aboutsummaryrefslogtreecommitdiff
path: root/test/e2e/run_privileged_test.go
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2020-09-28 14:43:46 +0000
committerGitHub <noreply@github.com>2020-09-28 14:43:46 +0000
commitb0e70a6411d70d7ee7f1e9d6abedc2524b903609 (patch)
tree6987290e36b8782fe12ff4506bdc017d4b32de60 /test/e2e/run_privileged_test.go
parentd2802636b0a7e3d281e52b44676de5e3226fbabf (diff)
parent007c0ecd50846900eaa7b8ea2fde08c83746abda (diff)
downloadpodman-b0e70a6411d70d7ee7f1e9d6abedc2524b903609.tar.gz
podman-b0e70a6411d70d7ee7f1e9d6abedc2524b903609.tar.bz2
podman-b0e70a6411d70d7ee7f1e9d6abedc2524b903609.zip
Merge pull request #7786 from rhatdan/rootless
Remove SkipIfRootless if possible, document other calls
Diffstat (limited to 'test/e2e/run_privileged_test.go')
-rw-r--r--test/e2e/run_privileged_test.go10
1 files changed, 5 insertions, 5 deletions
diff --git a/test/e2e/run_privileged_test.go b/test/e2e/run_privileged_test.go
index 064ba7d2c..a20088776 100644
--- a/test/e2e/run_privileged_test.go
+++ b/test/e2e/run_privileged_test.go
@@ -17,17 +17,19 @@ import (
// available than we are aware of, leading to host=FFF... and ctr=3FF...
// because the latter is all we request. Accept that.
func containerCapMatchesHost(ctr_cap string, host_cap string) {
+ if isRootless() {
+ return
+ }
ctr_cap_n, err := strconv.ParseUint(ctr_cap, 16, 64)
Expect(err).NotTo(HaveOccurred(), "Error parsing %q as hex", ctr_cap)
host_cap_n, err := strconv.ParseUint(host_cap, 16, 64)
Expect(err).NotTo(HaveOccurred(), "Error parsing %q as hex", host_cap)
- // host caps can never be zero (except rootless, which we don't test).
+ // host caps can never be zero (except rootless).
// and host caps must always be a superset (inclusive) of container
Expect(host_cap_n).To(BeNumerically(">", 0), "host cap %q should be nonzero", host_cap)
Expect(host_cap_n).To(BeNumerically(">=", ctr_cap_n), "host cap %q should never be less than container cap %q", host_cap, ctr_cap)
-
host_cap_masked := host_cap_n & (1<<len(capability.List()) - 1)
Expect(ctr_cap_n).To(Equal(host_cap_masked), "container cap %q is not a subset of host cap %q", ctr_cap, host_cap)
}
@@ -66,7 +68,6 @@ var _ = Describe("Podman privileged container tests", func() {
})
It("podman privileged CapEff", func() {
- SkipIfRootless()
host_cap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"})
Expect(host_cap.ExitCode()).To(Equal(0))
@@ -78,7 +79,6 @@ var _ = Describe("Podman privileged container tests", func() {
})
It("podman cap-add CapEff", func() {
- SkipIfRootless()
// Get caps of current process
host_cap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"})
Expect(host_cap.ExitCode()).To(Equal(0))
@@ -106,7 +106,7 @@ var _ = Describe("Podman privileged container tests", func() {
})
It("podman privileged should inherit host devices", func() {
- SkipIfRootless()
+ SkipIfRootless() // FIXME: This seems to be broken for rootless mode, /dev/ is close to the same
session := podmanTest.Podman([]string{"run", "--privileged", ALPINE, "ls", "-l", "/dev"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))