git: b0fcf4d5222b - main - pf tests: ensure temporary files end up in the atf working directory

From: Kristof Provost <kp_at_FreeBSD.org>
Date: Tue, 23 Jul 2024 15:00:09 UTC
The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=b0fcf4d5222bfdbbc0e2af2b14f0d73704706aa0

commit b0fcf4d5222bfdbbc0e2af2b14f0d73704706aa0
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-07-19 13:13:33 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2024-07-23 14:59:31 +0000

    pf tests: ensure temporary files end up in the atf working directory
    
    Many of the tests create temporary files. pid files, log files, tcpdump
    captures, ... We should take care to ensure they're stored in the temporary
    working directory Kyua creates rather than in the root directory.
    
    This ensures there are no conflicts between simultaneously running tests, and
    also keeps the root directory clean.
    
    MFC after:      1 month
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 tests/sys/netpfil/common/dummynet.sh |  4 ++--
 tests/sys/netpfil/pf/altq.sh         |  2 +-
 tests/sys/netpfil/pf/ether.sh        |  4 ++--
 tests/sys/netpfil/pf/killstate.sh    |  2 +-
 tests/sys/netpfil/pf/map_e.sh        |  3 +--
 tests/sys/netpfil/pf/nat.sh          |  3 +--
 tests/sys/netpfil/pf/proxy.sh        |  2 +-
 tests/sys/netpfil/pf/rdr.sh          |  4 ++--
 tests/sys/netpfil/pf/ridentifier.sh  | 16 +++++++---------
 tests/sys/netpfil/pf/route_to.sh     |  3 +--
 tests/sys/netpfil/pf/syncookie.sh    | 15 ++++++---------
 tests/sys/netpfil/pf/synproxy.sh     |  9 +++------
 12 files changed, 28 insertions(+), 39 deletions(-)

diff --git a/tests/sys/netpfil/common/dummynet.sh b/tests/sys/netpfil/common/dummynet.sh
index 0df0db4546c8..126240f00384 100644
--- a/tests/sys/netpfil/common/dummynet.sh
+++ b/tests/sys/netpfil/common/dummynet.sh
@@ -277,7 +277,7 @@ queue_body()
 
 	ifconfig ${epair}a 192.0.2.1/24 up
 	jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up
-	jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \
+	jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \
 	    $(atf_get_srcdir)/../pf/echo_inetd.conf
 
 	# Sanity check
@@ -385,7 +385,7 @@ queue_v6_body()
 
 	ifconfig ${epair}a inet6 2001:db8:42::1/64 no_dad up
 	jexec alcatraz ifconfig ${epair}b inet6 2001:db8:42::2 no_dad up
-	jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \
+	jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \
 	    $(atf_get_srcdir)/../pf/echo_inetd.conf
 	jexec alcatraz sysctl net.inet6.icmp6.errppslimit=0
 
diff --git a/tests/sys/netpfil/pf/altq.sh b/tests/sys/netpfil/pf/altq.sh
index a902c7caaf4f..416a55777849 100644
--- a/tests/sys/netpfil/pf/altq.sh
+++ b/tests/sys/netpfil/pf/altq.sh
@@ -212,7 +212,7 @@ prioritise_body()
 	ifconfig ${epair}a 192.0.2.1/24 up
 	jexec altq_prioritise ifconfig ${epair}b 192.0.2.2/24 up
 
-	jexec altq_prioritise /usr/sbin/inetd -p inetd-altq.pid \
+	jexec altq_prioritise /usr/sbin/inetd -p ${PWD}/inetd-altq.pid \
 	    $(atf_get_srcdir)/../pf/echo_inetd.conf
 
 	# Sanity check
diff --git a/tests/sys/netpfil/pf/ether.sh b/tests/sys/netpfil/pf/ether.sh
index e1855949476b..0369e0e57ee6 100644
--- a/tests/sys/netpfil/pf/ether.sh
+++ b/tests/sys/netpfil/pf/ether.sh
@@ -362,8 +362,8 @@ captive_long_body()
 	# ICMP should still work, because we don't redirect it.
 	atf_check -s exit:0 -o ignore ping -c 1 -t 1 198.51.100.2
 
-	jexec gw /usr/sbin/inetd -p gw.pid $(atf_get_srcdir)/echo_inetd.conf
-	jexec srv /usr/sbin/inetd -p srv.pid $(atf_get_srcdir)/daytime_inetd.conf
+	jexec gw /usr/sbin/inetd -p ${PWD}/gw.pid $(atf_get_srcdir)/echo_inetd.conf
+	jexec srv /usr/sbin/inetd -p ${PWD}/srv.pid $(atf_get_srcdir)/daytime_inetd.conf
 
 	echo foo | nc -N 198.51.100.2 13
 
diff --git a/tests/sys/netpfil/pf/killstate.sh b/tests/sys/netpfil/pf/killstate.sh
index 046d640ed355..36743b1d8016 100644
--- a/tests/sys/netpfil/pf/killstate.sh
+++ b/tests/sys/netpfil/pf/killstate.sh
@@ -410,7 +410,7 @@ match_body()
 	vnet_mkjail singsing ${epair_two}b
 	jexec singsing ifconfig ${epair_two}b 198.51.100.2/24 up
 	jexec singsing route add default 198.51.100.1
-	jexec singsing /usr/sbin/inetd -p inetd-echo.pid \
+	jexec singsing /usr/sbin/inetd -p ${PWD}/inetd-echo.pid \
 	    $(atf_get_srcdir)/echo_inetd.conf
 
 	route add 198.51.100.0/24 192.0.2.2
diff --git a/tests/sys/netpfil/pf/map_e.sh b/tests/sys/netpfil/pf/map_e.sh
index 742264dcf547..59f9e7f7e14c 100644
--- a/tests/sys/netpfil/pf/map_e.sh
+++ b/tests/sys/netpfil/pf/map_e.sh
@@ -53,7 +53,7 @@ map_e_body()
 	jexec map_e sysctl net.inet.ip.forwarding=1
 
 	jexec echo ifconfig ${epair_echo}b 198.51.100.2/24 up
-	jexec echo /usr/sbin/inetd -p inetd-echo.pid $(atf_get_srcdir)/echo_inetd.conf
+	jexec echo /usr/sbin/inetd -p ${PWD}/inetd-echo.pid $(atf_get_srcdir)/echo_inetd.conf
 
 	# Enable pf!
 	jexec map_e pfctl -e
@@ -81,7 +81,6 @@ map_e_body()
 
 map_e_cleanup()
 {
-	rm -f inetd-echo.pid
 	pft_cleanup
 }
 
diff --git a/tests/sys/netpfil/pf/nat.sh b/tests/sys/netpfil/pf/nat.sh
index 7cc0d8f35c96..513abfa5e040 100644
--- a/tests/sys/netpfil/pf/nat.sh
+++ b/tests/sys/netpfil/pf/nat.sh
@@ -51,7 +51,7 @@ exhaust_body()
 	jexec nat sysctl net.inet.ip.forwarding=1
 
 	jexec echo ifconfig ${epair_echo}b 198.51.100.2/24 up
-	jexec echo /usr/sbin/inetd -p inetd-echo.pid $(atf_get_srcdir)/echo_inetd.conf
+	jexec echo /usr/sbin/inetd -p ${PWD}/inetd-echo.pid $(atf_get_srcdir)/echo_inetd.conf
 
 	# Enable pf!
 	jexec nat pfctl -e
@@ -79,7 +79,6 @@ exhaust_body()
 
 exhaust_cleanup()
 {
-	rm -f inetd-echo.pid
 	pft_cleanup
 }
 
diff --git a/tests/sys/netpfil/pf/proxy.sh b/tests/sys/netpfil/pf/proxy.sh
index 4a7ea00a0cd4..b112001ef2b4 100644
--- a/tests/sys/netpfil/pf/proxy.sh
+++ b/tests/sys/netpfil/pf/proxy.sh
@@ -57,7 +57,7 @@ ftp_body()
 	jexec srv route add default 198.51.100.1
 
 	# Start FTP server in srv
-	jexec srv twistd ftp -r `pwd` -p 21
+	jexec srv twistd --logfile=/dev/null ftp -r `pwd` -p 21
 
 	# Sanity check
 	atf_check -s exit:0 -o ignore ping -c 1 198.51.100.2
diff --git a/tests/sys/netpfil/pf/rdr.sh b/tests/sys/netpfil/pf/rdr.sh
index 5e60b97c653b..b7ec80b4d85e 100644
--- a/tests/sys/netpfil/pf/rdr.sh
+++ b/tests/sys/netpfil/pf/rdr.sh
@@ -92,7 +92,7 @@ tcp_v6_body()
 	    jexec ${j}a ping -6 -c 1 2001:db8:b::2
 
 	# capture packets on c so we can look for incorrect checksums
-	jexec ${j}c tcpdump --immediate-mode -w ${j}.pcap tcp and port 8000 &
+	jexec ${j}c tcpdump --immediate-mode -w ${PWD}/${j}.pcap tcp and port 8000 &
 	tcpdumppid=$!
 
 	# start a web server and give it a second to start
@@ -112,7 +112,7 @@ tcp_v6_body()
 
 	# Check for 'incorrect' in packet capture, this should tell us if
 	# checksums are bad with rdr rules
-	count=$(jexec ${j}c tcpdump -vvvv -r ${j}.pcap | grep incorrect | wc -l)
+	count=$(jexec ${j}c tcpdump -vvvv -r ${PWD}/${j}.pcap | grep incorrect | wc -l)
 	atf_check_equal "       0" "$count"
 }
 
diff --git a/tests/sys/netpfil/pf/ridentifier.sh b/tests/sys/netpfil/pf/ridentifier.sh
index c456d2111e20..8d83bcfb8213 100644
--- a/tests/sys/netpfil/pf/ridentifier.sh
+++ b/tests/sys/netpfil/pf/ridentifier.sh
@@ -45,7 +45,7 @@ basic_body()
 	vnet_mkjail alcatraz ${epair}b
 	jexec alcatraz ifconfig lo0 up
 	jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up
-	jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid $(atf_get_srcdir)/echo_inetd.conf
+	jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid $(atf_get_srcdir)/echo_inetd.conf
 
 	# Sanity check
 	atf_check -s exit:0 -o ignore ping -c 1 192.0.2.2
@@ -56,7 +56,7 @@ basic_body()
 		"pass in log" \
 		"pass in log proto tcp ridentifier 1234"
 
-	jexec alcatraz tcpdump --immediate-mode -n -e -i pflog0 > tcpdump.log &
+	jexec alcatraz tcpdump --immediate-mode -n -e -i pflog0 > ${PWD}/tcpdump.log &
 	sleep 1
 
 	echo "test" | nc -N 192.0.2.2 7
@@ -67,17 +67,17 @@ basic_body()
 
 	# Make sure we spotted the ridentifier
 	atf_check -s exit:0 -o ignore \
-	    grep 'rule 1/0.*ridentifier 1234' tcpdump.log
+	    grep 'rule 1/0.*ridentifier 1234' ${PWD}/tcpdump.log
 	# But not on the !TCP traffic
 	atf_check -s exit:1 -o ignore \
-	    grep 'rule 0/0.*ridentifier' tcpdump.log
+	    grep 'rule 0/0.*ridentifier' ${PWD}/tcpdump.log
 
 	# Now try with antispoof rules
 	pft_set_rules alcatraz \
 		"pass in log" \
 		"antispoof log for ${epair}b ridentifier 4321"
 
-	jexec alcatraz tcpdump --immediate-mode -n -e -i pflog0 > tcpdump.log &
+	jexec alcatraz tcpdump --immediate-mode -n -e -i pflog0 > ${PWD}/tcpdump.log &
 	sleep 1
 
 	# Without explicit rules for lo0 we're going to drop packets to ourself
@@ -87,18 +87,16 @@ basic_body()
 	sleep 1
 	jexec alcatraz killall tcpdump
 
-	cat tcpdump.log
+	cat ${PWD}/tcpdump.log
 
 	# Make sure we spotted the ridentifier
 	atf_check -s exit:0 -o ignore \
-	    grep 'rule 2/0.*ridentifier 4321' tcpdump.log
+	    grep 'rule 2/0.*ridentifier 4321' ${PWD}/tcpdump.log
 }
 
 basic_cleanup()
 {
 	pft_cleanup
-	rm -f inetd-alcatraz.pid
-	rm -f tcpdump.log
 }
 
 atf_init_test_cases()
diff --git a/tests/sys/netpfil/pf/route_to.sh b/tests/sys/netpfil/pf/route_to.sh
index df95eaecc12e..5f47cea39b01 100644
--- a/tests/sys/netpfil/pf/route_to.sh
+++ b/tests/sys/netpfil/pf/route_to.sh
@@ -140,7 +140,7 @@ multiwan_body()
 	jexec srv sysctl net.inet.ip.forwarding=1
 
 	# Run echo server in srv jail
-	jexec srv /usr/sbin/inetd -p multiwan.pid $(atf_get_srcdir)/echo_inetd.conf
+	jexec srv /usr/sbin/inetd -p ${PWD}/multiwan.pid $(atf_get_srcdir)/echo_inetd.conf
 
 	jexec srv pfctl -e
 	pft_set_rules srv \
@@ -178,7 +178,6 @@ multiwan_body()
 
 multiwan_cleanup()
 {
-	rm -f multiwan.pid
 	pft_cleanup
 }
 
diff --git a/tests/sys/netpfil/pf/syncookie.sh b/tests/sys/netpfil/pf/syncookie.sh
index 8feb2816f589..ac7483bc258b 100644
--- a/tests/sys/netpfil/pf/syncookie.sh
+++ b/tests/sys/netpfil/pf/syncookie.sh
@@ -51,7 +51,7 @@ basic_body()
 
 	vnet_mkjail alcatraz ${epair}b
 	jexec alcatraz ifconfig ${epair}b 192.0.2.1/24 up
-	jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \
+	jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \
 	    $(atf_get_srcdir)/echo_inetd.conf
 
 	ifconfig ${epair}a 192.0.2.2/24 up
@@ -81,7 +81,7 @@ basic_body()
 
 basic_cleanup()
 {
-	rm -f inetd-alcatraz.pid
+	rm -f ${PWD}/inetd-alcatraz.pid
 	pft_cleanup
 }
 
@@ -100,7 +100,7 @@ basic_v6_body()
 
 	vnet_mkjail alcatraz ${epair}b
 	jexec alcatraz ifconfig ${epair}b inet6 2001:db8::1/64 up no_dad
-	jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \
+	jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \
 	    $(atf_get_srcdir)/echo_inetd.conf
 
 	ifconfig ${epair}a inet6 2001:db8::2/64 up no_dad
@@ -130,7 +130,6 @@ basic_v6_body()
 
 basic_v6_cleanup()
 {
-	rm -f inetd-alcatraz.pid
 	pft_cleanup
 }
 
@@ -157,7 +156,7 @@ forward_body()
 
 	jexec srv ifconfig ${epair_out}b 198.51.100.2/24 up
 	jexec srv route add default 198.51.100.1
-	jexec srv /usr/sbin/inetd -p inetd-alcatraz.pid \
+	jexec srv /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \
 	    $(atf_get_srcdir)/echo_inetd.conf
 
 	ifconfig ${epair_in}a 192.0.2.2/24 up
@@ -181,7 +180,6 @@ forward_body()
 
 forward_cleanup()
 {
-	rm -f inetd-alcatraz.pid
 	pft_cleanup
 }
 
@@ -208,7 +206,7 @@ forward_v6_body()
 
 	jexec srv ifconfig ${epair_out}b inet6 2001:db8:1::2/64 up no_dad
 	jexec srv route -6 add default 2001:db8:1::1
-	jexec srv /usr/sbin/inetd -p inetd-alcatraz.pid \
+	jexec srv /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \
 	    $(atf_get_srcdir)/echo_inetd.conf
 
 	ifconfig ${epair_in}a inet6 2001:db8::2/64 up no_dad
@@ -232,7 +230,6 @@ forward_v6_body()
 
 forward_v6_cleanup()
 {
-	rm -f inetd-alcatraz.pid
 	pft_cleanup
 }
 
@@ -440,7 +437,7 @@ port_reuse_body()
 	vnet_mkjail alcatraz ${epair}b
 	vnet_mkjail singsing
 	jexec alcatraz ifconfig ${epair}b 192.0.2.1/24 up
-	jexec alcatraz /usr/sbin/inetd -p ${HOME}/inetd-alcatraz.pid \
+	jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \
 	    $(atf_get_srcdir)/echo_inetd.conf
 
 	ifconfig ${epair}a 192.0.2.2/24 up
diff --git a/tests/sys/netpfil/pf/synproxy.sh b/tests/sys/netpfil/pf/synproxy.sh
index 3b3dc62b8993..617fa6ba2afc 100644
--- a/tests/sys/netpfil/pf/synproxy.sh
+++ b/tests/sys/netpfil/pf/synproxy.sh
@@ -52,7 +52,7 @@ synproxy_body()
 	jexec singsing ifconfig ${link}b 198.51.100.2/24 up
 	jexec singsing route add default 198.51.100.1
 
-	jexec singsing /usr/sbin/inetd -p inetd-singsing.pid $(atf_get_srcdir)/echo_inetd.conf
+	jexec singsing /usr/sbin/inetd -p ${PWD}/inetd-singsing.pid $(atf_get_srcdir)/echo_inetd.conf
 
 	jexec alcatraz pfctl -e
 	pft_set_rules alcatraz "set fail-policy return" \
@@ -74,7 +74,6 @@ synproxy_body()
 
 synproxy_cleanup()
 {
-	rm -f inetd-singsing.pid
 	pft_cleanup
 }
 
@@ -94,7 +93,7 @@ local_body()
 
 	vnet_mkjail alcatraz ${epair}b
 	jexec alcatraz ifconfig ${epair}b 192.0.2.1/24 up
-	jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \
+	jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \
 		$(atf_get_srcdir)/echo_inetd.conf
 
 	jexec alcatraz pfctl -e
@@ -115,7 +114,6 @@ local_body()
 
 local_cleanup()
 {
-	rm -f inetd-alcatraz.pid
 	pft_cleanup
 }
 
@@ -135,7 +133,7 @@ local_v6_body()
 
 	vnet_mkjail alcatraz ${epair}b
 	jexec alcatraz ifconfig ${epair}b inet6 2001:db8:42::2/64 up
-	jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \
+	jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \
 		$(atf_get_srcdir)/echo_inetd.conf
 
 	jexec alcatraz pfctl -e
@@ -155,7 +153,6 @@ local_v6_body()
 
 local_v6_cleanup()
 {
-	rm -f inetd-alcatraz.pid
 	pft_cleanup
 }