diff options
-rw-r--r-- | Makefile | 4 | ||||
-rwxr-xr-x | contrib/cirrus/logformatter | 4 | ||||
-rwxr-xr-x | contrib/cirrus/logformatter.t | 4 | ||||
-rw-r--r-- | test/e2e/run_selinux_test.go | 9 | ||||
-rw-r--r-- | test/e2e/run_test.go | 8 | ||||
-rw-r--r-- | test/system/helpers.bash | 14 |
6 files changed, 34 insertions, 9 deletions
@@ -351,7 +351,7 @@ remoteintegration: varlink_generate test-binaries ginkgo-remote localsystem: # Wipe existing config, database, and cache: start with clean slate. $(RM) -rf ${HOME}/.local/share/containers ${HOME}/.config/containers - if timeout -v 1 true; then PODMAN=./bin/podman bats test/system/; else echo "Skipping $@: 'timeout -v' unavailable'"; fi + if timeout -v 1 true; then PODMAN=$(shell pwd)/bin/podman bats test/system/; else echo "Skipping $@: 'timeout -v' unavailable'"; fi .PHONY: remotesystem remotesystem: @@ -378,7 +378,7 @@ remotesystem: echo "Error: ./bin/podman system service did not come up on $$SOCK_FILE" >&2;\ exit 1;\ fi;\ - env PODMAN="./bin/podman-remote --url $$PODMAN_SOCKET" bats test/system/ ;\ + env PODMAN="$(shell pwd)/bin/podman-remote --url $$PODMAN_SOCKET" bats test/system/ ;\ rc=$$?;\ kill %1;\ rm -f $$SOCK_FILE;\ diff --git a/contrib/cirrus/logformatter b/contrib/cirrus/logformatter index 4bfe7b97f..60c1e5985 100755 --- a/contrib/cirrus/logformatter +++ b/contrib/cirrus/logformatter @@ -231,6 +231,10 @@ END_HTML if ($looks_like_bats) { my $css; + # Readability: /long/path/to/podman -> podman (hover for full path) + $line =~ s{^(#\s+(#|\$)\s+)(\S+/)(podman\S*)\s} + {$1<span title="$3$4">$4</span> }; + if ($line =~ /^ok\s.*\s# skip/) { $css = 'skipped' } elsif ($line =~ /^ok\s/) { $css = 'passed' } elsif ($line =~ /^not\s+ok\s/) { $css = 'failed' } diff --git a/contrib/cirrus/logformatter.t b/contrib/cirrus/logformatter.t index 79c4563c2..d2193cc6c 100755 --- a/contrib/cirrus/logformatter.t +++ b/contrib/cirrus/logformatter.t @@ -88,12 +88,16 @@ __END__ ok 1 hi ok 2 bye # skip no reason not ok 3 fail +# $ /path/to/podman foo -bar +# #| FAIL: exit code is 123; expected 321 ok 4 blah >>> 1..4 <span class='bats-passed'><a name='t--00001'>ok 1 hi</a></span> <span class='bats-skipped'><a name='t--00002'>ok 2 bye # skip no reason</a></span> <span class='bats-failed'><a name='t--00003'>not ok 3 fail</a></span> +<span class='bats-log'># $ <span title="/path/to/podman">podman</span> foo -bar</span> +<span class='bats-log-esm'># #| FAIL: exit code is 123; expected 321</span> <span class='bats-passed'><a name='t--00004'>ok 4 blah</a></span> <hr/><span class='bats-summary'>Summary: <span class='bats-passed'>2 Passed</span>, <span class='bats-failed'>1 Failed</span>, <span class='bats-skipped'>1 Skipped</span>. Total tests: 4</span> diff --git a/test/e2e/run_selinux_test.go b/test/e2e/run_selinux_test.go index 358137aa9..8b33a05b2 100644 --- a/test/e2e/run_selinux_test.go +++ b/test/e2e/run_selinux_test.go @@ -177,4 +177,13 @@ var _ = Describe("Podman run", func() { Expect(session.OutputToString()).To(Equal(session1.OutputToString())) }) + It("podman run --privileged and --security-opt SELinux options", func() { + session := podmanTest.Podman([]string{"run", "-it", "--privileged", "--security-opt", "label=type:spc_t", "--security-opt", "label=level:s0:c1,c2", ALPINE, "cat", "/proc/self/attr/current"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + match, _ := session.GrepString("spc_t") + Expect(match).To(BeTrue()) + match2, _ := session.GrepString("s0:c1,c2") + Expect(match2).To(BeTrue()) + }) }) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 90179964d..42754bab4 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -1039,4 +1039,12 @@ USER mail` session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) + + It("podman run --privileged and --group-add", func() { + groupName := "kvm" + session := podmanTest.Podman([]string{"run", "-t", "-i", "--group-add", groupName, "--privileged", fedoraMinimal, "groups"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(strings.Contains(session.OutputToString(), groupName)).To(BeTrue()) + }) }) diff --git a/test/system/helpers.bash b/test/system/helpers.bash index 7e6f1c1ca..5301644d6 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -2,12 +2,6 @@ # Podman command to run; may be podman-remote PODMAN=${PODMAN:-podman} -# If it's a relative path, convert to absolute; otherwise tests can't cd out -if [[ "$PODMAN" =~ / ]]; then - if [[ ! "$PODMAN" =~ ^/ ]]; then - PODMAN=$(realpath $PODMAN) - fi -fi # Standard image to use for most tests PODMAN_TEST_IMAGE_REGISTRY=${PODMAN_TEST_IMAGE_REGISTRY:-"quay.io"} @@ -22,6 +16,12 @@ IMAGE=$PODMAN_TEST_IMAGE_FQN # Default timeout for a podman command. PODMAN_TIMEOUT=${PODMAN_TIMEOUT:-60} +# Prompt to display when logging podman commands; distinguish root/rootless +_LOG_PROMPT='$' +if [ $(id -u) -eq 0 ]; then + _LOG_PROMPT='#' +fi + ############################################################################### # BEGIN setup/teardown tools @@ -138,7 +138,7 @@ function run_podman() { esac # stdout is only emitted upon error; this echo is to help a debugger - echo "\$ $PODMAN $*" + echo "$_LOG_PROMPT $PODMAN $*" # BATS hangs if a subprocess remains and keeps FD 3 open; this happens # if podman crashes unexpectedly without cleaning up subprocesses. run timeout --foreground -v --kill=10 $PODMAN_TIMEOUT $PODMAN "$@" 3>/dev/null |