diff options
-rw-r--r-- | test/e2e/inspect_test.go | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/test/e2e/inspect_test.go b/test/e2e/inspect_test.go index 2fad38a36..ed7876d8a 100644 --- a/test/e2e/inspect_test.go +++ b/test/e2e/inspect_test.go @@ -7,6 +7,7 @@ import ( . "github.com/containers/libpod/test/utils" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" + "github.com/opencontainers/selinux/go-selinux" ) var _ = Describe("Podman inspect", func() { @@ -263,4 +264,29 @@ var _ = Describe("Podman inspect", func() { Expect(len(baseJSON)).To(Equal(1)) Expect(baseJSON[0].Name).To(Equal(ctrName)) }) + + It("podman inspect - HostConfig.SecurityOpt ", func() { + if !selinux.GetEnabled() { + Skip("SELinux not enabled") + } + + ctrName := "hugo" + create := podmanTest.PodmanNoCache([]string{ + "create", "--name", ctrName, + "--security-opt", "seccomp=unconfined", + "--security-opt", "label=type:spc_t", + "--security-opt", "label=level:s0", + ALPINE, "sh"}) + + create.WaitWithDefaultTimeout() + Expect(create.ExitCode()).To(Equal(0)) + + baseInspect := podmanTest.Podman([]string{"inspect", ctrName}) + baseInspect.WaitWithDefaultTimeout() + Expect(baseInspect.ExitCode()).To(Equal(0)) + baseJSON := baseInspect.InspectContainerToJSON() + Expect(len(baseJSON)).To(Equal(1)) + Expect(baseJSON[0].HostConfig.SecurityOpt).To(Equal([]string{"label=type:spc_t,label=level:s0", "seccomp=unconfined"})) + }) + }) |