summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorEduardo Vega <edvegavalerio@gmail.com>2021-09-19 10:17:08 -0600
committerEduardo Vega <edvegavalerio@gmail.com>2021-09-22 15:42:16 -0600
commited3c4a89d61a89673d08825aeee21430957d5185 (patch)
tree5d0e143790ef3457fd4a206ba89bd3379a019cd5 /test
parent08e1bb54c3cb390b1f2821222961805bb689df99 (diff)
downloadpodman-ed3c4a89d61a89673d08825aeee21430957d5185.tar.gz
podman-ed3c4a89d61a89673d08825aeee21430957d5185.tar.bz2
podman-ed3c4a89d61a89673d08825aeee21430957d5185.zip
Add support for :U flag with --mount option
The :U flag can be used to change the ownership of source volumes based on the UID, GID of the container. This is only supported by the --volume option, this will allow to use --mount option as well. Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
Diffstat (limited to 'test')
-rw-r--r--test/e2e/run_volume_test.go61
1 files changed, 60 insertions, 1 deletions
diff --git a/test/e2e/run_volume_test.go b/test/e2e/run_volume_test.go
index 59937b6c0..690c53de6 100644
--- a/test/e2e/run_volume_test.go
+++ b/test/e2e/run_volume_test.go
@@ -614,7 +614,7 @@ VOLUME /test/`, ALPINE)
Expect(len(session.OutputToStringArray())).To(Equal(2))
})
- It("podman run with U volume flag", func() {
+ It("podman run with --volume and U flag", func() {
SkipIfRemote("Overlay volumes only work locally")
u, err := user.Current()
@@ -665,6 +665,65 @@ VOLUME /test/`, ALPINE)
Expect(found).Should(BeTrue())
})
+ It("podman run with --mount and U flag", func() {
+ u, err := user.Current()
+ Expect(err).To(BeNil())
+ name := u.Username
+ if name == "root" {
+ name = "containers"
+ }
+
+ content, err := ioutil.ReadFile("/etc/subuid")
+ if err != nil {
+ Skip("cannot read /etc/subuid")
+ }
+
+ if !strings.Contains(string(content), name) {
+ Skip("cannot find mappings for the current user")
+ }
+
+ mountPath := filepath.Join(podmanTest.TempDir, "foo")
+ os.Mkdir(mountPath, 0755)
+
+ // false bind mount
+ vol := "type=bind,src=" + mountPath + ",dst=" + dest + ",U=false"
+ session := podmanTest.Podman([]string{"run", "--rm", "--user", "888:888", "--mount", vol, ALPINE, "stat", "-c", "%u:%g", dest})
+ session.WaitWithDefaultTimeout()
+ Expect(session).Should(Exit(0))
+ Expect(session.OutputToString()).ShouldNot(Equal("888:888"))
+
+ // invalid bind mount
+ vol = "type=bind,src=" + mountPath + ",dst=" + dest + ",U=invalid"
+ session = podmanTest.Podman([]string{"run", "--rm", "--user", "888:888", "--mount", vol, ALPINE, "stat", "-c", "%u:%g", dest})
+ session.WaitWithDefaultTimeout()
+ Expect(session).To(ExitWithError())
+
+ // true bind mount
+ vol = "type=bind,src=" + mountPath + ",dst=" + dest + ",U=true"
+ session = podmanTest.Podman([]string{"run", "--rm", "--user", "888:888", "--mount", vol, ALPINE, "stat", "-c", "%u:%g", dest})
+ session.WaitWithDefaultTimeout()
+ Expect(session).Should(Exit(0))
+ Expect(session.OutputToString()).Should(Equal("888:888"))
+
+ // tmpfs mount
+ vol = "type=tmpfs," + "dst=" + dest + ",chown"
+ session = podmanTest.Podman([]string{"run", "--rm", "--user", "888:888", "--mount", vol, ALPINE, "stat", "-c", "%u:%g", dest})
+ session.WaitWithDefaultTimeout()
+ Expect(session).Should(Exit(0))
+ Expect(session.OutputToString()).Should(Equal("888:888"))
+
+ // named volume mount
+ namedVolume := podmanTest.Podman([]string{"volume", "create", "foo"})
+ namedVolume.WaitWithDefaultTimeout()
+ Expect(namedVolume).Should(Exit(0))
+
+ vol = "type=volume,src=foo,dst=" + dest + ",chown=true"
+ session = podmanTest.Podman([]string{"run", "--rm", "--user", "888:888", "--mount", vol, ALPINE, "stat", "-c", "%u:%g", dest})
+ session.WaitWithDefaultTimeout()
+ Expect(session).Should(Exit(0))
+ Expect(session.OutputToString()).Should(Equal("888:888"))
+ })
+
It("volume permissions after run", func() {
imgName := "testimg"
dockerfile := fmt.Sprintf(`FROM %s