summaryrefslogtreecommitdiff
path: root/test/e2e/run_privileged_test.go
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2022-06-07 15:48:36 -0400
committerGitHub <noreply@github.com>2022-06-07 15:48:36 -0400
commitfef40e2ad384ec6e5e604b7e11e5cbb25ac7c304 (patch)
tree75ac9c7c375cb420432da7f79080e56b44e4de52 /test/e2e/run_privileged_test.go
parentf459c197bdce6c6d6056c7214ce186f360599c94 (diff)
parent8533ea000459403a9a708fe01f875509ed22ffe1 (diff)
downloadpodman-fef40e2ad384ec6e5e604b7e11e5cbb25ac7c304.tar.gz
podman-fef40e2ad384ec6e5e604b7e11e5cbb25ac7c304.tar.bz2
podman-fef40e2ad384ec6e5e604b7e11e5cbb25ac7c304.zip
Merge pull request #14483 from jakecorrenti/restart-privelaged-containers-after-host-device-change
Privileged containers can now restart if the host devices change
Diffstat (limited to 'test/e2e/run_privileged_test.go')
-rw-r--r--test/e2e/run_privileged_test.go24
1 files changed, 24 insertions, 0 deletions
diff --git a/test/e2e/run_privileged_test.go b/test/e2e/run_privileged_test.go
index 4f0b512c6..dfaff7e67 100644
--- a/test/e2e/run_privileged_test.go
+++ b/test/e2e/run_privileged_test.go
@@ -131,6 +131,30 @@ var _ = Describe("Podman privileged container tests", func() {
Expect(len(session.OutputToStringArray())).To(BeNumerically(">", 20))
})
+ It("podman privileged should restart after host devices change", func() {
+ containerName := "privileged-restart-test"
+ SkipIfRootless("Cannot create devices in /dev in rootless mode")
+ Expect(os.MkdirAll("/dev/foodevdir", os.ModePerm)).To(BeNil())
+
+ mknod := SystemExec("mknod", []string{"/dev/foodevdir/null", "c", "1", "3"})
+ mknod.WaitWithDefaultTimeout()
+ Expect(mknod).Should(Exit(0))
+
+ session := podmanTest.Podman([]string{"run", "--name=" + containerName, "--privileged", "-it", fedoraMinimal, "ls", "/dev"})
+ session.WaitWithDefaultTimeout()
+ Expect(session).Should(Exit(0))
+
+ deviceFiles := session.OutputToStringArray()
+
+ os.RemoveAll("/dev/foodevdir")
+ session = podmanTest.Podman([]string{"start", "--attach", containerName})
+ session.WaitWithDefaultTimeout()
+ Expect(session).Should(Exit(0))
+
+ deviceFilesAfterRemoval := session.OutputToStringArray()
+ Expect(deviceFiles).To(Not(Equal(deviceFilesAfterRemoval)))
+ })
+
It("run no-new-privileges test", func() {
// Check if our kernel is new enough
k, err := IsKernelNewerThan("4.14")