diff options
author | Ed Santiago <santiago@redhat.com> | 2020-08-26 11:39:51 -0600 |
---|---|---|
committer | Ed Santiago <santiago@redhat.com> | 2020-08-27 12:58:13 -0600 |
commit | 4060b771577356c6966d9af6b92dc5c85c20b84a (patch) | |
tree | bbb8cfc7cfed534d11161a6f1455cf625faa68a4 | |
parent | 72c5b35ea5db44ca1c81a688d90f5c3aa8f8262e (diff) | |
download | podman-4060b771577356c6966d9af6b92dc5c85c20b84a.tar.gz podman-4060b771577356c6966d9af6b92dc5c85c20b84a.tar.bz2 podman-4060b771577356c6966d9af6b92dc5c85c20b84a.zip |
BATS: fix corner case in --userns=keep-id test
The test that does 'adduser' in a keep-id container had a
really dumb bug: if the user running the test has UID 1000,
then podman itself (via keep-id) will add the "1000" passwd
entry, and the in-container "adduser" will allocate 1001,
making our test fail. This triggered in f31/f32 podman gating
tests, but (?!?) never in rawhide gating tests.
Solution: explicitly feed a UID to adduser. Make sure that
it's not the same as the UID of the current user.
Also (unrelated): fix a ridiculous "run mkdir || die". At
the time I wrote that I probably had no idea how BATS works.
Signed-off-by: Ed Santiago <santiago@redhat.com>
-rw-r--r-- | test/system/030-run.bats | 15 | ||||
-rw-r--r-- | test/system/070-build.bats | 2 |
2 files changed, 14 insertions, 3 deletions
diff --git a/test/system/030-run.bats b/test/system/030-run.bats index 34afd5bae..198c8881d 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -294,11 +294,22 @@ echo $rand | 0 | $rand run_podman run -d --userns=keep-id $IMAGE sh -c 'while ! test -e /stop; do sleep 0.1; done' cid="$output" + # Assign a UID that is (a) not in our image /etc/passwd and (b) not + # the same as that of the user running the test script; this guarantees + # that the added passwd entry will be what we expect. + # + # For GID, we have to use one that already exists in the container. And + # unfortunately, 'adduser' requires a string name. We use 999:ping + local uid=4242 + if [[ $uid == $(id -u) ]]; then + uid=4343 + fi + gecos="$(random_string 6) $(random_string 8)" - run_podman exec --user root $cid adduser -D -g "$gecos" -s /bin/sh newuser3 + run_podman exec --user root $cid adduser -u $uid -G ping -D -g "$gecos" -s /bin/sh newuser3 is "$output" "" "output from adduser" run_podman exec $cid tail -1 /etc/passwd - is "$output" "newuser3:x:1000:1000:$gecos:/home/newuser3:/bin/sh" \ + is "$output" "newuser3:x:$uid:999:$gecos:/home/newuser3:/bin/sh" \ "newuser3 added to /etc/passwd in container" run_podman exec $cid touch /stop diff --git a/test/system/070-build.bats b/test/system/070-build.bats index 0e6e97d40..997699ecb 100644 --- a/test/system/070-build.bats +++ b/test/system/070-build.bats @@ -12,7 +12,7 @@ load helpers rand_content=$(random_string 50) tmpdir=$PODMAN_TMPDIR/build-test - run mkdir -p $tmpdir || die "Could not mkdir $tmpdir" + mkdir -p $tmpdir dockerfile=$tmpdir/Dockerfile cat >$dockerfile <<EOF FROM $IMAGE |