diff options
| author | Daniel J Walsh <dwalsh@redhat.com> | 2021-03-24 07:49:29 -0400 |
|---|---|---|
| committer | Valentin Rothberg <rothberg@redhat.com> | 2021-08-20 11:12:05 +0200 |
| commit | c22f3e8b4e2593ca81d08924889f7e7251c83089 (patch) | |
| tree | 757b724f94af33be8fee12658f7f55d81db92f4f /test/system | |
| parent | 30b036c5d394bb523fa13074b1731ad4b6259693 (diff) | |
| download | podman-c22f3e8b4e2593ca81d08924889f7e7251c83089.tar.gz podman-c22f3e8b4e2593ca81d08924889f7e7251c83089.tar.bz2 podman-c22f3e8b4e2593ca81d08924889f7e7251c83089.zip | |
Implement SD-NOTIFY proxy in conmon
This leverages conmon's ability to proxy the SD-NOTIFY socket.
This prevents locking caused by OCI runtime blocking, waiting for
SD-NOTIFY messages, and instead passes the messages directly up
to the host.
NOTE: Also re-enable the auto-update tests which has been disabled due
to flakiness. With this change, Podman properly integrates into
systemd.
Fixes: #7316
Signed-off-by: Joseph Gooch <mrwizard@dok.org>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Diffstat (limited to 'test/system')
| -rw-r--r-- | test/system/255-auto-update.bats | 1 | ||||
| -rw-r--r-- | test/system/260-sdnotify.bats | 4 |
2 files changed, 3 insertions, 2 deletions
diff --git a/test/system/255-auto-update.bats b/test/system/255-auto-update.bats index 8bb32b5b7..7766ca3f9 100644 --- a/test/system/255-auto-update.bats +++ b/test/system/255-auto-update.bats @@ -221,7 +221,6 @@ function _confirm_update() { } @test "podman auto-update - label io.containers.autoupdate=local with rollback" { - skip "This test flakes way too often, see #11175" # sdnotify fails with runc 1.0.0-3-dev2 on Ubuntu. Let's just # assume that we work only with crun, nothing else. # [copied from 260-sdnotify.bats] diff --git a/test/system/260-sdnotify.bats b/test/system/260-sdnotify.bats index acb30de47..b5d3f9b86 100644 --- a/test/system/260-sdnotify.bats +++ b/test/system/260-sdnotify.bats @@ -130,6 +130,8 @@ function _assert_mainpid_is_conmon() { _stop_socat } +# These tests can fail in dev. environment because of SELinux. +# quick fix: chcon -t container_runtime_exec_t ./bin/podman @test "sdnotify : container" { # Sigh... we need to pull a humongous image because it has systemd-notify. # (IMPORTANT: fedora:32 and above silently removed systemd-notify; this @@ -150,7 +152,7 @@ function _assert_mainpid_is_conmon() { wait_for_ready $cid run_podman logs $cid - is "${lines[0]}" "/.*/container\.sock/notify" "NOTIFY_SOCKET is passed to container" + is "${lines[0]}" "/run/notify/notify.sock" "NOTIFY_SOCKET is passed to container" # With container, READY=1 isn't necessarily the last message received; # just look for it anywhere in received messages |