Merge pull request #6280 from mheon/switch_off_noexec

Turn off 'noexec' option by default for named volumes

1 files changed, 6 insertions, 5 deletions

diff --git a/test/system/160-volumes.bats b/test/system/160-volumes.bats
index 5d65a950f..3233e6f04 100644
--- a/test/system/160-volumes.bats
+++ b/test/system/160-volumes.bats
@@ -115,7 +115,8 @@ echo "got here -$rand-"
 EOF
     chmod 755 $mountpoint/myscript
 
-    # By default, volumes are mounted noexec. This should fail.
+    # By default, volumes are mounted exec, but we have manually added the
+    # noexec option. This should fail.
     # ARGH. Unfortunately, runc (used for cgroups v1) produces a different error
     local expect_rc=126
     local expect_msg='.* OCI runtime permission denied.*'
@@ -125,12 +126,12 @@ EOF
         expect_msg='.* exec user process caused.*permission denied'
     fi
 
-    run_podman ${expect_rc} run --rm --volume $myvolume:/vol:z $IMAGE /vol/myscript
+    run_podman ${expect_rc} run --rm --volume $myvolume:/vol:noexec,z $IMAGE /vol/myscript
     is "$output" "$expect_msg" "run on volume, noexec"
 
-    # With exec, it should pass
-    run_podman run --rm -v $myvolume:/vol:z,exec $IMAGE /vol/myscript
-    is "$output" "got here -$rand-" "script in volume is runnable with exec"
+    # With the default, it should pass
+    run_podman run --rm -v $myvolume:/vol:z $IMAGE /vol/myscript
+    is "$output" "got here -$rand-" "script in volume is runnable with default (exec)"
 
     # Clean up
     run_podman volume rm $myvolume