diff options
| -rwxr-xr-x | .papr.sh | 18 | ||||
| -rw-r--r-- | .travis.yml | 39 | ||||
| -rw-r--r-- | README.md | 4 | ||||
| -rw-r--r-- | cmd/podman/runlabel.go | 9 | ||||
| -rw-r--r-- | cmd/podman/shared/funcs.go | 5 | ||||
| -rw-r--r-- | cmd/podman/shared/funcs_test.go | 10 |
6 files changed, 33 insertions, 52 deletions
@@ -6,6 +6,18 @@ export PATH=$HOME/gopath/bin:$PATH:$GOPATH/bin export GOSRC=$GOPATH/src/github.com/containers/libpod DIST=${DIST:=""} +CONTAINER_RUNTIME=${DIST:=""} + +source /etc/os-release + +INTEGRATION_TEST_ENVS="" + +# For all distributions not Fedora, we need to skip USERNS tests +# for now. +if [ "${ID}" != "fedora" ] || [ "${CONTAINER_RUNTIME}" != "" ]; then + INTEGRATION_TEST_ENVS="SKIP_USERNS=1" +fi + pwd # -i install @@ -121,11 +133,11 @@ fi # Run integration tests if [ $integrationtest -eq 1 ]; then make TAGS="${TAGS}" test-binaries - SKIP_USERNS=1 make varlink_generate GOPATH=/go + make varlink_generate GOPATH=/go if [ $runpython -eq 1 ]; then - SKIP_USERNS=1 make clientintegration GOPATH=/go + make clientintegration GOPATH=/go fi - SKIP_USERNS=1 make ginkgo GOPATH=/go + make ginkgo GOPATH=/go $INTEGRATION_TEST_ENVS fi diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 86744f728..000000000 --- a/.travis.yml +++ /dev/null @@ -1,39 +0,0 @@ -language: go - -sudo: required -dist: trusty - -services: - - docker - -before_install: - - if [ "${TRAVIS_OS_NAME}" = linux ]; then sudo apt-get -qq update; fi - - if [ "${TRAVIS_OS_NAME}" = linux ]; then sudo apt-get -qq install btrfs-tools libdevmapper-dev libgpgme11-dev libapparmor-dev; fi - - if [ "${TRAVIS_OS_NAME}" = linux ]; then sudo apt-get -qq install autoconf automake bison e2fslibs-dev libfuse-dev libtool liblzma-dev gettext; fi - - if [ "${TRAVIS_OS_NAME}" = linux ]; then sudo apt-get -qq install python3-setuptools python3-dateutil python3-psutil; fi - - if [ "${TRAVIS_OS_NAME}" = linux ]; then sudo make install.libseccomp.sudo; fi - -install: - - make install.tools - -before_script: - - export PATH=$HOME/gopath/bin:$PATH - - export LD_LIBRARY_PATH=/usr/local/lib${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}} - -env: - global: - - TRAVIS=1 - -jobs: - include: - - stage: Build and Verify - script: - - make testunit - go: 1.10.x - - stage: Integration Test - script: - - make integration - go: 1.9.x - -notifications: - irc: "chat.freenode.net#podman" @@ -80,8 +80,8 @@ Information about contributing to this project. Buildah and Podman are two complementary Open-source projects that are available on most Linux platforms and both projects reside at [GitHub.com](https://github.com) -with Buildah [here](https://github.com/containers/buildah) and -Podman [here](https://github.com/containers/libpod). Both Buildah and Podman are +with [Buildah](https://buildah.io) [(GitHub)](https://github.com/containers/buildah) and +[Podman](https://podman.io) [(GitHub)](https://github.com/containers/libpod). Both Buildah and Podman are command line tools that work on OCI images and containers. The two projects differentiate in their specialization. diff --git a/cmd/podman/runlabel.go b/cmd/podman/runlabel.go index c5dd98ee6..34e6b9093 100644 --- a/cmd/podman/runlabel.go +++ b/cmd/podman/runlabel.go @@ -94,6 +94,14 @@ func runlabelCmd(c *cli.Context) error { newImage *image.Image ) + // Evil images could trick into recursively executing the runlabel + // command. Avoid this by setting the "PODMAN_RUNLABEL_NESTED" env + // variable when executing a label first. + nested := os.Getenv("PODMAN_RUNLABEL_NESTED") + if nested == "1" { + return fmt.Errorf("nested runlabel calls: runlabels cannot execute the runlabel command") + } + opts := make(map[string]string) runtime, err := libpodruntime.GetRuntime(c) if err != nil { @@ -177,6 +185,7 @@ func runlabelCmd(c *cli.Context) error { cmd := shared.GenerateCommand(runLabel, imageName, c.String("name")) env := shared.GenerateRunEnvironment(c.String("name"), imageName, opts) + env = append(env, "PODMAN_RUNLABEL_NESTED=1") if !c.Bool("quiet") { fmt.Printf("Command: %s\n", strings.Join(cmd, " ")) diff --git a/cmd/podman/shared/funcs.go b/cmd/podman/shared/funcs.go index 5c401634c..21e7fe10d 100644 --- a/cmd/podman/shared/funcs.go +++ b/cmd/podman/shared/funcs.go @@ -15,9 +15,8 @@ func GenerateCommand(command, imageName, name string) []string { name = imageName } cmd := strings.Split(command, " ") - // Replace the first position of cmd with podman whether - // it is docker, /usr/bin/docker, or podman - newCommand = append(newCommand, "podman") + // Replace the first element of cmd with "/proc/self/exe" + newCommand = append(newCommand, "/proc/self/exe") for _, arg := range cmd[1:] { var newArg string switch arg { diff --git a/cmd/podman/shared/funcs_test.go b/cmd/podman/shared/funcs_test.go index 3d0ac005f..612be480b 100644 --- a/cmd/podman/shared/funcs_test.go +++ b/cmd/podman/shared/funcs_test.go @@ -15,35 +15,35 @@ var ( func TestGenerateCommand(t *testing.T) { inputCommand := "docker run -it --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE echo install" - correctCommand := "podman run -it --name bar -e NAME=bar -e IMAGE=foo foo echo install" + correctCommand := "/proc/self/exe run -it --name bar -e NAME=bar -e IMAGE=foo foo echo install" newCommand := GenerateCommand(inputCommand, "foo", "bar") assert.Equal(t, correctCommand, strings.Join(newCommand, " ")) } func TestGenerateCommandPath(t *testing.T) { inputCommand := "/usr/bin/docker run -it --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE echo install" - correctCommand := "podman run -it --name bar -e NAME=bar -e IMAGE=foo foo echo install" + correctCommand := "/proc/self/exe run -it --name bar -e NAME=bar -e IMAGE=foo foo echo install" newCommand := GenerateCommand(inputCommand, "foo", "bar") assert.Equal(t, correctCommand, strings.Join(newCommand, " ")) } func TestGenerateCommandNoSetName(t *testing.T) { inputCommand := "docker run -it --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE echo install" - correctCommand := "podman run -it --name foo -e NAME=foo -e IMAGE=foo foo echo install" + correctCommand := "/proc/self/exe run -it --name foo -e NAME=foo -e IMAGE=foo foo echo install" newCommand := GenerateCommand(inputCommand, "foo", "") assert.Equal(t, correctCommand, strings.Join(newCommand, " ")) } func TestGenerateCommandNoName(t *testing.T) { inputCommand := "docker run -it -e IMAGE=IMAGE IMAGE echo install" - correctCommand := "podman run -it -e IMAGE=foo foo echo install" + correctCommand := "/proc/self/exe run -it -e IMAGE=foo foo echo install" newCommand := GenerateCommand(inputCommand, "foo", "") assert.Equal(t, correctCommand, strings.Join(newCommand, " ")) } func TestGenerateCommandAlreadyPodman(t *testing.T) { inputCommand := "podman run -it --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE echo install" - correctCommand := "podman run -it --name bar -e NAME=bar -e IMAGE=foo foo echo install" + correctCommand := "/proc/self/exe run -it --name bar -e NAME=bar -e IMAGE=foo foo echo install" newCommand := GenerateCommand(inputCommand, "foo", "bar") assert.Equal(t, correctCommand, strings.Join(newCommand, " ")) } |