def test_minijail(self): """Test minijail process command.""" with minijail.MinijailChroot() as chroot: runner = minijail.MinijailProcessRunner(chroot, '/bin/ls') self.assertListEqual(runner.get_command(), [ '/sbin/minijail', '-U', '-m', '0 1000 1', '-T', 'static', '-c', '0', '-n', '-v', '-p', '-l', '-I', '-k', 'proc,/proc,proc,1', '-P', chroot.directory, '-b', '%s,/tmp,1' % chroot.tmp_directory, '-b', '/lib,/lib,0', '-b', '/lib64,/lib64,0', '-b', '/usr/lib,/usr/lib,0', '/bin/ls' ])
def test_minijail_pid(self, mock_tempfile, _): """Test minijail process command writing to pid file.""" mock_tempfile.return_value.name = '/temp_pid' with minijail.MinijailChroot() as chroot: runner = minijail.MinijailProcessRunner(chroot, 'bin/ls') process = runner.run() self.assertListEqual(process.command, [ '/sbin/minijail', '-f', '/temp_pid', '-U', '-m', '0 1000 1', '-T', 'static', '-c', '0', '-n', '-v', '-p', '-l', '-I', '-k', 'proc,/proc,proc,1', '-P', chroot.directory, '-b', '%s,/tmp,1' % chroot.tmp_directory, '-b', '/lib,/lib,0', '-b', '/lib64,/lib64,0', '-b', '/usr/lib,/usr/lib,0', 'bin/ls' ])
def test_minijail_bindings(self): """Test minijail process command with additional bind dirs.""" with minijail.MinijailChroot(bindings=[ minijail.ChrootBinding('/foo/bar', '/bar', True), minijail.ChrootBinding('/foo/barr', '/barr', False), ]) as chroot: runner = minijail.MinijailProcessRunner(chroot, '/bin/ls') self.assertListEqual(runner.get_command(), [ '/sbin/minijail', '-U', '-m', '0 1000 1', '-T', 'static', '-c', '0', '-n', '-v', '-p', '-l', '-I', '-k', 'proc,/proc,proc,1', '-P', chroot.directory, '-b', '%s,/tmp,1' % chroot.tmp_directory, '-b', '/lib,/lib,0', '-b', '/lib64,/lib64,0', '-b', '/usr/lib,/usr/lib,0', '-b', '/foo/bar,/bar,1', '-b', '/foo/barr,/barr,0', '/bin/ls' ])
def test_minijail_env_vars(self, mock_popen): """Test passing of env vars.""" os.environ['ASAN_OPTIONS'] = 'asan_option=1' os.environ['AFL_OPTION'] = 'afl_option=1' os.environ['MSAN_OPTIONS'] = 'msan_option=1' os.environ['UBSAN_OPTIONS'] = 'ubsan_option=1' os.environ['SECRET'] = 'secret' os.environ['OTHER'] = 'other' with minijail.MinijailChroot() as chroot: runner = minijail.MinijailProcessRunner(chroot, 'binary') runner.run(env={'MSAN_OPTIONS': 'override=1', 'NAME': 'VALUE'}) self.assertDictEqual({ 'MSAN_OPTIONS': 'override=1', 'PATH': '/bin:/usr/bin', }, mock_popen.call_args[1]['env'])