diff options
| -rw-r--r-- | test/e2e/build/Containerfile.with-multiple-secret (renamed from test/e2e/build/Dockerfile.with-multiple-secret) | 0 | ||||
| -rw-r--r-- | test/e2e/build/Containerfile.with-secret (renamed from test/e2e/build/Dockerfile.with-secret) | 0 | ||||
| -rw-r--r-- | test/e2e/build/Dockerfile.test-cp-root-dir | 2 | ||||
| -rw-r--r-- | test/e2e/build/secret-verify-leak/Containerfile.with-secret-verify-leak (renamed from test/e2e/build/Dockerfile.with-secret-verify-leak) | 0 | ||||
| -rw-r--r-- | test/e2e/build_test.go | 6 | ||||
| -rw-r--r-- | test/e2e/system_service_test.go | 2 | ||||
| -rw-r--r-- | troubleshooting.md | 15 |
7 files changed, 14 insertions, 11 deletions
diff --git a/test/e2e/build/Dockerfile.with-multiple-secret b/test/e2e/build/Containerfile.with-multiple-secret index f3478914f..f3478914f 100644 --- a/test/e2e/build/Dockerfile.with-multiple-secret +++ b/test/e2e/build/Containerfile.with-multiple-secret diff --git a/test/e2e/build/Dockerfile.with-secret b/test/e2e/build/Containerfile.with-secret index 920663a92..920663a92 100644 --- a/test/e2e/build/Dockerfile.with-secret +++ b/test/e2e/build/Containerfile.with-secret diff --git a/test/e2e/build/Dockerfile.test-cp-root-dir b/test/e2e/build/Dockerfile.test-cp-root-dir deleted file mode 100644 index 9f7de7c32..000000000 --- a/test/e2e/build/Dockerfile.test-cp-root-dir +++ /dev/null @@ -1,2 +0,0 @@ -FROM scratch -COPY Dockerfile.test-cp-root-dir / diff --git a/test/e2e/build/Dockerfile.with-secret-verify-leak b/test/e2e/build/secret-verify-leak/Containerfile.with-secret-verify-leak index 0957ac6a6..0957ac6a6 100644 --- a/test/e2e/build/Dockerfile.with-secret-verify-leak +++ b/test/e2e/build/secret-verify-leak/Containerfile.with-secret-verify-leak diff --git a/test/e2e/build_test.go b/test/e2e/build_test.go index 14fa12fa2..c5903f037 100644 --- a/test/e2e/build_test.go +++ b/test/e2e/build_test.go @@ -60,7 +60,7 @@ var _ = Describe("Podman build", func() { }) It("podman build with a secret from file", func() { - session := podmanTest.Podman([]string{"build", "-f", "build/Dockerfile.with-secret", "-t", "secret-test", "--secret", "id=mysecret,src=build/secret.txt", "build/"}) + session := podmanTest.Podman([]string{"build", "-f", "build/Containerfile.with-secret", "-t", "secret-test", "--secret", "id=mysecret,src=build/secret.txt", "build/"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring("somesecret")) @@ -71,7 +71,7 @@ var _ = Describe("Podman build", func() { }) It("podman build with multiple secrets from files", func() { - session := podmanTest.Podman([]string{"build", "-f", "build/Dockerfile.with-multiple-secret", "-t", "multiple-secret-test", "--secret", "id=mysecret,src=build/secret.txt", "--secret", "id=mysecret2,src=build/anothersecret.txt", "build/"}) + session := podmanTest.Podman([]string{"build", "-f", "build/Containerfile.with-multiple-secret", "-t", "multiple-secret-test", "--secret", "id=mysecret,src=build/secret.txt", "--secret", "id=mysecret2,src=build/anothersecret.txt", "build/"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring("somesecret")) @@ -83,7 +83,7 @@ var _ = Describe("Podman build", func() { }) It("podman build with a secret from file and verify if secret file is not leaked into image", func() { - session := podmanTest.Podman([]string{"build", "-f", "build/Dockerfile.with-secret-verify-leak", "-t", "secret-test-leak", "--secret", "id=mysecret,src=build/secret.txt", "build/"}) + session := podmanTest.Podman([]string{"build", "-f", "build/secret-verify-leak/Containerfile.with-secret-verify-leak", "-t", "secret-test-leak", "--secret", "id=mysecret,src=build/secret.txt", "build/"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring("somesecret")) diff --git a/test/e2e/system_service_test.go b/test/e2e/system_service_test.go index dcf5e03b2..2bc7756d6 100644 --- a/test/e2e/system_service_test.go +++ b/test/e2e/system_service_test.go @@ -58,6 +58,7 @@ var _ = Describe("podman system service", func() { const magicComment = "pprof service listening on" It("are available", func() { + Skip("FIXME: Test is too flaky (#12624)") SkipIfRemote("service subcommand not supported remotely") address := url.URL{ @@ -97,6 +98,7 @@ var _ = Describe("podman system service", func() { }) It("are not available", func() { + Skip("FIXME: Test is too flaky (#12624)") SkipIfRemote("service subcommand not supported remotely") address := url.URL{ diff --git a/troubleshooting.md b/troubleshooting.md index 93f716e00..32f14c1ee 100644 --- a/troubleshooting.md +++ b/troubleshooting.md @@ -991,12 +991,15 @@ less: dir1/a: Permission denied #### Solution -If you want to read or remove such a file, you can do so by entering a user namespace. -Instead of running commands such as `less dir1/a` or `rm dir1/a`, you would need to -prepend the command-line with `podman unshare`, i.e., -`podman unshare less dir1/a` or `podman unshare rm dir1/a`. To be able to use Bash -features, such as variable expansion and globbing, you need to wrap the command with -`bash -c`, e.g. `podman unshare bash -c 'ls $HOME/dir1/a*'`. +If you want to read, chown, or remove such a file, enter a user +namespace. Instead of running commands such as `less dir1/a` or `rm dir1/a`, you +need to prepend the command-line with `podman unshare`, i.e., +`podman unshare less dir1/a` or `podman unshare rm dir1/a`. To change the ownership +of the file _dir1/a_ to your regular user's UID and GID, run `podman unshare chown 0:0 dir1/a`. +A file having the ownership _0:0_ in the user namespace is owned by the regular +user on the host. To use Bash features, such as variable expansion and +globbing, you need to wrap the command with `bash -c`, e.g. +`podman unshare bash -c 'ls $HOME/dir1/a*'`. Would it have been possible to run Podman in another way so that your regular user would have become the owner of the file? Yes, you can use the options |