diff options
| author | Daniel J Walsh <dwalsh@redhat.com> | 2018-10-03 11:06:17 -0400 |
|---|---|---|
| committer | Daniel J Walsh <dwalsh@redhat.com> | 2018-10-25 09:33:08 -0400 |
| commit | f9fb62c7371e2b0ac45a6ac1cdb25cf03978e797 (patch) | |
| tree | c2137133df3435a98625a198369ec9840a45fcc8 /test/e2e/run_selinux_test.go | |
| parent | 3efa0685289a44ab21015897253565b9c50c1777 (diff) | |
| download | podman-f9fb62c7371e2b0ac45a6ac1cdb25cf03978e797.tar.gz podman-f9fb62c7371e2b0ac45a6ac1cdb25cf03978e797.tar.bz2 podman-f9fb62c7371e2b0ac45a6ac1cdb25cf03978e797.zip | |
Add tests for selinux labels
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'test/e2e/run_selinux_test.go')
| -rw-r--r-- | test/e2e/run_selinux_test.go | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/test/e2e/run_selinux_test.go b/test/e2e/run_selinux_test.go index ebe6604cc..a1a18c780 100644 --- a/test/e2e/run_selinux_test.go +++ b/test/e2e/run_selinux_test.go @@ -84,4 +84,68 @@ var _ = Describe("Podman run", func() { Expect(match).Should(BeTrue()) }) + It("podman test selinux label resolv.conf", func() { + session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/resolv.conf"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + match, _ := session.GrepString("container_file_t") + Expect(match).Should(BeTrue()) + }) + + It("podman test selinux label hosts", func() { + session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/hosts"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + match, _ := session.GrepString("container_file_t") + Expect(match).Should(BeTrue()) + }) + + It("podman test selinux label hostname", func() { + session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/hostname"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + match, _ := session.GrepString("container_file_t") + Expect(match).Should(BeTrue()) + }) + + It("podman test selinux label /run/secrets", func() { + session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-dZ", "/run/secrets"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + match, _ := session.GrepString("container_file_t") + Expect(match).Should(BeTrue()) + }) + + It("podman test selinux --privileged label resolv.conf", func() { + session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/resolv.conf"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + match, _ := session.GrepString("container_file_t") + Expect(match).Should(BeTrue()) + }) + + It("podman test selinux --privileged label hosts", func() { + session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/hosts"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + match, _ := session.GrepString("container_file_t") + Expect(match).Should(BeTrue()) + }) + + It("podman test selinux --privileged label hostname", func() { + session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/hostname"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + match, _ := session.GrepString("container_file_t") + Expect(match).Should(BeTrue()) + }) + + It("podman test selinux --privileged label /run/secrets", func() { + session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-dZ", "/run/secrets"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + match, _ := session.GrepString("container_file_t") + Expect(match).Should(BeTrue()) + }) + }) |