summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--test/e2e/inspect_test.go26
1 files changed, 26 insertions, 0 deletions
diff --git a/test/e2e/inspect_test.go b/test/e2e/inspect_test.go
index 2fad38a36..ed7876d8a 100644
--- a/test/e2e/inspect_test.go
+++ b/test/e2e/inspect_test.go
@@ -7,6 +7,7 @@ import (
. "github.com/containers/libpod/test/utils"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
+ "github.com/opencontainers/selinux/go-selinux"
)
var _ = Describe("Podman inspect", func() {
@@ -263,4 +264,29 @@ var _ = Describe("Podman inspect", func() {
Expect(len(baseJSON)).To(Equal(1))
Expect(baseJSON[0].Name).To(Equal(ctrName))
})
+
+ It("podman inspect - HostConfig.SecurityOpt ", func() {
+ if !selinux.GetEnabled() {
+ Skip("SELinux not enabled")
+ }
+
+ ctrName := "hugo"
+ create := podmanTest.PodmanNoCache([]string{
+ "create", "--name", ctrName,
+ "--security-opt", "seccomp=unconfined",
+ "--security-opt", "label=type:spc_t",
+ "--security-opt", "label=level:s0",
+ ALPINE, "sh"})
+
+ create.WaitWithDefaultTimeout()
+ Expect(create.ExitCode()).To(Equal(0))
+
+ baseInspect := podmanTest.Podman([]string{"inspect", ctrName})
+ baseInspect.WaitWithDefaultTimeout()
+ Expect(baseInspect.ExitCode()).To(Equal(0))
+ baseJSON := baseInspect.InspectContainerToJSON()
+ Expect(len(baseJSON)).To(Equal(1))
+ Expect(baseJSON[0].HostConfig.SecurityOpt).To(Equal([]string{"label=type:spc_t,label=level:s0", "seccomp=unconfined"}))
+ })
+
})