From 20b3fbe6d6d085c24de9aa0637509ee69e30ee54 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Wed, 15 Jun 2022 13:48:47 +0200 Subject: systemd socker activation: check listener to prevent panic Commit 5fa6f686db added a regression which was fixed in eb71712626f9. Apply the same fix again to prevent a panic and return a proper error instead. To not regress again I added a e2e test which makes sure we do not panic. Signed-off-by: Paul Holzinger --- test/e2e/systemd_activate_test.go | 51 +++++++++++++++++++++++++++++++++------ 1 file changed, 43 insertions(+), 8 deletions(-) (limited to 'test/e2e') diff --git a/test/e2e/systemd_activate_test.go b/test/e2e/systemd_activate_test.go index aeea4f932..c50e43b8d 100644 --- a/test/e2e/systemd_activate_test.go +++ b/test/e2e/systemd_activate_test.go @@ -4,6 +4,7 @@ import ( "errors" "fmt" "io/fs" + "net" "os" "os/exec" "path/filepath" @@ -21,6 +22,7 @@ var _ = Describe("Systemd activate", func() { var tempDir string var err error var podmanTest *PodmanTestIntegration + var activate string BeforeEach(func() { tempDir, err = testUtils.CreateTempDirInTempDir() @@ -31,17 +33,10 @@ var _ = Describe("Systemd activate", func() { podmanTest = PodmanTestCreate(tempDir) podmanTest.Setup() - }) - AfterEach(func() { - podmanTest.Cleanup() - processTestResult(CurrentGinkgoTestDescription()) - }) - - It("stop podman.service", func() { SkipIfRemote("Testing stopped service requires both podman and podman-remote binaries") - activate, err := exec.LookPath("systemd-socket-activate") + activate, err = exec.LookPath("systemd-socket-activate") if err != nil { activate = "/usr/bin/systemd-socket-activate" } @@ -54,7 +49,14 @@ var _ = Describe("Systemd activate", func() { case err != nil: Skip(err.Error()) } + }) + AfterEach(func() { + podmanTest.Cleanup() + processTestResult(CurrentGinkgoTestDescription()) + }) + + It("stop podman.service", func() { // systemd-socket-activate does not support DNS lookups host := "127.0.0.1" port, err := podmanUtils.GetRandomPort() @@ -103,4 +105,37 @@ var _ = Describe("Systemd activate", func() { Expect(abiSession).To(Exit(0)) Expect(abiSession.OutputToString()).To(Equal("true")) }) + + It("invalid systemd file descriptor", func() { + host := "127.0.0.1" + port, err := podmanUtils.GetRandomPort() + Expect(err).ToNot(HaveOccurred()) + + addr := fmt.Sprintf("%s:%d", host, port) + + // start systemd activation with datagram socket + activateSession := testUtils.StartSystemExec(activate, []string{ + "--datagram", "--listen", addr, + podmanTest.PodmanBinary, + "--root=" + filepath.Join(tempDir, "server_root"), + "system", "service", + "--time=0", + }) + Expect(activateSession.Exited).ShouldNot(Receive(), "Failed to start podman service") + + // we have to wait for systemd-socket-activate to become ready + time.Sleep(1 * time.Second) + + // now dial the socket to start podman + conn, err := net.Dial("udp", addr) + Expect(err).ToNot(HaveOccurred()) + defer conn.Close() + _, err = conn.Write([]byte("test")) + Expect(err).ToNot(HaveOccurred()) + + // wait for podman to exit + activateSession.Wait(10) + Expect(activateSession).To(Exit(125)) + Expect(activateSession.ErrorToString()).To(ContainSubstring("Error: unexpected fd received from systemd: cannot listen on it")) + }) }) -- cgit v1.2.3-54-g00ecf