summaryrefslogtreecommitdiff
path: root/test/system/170-run-userns.bats
diff options
context:
space:
mode:
authorValentin Rothberg <vrothberg@redhat.com>2022-05-12 13:38:08 +0200
committerValentin Rothberg <vrothberg@redhat.com>2022-05-13 15:41:28 +0200
commitc45d51899a8190bd3797cdee71b74b912a634c71 (patch)
treea656d1859b4a92f7073772d52ba1c7b1dae61f79 /test/system/170-run-userns.bats
parent9cf38a0afbb2619b6eeacce7fade451b38e5bab6 (diff)
downloadpodman-c45d51899a8190bd3797cdee71b74b912a634c71.tar.gz
podman-c45d51899a8190bd3797cdee71b74b912a634c71.tar.bz2
podman-c45d51899a8190bd3797cdee71b74b912a634c71.zip
[BZ #2083997] pod: build pause image in custom user NS
Use the host UID and host GID mapping when building the local pause image for a Pod with a custom mapping. Otherwise, the mappings are off and the build fails. Propagating the mapping to the build container is not needed since the pause image ships merely a copied `catatonit` from the host. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2083997 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Diffstat (limited to 'test/system/170-run-userns.bats')
-rw-r--r--test/system/170-run-userns.bats13
1 files changed, 13 insertions, 0 deletions
diff --git a/test/system/170-run-userns.bats b/test/system/170-run-userns.bats
index d754306b2..b80351902 100644
--- a/test/system/170-run-userns.bats
+++ b/test/system/170-run-userns.bats
@@ -36,6 +36,19 @@ function _require_crun() {
is "$output" ".*457" "Check group leaked into container"
}
+@test "rootful pod with custom ID mapping" {
+ skip_if_rootless "does not work rootless - rootful feature"
+ skip_if_remote "remote --uidmap is broken (see #14233)"
+ random_pod_name=$(random_string 30)
+ run_podman pod create --uidmap 0:200000:5000 --name=$random_pod_name
+ run_podman pod start $random_pod_name
+
+ # Remove the pod and the pause image
+ run_podman pod rm $random_pod_name
+ run_podman version --format "{{.Server.Version}}-{{.Server.Built}}"
+ run_podman rmi -f localhost/podman-pause:$output
+}
+
@test "podman --remote --group-add keep-groups " {
if is_remote; then
run_podman 125 run --rm --group-add keep-groups $IMAGE id