summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2021-11-02 12:51:10 +0100
committerGiuseppe Scrivano <gscrivan@redhat.com>2021-11-04 13:16:17 +0100
commit0234b153cc99edcb2865dc42e43f1edf8b7fccdc (patch)
tree481b14e1f0519799dc733231a4cb551c2b75678e
parent0686f0bb2ff22abae7ca90f1b17b32d73b8615a8 (diff)
downloadpodman-0234b153cc99edcb2865dc42e43f1edf8b7fccdc.tar.gz
podman-0234b153cc99edcb2865dc42e43f1edf8b7fccdc.tar.bz2
podman-0234b153cc99edcb2865dc42e43f1edf8b7fccdc.zip
test: run --cgroups=split in new cgroup
the --cgroups=split test changes the current cgroup as it creates a sub-cgroup. This can cause a race condition in tests that are reading the current cgroup. Closes: https://github.com/containers/podman/issues/11191 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
-rw-r--r--test/e2e/common_test.go2
-rw-r--r--test/e2e/libpod_suite_remote_test.go16
-rw-r--r--test/e2e/libpod_suite_test.go14
-rw-r--r--test/e2e/run_test.go4
-rw-r--r--test/utils/podmantest_test.go2
-rw-r--r--test/utils/utils.go16
6 files changed, 42 insertions, 12 deletions
diff --git a/test/e2e/common_test.go b/test/e2e/common_test.go
index 7228682f3..e598f7ab9 100644
--- a/test/e2e/common_test.go
+++ b/test/e2e/common_test.go
@@ -685,7 +685,7 @@ func SkipIfContainerized(reason string) {
// PodmanAsUser is the exec call to podman on the filesystem with the specified uid/gid and environment
func (p *PodmanTestIntegration) PodmanAsUser(args []string, uid, gid uint32, cwd string, env []string) *PodmanSessionIntegration {
- podmanSession := p.PodmanAsUserBase(args, uid, gid, cwd, env, false, false, nil)
+ podmanSession := p.PodmanAsUserBase(args, uid, gid, cwd, env, false, false, nil, nil)
return &PodmanSessionIntegration{podmanSession}
}
diff --git a/test/e2e/libpod_suite_remote_test.go b/test/e2e/libpod_suite_remote_test.go
index 3115c246f..ad511cc9e 100644
--- a/test/e2e/libpod_suite_remote_test.go
+++ b/test/e2e/libpod_suite_remote_test.go
@@ -38,11 +38,25 @@ func (p *PodmanTestIntegration) Podman(args []string) *PodmanSessionIntegration
return &PodmanSessionIntegration{podmanSession}
}
+// PodmanSystemdScope runs the podman command in a new systemd scope
+func (p *PodmanTestIntegration) PodmanSystemdScope(args []string) *PodmanSessionIntegration {
+ var remoteArgs = []string{"--remote", "--url", p.RemoteSocket}
+ remoteArgs = append(remoteArgs, args...)
+
+ wrapper := []string{"systemd-run", "--scope"}
+ if rootless.IsRootless() {
+ wrapper = []string{"systemd-run", "--scope", "--user"}
+ }
+
+ podmanSession := p.PodmanAsUserBase(remoteArgs, 0, 0, "", nil, false, false, wrapper, nil)
+ return &PodmanSessionIntegration{podmanSession}
+}
+
// PodmanExtraFiles is the exec call to podman on the filesystem and passes down extra files
func (p *PodmanTestIntegration) PodmanExtraFiles(args []string, extraFiles []*os.File) *PodmanSessionIntegration {
var remoteArgs = []string{"--remote", "--url", p.RemoteSocket}
remoteArgs = append(remoteArgs, args...)
- podmanSession := p.PodmanAsUserBase(remoteArgs, 0, 0, "", nil, false, false, extraFiles)
+ podmanSession := p.PodmanAsUserBase(remoteArgs, 0, 0, "", nil, false, false, nil, extraFiles)
return &PodmanSessionIntegration{podmanSession}
}
diff --git a/test/e2e/libpod_suite_test.go b/test/e2e/libpod_suite_test.go
index cc03ccc96..6d2d3fee8 100644
--- a/test/e2e/libpod_suite_test.go
+++ b/test/e2e/libpod_suite_test.go
@@ -8,6 +8,8 @@ import (
"os"
"path/filepath"
"strings"
+
+ "github.com/containers/podman/v3/pkg/rootless"
)
func IsRemote() bool {
@@ -23,9 +25,19 @@ func (p *PodmanTestIntegration) Podman(args []string) *PodmanSessionIntegration
return &PodmanSessionIntegration{podmanSession}
}
+// PodmanSystemdScope runs the podman command in a new systemd scope
+func (p *PodmanTestIntegration) PodmanSystemdScope(args []string) *PodmanSessionIntegration {
+ wrapper := []string{"systemd-run", "--scope"}
+ if rootless.IsRootless() {
+ wrapper = []string{"systemd-run", "--scope", "--user"}
+ }
+ podmanSession := p.PodmanAsUserBase(args, 0, 0, "", nil, false, false, wrapper, nil)
+ return &PodmanSessionIntegration{podmanSession}
+}
+
// PodmanExtraFiles is the exec call to podman on the filesystem and passes down extra files
func (p *PodmanTestIntegration) PodmanExtraFiles(args []string, extraFiles []*os.File) *PodmanSessionIntegration {
- podmanSession := p.PodmanAsUserBase(args, 0, 0, "", nil, false, false, extraFiles)
+ podmanSession := p.PodmanAsUserBase(args, 0, 0, "", nil, false, false, nil, extraFiles)
return &PodmanSessionIntegration{podmanSession}
}
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index 95660bfc9..ed2d8938d 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -1381,13 +1381,13 @@ USER mail`, BB)
}
}
- container := podmanTest.Podman([]string{"run", "--rm", "--cgroups=split", ALPINE, "cat", "/proc/self/cgroup"})
+ container := podmanTest.PodmanSystemdScope([]string{"run", "--rm", "--cgroups=split", ALPINE, "cat", "/proc/self/cgroup"})
container.WaitWithDefaultTimeout()
Expect(container).Should(Exit(0))
checkLines(container.OutputToStringArray())
// check that --cgroups=split is honored also when a container runs in a pod
- container = podmanTest.Podman([]string{"run", "--rm", "--pod", "new:split-test-pod", "--cgroups=split", ALPINE, "cat", "/proc/self/cgroup"})
+ container = podmanTest.PodmanSystemdScope([]string{"run", "--rm", "--pod", "new:split-test-pod", "--cgroups=split", ALPINE, "cat", "/proc/self/cgroup"})
container.WaitWithDefaultTimeout()
Expect(container).Should(Exit(0))
checkLines(container.OutputToStringArray())
diff --git a/test/utils/podmantest_test.go b/test/utils/podmantest_test.go
index 9bd1c4a66..1bb9ecb6b 100644
--- a/test/utils/podmantest_test.go
+++ b/test/utils/podmantest_test.go
@@ -23,7 +23,7 @@ var _ = Describe("PodmanTest test", func() {
FakeOutputs["check"] = []string{"check"}
os.Setenv("HOOK_OPTION", "hook_option")
env := os.Environ()
- session := podmanTest.PodmanAsUserBase([]string{"check"}, 1000, 1000, "", env, true, false, nil)
+ session := podmanTest.PodmanAsUserBase([]string{"check"}, 1000, 1000, "", env, true, false, nil, nil)
os.Unsetenv("HOOK_OPTION")
session.WaitWithDefaultTimeout()
Expect(session.Command.Process).ShouldNot(BeNil())
diff --git a/test/utils/utils.go b/test/utils/utils.go
index bfefc58ec..d4d5e6e2f 100644
--- a/test/utils/utils.go
+++ b/test/utils/utils.go
@@ -66,27 +66,31 @@ func (p *PodmanTest) MakeOptions(args []string, noEvents, noCache bool) []string
// PodmanAsUserBase exec podman as user. uid and gid is set for credentials usage. env is used
// to record the env for debugging
-func (p *PodmanTest) PodmanAsUserBase(args []string, uid, gid uint32, cwd string, env []string, noEvents, noCache bool, extraFiles []*os.File) *PodmanSession {
+func (p *PodmanTest) PodmanAsUserBase(args []string, uid, gid uint32, cwd string, env []string, noEvents, noCache bool, wrapper []string, extraFiles []*os.File) *PodmanSession {
var command *exec.Cmd
podmanOptions := p.MakeOptions(args, noEvents, noCache)
podmanBinary := p.PodmanBinary
if p.RemoteTest {
podmanBinary = p.RemotePodmanBinary
}
+
+ runCmd := append(wrapper, podmanBinary)
if p.RemoteTest {
podmanOptions = append([]string{"--remote", "--url", p.RemoteSocket}, podmanOptions...)
}
if env == nil {
- fmt.Printf("Running: %s %s\n", podmanBinary, strings.Join(podmanOptions, " "))
+ fmt.Printf("Running: %s %s\n", strings.Join(runCmd, " "), strings.Join(podmanOptions, " "))
} else {
- fmt.Printf("Running: (env: %v) %s %s\n", env, podmanBinary, strings.Join(podmanOptions, " "))
+ fmt.Printf("Running: (env: %v) %s %s\n", env, strings.Join(runCmd, " "), strings.Join(podmanOptions, " "))
}
if uid != 0 || gid != 0 {
pythonCmd := fmt.Sprintf("import os; import sys; uid = %d; gid = %d; cwd = '%s'; os.setgid(gid); os.setuid(uid); os.chdir(cwd) if len(cwd)>0 else True; os.execv(sys.argv[1], sys.argv[1:])", gid, uid, cwd)
- nsEnterOpts := append([]string{"-c", pythonCmd, podmanBinary}, podmanOptions...)
+ runCmd = append(runCmd, podmanOptions...)
+ nsEnterOpts := append([]string{"-c", pythonCmd}, runCmd...)
command = exec.Command("python", nsEnterOpts...)
} else {
- command = exec.Command(podmanBinary, podmanOptions...)
+ runCmd = append(runCmd, podmanOptions...)
+ command = exec.Command(runCmd[0], runCmd[1:]...)
}
if env != nil {
command.Env = env
@@ -106,7 +110,7 @@ func (p *PodmanTest) PodmanAsUserBase(args []string, uid, gid uint32, cwd string
// PodmanBase exec podman with default env.
func (p *PodmanTest) PodmanBase(args []string, noEvents, noCache bool) *PodmanSession {
- return p.PodmanAsUserBase(args, 0, 0, "", nil, noEvents, noCache, nil)
+ return p.PodmanAsUserBase(args, 0, 0, "", nil, noEvents, noCache, nil, nil)
}
// WaitForContainer waits on a started container