diff options
| author | baude <bbaude@redhat.com> | 2018-02-14 12:51:06 -0600 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-02-15 00:20:47 +0000 |
| commit | be9ed1cfacc19d1ad3c09e10481da445615b8b8e (patch) | |
| tree | 1c0c01daf5b43c6139e37408be601475c1dcea41 /test/e2e/privileged_test.go | |
| parent | d051dc38d81920c94c37b20ceba0d33b35299bca (diff) | |
| download | podman-be9ed1cfacc19d1ad3c09e10481da445615b8b8e.tar.gz podman-be9ed1cfacc19d1ad3c09e10481da445615b8b8e.tar.bz2 podman-be9ed1cfacc19d1ad3c09e10481da445615b8b8e.zip | |
Privileged containers should inherit host devices
When running a privileged container, it should inherit the same
devices the host has.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #330
Approved by: mheon
Diffstat (limited to 'test/e2e/privileged_test.go')
| -rw-r--r-- | test/e2e/privileged_test.go | 76 |
1 files changed, 0 insertions, 76 deletions
diff --git a/test/e2e/privileged_test.go b/test/e2e/privileged_test.go deleted file mode 100644 index b660e1b55..000000000 --- a/test/e2e/privileged_test.go +++ /dev/null @@ -1,76 +0,0 @@ -package integration - -import ( - "os" - - . "github.com/onsi/ginkgo" - . "github.com/onsi/gomega" - "strings" -) - -var _ = Describe("Podman privileged container tests", func() { - var ( - tempdir string - err error - podmanTest PodmanTest - ) - - BeforeEach(func() { - tempdir, err = CreateTempDirInTempDir() - if err != nil { - os.Exit(1) - } - podmanTest = PodmanCreate(tempdir) - podmanTest.RestoreAllArtifacts() - }) - - AfterEach(func() { - podmanTest.Cleanup() - - }) - - It("podman privileged make sure sys is mounted rw", func() { - session := podmanTest.Podman([]string{"run", "--privileged", "busybox", "mount"}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) - ok, lines := session.GrepString("sysfs") - Expect(ok).To(BeTrue()) - Expect(lines[0]).To(ContainSubstring("sysfs (rw,")) - }) - - It("podman privileged CapEff", func() { - cap := podmanTest.SystemExec("grep", []string{"CapEff", "/proc/self/status"}) - cap.WaitWithDefaultTimeout() - Expect(cap.ExitCode()).To(Equal(0)) - - session := podmanTest.Podman([]string{"run", "--privileged", "busybox", "grep", "CapEff", "/proc/self/status"}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) - Expect(session.OutputToString()).To(Equal(cap.OutputToString())) - }) - - It("podman cap-add CapEff", func() { - cap := podmanTest.SystemExec("grep", []string{"CapEff", "/proc/self/status"}) - cap.WaitWithDefaultTimeout() - Expect(cap.ExitCode()).To(Equal(0)) - - session := podmanTest.Podman([]string{"run", "--cap-add", "all", "busybox", "grep", "CapEff", "/proc/self/status"}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) - Expect(session.OutputToString()).To(Equal(cap.OutputToString())) - }) - - It("podman cap-drop CapEff", func() { - cap := podmanTest.SystemExec("grep", []string{"CapAmb", "/proc/self/status"}) - cap.WaitWithDefaultTimeout() - Expect(cap.ExitCode()).To(Equal(0)) - session := podmanTest.Podman([]string{"run", "--cap-drop", "all", "busybox", "grep", "CapEff", "/proc/self/status"}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) - - capAmp := strings.Split(cap.OutputToString(), " ") - capEff := strings.Split(session.OutputToString(), " ") - Expect(capAmp[1]).To(Equal(capEff[1])) - }) - -}) |