summaryrefslogtreecommitdiff
path: root/test/e2e/run_test.go
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2018-10-01 18:31:40 -0400
committerDaniel J Walsh <dwalsh@redhat.com>2018-10-02 03:44:46 -0400
commit86d435f32fc4230481d789499973c07a5b5ae78d (patch)
treec2c8e102052f4866180632d0be2b44c2d99da3a7 /test/e2e/run_test.go
parent3bdccd8a461217ac6d0094c2081f50612d60c19a (diff)
downloadpodman-86d435f32fc4230481d789499973c07a5b5ae78d.tar.gz
podman-86d435f32fc4230481d789499973c07a5b5ae78d.tar.bz2
podman-86d435f32fc4230481d789499973c07a5b5ae78d.zip
Disable SELinux labeling if --privileged
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'test/e2e/run_test.go')
-rw-r--r--test/e2e/run_test.go54
1 files changed, 0 insertions, 54 deletions
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index 777b49cd8..a443d4ca5 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -10,7 +10,6 @@ import (
"github.com/mrunalp/fileutils"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
- "github.com/opencontainers/selinux/go-selinux"
)
var _ = Describe("Podman run", func() {
@@ -85,59 +84,6 @@ var _ = Describe("Podman run", func() {
Expect(session.ExitCode()).To(Equal(0))
})
- It("podman run selinux grep test", func() {
- if !selinux.GetEnabled() {
- Skip("SELinux not enabled")
- }
- session := podmanTest.Podman([]string{"run", "-it", "--security-opt", "label=level:s0:c1,c2", ALPINE, "cat", "/proc/self/attr/current"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match, _ := session.GrepString("s0:c1,c2")
- Expect(match).Should(BeTrue())
- })
-
- It("podman run selinux disable test", func() {
- if !selinux.GetEnabled() {
- Skip("SELinux not enabled")
- }
- session := podmanTest.Podman([]string{"run", "-it", "--security-opt", "label=disable", ALPINE, "cat", "/proc/self/attr/current"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match, _ := session.GrepString("spc_t")
- Expect(match).Should(BeTrue())
- })
-
- It("podman run selinux type check test", func() {
- if !selinux.GetEnabled() {
- Skip("SELinux not enabled")
- }
- session := podmanTest.Podman([]string{"run", "-it", ALPINE, "cat", "/proc/self/attr/current"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match1, _ := session.GrepString("container_t")
- match2, _ := session.GrepString("svirt_lxc_net_t")
- Expect(match1 || match2).Should(BeTrue())
- })
-
- It("podman run selinux type setup test", func() {
- if !selinux.GetEnabled() {
- Skip("SELinux not enabled")
- }
- session := podmanTest.Podman([]string{"run", "-it", "--security-opt", "label=type:spc_t", ALPINE, "cat", "/proc/self/attr/current"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match, _ := session.GrepString("spc_t")
- Expect(match).Should(BeTrue())
- })
-
- It("podman run seccomp undefine test", func() {
- session := podmanTest.Podman([]string{"run", "-it", "--security-opt", "seccomp=unconfined", ALPINE, "echo", "hello"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match, _ := session.GrepString("hello")
- Expect(match).Should(BeTrue())
- })
-
It("podman run seccomp test", func() {
jsonFile := filepath.Join(podmanTest.TempDir, "seccomp.json")
in := []byte(`{"defaultAction":"SCMP_ACT_ALLOW","syscalls":[{"name":"getcwd","action":"SCMP_ACT_ERRNO"}]}`)