Merge pull request #3189 from vrothberg/apparmor-fixes

Apparmor fixes
author: OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> 2019-05-28 16:23:48 +0200
committer: GitHub <noreply@github.com> 2019-05-28 16:23:48 +0200
commit: 335a1ef1606734e4735a810e839032297cc89060 (patch)
tree: 12cfd0200888ced920a4144e57bfb8abf65aee68 /test
parent: 25f8c21ea8ac1994cd1e8468c72e3d3481be8102 (diff)
parent: 1910118de988c8698a2d6a6eaf666dc958e454fe (diff)
download: podman-335a1ef1606734e4735a810e839032297cc89060.tar.gz
podman-335a1ef1606734e4735a810e839032297cc89060.tar.bz2
podman-335a1ef1606734e4735a810e839032297cc89060.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/test/test_podman_baseline.sh b/test/test_podman_baseline.sh
index 5c24229bb..92bc8e20c 100755
--- a/test/test_podman_baseline.sh
+++ b/test/test_podman_baseline.sh
@@ -504,6 +504,16 @@ EOF
         echo "failed"
     fi
 
+    #Expected to pass (as root with --privileged).
+    #Note that the profile should not be loaded letting the mount succeed.
+    podman run --privileged docker.io/library/alpine:latest sh -c "mkdir tmp2; mount --bind tmp tmp2"
+    rc=$?
+    echo -n "root with specified AppArmor profile but --privileged: "
+    if [ $rc == 0 ]; then
+        echo "passed"
+    else
+        echo "failed"
+    fi
     #Expected to fail (as rootless)
     sudo -u "#1000" podman run --security-opt apparmor=$aaProfile docker.io/library/alpine:latest echo hello
     rc=$?
author	OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>	2019-05-28 16:23:48 +0200
committer	GitHub <noreply@github.com>	2019-05-28 16:23:48 +0200
commit	335a1ef1606734e4735a810e839032297cc89060 (patch)
tree	12cfd0200888ced920a4144e57bfb8abf65aee68 /test
parent	25f8c21ea8ac1994cd1e8468c72e3d3481be8102 (diff)
parent	1910118de988c8698a2d6a6eaf666dc958e454fe (diff)
download	podman-335a1ef1606734e4735a810e839032297cc89060.tar.gz podman-335a1ef1606734e4735a810e839032297cc89060.tar.bz2 podman-335a1ef1606734e4735a810e839032297cc89060.zip