summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2022-04-16 12:30:01 -0400
committerGitHub <noreply@github.com>2022-04-16 12:30:01 -0400
commit8d3075e33267663bf2a251bfd60bd825397114c9 (patch)
tree17efa4577cd6a895d492a38767b32ee1cac2dc74 /test
parent25eeaec219ccc49dcb35e098afaed7d7987cbee1 (diff)
parent3987c529f473178c51feb69d5252c7d5c2a8f697 (diff)
downloadpodman-8d3075e33267663bf2a251bfd60bd825397114c9.tar.gz
podman-8d3075e33267663bf2a251bfd60bd825397114c9.tar.bz2
podman-8d3075e33267663bf2a251bfd60bd825397114c9.zip
Merge pull request #13583 from rhatdan/ipc
Add support for ipc namespace modes "none, private, sharable"
Diffstat (limited to 'test')
-rw-r--r--test/system/190-run-ipcns.bats70
1 files changed, 70 insertions, 0 deletions
diff --git a/test/system/190-run-ipcns.bats b/test/system/190-run-ipcns.bats
new file mode 100644
index 000000000..9327d8ec7
--- /dev/null
+++ b/test/system/190-run-ipcns.bats
@@ -0,0 +1,70 @@
+#!/usr/bin/env bats -*- bats -*-
+# shellcheck disable=SC2096
+#
+# Tests for podman build
+#
+
+load helpers
+
+@test "podman --ipc=host" {
+ run readlink /proc/self/ns/ipc
+ hostipc=$output
+ run_podman run --rm --ipc=host $IMAGE readlink /proc/self/ns/ipc
+ is "$output" "$hostipc" "HostIPC and container IPC should be same"
+}
+
+@test "podman --ipc=none" {
+ run readlink /proc/self/ns/ipc
+ hostipc=$output
+ run_podman run --rm --ipc=none $IMAGE readlink /proc/self/ns/ipc
+ if [[ $output == "$hostipc" ]]; then
+ die "hostipc and containeripc should be different"
+ fi
+ run_podman 1 run --rm --ipc=none $IMAGE ls /dev/shm
+ is "$output" "ls: /dev/shm: No such file or directory" "Should fail with missing /dev/shm"
+}
+
+@test "podman --ipc=private" {
+ run readlink /proc/self/ns/ipc
+ hostipc=$output
+ run_podman run -d --ipc=private --name test $IMAGE sleep 100
+ if [[ $output == "$hostipc" ]]; then
+ die "hostipc and containeripc should be different"
+ fi
+ run_podman 125 run --ipc=container:test --rm $IMAGE readlink /proc/self/ns/ipc
+ is "$output" ".*is not allowed: non-shareable IPC (hint: use IpcMode:shareable for the donor container)" "Containers should not share private ipc namespace"
+ run_podman stop -t 0 test
+ run_podman rm test
+}
+
+@test "podman --ipc=shareable" {
+ run readlink /proc/self/ns/ipc
+ hostipc=$output
+ run_podman run -d --ipc=shareable --name test $IMAGE sleep 100
+ if [[ $output == "$hostipc" ]]; then
+ die "hostipc and containeripc should be different"
+ fi
+ run_podman run --ipc=container:test --rm $IMAGE readlink /proc/self/ns/ipc
+ if [[ $output == "$hostipc" ]]; then
+ die "hostipc and containeripc should be different"
+ fi
+ run_podman stop -t 0 test
+ run_podman rm test
+}
+
+@test "podman --ipc=container@test" {
+ run readlink /proc/self/ns/ipc
+ hostipc=$output
+ run_podman run -d --name test $IMAGE sleep 100
+ run_podman exec test readlink /proc/self/ns/ipc
+ if [[ $output == "$hostipc" ]]; then
+ die "hostipc and containeripc should be different"
+ fi
+ testipc=$output
+ run_podman run --ipc=container:test --rm $IMAGE readlink /proc/self/ns/ipc
+ is "$output" "$testipc" "Containers should share ipc namespace"
+ run_podman stop -t 0 test
+ run_podman rm test
+}
+
+# vim: filetype=sh