diff options
| -rw-r--r-- | snekbox/memfs.py | 8 | ||||
| -rw-r--r-- | snekbox/nsjail.py | 8 | ||||
| -rw-r--r-- | tests/test_nsjail.py | 21 |
3 files changed, 7 insertions, 30 deletions
diff --git a/snekbox/memfs.py b/snekbox/memfs.py index bc8313d..727bc4c 100644 --- a/snekbox/memfs.py +++ b/snekbox/memfs.py @@ -73,13 +73,8 @@ class MemFS: """Path to home directory.""" return Path(self.path, "home") if self.path else None - @property - def shm(self) -> Path | None: - """Path to /dev/shm.""" - return Path(self.path, "dev", "shm") if self.path else None - def __enter__(self) -> MemFS: - # Generates a uuid tempdir + """Mounts a new tempfs, returns self.""" with self.assignment_lock: for _ in range(10): # Combine PID to avoid collisions with multiple snekbox processes @@ -91,7 +86,6 @@ class MemFS: raise RuntimeError("Failed to generate a unique tempdir name in 10 attempts") self.mkdir("home") - self.mkdir("dev/shm") return self def __exit__( diff --git a/snekbox/nsjail.py b/snekbox/nsjail.py index 556aab2..ce2a188 100644 --- a/snekbox/nsjail.py +++ b/snekbox/nsjail.py @@ -174,17 +174,13 @@ class NsJail: with NamedTemporaryFile() as nsj_log, MemFS(self.memfs_instance_size) as fs: # Add the temp dir to be mounted as cwd nsjail_args = ( - # Mount a tmpfs at /dev/shm to support multiprocessing - "--mount", - # src:dst:fs_type:options - f"{fs.shm}:/dev/shm:tmpfs:size={fs.instance_size}", - # Mount `home` in R/W mode + # Mount `home` with Read/Write access "--bindmount", f"{fs.home}:home", # Set cwd to temp dir "--cwd", "home", - # Set $HOME to temp dir + # Some packages rely on the HOME env variable "--env", "HOME=home", *nsjail_args, diff --git a/tests/test_nsjail.py b/tests/test_nsjail.py index c520330..cea96bd 100644 --- a/tests/test_nsjail.py +++ b/tests/test_nsjail.py @@ -261,21 +261,8 @@ class NsJailTests(unittest.TestCase): log.output, ) - def test_dev_shm_mounted(self): - code = dedent( - """ - with open('/dev/shm/test.bin', 'wb') as file: - file.write(bytes([255])) - """ - ).strip() - - result = self.nsjail.python3(code) - self.assertEqual("", result.stdout) - self.assertEqual(result.returncode, 0) - self.assertEqual(result.stderr, None) - def test_shm_and_tmp_not_mounted(self): - for path in ("/run/shm", "/tmp"): + for path in ("/dev/shm", "/run/shm", "/tmp"): with self.subTest(path=path): code = dedent( f""" @@ -289,7 +276,7 @@ class NsJailTests(unittest.TestCase): self.assertIn("No such file or directory", result.stdout) self.assertEqual(result.stderr, None) - def test_multiprocessing_shared_memory(self): + def test_multiprocessing_shared_memory_disabled(self): code = dedent( """ from multiprocessing.shared_memory import SharedMemory @@ -301,8 +288,8 @@ class NsJailTests(unittest.TestCase): ).strip() result = self.nsjail.python3(code) - self.assertEqual(result.returncode, 0) - self.assertEqual("", result.stdout) + self.assertEqual(result.returncode, 1) + self.assertIn("Function not implemented", result.stdout) self.assertEqual(result.stderr, None) def test_numpy_import(self): |