aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEd Santiago <santiago@redhat.com>2020-12-14 06:40:46 -0700
committerEd Santiago <santiago@redhat.com>2020-12-14 06:40:46 -0700
commit4d7e05f9ba583498abbdef48353b1fa9d8b711f5 (patch)
tree615c42b130ffbc018077e6dd2c3eea3e858826c1
parenta226e6ed318ae7b7af16081b787cc80718e73e2d (diff)
downloadpodman-4d7e05f9ba583498abbdef48353b1fa9d8b711f5.tar.gz
podman-4d7e05f9ba583498abbdef48353b1fa9d8b711f5.tar.bz2
podman-4d7e05f9ba583498abbdef48353b1fa9d8b711f5.zip
RHEL gating tests: more journald exceptions
Followup to #8284, due to my not having noticed #8096. RHEL gating tests are failing again due to rhbz#1895105, the one where we can't run journalctl rootless on RHEL. #8284 fixed this for some RHEL builds of older podman, but I missed #8096 which added yet another logs test. This brings us to three journalctl exceptions, which means it gets complicated because I have to refactor it all. **THIS IS NOT SUSTAINABLE**. We need some way to have a similar setup in CI, with a permission-less rootless login, so we don't add yet another logs test some day and discover, months later, that it doesn't work on RHEL and then have to go into crisis mode. Signed-off-by: Ed Santiago <santiago@redhat.com>
-rw-r--r--test/system/030-run.bats20
-rw-r--r--test/system/035-logs.bats9
-rw-r--r--test/system/helpers.bash34
3 files changed, 44 insertions, 19 deletions
diff --git a/test/system/030-run.bats b/test/system/030-run.bats
index 3ee141f5f..23f924de2 100644
--- a/test/system/030-run.bats
+++ b/test/system/030-run.bats
@@ -415,13 +415,18 @@ json-file | f
fi
if [[ $driver != 'none' ]]; then
- run_podman logs myctr
- is "$output" "$msg" "check that podman logs works as expected"
+ if [[ $driver = 'journald' ]] && journald_unavailable; then
+ # Cannot perform check
+ :
+ else
+ run_podman logs myctr
+ is "$output" "$msg" "podman logs, with driver '$driver'"
+ fi
else
run_podman 125 logs myctr
if ! is_remote; then
is "$output" ".*this container is using the 'none' log driver, cannot read logs.*" \
- "podman logs does not work with none log driver"
+ "podman logs, with driver 'none', should fail with error"
fi
fi
run_podman rm myctr
@@ -437,14 +442,7 @@ json-file | f
skip_if_remote "We cannot read journalctl over remote."
# We can't use journald on RHEL as rootless, either: rhbz#1895105
- if is_rootless; then
- run journalctl -n 1
- if [[ $status -ne 0 ]]; then
- if [[ $output =~ permission ]]; then
- skip "Cannot use rootless journald on this system"
- fi
- fi
- fi
+ skip_if_journald_unavailable
msg=$(random_string 20)
pidfile="${PODMAN_TMPDIR}/$(random_string 20)"
diff --git a/test/system/035-logs.bats b/test/system/035-logs.bats
index a081a7ce1..bac153b8e 100644
--- a/test/system/035-logs.bats
+++ b/test/system/035-logs.bats
@@ -55,14 +55,7 @@ ${cid[0]} d" "Sequential output from logs"
@test "podman logs over journald" {
# We can't use journald on RHEL as rootless: rhbz#1895105
- if is_rootless; then
- run journalctl -n 1
- if [[ $status -ne 0 ]]; then
- if [[ $output =~ permission ]]; then
- skip "Cannot use rootless journald on this system"
- fi
- fi
- fi
+ skip_if_journald_unavailable
msg=$(random_string 20)
diff --git a/test/system/helpers.bash b/test/system/helpers.bash
index 6a7c6cc42..f782de080 100644
--- a/test/system/helpers.bash
+++ b/test/system/helpers.bash
@@ -259,6 +259,31 @@ function is_cgroupsv2() {
test "$cgroup_type" = "cgroup2fs"
}
+# rhbz#1895105: rootless journald is unavailable except to users in
+# certain magic groups; which our testuser account does not belong to
+# (intentional: that is the RHEL default, so that's the setup we test).
+function journald_unavailable() {
+ if ! is_rootless; then
+ # root must always have access to journal
+ return 1
+ fi
+
+ run journalctl -n 1
+ if [[ $status -eq 0 ]]; then
+ return 1
+ fi
+
+ if [[ $output =~ permission ]]; then
+ return 0
+ fi
+
+ # This should never happen; if it does, it's likely that a subsequent
+ # test will fail. This output may help track that down.
+ echo "WEIRD: 'journalctl -n 1' failed with a non-permission error:"
+ echo "$output"
+ return 1
+}
+
###########################
# _add_label_if_missing # make sure skip messages include rootless/remote
###########################
@@ -315,6 +340,15 @@ function skip_if_cgroupsv1() {
fi
}
+##################################
+# skip_if_journald_unavailable # rhbz#1895105: rootless journald permissions
+##################################
+function skip_if_journald_unavailable {
+ if journald_unavailable; then
+ skip "Cannot use rootless journald on this system"
+ fi
+}
+
#########
# die # Abort with helpful message
#########