diff options
author | Ed Santiago <santiago@redhat.com> | 2020-12-14 06:40:46 -0700 |
---|---|---|
committer | Ed Santiago <santiago@redhat.com> | 2020-12-14 06:40:46 -0700 |
commit | 4d7e05f9ba583498abbdef48353b1fa9d8b711f5 (patch) | |
tree | 615c42b130ffbc018077e6dd2c3eea3e858826c1 /test/system | |
parent | a226e6ed318ae7b7af16081b787cc80718e73e2d (diff) | |
download | podman-4d7e05f9ba583498abbdef48353b1fa9d8b711f5.tar.gz podman-4d7e05f9ba583498abbdef48353b1fa9d8b711f5.tar.bz2 podman-4d7e05f9ba583498abbdef48353b1fa9d8b711f5.zip |
RHEL gating tests: more journald exceptions
Followup to #8284, due to my not having noticed #8096.
RHEL gating tests are failing again due to rhbz#1895105, the
one where we can't run journalctl rootless on RHEL. #8284 fixed
this for some RHEL builds of older podman, but I missed #8096
which added yet another logs test.
This brings us to three journalctl exceptions, which means
it gets complicated because I have to refactor it all.
**THIS IS NOT SUSTAINABLE**. We need some way to have a similar
setup in CI, with a permission-less rootless login, so we don't
add yet another logs test some day and discover, months later,
that it doesn't work on RHEL and then have to go into crisis
mode.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Diffstat (limited to 'test/system')
-rw-r--r-- | test/system/030-run.bats | 20 | ||||
-rw-r--r-- | test/system/035-logs.bats | 9 | ||||
-rw-r--r-- | test/system/helpers.bash | 34 |
3 files changed, 44 insertions, 19 deletions
diff --git a/test/system/030-run.bats b/test/system/030-run.bats index 3ee141f5f..23f924de2 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -415,13 +415,18 @@ json-file | f fi if [[ $driver != 'none' ]]; then - run_podman logs myctr - is "$output" "$msg" "check that podman logs works as expected" + if [[ $driver = 'journald' ]] && journald_unavailable; then + # Cannot perform check + : + else + run_podman logs myctr + is "$output" "$msg" "podman logs, with driver '$driver'" + fi else run_podman 125 logs myctr if ! is_remote; then is "$output" ".*this container is using the 'none' log driver, cannot read logs.*" \ - "podman logs does not work with none log driver" + "podman logs, with driver 'none', should fail with error" fi fi run_podman rm myctr @@ -437,14 +442,7 @@ json-file | f skip_if_remote "We cannot read journalctl over remote." # We can't use journald on RHEL as rootless, either: rhbz#1895105 - if is_rootless; then - run journalctl -n 1 - if [[ $status -ne 0 ]]; then - if [[ $output =~ permission ]]; then - skip "Cannot use rootless journald on this system" - fi - fi - fi + skip_if_journald_unavailable msg=$(random_string 20) pidfile="${PODMAN_TMPDIR}/$(random_string 20)" diff --git a/test/system/035-logs.bats b/test/system/035-logs.bats index a081a7ce1..bac153b8e 100644 --- a/test/system/035-logs.bats +++ b/test/system/035-logs.bats @@ -55,14 +55,7 @@ ${cid[0]} d" "Sequential output from logs" @test "podman logs over journald" { # We can't use journald on RHEL as rootless: rhbz#1895105 - if is_rootless; then - run journalctl -n 1 - if [[ $status -ne 0 ]]; then - if [[ $output =~ permission ]]; then - skip "Cannot use rootless journald on this system" - fi - fi - fi + skip_if_journald_unavailable msg=$(random_string 20) diff --git a/test/system/helpers.bash b/test/system/helpers.bash index 6a7c6cc42..f782de080 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -259,6 +259,31 @@ function is_cgroupsv2() { test "$cgroup_type" = "cgroup2fs" } +# rhbz#1895105: rootless journald is unavailable except to users in +# certain magic groups; which our testuser account does not belong to +# (intentional: that is the RHEL default, so that's the setup we test). +function journald_unavailable() { + if ! is_rootless; then + # root must always have access to journal + return 1 + fi + + run journalctl -n 1 + if [[ $status -eq 0 ]]; then + return 1 + fi + + if [[ $output =~ permission ]]; then + return 0 + fi + + # This should never happen; if it does, it's likely that a subsequent + # test will fail. This output may help track that down. + echo "WEIRD: 'journalctl -n 1' failed with a non-permission error:" + echo "$output" + return 1 +} + ########################### # _add_label_if_missing # make sure skip messages include rootless/remote ########################### @@ -315,6 +340,15 @@ function skip_if_cgroupsv1() { fi } +################################## +# skip_if_journald_unavailable # rhbz#1895105: rootless journald permissions +################################## +function skip_if_journald_unavailable { + if journald_unavailable; then + skip "Cannot use rootless journald on this system" + fi +} + ######### # die # Abort with helpful message ######### |