aboutsummaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2018-09-08 06:58:47 -0400
committerAtomic Bot <atomic-devel@projectatomic.io>2018-09-11 13:31:55 +0000
commitd9580ec62b716d7c8e861dd27c4b452f2419eb65 (patch)
treea1c236f7c728122703757900cf1b78919ad32c84 /test
parent123de3087e142f3a6c05ad35fc2095953065415b (diff)
downloadpodman-d9580ec62b716d7c8e861dd27c4b452f2419eb65.tar.gz
podman-d9580ec62b716d7c8e861dd27c4b452f2419eb65.tar.bz2
podman-d9580ec62b716d7c8e861dd27c4b452f2419eb65.zip
Pass on securityOpts from podInfraContainer to container added to pod.
This is an incomplete fix, as it would be best for the libpod library to be in charge of coordinating the container's dependencies on the infra container. A TODO was left as such. UTS is a special case, because the docker library that namespace handling is based off of doesn't recognize a UTS based on another container as valid, despite the library being able to handle it correctly. Thus, it is left in the old way. Signed-off-by: haircommander <pehunt@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1347 Approved by: mheon
Diffstat (limited to 'test')
-rw-r--r--test/e2e/pod_infra_container_test.go24
-rw-r--r--test/e2e/pod_pod_namespaces.go89
-rw-r--r--test/e2e/run_test.go8
3 files changed, 117 insertions, 4 deletions
diff --git a/test/e2e/pod_infra_container_test.go b/test/e2e/pod_infra_container_test.go
index 2dcce6525..8fb0c388c 100644
--- a/test/e2e/pod_infra_container_test.go
+++ b/test/e2e/pod_infra_container_test.go
@@ -113,6 +113,30 @@ var _ = Describe("Podman pod create", func() {
Expect(session.ExitCode()).To(Not(Equal(0)))
})
+ It("podman pod correctly sets up IPCNS", func() {
+ session := podmanTest.Podman([]string{"pod", "create", "--share", "ipc"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ podID := session.OutputToString()
+
+ session = podmanTest.Podman([]string{"pod", "start", podID})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ podmanTest.RestoreArtifact(fedoraMinimal)
+ session = podmanTest.Podman([]string{"run", "--pod", podID, fedoraMinimal, "/bin/sh", "-c", "'touch /dev/shm/hi'"})
+ session.WaitWithDefaultTimeout()
+ if session.ExitCode() != 0 {
+ Skip("ShmDir not initialized, skipping...")
+ }
+ Expect(session.ExitCode()).To(Equal(0))
+
+ session = podmanTest.Podman([]string{"run", "--pod", podID, fedoraMinimal, "/bin/sh", "-c", "'ls /dev/shm'"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(Equal("hi"))
+ })
+
It("podman pod correctly sets up PIDNS", func() {
session := podmanTest.Podman([]string{"pod", "create", "--share", "pid", "--name", "test-pod"})
session.WaitWithDefaultTimeout()
diff --git a/test/e2e/pod_pod_namespaces.go b/test/e2e/pod_pod_namespaces.go
new file mode 100644
index 000000000..3e84005c3
--- /dev/null
+++ b/test/e2e/pod_pod_namespaces.go
@@ -0,0 +1,89 @@
+package integration
+
+import (
+ "fmt"
+ "os"
+
+ . "github.com/onsi/ginkgo"
+ . "github.com/onsi/gomega"
+)
+
+var _ = Describe("Podman pod create", func() {
+ var (
+ tempdir string
+ err error
+ podmanTest PodmanTest
+ )
+
+ BeforeEach(func() {
+ tempdir, err = CreateTempDirInTempDir()
+ if err != nil {
+ os.Exit(1)
+ }
+ podmanTest = PodmanCreate(tempdir)
+ podmanTest.RestoreAllArtifacts()
+ podmanTest.RestoreArtifact(infra)
+ })
+
+ AfterEach(func() {
+ podmanTest.CleanupPod()
+ f := CurrentGinkgoTestDescription()
+ timedResult := fmt.Sprintf("Test: %s completed in %f seconds", f.TestText, f.Duration.Seconds())
+ GinkgoWriter.Write([]byte(timedResult))
+ })
+
+ It("podman pod container share Namespaces", func() {
+ session := podmanTest.Podman([]string{"pod", "create"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ podID := session.OutputToString()
+
+ session = podmanTest.Podman([]string{"pod", "start", podID})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ session = podmanTest.Podman([]string{"run", "--pod", podID, "-d", ALPINE, "top"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ check := podmanTest.Podman([]string{"ps", "-a", "--ns", "--format", "{{.IPC}} {{.UTS}} {{.NET}}"})
+ check.WaitWithDefaultTimeout()
+ Expect(check.ExitCode()).To(Equal(0))
+ outputArray := check.OutputToStringArray()
+ Expect(len(outputArray)).To(Equal(2))
+
+ NAMESPACE1 := outputArray[0]
+ fmt.Println("NAMESPACE1:", NAMESPACE1)
+ NAMESPACE2 := outputArray[1]
+ fmt.Println("NAMESPACE2:", NAMESPACE2)
+ Expect(NAMESPACE1).To(Equal(NAMESPACE2))
+ })
+
+ It("podman pod container dontshare PIDNS", func() {
+ session := podmanTest.Podman([]string{"pod", "create"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ podID := session.OutputToString()
+
+ session = podmanTest.Podman([]string{"pod", "start", podID})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ session = podmanTest.Podman([]string{"run", "--pod", podID, "-d", ALPINE, "top"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ check := podmanTest.Podman([]string{"ps", "-a", "--ns", "--format", "{{.PIDNS}}"})
+ check.WaitWithDefaultTimeout()
+ Expect(check.ExitCode()).To(Equal(0))
+ outputArray := check.OutputToStringArray()
+ Expect(len(outputArray)).To(Equal(2))
+
+ NAMESPACE1 := outputArray[0]
+ fmt.Println("NAMESPACE1:", NAMESPACE1)
+ NAMESPACE2 := outputArray[1]
+ fmt.Println("NAMESPACE2:", NAMESPACE2)
+ Expect(NAMESPACE1).To(Not(Equal(NAMESPACE2)))
+ })
+
+})
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index 3ea639a11..3d487db66 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -235,10 +235,10 @@ var _ = Describe("Podman run", func() {
})
It("podman run with cidfile", func() {
- session := podmanTest.Podman([]string{"run", "--cidfile", "/tmp/cidfile", ALPINE, "ls"})
+ session := podmanTest.Podman([]string{"run", "--cidfile", tempdir + "cidfile", ALPINE, "ls"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
- err := os.Remove("/tmp/cidfile")
+ err := os.Remove(tempdir + "cidfile")
Expect(err).To(BeNil())
})
@@ -317,7 +317,7 @@ var _ = Describe("Podman run", func() {
It("podman test hooks", func() {
hcheck := "/run/hookscheck"
- hooksDir := "/tmp/hooks"
+ hooksDir := tempdir + "/hooks"
os.Mkdir(hooksDir, 0755)
fileutils.CopyFile("hooks/hooks.json", hooksDir)
os.Setenv("HOOK_OPTION", fmt.Sprintf("--hooks-dir-path=%s", hooksDir))
@@ -347,7 +347,7 @@ var _ = Describe("Podman run", func() {
err = ioutil.WriteFile(secretsFile, []byte(secretsString), 0755)
Expect(err).To(BeNil())
- targetDir := "/tmp/symlink/target"
+ targetDir := tempdir + "/symlink/target"
err = os.MkdirAll(targetDir, 0755)
Expect(err).To(BeNil())
keyFile := filepath.Join(targetDir, "key.pem")