT_DEVMEM=y || (echo "CONFIG_IO_STRICT_DEVMEM=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_IO_STRICT_DEVMEM=y || fail "CONFIG_IO_STRICT_DEVMEM=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_UBSAN=y || (echo "CONFIG_UBSAN=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_UBSAN=y || fail "CONFIG_UBSAN=y"
fi fi
if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 7 ]; then if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 7 ]; then
echo $UNZIPPED_CONFIG | grep -q CONFIG_SLAB_FREELIST_RANDOM=y || (echo "CONFIG_SLAB_FREELIST_RANDOM=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_SLAB_FREELIST_RANDOM=y || fail "CONFIG_SLAB_FREELIST_RANDOM=y"
fi fi
if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 8 ]; then if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 8 ]; then
echo $UNZIPPED_CONFIG | grep -q CONFIG_HARDENED_USERCOPY=y || (echo "CONFIG_HARDENED_USERCOPY=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_HARDENED_USERCOPY=y || fail "CONFIG_HARDENED_USERCOPY=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_RANDOMIZE_MEMORY=y || (echo "CONFIG_RANDOMIZE_MEMORY=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_RANDOMIZE_MEMORY=y || fail "CONFIG_RANDOMIZE_MEMORY=y"
fi fi
# poisoning cannot be enabled in 4.4 # poisoning cannot be enabled in 4.4
if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 9 ]; then if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 9 ]; then
echo $UNZIPPED_CONFIG | grep -q CONFIG_PAGE_POISONING=y || (echo "CONFIG_PAGE_POISONING=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_PAGE_POISONING=y || fail "CONFIG_PAGE_POISONING=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_PAGE_POISONING_NO_SANITY=y || (echo "CONFIG_PAGE_POISONING_NO_SANITY=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_PAGE_POISONING_NO_SANITY=y || fail "CONFIG_PAGE_POISONING_NO_SANITY=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_PAGE_POISONING_ZERO=y || (echo "CONFIG_PAGE_POISONING_ZERO=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_PAGE_POISONING_ZERO=y || fail "CONFIG_PAGE_POISONING_ZERO=y"
fi fi
if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 10 ]; then if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 10 ]; then
echo $UNZIPPED_CONFIG | grep -q CONFIG_BUG_ON_DATA_CORRUPTION=y || (echo "CONFIG_BUG_ON_DATA_CORRUPTION=y" && exit 1) echo $UNZIPPED_CONFIG | grep -q CONFIG_BUG_ON_DATA_CORRUPTION=y || fail "CONFIG_BUG_ON_DATA_CORRUPTION=y"
fi
if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -le 10 ]; then
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_RODATA=y || fail "CONFIG_DEBUG_RODATA=y"
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_SET_MODULE_RONX=y || fail "CONFIG_DEBUG_SET_MODULE_RONX=y"
fi
if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 11 ]; then
echo $UNZIPPED_CONFIG | grep -q CONFIG_STRICT_KERNEL_RWX=y || fail "CONFIG_STRICT_KERNEL_RWX=y"
fi fi
# Negative cases # Negative cases
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_ACPI_CUSTOM_METHOD is not set' || (echo "CONFIG_ACPI_CUSTOM_METHOD is not set" && exit 1) echo $UNZIPPED_CONFIG | grep -q 'CONFIG_ACPI_CUSTOM_METHOD is not set' || fail "CONFIG_ACPI_CUSTOM_METHOD is not set"
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_COMPAT_BRK is not set' || (echo "CONFIG_COMPAT_BRK is not set" && exit 1) echo $UNZIPPED_CONFIG | grep -q 'CONFIG_COMPAT_BRK is not set' || fail "CONFIG_COMPAT_BRK is not set"
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_DEVKMEM is not set' || (echo "CONFIG_DEVKMEM is not set" && exit 1) echo $UNZIPPED_CONFIG | grep -q 'CONFIG_DEVKMEM is not set' || fail "CONFIG_DEVKMEM is not set"
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_COMPAT_VDSO is not set' || (echo "CONFIG_COMPAT_VDSO is not set" && exit 1) echo $UNZIPPED_CONFIG | grep -q 'CONFIG_COMPAT_VDSO is not set' || fail "CONFIG_COMPAT_VDSO is not set"
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_KEXEC is not set' || (echo "CONFIG_KEXEC is not set" && exit 1) echo $UNZIPPED_CONFIG | grep -q 'CONFIG_KEXEC is not set' || fail "CONFIG_KEXEC is not set"
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_HIBERNATION is not set' || (echo "CONFIG_HIBERNATION is not set" && exit 1) echo $UNZIPPED_CONFIG | grep -q 'CONFIG_HIBERNATION is not set' || fail "CONFIG_HIBERNATION is not set"
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_LEGACY_PTYS is not set' || (echo "CONFIG_LEGACY_PTYS is not set" && exit 1) echo $UNZIPPED_CONFIG | grep -q 'CONFIG_LEGACY_PTYS is not set' || fail "CONFIG_LEGACY_PTYS is not set"
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_X86_X32 is not set' || (echo "CONFIG_X86_X32 is not set" && exit 1) echo $UNZIPPED_CONFIG | grep -q 'CONFIG_X86_X32 is not set' || fail "CONFIG_X86_X32 is not set"
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_MODIFY_LDT_SYSCALL is not set' || (echo "CONFIG_MODIFY_LDT_SYSCALL is not set" && exit 1) echo $UNZIPPED_CONFIG | grep -q 'CONFIG_MODIFY_LDT_SYSCALL is not set' || fail "CONFIG_MODIFY_LDT_SYSCALL is not set"
echo "kernel config test succeeded!" # check filesystems that are built in
for fs in \
sysfs \
rootfs \
tmpfs \
bdev \
proc \
cpuset \
cgroup \
devtmpfs \
binfmt_misc \
debugfs \
tracefs \
securityfs \
sockfs \
bpf \
pipefs \
ramfs \
hugetlbfs \
rpc_pipefs \
devpts \
ext4 \
vfat \
msdos \
iso9660 \
nfs \
nfs4 \
nfsd \
cifs \
ntfs \
fuseblk \
fuse \
fusectl \
overlay \
udf \
xfs \
9p \
pstore \
mqueue \
oprofilefs
do
grep -q "[[:space:]]${fs}\$" /proc/filesystems || fail "${fs} filesystem missing"
done
if [ -z "$FAILED" ]
then
echo "kernel config test succeeded!"
else
echo "kernel config test failed!"
exit 1
fi

3
test/pkg/kernel-config/check.sh
View File

@ -2,11 +2,10 @@
function failed { function failed {
printf "Kernel config test suite FAILED\n" printf "Kernel config test suite FAILED\n"
exit 1
} }
/check-kernel-config.sh || failed /check-kernel-config.sh || failed
bash /check-config.sh || failed bash /check-config.sh || failed
printf "Kernel config test suite PASSED\n" printf "Kernel config test suite PASSED\n"
cat /etc/linuxkit

9
test/pkg/kernel-config/etc/linuxkit
View File

@ -1,9 +0,0 @@
## .
## ## ## ==
## ## ## ## ## ===
/"""""""""""""""""\___/ ===
~~~ {~~ ~~~~ ~~~ ~~~~ ~~~ ~ / ===- ~~~
\______ o __/
\ \ __/
\____\_______/