diff options
author | Daniel J Walsh <dwalsh@redhat.com> | 2018-10-01 18:31:40 -0400 |
---|---|---|
committer | Daniel J Walsh <dwalsh@redhat.com> | 2018-10-02 03:44:46 -0400 |
commit | 86d435f32fc4230481d789499973c07a5b5ae78d (patch) | |
tree | c2c8e102052f4866180632d0be2b44c2d99da3a7 /test/e2e/run_test.go | |
parent | 3bdccd8a461217ac6d0094c2081f50612d60c19a (diff) | |
download | podman-86d435f32fc4230481d789499973c07a5b5ae78d.tar.gz podman-86d435f32fc4230481d789499973c07a5b5ae78d.tar.bz2 podman-86d435f32fc4230481d789499973c07a5b5ae78d.zip |
Disable SELinux labeling if --privileged
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'test/e2e/run_test.go')
-rw-r--r-- | test/e2e/run_test.go | 54 |
1 files changed, 0 insertions, 54 deletions
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 777b49cd8..a443d4ca5 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -10,7 +10,6 @@ import ( "github.com/mrunalp/fileutils" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/opencontainers/selinux/go-selinux" ) var _ = Describe("Podman run", func() { @@ -85,59 +84,6 @@ var _ = Describe("Podman run", func() { Expect(session.ExitCode()).To(Equal(0)) }) - It("podman run selinux grep test", func() { - if !selinux.GetEnabled() { - Skip("SELinux not enabled") - } - session := podmanTest.Podman([]string{"run", "-it", "--security-opt", "label=level:s0:c1,c2", ALPINE, "cat", "/proc/self/attr/current"}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) - match, _ := session.GrepString("s0:c1,c2") - Expect(match).Should(BeTrue()) - }) - - It("podman run selinux disable test", func() { - if !selinux.GetEnabled() { - Skip("SELinux not enabled") - } - session := podmanTest.Podman([]string{"run", "-it", "--security-opt", "label=disable", ALPINE, "cat", "/proc/self/attr/current"}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) - match, _ := session.GrepString("spc_t") - Expect(match).Should(BeTrue()) - }) - - It("podman run selinux type check test", func() { - if !selinux.GetEnabled() { - Skip("SELinux not enabled") - } - session := podmanTest.Podman([]string{"run", "-it", ALPINE, "cat", "/proc/self/attr/current"}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) - match1, _ := session.GrepString("container_t") - match2, _ := session.GrepString("svirt_lxc_net_t") - Expect(match1 || match2).Should(BeTrue()) - }) - - It("podman run selinux type setup test", func() { - if !selinux.GetEnabled() { - Skip("SELinux not enabled") - } - session := podmanTest.Podman([]string{"run", "-it", "--security-opt", "label=type:spc_t", ALPINE, "cat", "/proc/self/attr/current"}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) - match, _ := session.GrepString("spc_t") - Expect(match).Should(BeTrue()) - }) - - It("podman run seccomp undefine test", func() { - session := podmanTest.Podman([]string{"run", "-it", "--security-opt", "seccomp=unconfined", ALPINE, "echo", "hello"}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) - match, _ := session.GrepString("hello") - Expect(match).Should(BeTrue()) - }) - It("podman run seccomp test", func() { jsonFile := filepath.Join(podmanTest.TempDir, "seccomp.json") in := []byte(`{"defaultAction":"SCMP_ACT_ALLOW","syscalls":[{"name":"getcwd","action":"SCMP_ACT_ERRNO"}]}`) |