diff options
author | Daniel J Walsh <dwalsh@redhat.com> | 2018-01-23 17:12:13 +0100 |
---|---|---|
committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-01-25 04:30:15 +0000 |
commit | 50d4cd28682dccb7cdc8576327fcca65d848dff8 (patch) | |
tree | 2547ec39fb02ddd6813a895b8dbcc03063ba6fdc /test/podman_run_security.bats | |
parent | 12e3d9d8a26d2c33d587dba9b7ea5b0dcfd92eea (diff) | |
download | podman-50d4cd28682dccb7cdc8576327fcca65d848dff8.tar.gz podman-50d4cd28682dccb7cdc8576327fcca65d848dff8.tar.bz2 podman-50d4cd28682dccb7cdc8576327fcca65d848dff8.zip |
Save --privileged state
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #255
Approved by: mheon
Diffstat (limited to 'test/podman_run_security.bats')
-rw-r--r-- | test/podman_run_security.bats | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/test/podman_run_security.bats b/test/podman_run_security.bats new file mode 100644 index 000000000..07dabf44b --- /dev/null +++ b/test/podman_run_security.bats @@ -0,0 +1,34 @@ +#!/usr/bin/env bats + +load helpers + +function teardown() { + cleanup_test +} + +function setup() { + copy_images +} + +@test "run privileged test" { + cap=$(grep CapEff /proc/self/status | cut -f2 -d":") + + run ${PODMAN_BINARY} ${PODMAN_OPTIONS} run --privileged ${ALPINE} grep CapEff /proc/self/status + echo $output + [ "$status" -eq 0 ] + containercap=$(echo $output | tr -d '\r'| cut -f2 -d":") + [ $containercap = $cap ] + + run ${PODMAN_BINARY} ${PODMAN_OPTIONS} run --cap-add all ${ALPINE} grep CapEff /proc/self/status + echo $output + [ "$status" -eq 0 ] + containercap=$(echo $output | tr -d '\r'| cut -f2 -d":") + [ $containercap = $cap ] + + cap=$(grep CapAmb /proc/self/status | cut -f2 -d":") + run ${PODMAN_BINARY} ${PODMAN_OPTIONS} run --cap-drop all ${ALPINE} grep CapEff /proc/self/status + echo $output + [ "$status" -eq 0 ] + containercap=$(echo $output | tr -d '\r'| cut -f2 -d":") + [ $containercap = $cap ] +} |