Google Git
Sign in
vanadium / release.go.x.ref / 1ce0bd71d9444d7ae6c49d5ad1843566bceb3c7c^! / . / services / mgmt / node / impl / impl_test.go
commit1ce0bd71d9444d7ae6c49d5ad1843566bceb3c7c[log] [tgz]
authorRobert Kroeger <rjkroege@google.com>Wed Oct 22 13:57:14 2014 -0700
committerRobert Kroeger <rjkroege@google.com>Thu Oct 23 09:24:31 2014 -0700
treea4db5bd0502a020bdc79eec3d0e4940e071c5a21
parentf07f4a01a1a273b7e964c1a5cae3ea5367f97ec7 [diff] [blame]
veyron/services/mgmt/node/impl: Resume detecta changed associations.

The node manager uses the setuid helper to run application instances with
an associated system name. Resuming an application under a different system
name may result in application failure when a resumed application discovers
that it can no longer access its previously created filesystem state. This
change detects this case and refuses to Resume applications under this
circumstance.

Change-Id: Ic0f317455460456c8f3faf57386fcfb932a36513

diff --git a/services/mgmt/node/impl/impl_test.go b/services/mgmt/node/impl/impl_test.go
index 9fcee59..baaf81a 100644
--- a/services/mgmt/node/impl/impl_test.go
+++ b/services/mgmt/node/impl/impl_test.go

@@ -1285,7 +1285,11 @@
 		t.Fatalf("AssociateAccount failed %v", err)
 	}
 	// Add Start to the ACL list for root/other.
-	newACL := security.ACL{In: map[security.BlessingPattern]security.LabelSet{"root/other/...": security.AllLabels}}
+	newACL, _, err := nodeStub.GetACL(selfRT.NewContext())
+	if err != nil {
+		t.Fatalf("GetACL failed %v", err)
+	}
+	newACL.In["root/other/..."] = security.AllLabels
 	if err = nodeStub.SetACL(selfRT.NewContext(), newACL, ""); err != nil {
 		t.Fatalf("SetACL failed %v", err)
 	}
@@ -1293,5 +1297,28 @@
 	vlog.VI(2).Infof("other attempting to run an app with access. Should succeed.")
 	instance2ID := startApp(t, appID, otherRT)
 	verifyHelperArgs(t, <-pingCh, testUserName) // Wait until the app pings us that it's ready.
+	suspendApp(t, appID, instance2ID, otherRT)
+
+	vlog.VI(2).Infof("Verify that Resume with the same systemName works.")
+	resumeApp(t, appID, instance2ID, otherRT)
+	verifyHelperArgs(t, <-pingCh, testUserName) // Wait until the app pings us that it's ready.
+	suspendApp(t, appID, instance2ID, otherRT)
+
+	// Change the associated system name.
+	if err = nodeStub.AssociateAccount(selfRT.NewContext(), []string{"root/other"}, anotherTestUserName); err != nil {
+		t.Fatalf("AssociateAccount failed %v", err)
+	}
+
+	vlog.VI(2).Infof("Show that Resume with a different systemName fails.")
+	resumeAppExpectError(t, appID, instance2ID, verror.NoAccess, otherRT)
+
+	// Clean up.
 	stopApp(t, appID, instance2ID, otherRT)
+
+	vlog.VI(2).Infof("Show that Start with different systemName works.")
+	instance3ID := startApp(t, appID, otherRT)
+	verifyHelperArgs(t, <-pingCh, anotherTestUserName) // Wait until the app pings us that it's ready.
+
+	// Clean up.
+	stopApp(t, appID, instance3ID, otherRT)
 }