use cgroups_rs::fs::devices::{DevicePermissions, DeviceType, DevicesController};
use cgroups_rs::fs::{Cgroup, DeviceResource};
#[test]
fn test_devices_parsing() {
if cgroups_rs::fs::hierarchies::is_cgroup2_unified_mode() {
return;
}
let h = cgroups_rs::fs::hierarchies::auto();
let cg = Cgroup::new(h, String::from("test_devices_parsing")).unwrap();
{
let devices: &DevicesController = cg.controller_of().unwrap();
devices
.deny_device(
DeviceType::All,
-1,
-1,
&[
DevicePermissions::Read,
DevicePermissions::Write,
DevicePermissions::MkNod,
],
)
.unwrap();
let allowed_devices = devices.allowed_devices();
assert!(allowed_devices.is_ok());
assert_eq!(allowed_devices.unwrap(), Vec::new());
devices
.allow_device(DeviceType::Char, 1, 3, &[DevicePermissions::MkNod])
.unwrap();
let allowed_devices = devices.allowed_devices();
assert!(allowed_devices.is_ok());
let allowed_devices = allowed_devices.unwrap();
assert_eq!(allowed_devices.len(), 1);
assert_eq!(
allowed_devices[0],
DeviceResource {
allow: true,
devtype: DeviceType::Char,
major: 1,
minor: 3,
access: vec![DevicePermissions::MkNod],
}
);
devices
.deny_device(DeviceType::Char, 1, 3, &DevicePermissions::all())
.unwrap();
let allowed_devices = devices.allowed_devices();
assert!(allowed_devices.is_ok());
assert_eq!(allowed_devices.unwrap(), Vec::new());
}
cg.delete().unwrap();
}