summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-x.papr.sh18
-rw-r--r--.travis.yml39
-rw-r--r--cmd/podman/runlabel.go9
-rw-r--r--cmd/podman/shared/funcs.go5
-rw-r--r--cmd/podman/shared/funcs_test.go10
5 files changed, 31 insertions, 50 deletions
diff --git a/.papr.sh b/.papr.sh
index 6155fe0df..120b3d94b 100755
--- a/.papr.sh
+++ b/.papr.sh
@@ -6,6 +6,18 @@ export PATH=$HOME/gopath/bin:$PATH:$GOPATH/bin
export GOSRC=$GOPATH/src/github.com/containers/libpod
DIST=${DIST:=""}
+CONTAINER_RUNTIME=${DIST:=""}
+
+source /etc/os-release
+
+INTEGRATION_TEST_ENVS=""
+
+# For all distributions not Fedora, we need to skip USERNS tests
+# for now.
+if [ "${ID}" != "fedora" ] || [ "${CONTAINER_RUNTIME}" != "" ]; then
+ INTEGRATION_TEST_ENVS="SKIP_USERNS=1"
+fi
+
pwd
# -i install
@@ -121,11 +133,11 @@ fi
# Run integration tests
if [ $integrationtest -eq 1 ]; then
make TAGS="${TAGS}" test-binaries
- SKIP_USERNS=1 make varlink_generate GOPATH=/go
+ make varlink_generate GOPATH=/go
if [ $runpython -eq 1 ]; then
- SKIP_USERNS=1 make clientintegration GOPATH=/go
+ make clientintegration GOPATH=/go
fi
- SKIP_USERNS=1 make ginkgo GOPATH=/go
+ make ginkgo GOPATH=/go $INTEGRATION_TEST_ENVS
fi
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 86744f728..000000000
--- a/.travis.yml
+++ /dev/null
@@ -1,39 +0,0 @@
-language: go
-
-sudo: required
-dist: trusty
-
-services:
- - docker
-
-before_install:
- - if [ "${TRAVIS_OS_NAME}" = linux ]; then sudo apt-get -qq update; fi
- - if [ "${TRAVIS_OS_NAME}" = linux ]; then sudo apt-get -qq install btrfs-tools libdevmapper-dev libgpgme11-dev libapparmor-dev; fi
- - if [ "${TRAVIS_OS_NAME}" = linux ]; then sudo apt-get -qq install autoconf automake bison e2fslibs-dev libfuse-dev libtool liblzma-dev gettext; fi
- - if [ "${TRAVIS_OS_NAME}" = linux ]; then sudo apt-get -qq install python3-setuptools python3-dateutil python3-psutil; fi
- - if [ "${TRAVIS_OS_NAME}" = linux ]; then sudo make install.libseccomp.sudo; fi
-
-install:
- - make install.tools
-
-before_script:
- - export PATH=$HOME/gopath/bin:$PATH
- - export LD_LIBRARY_PATH=/usr/local/lib${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}
-
-env:
- global:
- - TRAVIS=1
-
-jobs:
- include:
- - stage: Build and Verify
- script:
- - make testunit
- go: 1.10.x
- - stage: Integration Test
- script:
- - make integration
- go: 1.9.x
-
-notifications:
- irc: "chat.freenode.net#podman"
diff --git a/cmd/podman/runlabel.go b/cmd/podman/runlabel.go
index c5dd98ee6..34e6b9093 100644
--- a/cmd/podman/runlabel.go
+++ b/cmd/podman/runlabel.go
@@ -94,6 +94,14 @@ func runlabelCmd(c *cli.Context) error {
newImage *image.Image
)
+ // Evil images could trick into recursively executing the runlabel
+ // command. Avoid this by setting the "PODMAN_RUNLABEL_NESTED" env
+ // variable when executing a label first.
+ nested := os.Getenv("PODMAN_RUNLABEL_NESTED")
+ if nested == "1" {
+ return fmt.Errorf("nested runlabel calls: runlabels cannot execute the runlabel command")
+ }
+
opts := make(map[string]string)
runtime, err := libpodruntime.GetRuntime(c)
if err != nil {
@@ -177,6 +185,7 @@ func runlabelCmd(c *cli.Context) error {
cmd := shared.GenerateCommand(runLabel, imageName, c.String("name"))
env := shared.GenerateRunEnvironment(c.String("name"), imageName, opts)
+ env = append(env, "PODMAN_RUNLABEL_NESTED=1")
if !c.Bool("quiet") {
fmt.Printf("Command: %s\n", strings.Join(cmd, " "))
diff --git a/cmd/podman/shared/funcs.go b/cmd/podman/shared/funcs.go
index 5c401634c..21e7fe10d 100644
--- a/cmd/podman/shared/funcs.go
+++ b/cmd/podman/shared/funcs.go
@@ -15,9 +15,8 @@ func GenerateCommand(command, imageName, name string) []string {
name = imageName
}
cmd := strings.Split(command, " ")
- // Replace the first position of cmd with podman whether
- // it is docker, /usr/bin/docker, or podman
- newCommand = append(newCommand, "podman")
+ // Replace the first element of cmd with "/proc/self/exe"
+ newCommand = append(newCommand, "/proc/self/exe")
for _, arg := range cmd[1:] {
var newArg string
switch arg {
diff --git a/cmd/podman/shared/funcs_test.go b/cmd/podman/shared/funcs_test.go
index 3d0ac005f..612be480b 100644
--- a/cmd/podman/shared/funcs_test.go
+++ b/cmd/podman/shared/funcs_test.go
@@ -15,35 +15,35 @@ var (
func TestGenerateCommand(t *testing.T) {
inputCommand := "docker run -it --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE echo install"
- correctCommand := "podman run -it --name bar -e NAME=bar -e IMAGE=foo foo echo install"
+ correctCommand := "/proc/self/exe run -it --name bar -e NAME=bar -e IMAGE=foo foo echo install"
newCommand := GenerateCommand(inputCommand, "foo", "bar")
assert.Equal(t, correctCommand, strings.Join(newCommand, " "))
}
func TestGenerateCommandPath(t *testing.T) {
inputCommand := "/usr/bin/docker run -it --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE echo install"
- correctCommand := "podman run -it --name bar -e NAME=bar -e IMAGE=foo foo echo install"
+ correctCommand := "/proc/self/exe run -it --name bar -e NAME=bar -e IMAGE=foo foo echo install"
newCommand := GenerateCommand(inputCommand, "foo", "bar")
assert.Equal(t, correctCommand, strings.Join(newCommand, " "))
}
func TestGenerateCommandNoSetName(t *testing.T) {
inputCommand := "docker run -it --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE echo install"
- correctCommand := "podman run -it --name foo -e NAME=foo -e IMAGE=foo foo echo install"
+ correctCommand := "/proc/self/exe run -it --name foo -e NAME=foo -e IMAGE=foo foo echo install"
newCommand := GenerateCommand(inputCommand, "foo", "")
assert.Equal(t, correctCommand, strings.Join(newCommand, " "))
}
func TestGenerateCommandNoName(t *testing.T) {
inputCommand := "docker run -it -e IMAGE=IMAGE IMAGE echo install"
- correctCommand := "podman run -it -e IMAGE=foo foo echo install"
+ correctCommand := "/proc/self/exe run -it -e IMAGE=foo foo echo install"
newCommand := GenerateCommand(inputCommand, "foo", "")
assert.Equal(t, correctCommand, strings.Join(newCommand, " "))
}
func TestGenerateCommandAlreadyPodman(t *testing.T) {
inputCommand := "podman run -it --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE echo install"
- correctCommand := "podman run -it --name bar -e NAME=bar -e IMAGE=foo foo echo install"
+ correctCommand := "/proc/self/exe run -it --name bar -e NAME=bar -e IMAGE=foo foo echo install"
newCommand := GenerateCommand(inputCommand, "foo", "bar")
assert.Equal(t, correctCommand, strings.Join(newCommand, " "))
}