diff options
author | Giuseppe Scrivano <gscrivan@redhat.com> | 2021-01-12 16:08:14 +0100 |
---|---|---|
committer | Giuseppe Scrivano <gscrivan@redhat.com> | 2021-01-15 09:10:55 +0100 |
commit | 2c328a4ac12262771861b2be6522acbfa5bbadb6 (patch) | |
tree | 184396aecc0b36a0c11e264acd1062670e8256fe /test/e2e/run_ns_test.go | |
parent | 3fcf346890c0437611fc18c30d58cc2d9f61fe6c (diff) | |
download | podman-2c328a4ac12262771861b2be6522acbfa5bbadb6.tar.gz podman-2c328a4ac12262771861b2be6522acbfa5bbadb6.tar.bz2 podman-2c328a4ac12262771861b2be6522acbfa5bbadb6.zip |
specgen: improve heuristic for /sys bind mount
partially revert 95c45773d7dbca2880152de681c81f0a2afec99b
restrict the cases where /sys is bind mounted from the host.
The heuristic doesn't detect all the cases where the bind mount is not
necessary, but it is an improvement on the previous version where /sys
was always bind mounted for rootless containers unless --net none was
specified.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'test/e2e/run_ns_test.go')
-rw-r--r-- | test/e2e/run_ns_test.go | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/test/e2e/run_ns_test.go b/test/e2e/run_ns_test.go index 51657cb1e..29d2d4395 100644 --- a/test/e2e/run_ns_test.go +++ b/test/e2e/run_ns_test.go @@ -105,6 +105,14 @@ var _ = Describe("Podman run ns", func() { Expect(session).To(ExitWithError()) }) + It("podman run mounts fresh cgroup", func() { + session := podmanTest.Podman([]string{"run", fedoraMinimal, "grep", "cgroup", "/proc/self/mountinfo"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + output := session.OutputToString() + Expect(output).ToNot(ContainSubstring("..")) + }) + It("podman run --ipc=host --pid=host", func() { SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1") cmd := exec.Command("ls", "-l", "/proc/self/ns/pid") |