[PATCH 04/21] test-example: Provide test which uses unshare(8)

Thu Apr 24 02:37:23 BST 2014

This allows more realistic testing, with the "outside" copy of secnet
in a separate environment with its own instance of the network stack.

We have to go through some contortions to get the user a shell in the
"outside" environment, since unshare -n also breaks AF_UNIX, and we
want to keep the terminal secnet is invoked in just for secnet.

Signed-off-by: Ian Jackson <ijackson at chiark.greenend.org.uk>
---
 debian/changelog                  |    1 +
 test-example/README               |    5 +++++
 test-example/fake-userv           |   11 +++++++++++
 test-example/outside-unshare.conf |   16 ++++++++++++++++
 4 files changed, 33 insertions(+)
 create mode 100755 test-example/fake-userv
 create mode 100644 test-example/outside-unshare.conf

diff --git a/debian/changelog b/debian/changelog
index 9f02f1e..f979239 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,7 @@ secnet (0.3.1~~unstable) unstable; urgency=low
   * Internal code rearrangements and improvements.
   * Fix netlink SEGV on clientless netlinks (i.e. configuration error).
   * Fix formatting error in p-t-p startup message.
+  * Additions to the test-example suite.
 
  --
 
diff --git a/test-example/README b/test-example/README
index 4c2eca3..7ec95ea 100644
--- a/test-example/README
+++ b/test-example/README
@@ -24,3 +24,8 @@ For running under valgrind memcheck, do something like this:
     --leak-check=full --suppressions=test-example/memcheck.suppressions \
     ./secnet -dvnc test-example/outside.conf
 NB that --num-callers is needed as secnet's stack can be deep.
+
+The config file outside-unshare.conf can be used on Linux in
+conjunction with test-example/fake-userv and a built checkout of
+userv-utils.git to run the "outside" copy of secnet in a new "network
+namespace".
diff --git a/test-example/fake-userv b/test-example/fake-userv
new file mode 100755
index 0000000..6f5da40
--- /dev/null
+++ b/test-example/fake-userv
@@ -0,0 +1,11 @@
+#!/bin/sh
+set -e
+echo >&2 "$0: invoked as $0 $*"
+shift
+shift
+exec 3<&0 4>&1 5>&2 >&2 </dev/null
+exec xterm -T netns -e unshare -n -- sh -xc '
+  ../userv-utils.git/ipif/service \* -- "$@" <&3 >&4 2>&5 &
+  sleep 0.1
+  env - bash -i
+' x "$@"
diff --git a/test-example/outside-unshare.conf b/test-example/outside-unshare.conf
new file mode 100644
index 0000000..c6c3b6f
--- /dev/null
+++ b/test-example/outside-unshare.conf
@@ -0,0 +1,16 @@
+netlink userv-ipif {
+	name "netlink-ipif"; # Printed in log messages from this netlink
+	local-address "172.18.232.1";
+	secnet-address "172.18.232.2";
+	remote-networks "172.18.232.0/28";
+	mtu 1000;
+	buffer sysbuffer(2048);
+	userv-path "test-example/fake-userv";
+};
+comm udp {
+	port 16900;
+	buffer sysbuffer(4096);
+};
+local-name "test-example/outside/outside";
+local-key rsa-private("test-example/outside.key");
+include test-example/common.conf
-- 
1.7.10.4


