diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2020-07-29 14:27:50 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-07-29 14:27:50 -0400 |
commit | 044a7cb100cfd86905b71654bef44db9730e6081 (patch) | |
tree | 0417686fb4c820e6fdde8e4207b0ff49cd2e0194 /test/e2e | |
parent | 77fb3d2c95f6f8b4ec7b679985c90c8d56f6c1de (diff) | |
parent | bae6853906c388051a49b9a43776eba97e4f0523 (diff) | |
download | podman-044a7cb100cfd86905b71654bef44db9730e6081.tar.gz podman-044a7cb100cfd86905b71654bef44db9730e6081.tar.bz2 podman-044a7cb100cfd86905b71654bef44db9730e6081.zip |
Merge pull request #6991 from mheon/change_passwd_ondisk
Make changes to /etc/passwd on disk for non-read only
Diffstat (limited to 'test/e2e')
-rw-r--r-- | test/e2e/run_passwd_test.go | 8 | ||||
-rw-r--r-- | test/e2e/run_userns_test.go | 25 |
2 files changed, 29 insertions, 4 deletions
diff --git a/test/e2e/run_passwd_test.go b/test/e2e/run_passwd_test.go index a1414e313..8dea7d39b 100644 --- a/test/e2e/run_passwd_test.go +++ b/test/e2e/run_passwd_test.go @@ -33,27 +33,27 @@ var _ = Describe("Podman run passwd", func() { }) It("podman run no user specified ", func() { - session := podmanTest.Podman([]string{"run", BB, "mount"}) + session := podmanTest.Podman([]string{"run", "--read-only", BB, "mount"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(session.LineInOutputContains("passwd")).To(BeFalse()) }) It("podman run user specified in container", func() { - session := podmanTest.Podman([]string{"run", "-u", "bin", BB, "mount"}) + session := podmanTest.Podman([]string{"run", "--read-only", "-u", "bin", BB, "mount"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(session.LineInOutputContains("passwd")).To(BeFalse()) }) It("podman run UID specified in container", func() { - session := podmanTest.Podman([]string{"run", "-u", "2:1", BB, "mount"}) + session := podmanTest.Podman([]string{"run", "--read-only", "-u", "2:1", BB, "mount"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(session.LineInOutputContains("passwd")).To(BeFalse()) }) It("podman run UID not specified in container", func() { - session := podmanTest.Podman([]string{"run", "-u", "20001:1", BB, "mount"}) + session := podmanTest.Podman([]string{"run", "--read-only", "-u", "20001:1", BB, "mount"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(session.LineInOutputContains("passwd")).To(BeTrue()) diff --git a/test/e2e/run_userns_test.go b/test/e2e/run_userns_test.go index 198217433..25f8d0d15 100644 --- a/test/e2e/run_userns_test.go +++ b/test/e2e/run_userns_test.go @@ -111,6 +111,31 @@ var _ = Describe("Podman UserNS support", func() { Expect(session.OutputToString()).To(Equal("0")) }) + It("podman run --userns=keep-id can add users", func() { + if os.Geteuid() == 0 { + Skip("Test only runs without root") + } + + userName := os.Getenv("USER") + if userName == "" { + Skip("Can't complete test if no username available") + } + + ctrName := "ctr-name" + session := podmanTest.Podman([]string{"run", "--userns=keep-id", "--user", "root:root", "-d", "--stop-signal", "9", "--name", ctrName, fedoraMinimal, "sleep", "600"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + exec1 := podmanTest.Podman([]string{"exec", "-t", "-i", ctrName, "cat", "/etc/passwd"}) + exec1.WaitWithDefaultTimeout() + Expect(exec1.ExitCode()).To(Equal(0)) + Expect(exec1.OutputToString()).To(ContainSubstring(userName)) + + exec2 := podmanTest.Podman([]string{"exec", "-t", "-i", ctrName, "useradd", "testuser"}) + exec2.WaitWithDefaultTimeout() + Expect(exec2.ExitCode()).To(Equal(0)) + }) + It("podman --userns=auto", func() { u, err := user.Current() Expect(err).To(BeNil()) |