public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* For security, don't mount the entire host filesystem.

Browse Source 
svn path=/nixos/trunk/; revision=28429
This commit is contained in:
Eelco Dolstra 2011-08-09 14:07:44 +00:00
parent 27a54b1761
commit d75efe4aa1
6 changed files with 26 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/test-driver/Machine.pm
View File

@ -127,7 +127,6 @@ sub start {
"-no-reboot -monitor unix:./monitor -chardev socket,id=shell,path=./shell " . "-no-reboot -monitor unix:./monitor -chardev socket,id=shell,path=./shell " .
"-device virtio-serial -device virtconsole,chardev=shell " . "-device virtio-serial -device virtconsole,chardev=shell " .
($showGraphics ? "-serial stdio" : "-nographic") . " " . ($ENV{QEMU_OPTS} || ""); ($showGraphics ? "-serial stdio" : "-nographic") . " " . ($ENV{QEMU_OPTS} || "");
$ENV{QEMU_KERNEL_PARAMS} = "hostTmpDir=$ENV{TMPDIR}";
chdir $self->{stateDir} or die; chdir $self->{stateDir} or die;
exec $self->{startCommand}; exec $self->{startCommand};
die "running VM script: $!"; die "running VM script: $!";

2
lib/test-driver/test-driver.pl
View File

@ -129,7 +129,7 @@ sub runTests {
# sources. # sources.
my $kernelDir = $vm->mustSucceed("echo \$(dirname \$(readlink -f /var/run/current-system/kernel))/.build/linux-*"); my $kernelDir = $vm->mustSucceed("echo \$(dirname \$(readlink -f /var/run/current-system/kernel))/.build/linux-*");
chomp $kernelDir; chomp $kernelDir;
my $coverageDir = "/hostfs" . $vm->stateDir() . "/coverage-data/$kernelDir"; my $coverageDir = "/tmp/xchg/coverage-data/$kernelDir";
# Copy all the *.gcda files. # Copy all the *.gcda files.
$vm->execute("for d in $gcovDir/nix/store/*/.build/linux-*; do for i in \$(cd \$d && find -name '*.gcda'); do echo \$i; mkdir -p $coverageDir/\$(dirname \$i); cp -v \$d/\$i $coverageDir/\$i; done; done"); $vm->execute("for d in $gcovDir/nix/store/*/.build/linux-*; do for i in \$(cd \$d && find -name '*.gcda'); do echo \$i; mkdir -p $coverageDir/\$(dirname \$i); cp -v \$d/\$i $coverageDir/\$i; done; done");

11
lib/testing.nix
View File

@ -59,9 +59,9 @@ rec {
touch $out/nix-support/hydra-build-products touch $out/nix-support/hydra-build-products
echo "report testlog $out log.html" >> $out/nix-support/hydra-build-products echo "report testlog $out log.html" >> $out/nix-support/hydra-build-products
for i in */coverage-data; do for i in */xchg/coverage-data; do
mkdir -p $out/coverage-data mkdir -p $out/coverage-data
mv $i $out/coverage-data/$(dirname $i) mv $i $out/coverage-data/$(dirname $(dirname $i))
done done
[ -z "$failed" ] || touch $out/nix-support/failed [ -z "$failed" ] || touch $out/nix-support/failed
@ -193,13 +193,14 @@ rec {
testscript = '' testscript = ''
startAll; startAll;
${preBuild} ${preBuild}
$client->succeed("env -i ${pkgs.bash}/bin/bash ${buildrunner} /hostfs".$client->stateDir."/saved-env >&2"); $client->succeed("env -i ${pkgs.bash}/bin/bash ${buildrunner} /tmp/xchg/saved-env >&2");
${postBuild} ${postBuild}
''; '';
vmRunCommand = writeText "vm-run" '' vmRunCommand = writeText "vm-run" ''
${coreutils}/bin/mkdir -p vm-state-client ${coreutils}/bin/mkdir $out
export > vm-state-client/saved-env ${coreutils}/bin/mkdir -p vm-state-client/xchg
export > vm-state-client/xchg/saved-env
export tests='${testscript}' export tests='${testscript}'
${testDriver}/bin/nixos-test-driver ${vm.config.system.build.vm}/bin/run-*-vm ${testDriver}/bin/nixos-test-driver ${vm.config.system.build.vm}/bin/run-*-vm
''; # */ ''; # */

7
modules/services/web-servers/apache-httpd/default.nix
View File

@ -558,12 +558,7 @@ in
startOn = "started ${startingDependency} and filesystem"; startOn = "started ${startingDependency} and filesystem";
environment = environment =
{ # !!! This should be added in test-instrumentation.nix. It { PATH = concatStringsSep ":" (
# shouldn't hurt though, since packages usually aren't built
# with coverage enabled.
GCOV_PREFIX = "/tmp/coverage-data";
PATH = concatStringsSep ":" (
[ "${pkgs.coreutils}/bin" "${pkgs.gnugrep}/bin" ] [ "${pkgs.coreutils}/bin" "${pkgs.gnugrep}/bin" ]
++ # Needed for PHP's mail() function. !!! Probably the ++ # Needed for PHP's mail() function. !!! Probably the
# ssmtp module should export the path to sendmail in # ssmtp module should export the path to sendmail in

11
modules/testing/test-instrumentation.nix
View File

@ -64,13 +64,8 @@ in
# to failures that are hard to diagnose. # to failures that are hard to diagnose.
echo 2 > /proc/sys/vm/panic_on_oom echo 2 > /proc/sys/vm/panic_on_oom
# Coverage data is written into /tmp/coverage-data. Symlink # Coverage data is written into /tmp/coverage-data.
# it to the host filesystem so that we don't need to copy it mkdir -p /tmp/xchg/coverage-data
# on shutdown.
( eval $(cat /proc/cmdline)
mkdir -p /hostfs/$hostTmpDir/coverage-data
ln -sfn /hostfs/$hostTmpDir/coverage-data /tmp/coverage-data
)
# Mount debugfs to gain access to the kernel coverage data (if # Mount debugfs to gain access to the kernel coverage data (if
# available). # available).
@ -103,7 +98,7 @@ in
networking.defaultGateway = mkOverride 150 ""; networking.defaultGateway = mkOverride 150 "";
networking.nameservers = mkOverride 150 [ ]; networking.nameservers = mkOverride 150 [ ];
system.upstartEnvironment.GCOV_PREFIX = "/tmp/coverage-data"; system.upstartEnvironment.GCOV_PREFIX = "/tmp/xchg/coverage-data";
}; };

13
modules/virtualisation/qemu-vm.nix
View File

@ -153,6 +153,7 @@ let
TMPDIR=$(mktemp -d nix-vm-smbd.XXXXXXXXXX --tmpdir) TMPDIR=$(mktemp -d nix-vm-smbd.XXXXXXXXXX --tmpdir)
fi fi
cd $TMPDIR cd $TMPDIR
mkdir -p $TMPDIR/xchg
${pkgs.vmTools.startSamba} ${pkgs.vmTools.startSamba}
@ -310,16 +311,16 @@ in
[ { mountPoint = "/"; [ { mountPoint = "/";
device = "/dev/vda"; device = "/dev/vda";
} }
{ mountPoint = "/hostfs"; { mountPoint = "/nix/store";
device = "//10.0.2.4/qemu"; device = "//10.0.2.4/store";
fsType = "cifs"; fsType = "cifs";
options = "guest,sec=none,noperm,noacl"; options = "guest,sec=none,noperm,noacl";
neededForBoot = true; neededForBoot = true;
} }
{ mountPoint = "/nix/store"; { mountPoint = "/tmp/xchg";
device = "/hostfs/nix/store"; device = "//10.0.2.4/xchg";
fsType = "none"; fsType = "cifs";
options = "bind"; options = "guest,sec=none,noperm,noacl";
neededForBoot = true; neededForBoot = true;
} }
] ++ optional cfg.useBootLoader ] ++ optional cfg.useBootLoader