summaryrefslogtreecommitdiff
path: root/test/e2e/run_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'test/e2e/run_test.go')
-rw-r--r--test/e2e/run_test.go51
1 files changed, 31 insertions, 20 deletions
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index 5c28f18f2..292df529c 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -261,6 +261,8 @@ var _ = Describe("Podman run", func() {
})
It("podman run user capabilities test", func() {
+ // We need to ignore the containers.conf on the test distribution for this test
+ os.Setenv("CONTAINERS_CONF", "/dev/null")
session := podmanTest.Podman([]string{"run", "--rm", "--user", "bin", ALPINE, "grep", "CapBnd", "/proc/self/status"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
@@ -293,6 +295,8 @@ var _ = Describe("Podman run", func() {
})
It("podman run user capabilities test with image", func() {
+ // We need to ignore the containers.conf on the test distribution for this test
+ os.Setenv("CONTAINERS_CONF", "/dev/null")
SkipIfRemote("FIXME This should work on podman-remote")
dockerfile := `FROM busybox
USER bin`
@@ -309,7 +313,7 @@ USER bin`
})
It("podman run limits test", func() {
- SkipIfRootlessCgroupsV1()
+ SkipIfRootlessCgroupsV1("Setting limits not supported on cgroupv1 for rootless users")
if !isRootless() {
session := podmanTest.Podman([]string{"run", "--rm", "--ulimit", "rtprio=99", "--cap-add=sys_nice", fedoraMinimal, "cat", "/proc/self/sched"})
@@ -368,16 +372,21 @@ USER bin`
})
It("podman run sysctl test", func() {
- SkipIfRootless() // Network sysclts are not avalable root rootless
+ SkipIfRootless("Network sysctls are not avalable root rootless")
session := podmanTest.Podman([]string{"run", "--rm", "--sysctl", "net.core.somaxconn=65535", ALPINE, "sysctl", "net.core.somaxconn"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
Expect(session.OutputToString()).To(ContainSubstring("net.core.somaxconn = 65535"))
+
+ // network sysctls should fail if --net=host is set
+ session = podmanTest.Podman([]string{"run", "--net", "host", "--rm", "--sysctl", "net.core.somaxconn=65535", ALPINE, "sysctl", "net.core.somaxconn"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(125))
})
It("podman run blkio-weight test", func() {
- SkipIfRootless() // FIXME: This is blowing up because of no /sys/fs/cgroup/user.slice/user-14467.slice/user@14467.service/cgroup.subtree_control file
- // SkipIfRootlessCgroupsV1()
+ SkipIfRootless("FIXME: This is blowing up because of no /sys/fs/cgroup/user.slice/user-14467.slice/user@14467.service/cgroup.subtree_control file")
+ SkipIfRootlessCgroupsV1("Setting blkio-weight not supported on cgroupv1 for rootless users")
if !CGROUPSV2 {
if _, err := os.Stat("/sys/fs/cgroup/blkio/blkio.weight"); os.IsNotExist(err) {
Skip("Kernel does not support blkio.weight")
@@ -399,8 +408,9 @@ USER bin`
})
It("podman run device-read-bps test", func() {
- SkipIfRootless() // FIXME: Missing /sys/fs/cgroup/user.slice/user-14467.slice/user@14467.service/cgroup.subtree_control
- SkipIfRootlessCgroupsV1()
+ SkipIfRootless("FIXME: Missing /sys/fs/cgroup/user.slice/user-14467.slice/user@14467.service/cgroup.subtree_control")
+ SkipIfRootlessCgroupsV1("Setting device-read-bps not supported on cgroupv1 for rootless users")
+
var session *PodmanSessionIntegration
if CGROUPSV2 {
@@ -417,8 +427,9 @@ USER bin`
})
It("podman run device-write-bps test", func() {
- SkipIfRootless() // FIXME /sys/fs/cgroup/user.slice/user-14467.slice/user@14467.service/cgroup.subtree_control does not exist
- SkipIfRootlessCgroupsV1()
+ SkipIfRootless("FIXME /sys/fs/cgroup/user.slice/user-14467.slice/user@14467.service/cgroup.subtree_control does not exist")
+ SkipIfRootlessCgroupsV1("Setting device-write-bps not supported on cgroupv1 for rootless users")
+
var session *PodmanSessionIntegration
if CGROUPSV2 {
@@ -434,8 +445,8 @@ USER bin`
})
It("podman run device-read-iops test", func() {
- SkipIfRootless() // FIXME /sys/fs/cgroup/user.slice/user-14467.slice/user@14467.service/cgroup.subtree_control does not exist
- SkipIfRootlessCgroupsV1()
+ SkipIfRootless("FIXME /sys/fs/cgroup/user.slice/user-14467.slice/user@14467.service/cgroup.subtree_control does not exist")
+ SkipIfRootlessCgroupsV1("Setting device-read-iops not supported on cgroupv1 for rootless users")
var session *PodmanSessionIntegration
if CGROUPSV2 {
@@ -452,8 +463,8 @@ USER bin`
})
It("podman run device-write-iops test", func() {
- SkipIfRootless() // FIXME /sys/fs/cgroup/user.slice/user-14467.slice/user@14467.service/cgroup.subtree_control does not exist
- SkipIfRootlessCgroupsV1()
+ SkipIfRootless("FIXME /sys/fs/cgroup/user.slice/user-14467.slice/user@14467.service/cgroup.subtree_control does not exist")
+ SkipIfRootlessCgroupsV1("Setting device-write-iops not supported on cgroupv1 for rootless users")
var session *PodmanSessionIntegration
if CGROUPSV2 {
@@ -570,7 +581,7 @@ USER bin`
})
It("podman run with FIPS mode secrets", func() {
- SkipIfRootless() // rootless can not manipulate system-fips file
+ SkipIfRootless("rootless can not manipulate system-fips file")
fipsFile := "/etc/system-fips"
err = ioutil.WriteFile(fipsFile, []byte{}, 0755)
Expect(err).To(BeNil())
@@ -889,7 +900,7 @@ USER mail`
})
It("podman run --mount type=bind,bind-nonrecursive", func() {
- SkipIfRootless() // rootless users are not allowed to mount bind-nonrecursive (Could this be a Kernel bug?
+ SkipIfRootless("FIXME: rootless users are not allowed to mount bind-nonrecursive (Could this be a Kernel bug?")
session := podmanTest.Podman([]string{"run", "--mount", "type=bind,bind-nonrecursive,slave,src=/,target=/host", fedoraMinimal, "findmnt", "-nR", "/host"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
@@ -1049,8 +1060,8 @@ USER mail`
})
It("podman run with cgroups=disabled runs without cgroups", func() {
- SkipIfRootless() // FIXME: I believe this should work but need to fix this test
- SkipIfRootlessCgroupsV1()
+ SkipIfRootless("FIXME: I believe this should work but need to fix this test")
+ SkipIfRootlessCgroupsV1("Disable cgroups not supported on cgroupv1 for rootless users")
// Only works on crun
if !strings.Contains(podmanTest.OCIRuntime, "crun") {
Skip("Test only works on crun")
@@ -1082,7 +1093,7 @@ USER mail`
})
It("podman run with cgroups=enabled makes cgroups", func() {
- SkipIfRootlessCgroupsV1()
+ SkipIfRootlessCgroupsV1("Enable cgroups not supported on cgroupv1 for rootless users")
// Only works on crun
if !strings.Contains(podmanTest.OCIRuntime, "crun") {
Skip("Test only works on crun")
@@ -1125,9 +1136,9 @@ USER mail`
})
It("podman run --device-cgroup-rule", func() {
- SkipIfRootless() // rootless users are not allowed to mknod
+ SkipIfRootless("rootless users are not allowed to mknod")
deviceCgroupRule := "c 42:* rwm"
- session := podmanTest.Podman([]string{"run", "--name", "test", "-d", "--device-cgroup-rule", deviceCgroupRule, ALPINE, "top"})
+ session := podmanTest.Podman([]string{"run", "--cap-add", "mknod", "--name", "test", "-d", "--device-cgroup-rule", deviceCgroupRule, ALPINE, "top"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
session = podmanTest.Podman([]string{"exec", "test", "mknod", "newDev", "c", "42", "1"})
@@ -1203,7 +1214,7 @@ USER mail`
})
It("podman run verify pids-limit", func() {
- SkipIfCgroupV1()
+ SkipIfCgroupV1("pids-limit not supported on cgroup V1")
limit := "4321"
session := podmanTest.Podman([]string{"run", "--pids-limit", limit, "--rm", ALPINE, "cat", "/sys/fs/cgroup/pids.max"})
session.WaitWithDefaultTimeout()