diff mbox series

[nft] tests: shell: Extend table persist flag test a bit

Message ID 20240813193611.14529-1-phil@nwl.cc
State Accepted
Headers show
Series [nft] tests: shell: Extend table persist flag test a bit | expand

Commit Message

Phil Sutter Aug. 13, 2024, 7:36 p.m. UTC 
Using a co-process, assert owner flag is effective.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 tests/shell/testcases/owner/0002-persist      | 42 +++++++++++++++++++
 .../owner/dumps/0002-persist.json-nft         |  8 ----
 .../testcases/owner/dumps/0002-persist.nft    |  3 --
 3 files changed, 42 insertions(+), 11 deletions(-)

Comments

Florian Westphal Aug. 13, 2024, 7:53 p.m. UTC | #1 
Phil Sutter <phil@nwl.cc> wrote:
> Using a co-process, assert owner flag is effective.

Thanks, please just push it out.
Phil Sutter Aug. 14, 2024, 10:02 a.m. UTC | #2 
On Tue, Aug 13, 2024 at 09:36:11PM +0200, Phil Sutter wrote:
> Using a co-process, assert owner flag is effective.
> 
> Signed-off-by: Phil Sutter <phil@nwl.cc>

Patch applied.
diff mbox series

Patch

diff --git a/tests/shell/testcases/owner/0002-persist b/tests/shell/testcases/owner/0002-persist
index cf4b8f1327ec1..98a8eb1368bc1 100755
--- a/tests/shell/testcases/owner/0002-persist
+++ b/tests/shell/testcases/owner/0002-persist
@@ -33,4 +33,46 @@  EOF
 	die "retake ownership failed"
 }
 
+EXPECT="table ip t {
+	flags persist
+}"
+diff -u <(echo "$EXPECT") <($NFT list ruleset) || {
+	die "unexpected ruleset before coproc setup"
+}
+
+coproc $NFT -i
+sleep 1
+
+cat >&"${COPROC[1]}" <<EOF
+add table ip t { flags owner, persist; }
+EOF
+
+EXPECT="table ip t { # progname nft
+	flags owner,persist
+}"
+diff -u <(echo "$EXPECT") <($NFT list ruleset) || {
+	die "unexpected ruleset after coproc setup"
+}
+
+$NFT flush ruleset
+$NFT list ruleset | grep -q 'table ip t' || {
+	die "flushed owned table"
+}
+
+$NFT add table 'ip t { flags owner, persist; }' && {
+	die "stole owned table"
+}
+
+cat >&"${COPROC[1]}" <<EOF
+delete table ip t
+EOF
+
+[[ -z $($NFT list ruleset) ]] || {
+	die "owner should be able to delete the table"
+}
+
+eval "exec ${COPROC[1]}>&-"
+wait $COPROC_PID
+
+
 exit 0
diff --git a/tests/shell/testcases/owner/dumps/0002-persist.json-nft b/tests/shell/testcases/owner/dumps/0002-persist.json-nft
index f0c336a86e52f..546cc5977db61 100644
--- a/tests/shell/testcases/owner/dumps/0002-persist.json-nft
+++ b/tests/shell/testcases/owner/dumps/0002-persist.json-nft
@@ -6,14 +6,6 @@ 
         "release_name": "RELEASE_NAME",
         "json_schema_version": 1
       }
-    },
-    {
-      "table": {
-        "family": "ip",
-        "name": "t",
-        "handle": 0,
-        "flags": "persist"
-      }
     }
   ]
 }
diff --git a/tests/shell/testcases/owner/dumps/0002-persist.nft b/tests/shell/testcases/owner/dumps/0002-persist.nft
index b47027d35a30c..e69de29bb2d1d 100644
--- a/tests/shell/testcases/owner/dumps/0002-persist.nft
+++ b/tests/shell/testcases/owner/dumps/0002-persist.nft
@@ -1,3 +0,0 @@ 
-table ip t {
-	flags persist
-}