summaryrefslogtreecommitdiffhomepage
path: root/images/basic
diff options
context:
space:
mode:
Diffstat (limited to 'images/basic')
-rw-r--r--images/basic/alpine/Dockerfile1
-rw-r--r--images/basic/busybox/Dockerfile1
-rw-r--r--images/basic/fsstress/Dockerfile.x86_6417
-rwxr-xr-ximages/basic/fsstress/run.sh17
-rw-r--r--images/basic/httpd/Dockerfile1
-rw-r--r--images/basic/integrationtest/Dockerfile.x86_6413
-rw-r--r--images/basic/integrationtest/copy_up_testfile.txt1
-rw-r--r--images/basic/integrationtest/link_test.c93
-rw-r--r--images/basic/integrationtest/ping4.sh25
-rw-r--r--images/basic/integrationtest/ping6.sh32
-rw-r--r--images/basic/integrationtest/test_copy_up.c88
-rw-r--r--images/basic/integrationtest/test_rewinddir.c78
-rw-r--r--images/basic/integrationtest/test_sticky.c96
-rw-r--r--images/basic/mysql/Dockerfile1
-rw-r--r--images/basic/nginx/Dockerfile1
-rw-r--r--images/basic/python/Dockerfile2
-rw-r--r--images/basic/resolv/Dockerfile1
-rw-r--r--images/basic/ruby/Dockerfile1
-rw-r--r--images/basic/tmpfile/Dockerfile4
-rw-r--r--images/basic/tomcat/Dockerfile1
-rw-r--r--images/basic/tomcat/Dockerfile.aarch641
-rw-r--r--images/basic/ubuntu/Dockerfile1
22 files changed, 0 insertions, 476 deletions
diff --git a/images/basic/alpine/Dockerfile b/images/basic/alpine/Dockerfile
deleted file mode 100644
index 12b26040a..000000000
--- a/images/basic/alpine/Dockerfile
+++ /dev/null
@@ -1 +0,0 @@
-FROM alpine:3.11.5
diff --git a/images/basic/busybox/Dockerfile b/images/basic/busybox/Dockerfile
deleted file mode 100644
index 79b3f683a..000000000
--- a/images/basic/busybox/Dockerfile
+++ /dev/null
@@ -1 +0,0 @@
-FROM busybox:1.31.1
diff --git a/images/basic/fsstress/Dockerfile.x86_64 b/images/basic/fsstress/Dockerfile.x86_64
deleted file mode 100644
index 21b86065a..000000000
--- a/images/basic/fsstress/Dockerfile.x86_64
+++ /dev/null
@@ -1,17 +0,0 @@
-# Usage: docker run --rm fsstress -d /test -n 10000 -p 100 -X -v
-FROM alpine
-
-RUN apk update && apk add git
-RUN git clone https://github.com/linux-test-project/ltp.git --depth 1
-
-WORKDIR /ltp
-RUN ./travis/alpine.sh
-RUN make autotools && ./configure
-RUN make -C testcases/kernel/fs/fsstress
-RUN cp ./testcases/kernel/fs/fsstress/fsstress /usr/bin
-RUN rm -rf /fsstress /tmp
-
-WORKDIR /
-# This is required, otherwise running with -p > 1 prematurelly exits.
-COPY run.sh .
-ENTRYPOINT ["/run.sh"]
diff --git a/images/basic/fsstress/run.sh b/images/basic/fsstress/run.sh
deleted file mode 100755
index ebb7a37ad..000000000
--- a/images/basic/fsstress/run.sh
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/bin/sh
-
-# Copyright 2021 The gVisor Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-/usr/bin/fsstress "$@" \ No newline at end of file
diff --git a/images/basic/httpd/Dockerfile b/images/basic/httpd/Dockerfile
deleted file mode 100644
index 83bc0ed88..000000000
--- a/images/basic/httpd/Dockerfile
+++ /dev/null
@@ -1 +0,0 @@
-FROM httpd:2.4.43
diff --git a/images/basic/integrationtest/Dockerfile.x86_64 b/images/basic/integrationtest/Dockerfile.x86_64
deleted file mode 100644
index b9fed05cb..000000000
--- a/images/basic/integrationtest/Dockerfile.x86_64
+++ /dev/null
@@ -1,13 +0,0 @@
-FROM ubuntu:bionic
-
-WORKDIR /root
-COPY . .
-RUN chmod +x *.sh
-
-RUN apt-get update && apt-get install -y gcc iputils-ping iproute2
-
-# Compilation Steps.
-RUN gcc -O2 -o test_copy_up test_copy_up.c
-RUN gcc -O2 -o test_rewinddir test_rewinddir.c
-RUN gcc -O2 -o link_test link_test.c
-RUN gcc -O2 -o test_sticky test_sticky.c
diff --git a/images/basic/integrationtest/copy_up_testfile.txt b/images/basic/integrationtest/copy_up_testfile.txt
deleted file mode 100644
index e4188c841..000000000
--- a/images/basic/integrationtest/copy_up_testfile.txt
+++ /dev/null
@@ -1 +0,0 @@
-old data
diff --git a/images/basic/integrationtest/link_test.c b/images/basic/integrationtest/link_test.c
deleted file mode 100644
index 45ab00abe..000000000
--- a/images/basic/integrationtest/link_test.c
+++ /dev/null
@@ -1,93 +0,0 @@
-// Copyright 2020 The gVisor Authors.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#include <err.h>
-#include <fcntl.h>
-#include <string.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <unistd.h>
-
-// Basic test for linkat(2). Syscall tests requires CAP_DAC_READ_SEARCH and it
-// cannot use tricks like userns as root. For this reason, run a basic link test
-// to ensure some coverage.
-int main(int argc, char** argv) {
- const char kOldPath[] = "old.txt";
- int fd = open(kOldPath, O_RDWR | O_CREAT | O_TRUNC, 0600);
- if (fd < 0) {
- errx(1, "open(%s) failed", kOldPath);
- }
- const char kData[] = "some random content";
- if (write(fd, kData, sizeof(kData)) < 0) {
- err(1, "write failed");
- }
- close(fd);
-
- struct stat old_stat;
- if (stat(kOldPath, &old_stat)) {
- errx(1, "stat(%s) failed", kOldPath);
- }
-
- const char kNewPath[] = "new.txt";
- if (link(kOldPath, kNewPath)) {
- errx(1, "link(%s, %s) failed", kOldPath, kNewPath);
- }
-
- struct stat new_stat;
- if (stat(kNewPath, &new_stat)) {
- errx(1, "stat(%s) failed", kNewPath);
- }
-
- // Check that files are the same.
- if (old_stat.st_dev != new_stat.st_dev) {
- errx(1, "files st_dev is different, want: %lu, got: %lu", old_stat.st_dev,
- new_stat.st_dev);
- }
- if (old_stat.st_ino != new_stat.st_ino) {
- errx(1, "files st_ino is different, want: %lu, got: %lu", old_stat.st_ino,
- new_stat.st_ino);
- }
-
- // Check that link count is correct.
- if (new_stat.st_nlink != old_stat.st_nlink + 1) {
- errx(1, "wrong nlink, want: %lu, got: %lu", old_stat.st_nlink + 1,
- new_stat.st_nlink);
- }
-
- // Check taht contents are the same.
- fd = open(kNewPath, O_RDONLY);
- if (fd < 0) {
- errx(1, "open(%s) failed", kNewPath);
- }
- char buf[sizeof(kData)] = {};
- if (read(fd, buf, sizeof(buf)) < 0) {
- err(1, "read failed");
- }
- close(fd);
-
- if (strcmp(buf, kData) != 0) {
- errx(1, "file content mismatch: %s", buf);
- }
-
- // Cleanup.
- if (unlink(kNewPath)) {
- errx(1, "unlink(%s) failed", kNewPath);
- }
- if (unlink(kOldPath)) {
- errx(1, "unlink(%s) failed", kOldPath);
- }
-
- // Success!
- return 0;
-}
diff --git a/images/basic/integrationtest/ping4.sh b/images/basic/integrationtest/ping4.sh
deleted file mode 100644
index 2a343712a..000000000
--- a/images/basic/integrationtest/ping4.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/bash
-
-# Copyright 2020 The gVisor Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -euo pipefail
-
-# The docker API doesn't provide for starting a container, running a command,
-# and getting the exit status of the command in one go. The most straightforward
-# way to do this is to verify the output of the command, so we output nothing on
-# success and an error message on failure.
-if ! out=$(ping -c 10 127.0.0.1); then
- echo "$out"
-fi
diff --git a/images/basic/integrationtest/ping6.sh b/images/basic/integrationtest/ping6.sh
deleted file mode 100644
index 4268951d0..000000000
--- a/images/basic/integrationtest/ping6.sh
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/bash
-
-# Copyright 2020 The gVisor Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -euo pipefail
-
-# Enable ipv6 on loopback if it's not already enabled. Runsc doesn't enable ipv6
-# loopback unless an ipv6 address was assigned to the container, which docker
-# does not do by default.
-if ! [[ $(ip -6 addr show dev lo) ]]; then
- ip addr add ::1 dev lo
-fi
-
-# The docker API doesn't provide for starting a container, running a command,
-# and getting the exit status of the command in one go. The most straightforward
-# way to do this is to verify the output of the command, so we output nothing on
-# success and an error message on failure.
-if ! out=$(/bin/ping6 -c 10 ::1); then
- echo "$out"
-fi
diff --git a/images/basic/integrationtest/test_copy_up.c b/images/basic/integrationtest/test_copy_up.c
deleted file mode 100644
index 010b261dc..000000000
--- a/images/basic/integrationtest/test_copy_up.c
+++ /dev/null
@@ -1,88 +0,0 @@
-#include <err.h>
-#include <fcntl.h>
-#include <stdio.h>
-#include <string.h>
-#include <sys/mman.h>
-#include <unistd.h>
-
-int main(int argc, char** argv) {
- const char kTestFilePath[] = "copy_up_testfile.txt";
- const char kOldFileData[] = "old data\n";
- const char kNewFileData[] = "new data\n";
- const size_t kPageSize = sysconf(_SC_PAGE_SIZE);
-
- // Open a file that already exists in a host overlayfs lower layer.
- const int fd_rdonly = open(kTestFilePath, O_RDONLY);
- if (fd_rdonly < 0) {
- err(1, "open(%s, O_RDONLY)", kTestFilePath);
- }
-
- // Check that the file's initial contents are what we expect when read via
- // syscall.
- char oldbuf[sizeof(kOldFileData)] = {};
- ssize_t n = pread(fd_rdonly, oldbuf, sizeof(oldbuf), 0);
- if (n < 0) {
- err(1, "initial pread");
- }
- if (n != strlen(kOldFileData)) {
- errx(1, "short initial pread (%ld/%lu bytes)", n, strlen(kOldFileData));
- }
- if (strcmp(oldbuf, kOldFileData) != 0) {
- errx(1, "initial pread returned wrong data: %s", oldbuf);
- }
-
- // Check that the file's initial contents are what we expect when read via
- // memory mapping.
- void* page = mmap(NULL, kPageSize, PROT_READ, MAP_SHARED, fd_rdonly, 0);
- if (page == MAP_FAILED) {
- err(1, "mmap");
- }
- if (strcmp(page, kOldFileData) != 0) {
- errx(1, "mapping contains wrong initial data: %s", (const char*)page);
- }
-
- // Open the same file writably, causing host overlayfs to copy it up, and
- // replace its contents.
- const int fd_rdwr = open(kTestFilePath, O_RDWR);
- if (fd_rdwr < 0) {
- err(1, "open(%s, O_RDWR)", kTestFilePath);
- }
- n = write(fd_rdwr, kNewFileData, strlen(kNewFileData));
- if (n < 0) {
- err(1, "write");
- }
- if (n != strlen(kNewFileData)) {
- errx(1, "short write (%ld/%lu bytes)", n, strlen(kNewFileData));
- }
- if (ftruncate(fd_rdwr, strlen(kNewFileData)) < 0) {
- err(1, "truncate");
- }
-
- int failed = 0;
-
- // Check that syscalls on the old FD return updated contents. (Before Linux
- // 4.18, this requires that runsc use a post-copy-up FD to service the read.)
- char newbuf[sizeof(kNewFileData)] = {};
- n = pread(fd_rdonly, newbuf, sizeof(newbuf), 0);
- if (n < 0) {
- err(1, "final pread");
- }
- if (n != strlen(kNewFileData)) {
- warnx("short final pread (%ld/%lu bytes)", n, strlen(kNewFileData));
- failed = 1;
- } else if (strcmp(newbuf, kNewFileData) != 0) {
- warnx("final pread returned wrong data: %s", newbuf);
- failed = 1;
- }
-
- // Check that the memory mapping of the old FD has been updated. (Linux
- // overlayfs does not do this, so regardless of kernel version this requires
- // that runsc replace existing memory mappings with mappings of a
- // post-copy-up FD.)
- if (strcmp(page, kNewFileData) != 0) {
- warnx("mapping contains wrong final data: %s", (const char*)page);
- failed = 1;
- }
-
- return failed;
-}
diff --git a/images/basic/integrationtest/test_rewinddir.c b/images/basic/integrationtest/test_rewinddir.c
deleted file mode 100644
index f1a4085e1..000000000
--- a/images/basic/integrationtest/test_rewinddir.c
+++ /dev/null
@@ -1,78 +0,0 @@
-#include <dirent.h>
-#include <err.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-
-int main(int argc, char** argv) {
- const char kDirPath[] = "rewinddir_test_dir";
- const char kFileBasename[] = "rewinddir_test_file";
-
- // Create the test directory.
- if (mkdir(kDirPath, 0755) < 0) {
- err(1, "mkdir(%s)", kDirPath);
- }
-
- // The test directory should initially be empty.
- DIR* dir = opendir(kDirPath);
- if (!dir) {
- err(1, "opendir(%s)", kDirPath);
- }
- int failed = 0;
- while (1) {
- errno = 0;
- struct dirent* d = readdir(dir);
- if (!d) {
- if (errno != 0) {
- err(1, "readdir");
- }
- break;
- }
- if (strcmp(d->d_name, ".") != 0 && strcmp(d->d_name, "..") != 0) {
- warnx("unexpected file %s in new directory", d->d_name);
- failed = 1;
- }
- }
-
- // Create a file in the test directory.
- char* file_path = malloc(strlen(kDirPath) + 1 + strlen(kFileBasename));
- if (!file_path) {
- errx(1, "malloc");
- }
- strcpy(file_path, kDirPath);
- file_path[strlen(kDirPath)] = '/';
- strcpy(file_path + strlen(kDirPath) + 1, kFileBasename);
- if (mknod(file_path, 0644, 0) < 0) {
- err(1, "mknod(%s)", file_path);
- }
-
- // After rewinddir(), re-reading the directory stream should yield the new
- // file.
- rewinddir(dir);
- size_t found_file = 0;
- while (1) {
- errno = 0;
- struct dirent* d = readdir(dir);
- if (!d) {
- if (errno != 0) {
- err(1, "readdir");
- }
- break;
- }
- if (strcmp(d->d_name, kFileBasename) == 0) {
- found_file++;
- } else if (strcmp(d->d_name, ".") != 0 && strcmp(d->d_name, "..") != 0) {
- warnx("unexpected file %s in new directory", d->d_name);
- failed = 1;
- }
- }
- if (found_file != 1) {
- warnx("readdir returned file %s %zu times, wanted 1", kFileBasename,
- found_file);
- failed = 1;
- }
-
- return failed;
-}
diff --git a/images/basic/integrationtest/test_sticky.c b/images/basic/integrationtest/test_sticky.c
deleted file mode 100644
index 58dcf91d3..000000000
--- a/images/basic/integrationtest/test_sticky.c
+++ /dev/null
@@ -1,96 +0,0 @@
-#include <err.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdlib.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <unistd.h>
-
-void createFile(const char* path) {
- int fd = open(path, O_WRONLY | O_CREAT, 0777);
- if (fd < 0) {
- err(1, "open(%s)", path);
- exit(1);
- } else {
- close(fd);
- }
-}
-
-void waitAndCheckStatus(pid_t child) {
- int status;
- if (waitpid(child, &status, 0) == -1) {
- err(1, "waitpid() failed");
- exit(1);
- }
-
- if (WIFEXITED(status)) {
- int es = WEXITSTATUS(status);
- if (es) {
- err(1, "child exit status %d", es);
- exit(1);
- }
- } else {
- err(1, "child did not exit normally");
- exit(1);
- }
-}
-
-void deleteFile(uid_t user, const char* path) {
- pid_t child = fork();
- if (child == 0) {
- if (setuid(user)) {
- err(1, "setuid(%d)", user);
- exit(1);
- }
-
- if (unlink(path)) {
- err(1, "unlink(%s)", path);
- exit(1);
- }
- exit(0);
- }
- waitAndCheckStatus(child);
-}
-
-int main(int argc, char** argv) {
- const char kUser1Dir[] = "/user1dir";
- const char kUser2File[] = "/user1dir/user2file";
- const char kUser2File2[] = "/user1dir/user2file2";
-
- const uid_t user1 = 6666;
- const uid_t user2 = 6667;
-
- if (mkdir(kUser1Dir, 0755) != 0) {
- err(1, "mkdir(%s)", kUser1Dir);
- exit(1);
- }
- // Enable sticky bit for user1dir.
- if (chmod(kUser1Dir, 01777) != 0) {
- err(1, "chmod(%s)", kUser1Dir);
- exit(1);
- }
- createFile(kUser2File);
- createFile(kUser2File2);
-
- if (chown(kUser1Dir, user1, getegid())) {
- err(1, "chown(%s)", kUser1Dir);
- exit(1);
- }
- if (chown(kUser2File, user2, getegid())) {
- err(1, "chown(%s)", kUser2File);
- exit(1);
- }
- if (chown(kUser2File2, user2, getegid())) {
- err(1, "chown(%s)", kUser2File2);
- exit(1);
- }
-
- // User1 should be able to delete any file inside user1dir, even files of
- // other users due to the sticky bit.
- deleteFile(user1, kUser2File);
-
- // User2 should naturally be able to delete its own file even if the file is
- // inside a sticky dir owned by someone else.
- deleteFile(user2, kUser2File2);
-}
diff --git a/images/basic/mysql/Dockerfile b/images/basic/mysql/Dockerfile
deleted file mode 100644
index d87bfe55b..000000000
--- a/images/basic/mysql/Dockerfile
+++ /dev/null
@@ -1 +0,0 @@
-FROM mysql/mysql-server:8.0.19
diff --git a/images/basic/nginx/Dockerfile b/images/basic/nginx/Dockerfile
deleted file mode 100644
index af2e62526..000000000
--- a/images/basic/nginx/Dockerfile
+++ /dev/null
@@ -1 +0,0 @@
-FROM nginx:1.17.9
diff --git a/images/basic/python/Dockerfile b/images/basic/python/Dockerfile
deleted file mode 100644
index acf07cca9..000000000
--- a/images/basic/python/Dockerfile
+++ /dev/null
@@ -1,2 +0,0 @@
-FROM python:3
-ENTRYPOINT ["python", "-m", "http.server", "8080"]
diff --git a/images/basic/resolv/Dockerfile b/images/basic/resolv/Dockerfile
deleted file mode 100644
index 13665bdaf..000000000
--- a/images/basic/resolv/Dockerfile
+++ /dev/null
@@ -1 +0,0 @@
-FROM k8s.gcr.io/busybox:latest
diff --git a/images/basic/ruby/Dockerfile b/images/basic/ruby/Dockerfile
deleted file mode 100644
index d290418fb..000000000
--- a/images/basic/ruby/Dockerfile
+++ /dev/null
@@ -1 +0,0 @@
-FROM ruby:2.7.1
diff --git a/images/basic/tmpfile/Dockerfile b/images/basic/tmpfile/Dockerfile
deleted file mode 100644
index e3816c8cb..000000000
--- a/images/basic/tmpfile/Dockerfile
+++ /dev/null
@@ -1,4 +0,0 @@
-# Create file under /tmp to ensure files inside '/tmp' are not overridden.
-FROM alpine:3.11.5
-RUN mkdir -p /tmp/foo \
- && echo 123 > /tmp/foo/file.txt
diff --git a/images/basic/tomcat/Dockerfile b/images/basic/tomcat/Dockerfile
deleted file mode 100644
index c7db39a36..000000000
--- a/images/basic/tomcat/Dockerfile
+++ /dev/null
@@ -1 +0,0 @@
-FROM tomcat:8.0
diff --git a/images/basic/tomcat/Dockerfile.aarch64 b/images/basic/tomcat/Dockerfile.aarch64
deleted file mode 100644
index ed4096de9..000000000
--- a/images/basic/tomcat/Dockerfile.aarch64
+++ /dev/null
@@ -1 +0,0 @@
-FROM arm64v8/tomcat:8.0
diff --git a/images/basic/ubuntu/Dockerfile b/images/basic/ubuntu/Dockerfile
deleted file mode 100644
index 331b71343..000000000
--- a/images/basic/ubuntu/Dockerfile
+++ /dev/null
@@ -1 +0,0 @@
-FROM ubuntu:trusty