Add comprehensive tests for crun-specific OCI annotations that were
previously untested:
- run.oci.hooks.stdout/stderr: Test hook output redirection to files
- run.oci.seccomp_fail_unknown_syscall: Test failure on unknown syscalls
- run.oci.systemd.subgroup: Test custom systemd subgroup naming
- run.oci.delegate-cgroup: Test cgroup delegation (cgroup v2 only)
- run.oci.systemd.force_cgroup_v1: Test forcing cgroup v1 on v2 systems
- run.oci.mount_context_type: Test SELinux mount context types
- run.oci.pidfd_receiver: Test pidfd transmission to UNIX socket
All tests include proper skip detection for:
- Nested namespace environments
- Missing root privileges
- Unavailable features (SELinux, systemd, cgroup v2, etc.)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Add unit tests for cgroup-related functions:
- test_read_proc_cgroup_v2: Test parsing cgroup v2 content
- test_read_proc_cgroup_v1: Test parsing cgroup v1 content with multiple controllers
- test_read_proc_cgroup_empty: Test with empty content
- test_read_proc_cgroup_named: Test named cgroup controller (name=systemd)
- test_convert_shares_to_weight: Test CPU shares to weight conversion
- test_convert_shares_boundary: Test boundary conditions for conversion
- test_read_proc_cgroup_null_params: Test with NULL output parameters
- test_read_proc_cgroup_selective: Test with selective parameter retrieval
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Add unit tests for seccomp_notify.c to improve code coverage:
- test_cleanup_null: Test cleanup handler with NULL
- test_free_null_context: Test freeing NULL context
- test_load_invalid_path: Test loading plugin with invalid relative path
- test_load_nonexistent_plugin: Test loading non-existent plugin
- test_notify_no_seccomp: Test notify function without seccomp support
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Add unit tests for str2sig() function that uses the gperf-generated
perfect hash table from signals.perf. Tests cover:
- All 62 standard and real-time signals
- Signal names with and without SIG prefix
- Numeric signal strings
- Real-time signals (RTMIN+N, RTMAX-N)
- Invalid inputs and error handling
- Case sensitivity
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Add unit tests for src/libcrun/linux.c functions including:
- libcrun_find_namespace()
- path_is_slash_dev()
- libcrun_reopen_dev_null()
Many functions in linux.c are static and cannot be tested directly
from unit tests. Integration tests in test_namespaces.py and
test_error_handling.py provide additional coverage.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Add both unit tests and Python integration tests to improve coverage
for src/libcrun/custom-handler.c which is currently at 28.2% coverage.
Unit tests (tests_libcrun_custom_handler.c):
- Test handler manager creation and cleanup
- Test handler lookup by name
- Test feature tag printing
- Test handler configuration with various scenarios
- Test error paths and edge cases
Python tests (test_custom_handler.py):
- Test sandbox annotation handling
- Test non-existent handler requests
- Test --handler command line option
- Test annotation and context handler conflicts
- Test feature tag output in --version
- Test empty and invalid handler annotations
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Add tests for src/libcrun/terminal.c:
C unit tests (tests_libcrun_terminal.c) using isolated pty:
- test_cleanup_terminalp_null: NULL cleanup should not crash
- test_terminal_setup_size_invalid_fd: Invalid fd error handling
- test_terminal_setup_size_pty: Set size on isolated pty
- test_set_raw_invalid_fd: Invalid fd error handling
- test_set_raw_pty: Set raw mode on isolated pty
- test_set_raw_no_status: Set raw without saving status
- test_new_terminal: Verify pty creation
Add test_terminal.py to test terminal allocation code in
src/libcrun/terminal.c.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Add run_coverage_multi_env.sh that runs the test suite in multiple
environments to maximize code coverage:
1. Root with cgroupfs cgroup manager
2. Root with systemd cgroup manager (if available)
3. User namespace via unshare --user --map-root-user
4. Non-root user via unshare --user --map-user=1000
Coverage data accumulates across all runs since lcov merges .gcda
files automatically. This helps exercise code paths that are only
reachable under specific conditions (rootless, systemd, etc.).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
tests/init needs glibc-static (or equivalent) available to run
the test suite.
update configure.ac to check for libtool ability to link statically
update Makefile.am to build tests only if static linking is available
update rpm/crun.spec to BuildRequires glibc-static
update tests/*/Dockerfile to include glibc-static
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
This is a basic test for the functionality added by a few previous
commits. It does not test that device bpf program work as it should,
merely that it is installed.
Co-authored-by: Claude Sonnet 4
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Too many to mention, but most are:
> SC2086 (info): Double quote to prevent globbing and word splitting
Use bash arrays where it make sense, and move the repeated stuff into
the BUILD_CMD.
PS I tried to make it more readable, but in some places with all the
added quotes it might actually become worse, so feel free to drop this
commit.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
add a new CLI command "crun mounts add|remove $CTR $FILE" to alter the
mounts of a running container.
The "crun mounts add" command adds the mounts specified in the $FILE
file to the mount namespace of the container process.
Differently, "crun mounts remove" can be used to remove a set of
mounts from the container mount namespace.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
static library is supposed to be archive of object files. if libtool is
not used libcrun_testing.a includes raw libocispec.la file instead of
its object files.
Signed-off-by: Jan Palus <jpalus@fastmail.com>
