diff options
author | Daniel J Walsh <dwalsh@redhat.com> | 2020-09-28 15:55:06 -0400 |
---|---|---|
committer | Daniel J Walsh <dwalsh@redhat.com> | 2020-09-28 16:17:28 -0400 |
commit | 0d70df119539d818224b0d014602aaad2bd1b95e (patch) | |
tree | a1f4db621a686c8558a222ad66727cf0d63836d5 /test | |
parent | b0e70a6411d70d7ee7f1e9d6abedc2524b903609 (diff) | |
download | podman-0d70df119539d818224b0d014602aaad2bd1b95e.tar.gz podman-0d70df119539d818224b0d014602aaad2bd1b95e.tar.bz2 podman-0d70df119539d818224b0d014602aaad2bd1b95e.zip |
Ignore containers.conf sysctl when namespaces set to host
If user sets namespace to host, then default sysctls need to be ignored
that are specific to that namespace.
--net=host ignore sysctls that begin with net.
--ipc=host ignore fs.mqueue
--uts=host ignore kernel.domainname and kernel.hostname
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'test')
-rw-r--r-- | test/e2e/containers_conf_test.go | 6 | ||||
-rw-r--r-- | test/e2e/run_test.go | 5 |
2 files changed, 11 insertions, 0 deletions
diff --git a/test/e2e/containers_conf_test.go b/test/e2e/containers_conf_test.go index 02c5d1428..ddb62c327 100644 --- a/test/e2e/containers_conf_test.go +++ b/test/e2e/containers_conf_test.go @@ -179,6 +179,12 @@ var _ = Describe("Podman run", func() { session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(session.OutputToString()).To(ContainSubstring("1000")) + + // Ignore containers.conf setting if --net=host + session = podmanTest.Podman([]string{"run", "--rm", "--net", "host", fedoraMinimal, "cat", "/proc/sys/net/ipv4/ping_group_range"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).ToNot((ContainSubstring("1000"))) }) It("podman run containers.conf search domain", func() { diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 5c28f18f2..5617f50b7 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -373,6 +373,11 @@ USER bin` session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(session.OutputToString()).To(ContainSubstring("net.core.somaxconn = 65535")) + + // network sysctls should fail if --net=host is set + session = podmanTest.Podman([]string{"run", "--net", "host", "--rm", "--sysctl", "net.core.somaxconn=65535", ALPINE, "sysctl", "net.core.somaxconn"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(125)) }) It("podman run blkio-weight test", func() { |