diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2022-06-07 15:48:36 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-06-07 15:48:36 -0400 |
commit | fef40e2ad384ec6e5e604b7e11e5cbb25ac7c304 (patch) | |
tree | 75ac9c7c375cb420432da7f79080e56b44e4de52 /test/e2e/run_privileged_test.go | |
parent | f459c197bdce6c6d6056c7214ce186f360599c94 (diff) | |
parent | 8533ea000459403a9a708fe01f875509ed22ffe1 (diff) | |
download | podman-fef40e2ad384ec6e5e604b7e11e5cbb25ac7c304.tar.gz podman-fef40e2ad384ec6e5e604b7e11e5cbb25ac7c304.tar.bz2 podman-fef40e2ad384ec6e5e604b7e11e5cbb25ac7c304.zip |
Merge pull request #14483 from jakecorrenti/restart-privelaged-containers-after-host-device-change
Privileged containers can now restart if the host devices change
Diffstat (limited to 'test/e2e/run_privileged_test.go')
-rw-r--r-- | test/e2e/run_privileged_test.go | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/test/e2e/run_privileged_test.go b/test/e2e/run_privileged_test.go index 4f0b512c6..dfaff7e67 100644 --- a/test/e2e/run_privileged_test.go +++ b/test/e2e/run_privileged_test.go @@ -131,6 +131,30 @@ var _ = Describe("Podman privileged container tests", func() { Expect(len(session.OutputToStringArray())).To(BeNumerically(">", 20)) }) + It("podman privileged should restart after host devices change", func() { + containerName := "privileged-restart-test" + SkipIfRootless("Cannot create devices in /dev in rootless mode") + Expect(os.MkdirAll("/dev/foodevdir", os.ModePerm)).To(BeNil()) + + mknod := SystemExec("mknod", []string{"/dev/foodevdir/null", "c", "1", "3"}) + mknod.WaitWithDefaultTimeout() + Expect(mknod).Should(Exit(0)) + + session := podmanTest.Podman([]string{"run", "--name=" + containerName, "--privileged", "-it", fedoraMinimal, "ls", "/dev"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + deviceFiles := session.OutputToStringArray() + + os.RemoveAll("/dev/foodevdir") + session = podmanTest.Podman([]string{"start", "--attach", containerName}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + deviceFilesAfterRemoval := session.OutputToStringArray() + Expect(deviceFiles).To(Not(Equal(deviceFilesAfterRemoval))) + }) + It("run no-new-privileges test", func() { // Check if our kernel is new enough k, err := IsKernelNewerThan("4.14") |