aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2018-10-03 11:06:17 -0400
committerDaniel J Walsh <dwalsh@redhat.com>2018-10-25 09:33:08 -0400
commitf9fb62c7371e2b0ac45a6ac1cdb25cf03978e797 (patch)
treec2137133df3435a98625a198369ec9840a45fcc8
parent3efa0685289a44ab21015897253565b9c50c1777 (diff)
downloadpodman-f9fb62c7371e2b0ac45a6ac1cdb25cf03978e797.tar.gz
podman-f9fb62c7371e2b0ac45a6ac1cdb25cf03978e797.tar.bz2
podman-f9fb62c7371e2b0ac45a6ac1cdb25cf03978e797.zip
Add tests for selinux labels
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
-rw-r--r--test/e2e/run_selinux_test.go64
1 files changed, 64 insertions, 0 deletions
diff --git a/test/e2e/run_selinux_test.go b/test/e2e/run_selinux_test.go
index ebe6604cc..a1a18c780 100644
--- a/test/e2e/run_selinux_test.go
+++ b/test/e2e/run_selinux_test.go
@@ -84,4 +84,68 @@ var _ = Describe("Podman run", func() {
Expect(match).Should(BeTrue())
})
+ It("podman test selinux label resolv.conf", func() {
+ session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/resolv.conf"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux label hosts", func() {
+ session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/hosts"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux label hostname", func() {
+ session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/hostname"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux label /run/secrets", func() {
+ session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-dZ", "/run/secrets"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux --privileged label resolv.conf", func() {
+ session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/resolv.conf"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux --privileged label hosts", func() {
+ session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/hosts"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux --privileged label hostname", func() {
+ session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/hostname"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux --privileged label /run/secrets", func() {
+ session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-dZ", "/run/secrets"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
})