testsuite/expect/test7.10 - SchedMD/slurm - Git at Google

 #!/usr/bin/env expect
 ############################################################################
 # Purpose: Test of Slurm functionality
 #          Test user namespaces support
 ############################################################################
 # Copyright (C) 2007 The Regents of the University of California.
 # Produced at Lawrence Livermore National Laboratory (cf, DISCLAIMER).
 # Written by Morris Jette <jette1@llnl.gov>
 # CODE-OCEC-09-009. All rights reserved.
 #
 # This file is part of Slurm, a resource management program.
 # For details, see <https://slurm.schedmd.com/>.
 # Please also read the included file: DISCLAIMER.
 #
 # Slurm is free software; you can redistribute it and/or modify it under
 # the terms of the GNU General Public License as published by the Free
 # Software Foundation; either version 2 of the License, or (at your option)
 # any later version.
 #
 # Slurm is distributed in the hope that it will be useful, but WITHOUT ANY
 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 # FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
 # details.
 #
 # You should have received a copy of the GNU General Public License along
 # with Slurm; if not, write to the Free Software Foundation, Inc.,
 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301  USA.
 ############################################################################
 source ./globals

 set ld_preload  "ld_preload"
 set output_file "$test_dir/output.log"

 proc cleanup {} {
 	global bin_rm ld_preload test_name sacctmgr testsuite_user

 	run_command -none "$sacctmgr -vi delete user name=$testsuite_user"
 	run_command -none "$sacctmgr -vi delete account name=$test_name"

 	exec $bin_rm -f ${ld_preload}.c ${ld_preload}.lo ${ld_preload}.so
 }

 if {[param_contains [get_config_param "AuthType"] "*none"]} {
 	skip "This test is incompatible with auth/none"
 }

 if {![check_run_as_user $testsuite_user]} {
 	skip "This test needs testsuite_user configured in globals.local"
 }

 if { [get_config_param -dbd "AllowNoDefAcct"] eq "yes" } {
 	set def_acct " defaultaccount=$test_name"
 } else {
 	set def_acct ""
 }

 # Provide the right permissions to $testsuite_user
 cleanup
 run_command -fail "$sacctmgr -vi add account name=$test_name"
 run_command -fail "$sacctmgr -vi add user name=$testsuite_user account=$test_name$def_acct"
 run_command -fail "$sacctmgr -vi update user $testsuite_user set adminlevel=None"

 #
 # Build a shared object that emulates getuid/getgid functions
 #
 exec $bin_rm -f ${ld_preload}.c ${ld_preload}.lo ${ld_preload}.so
 exec $bin_echo "#define ID 0"                      >${ld_preload}.c
 exec $bin_echo "int getuid(void)  { return ID; }" >>${ld_preload}.c
 exec $bin_echo "int geteuid(void) { return ID; }" >>${ld_preload}.c
 exec $bin_echo "int getgid(void)  { return ID; }" >>${ld_preload}.c
 exec $bin_echo "int getegid(void) { return ID; }" >>${ld_preload}.c
 exec $bin_cc -c -fPIC -o ${ld_preload}.lo ${ld_preload}.c
 exec $bin_cc -shared -o ${ld_preload}.so ${ld_preload}.lo

 #
 # Submit a job as a non-root user but with LD_PRELOAD to impersonate uid=0
 #
 set job_id [submit_job -fail -user $testsuite_user -env "LD_PRELOAD=./${ld_preload}.so" "-N1 -t1 --wrap='$bin_id' --output=$output_file --error=none"]
 subtest {[regexp "$testsuite_user" [get_job_param $job_id UserId]]} "Verify that job has been launched by the right user"
 wait_for_job -fail $job_id DONE
 set output [run_command_output -fail -user $testsuite_user "$bin_cat $output_file"]
 subtest {[regexp "(uid=0)" $output]} "Verify that user namespaces allows uid 0"

 #
 # Submit a job while faking uid=0; verify slurm doesn't submit the job as actual root
 #
 set output [run_command_output -user $testsuite_user "$bin_unshare -ru $srun $bin_id"]
 subtest {[regexp $testsuite_user $output]} "Verify slurm user is job user"
 subtest {![regexp "(uid=0)" $output]} "Verify slurm user isn't able to escalate to root"

 #
 # Submit a job that fakes uid=0; verify job is not actually root
 #
 set output [run_command_output -user "$testsuite_user" "$srun $bin_unshare -ru $bin_bash -c '$bin_id; ls /root; exit 0'"]
 subtest {[regexp "(uid=0)" $output]} "Verify job can mock uid=0"
 subtest {[regexp "ls: cannot open directory '/root': Permission denied" $output]} "Verify job isn't actually root"
	#!/usr/bin/env expect
	############################################################################
	# Purpose: Test of Slurm functionality
	# Test user namespaces support
	############################################################################
	# Copyright (C) 2007 The Regents of the University of California.
	# Produced at Lawrence Livermore National Laboratory (cf, DISCLAIMER).
	# Written by Morris Jette <jette1@llnl.gov>
	# CODE-OCEC-09-009. All rights reserved.
	#
	# This file is part of Slurm, a resource management program.
	# For details, see <https://slurm.schedmd.com/>.
	# Please also read the included file: DISCLAIMER.
	#
	# Slurm is free software; you can redistribute it and/or modify it under
	# the terms of the GNU General Public License as published by the Free
	# Software Foundation; either version 2 of the License, or (at your option)
	# any later version.
	#
	# Slurm is distributed in the hope that it will be useful, but WITHOUT ANY
	# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
	# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
	# details.
	#
	# You should have received a copy of the GNU General Public License along
	# with Slurm; if not, write to the Free Software Foundation, Inc.,
	# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	############################################################################
	source ./globals

	set ld_preload "ld_preload"
	set output_file "$test_dir/output.log"

	proc cleanup {} {
	global bin_rm ld_preload test_name sacctmgr testsuite_user

	run_command -none "$sacctmgr -vi delete user name=$testsuite_user"
	run_command -none "$sacctmgr -vi delete account name=$test_name"

	exec $bin_rm -f ${ld_preload}.c ${ld_preload}.lo ${ld_preload}.so
	}

	if {[param_contains [get_config_param "AuthType"] "*none"]} {
	skip "This test is incompatible with auth/none"
	}

	if {![check_run_as_user $testsuite_user]} {
	skip "This test needs testsuite_user configured in globals.local"
	}

	if { [get_config_param -dbd "AllowNoDefAcct"] eq "yes" } {
	set def_acct " defaultaccount=$test_name"
	} else {
	set def_acct ""
	}

	# Provide the right permissions to $testsuite_user
	cleanup
	run_command -fail "$sacctmgr -vi add account name=$test_name"
	run_command -fail "$sacctmgr -vi add user name=$testsuite_user account=$test_name$def_acct"
	run_command -fail "$sacctmgr -vi update user $testsuite_user set adminlevel=None"

	#
	# Build a shared object that emulates getuid/getgid functions
	#
	exec $bin_rm -f ${ld_preload}.c ${ld_preload}.lo ${ld_preload}.so
	exec $bin_echo "#define ID 0" >${ld_preload}.c
	exec $bin_echo "int getuid(void) { return ID; }" >>${ld_preload}.c
	exec $bin_echo "int geteuid(void) { return ID; }" >>${ld_preload}.c
	exec $bin_echo "int getgid(void) { return ID; }" >>${ld_preload}.c
	exec $bin_echo "int getegid(void) { return ID; }" >>${ld_preload}.c
	exec $bin_cc -c -fPIC -o ${ld_preload}.lo ${ld_preload}.c
	exec $bin_cc -shared -o ${ld_preload}.so ${ld_preload}.lo

	#
	# Submit a job as a non-root user but with LD_PRELOAD to impersonate uid=0
	#
	set job_id [submit_job -fail -user $testsuite_user -env "LD_PRELOAD=./${ld_preload}.so" "-N1 -t1 --wrap='$bin_id' --output=$output_file --error=none"]
	subtest {[regexp "$testsuite_user" [get_job_param $job_id UserId]]} "Verify that job has been launched by the right user"
	wait_for_job -fail $job_id DONE
	set output [run_command_output -fail -user $testsuite_user "$bin_cat $output_file"]
	subtest {[regexp "(uid=0)" $output]} "Verify that user namespaces allows uid 0"

	#
	# Submit a job while faking uid=0; verify slurm doesn't submit the job as actual root
	#
	set output [run_command_output -user $testsuite_user "$bin_unshare -ru $srun $bin_id"]
	subtest {[regexp $testsuite_user $output]} "Verify slurm user is job user"
	subtest {![regexp "(uid=0)" $output]} "Verify slurm user isn't able to escalate to root"

	#
	# Submit a job that fakes uid=0; verify job is not actually root
	#
	set output [run_command_output -user "$testsuite_user" "$srun $bin_unshare -ru $bin_bash -c '$bin_id; ls /root; exit 0'"]
	subtest {[regexp "(uid=0)" $output]} "Verify job can mock uid=0"
	subtest {[regexp "ls: cannot open directory '/root': Permission denied" $output]} "Verify job isn't actually root"