diff options
Diffstat (limited to 'test/e2e')
| -rw-r--r-- | test/e2e/exec_test.go | 28 | ||||
| -rw-r--r-- | test/e2e/run_test.go | 70 |
2 files changed, 94 insertions, 4 deletions
diff --git a/test/e2e/exec_test.go b/test/e2e/exec_test.go index 055546f88..6841aa5a2 100644 --- a/test/e2e/exec_test.go +++ b/test/e2e/exec_test.go @@ -283,6 +283,34 @@ var _ = Describe("Podman exec", func() { Expect(strings.Contains(exec.OutputToString(), fmt.Sprintf("%s(%s)", gid, groupName))).To(BeTrue()) }) + It("podman exec preserves container groups with --user and --group-add", func() { + SkipIfRemote() + dockerfile := `FROM fedora-minimal +RUN groupadd -g 4000 first +RUN groupadd -g 4001 second +RUN useradd -u 1000 auser` + imgName := "testimg" + podmanTest.BuildImage(dockerfile, imgName, "false") + + ctrName := "testctr" + ctr := podmanTest.Podman([]string{"run", "-t", "-i", "-d", "--name", ctrName, "--user", "auser:first", "--group-add", "second", imgName, "sleep", "300"}) + ctr.WaitWithDefaultTimeout() + Expect(ctr.ExitCode()).To(Equal(0)) + + exec := podmanTest.Podman([]string{"exec", "-t", ctrName, "id"}) + exec.WaitWithDefaultTimeout() + Expect(exec.ExitCode()).To(Equal(0)) + output := exec.OutputToString() + Expect(strings.Contains(output, "4000(first)")).To(BeTrue()) + Expect(strings.Contains(output, "4001(second)")).To(BeTrue()) + Expect(strings.Contains(output, "1000(auser)")).To(BeTrue()) + + // Kill the container just so the test does not take 15 seconds to stop. + kill := podmanTest.Podman([]string{"kill", ctrName}) + kill.WaitWithDefaultTimeout() + Expect(kill.ExitCode()).To(Equal(0)) + }) + It("podman exec --detach", func() { ctrName := "testctr" ctr := podmanTest.Podman([]string{"run", "-t", "-i", "-d", "--name", ctrName, ALPINE, "top"}) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index cbfb6bf59..4376bf309 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -733,23 +733,85 @@ USER mail` err := os.MkdirAll(vol, 0755) Expect(err).To(BeNil()) - volFile := filepath.Join(vol, "test.txt") + filename := "test.txt" + volFile := filepath.Join(vol, filename) data := "Testing --volumes-from!!!" err = ioutil.WriteFile(volFile, []byte(data), 0755) Expect(err).To(BeNil()) + mountpoint := "/myvol/" - session := podmanTest.Podman([]string{"create", "--volume", vol + ":/myvol", redis, "sh"}) + session := podmanTest.Podman([]string{"create", "--volume", vol + ":" + mountpoint, ALPINE, "cat", mountpoint + filename}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) ctrID := session.OutputToString() - session = podmanTest.Podman([]string{"run", "--volumes-from", ctrID, ALPINE, "echo", "'testing read-write!' >> myvol/test.txt"}) + session = podmanTest.Podman([]string{"run", "--volumes-from", ctrID, ALPINE, "cat", mountpoint + filename}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(Equal(data)) - session = podmanTest.Podman([]string{"run", "--volumes-from", ctrID + ":z", ALPINE, "ls"}) + session = podmanTest.Podman([]string{"run", "--volumes-from", ctrID, ALPINE, "sh", "-c", "echo test >> " + mountpoint + filename}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"start", "--attach", ctrID}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(Equal(data + "test")) + }) + + It("podman run --volumes-from flag options", func() { + vol := filepath.Join(podmanTest.TempDir, "vol-test") + err := os.MkdirAll(vol, 0755) + Expect(err).To(BeNil()) + + filename := "test.txt" + volFile := filepath.Join(vol, filename) + data := "Testing --volumes-from!!!" + err = ioutil.WriteFile(volFile, []byte(data), 0755) + Expect(err).To(BeNil()) + mountpoint := "/myvol/" + + session := podmanTest.Podman([]string{"create", "--volume", vol + ":" + mountpoint, ALPINE, "cat", mountpoint + filename}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + ctrID := session.OutputToString() + + // check that the read only option works + session = podmanTest.Podman([]string{"run", "--volumes-from", ctrID + ":ro", ALPINE, "touch", mountpoint + "abc.txt"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(1)) + Expect(session.ErrorToString()).To(ContainSubstring("Read-only file system")) + + // check that both z and ro options work + session = podmanTest.Podman([]string{"run", "--volumes-from", ctrID + ":ro,z", ALPINE, "cat", mountpoint + filename}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(Equal(data)) + + // check that multiple ro/rw are not working + session = podmanTest.Podman([]string{"run", "--volumes-from", ctrID + ":ro,rw", ALPINE, "cat", mountpoint + filename}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(125)) + Expect(session.ErrorToString()).To(ContainSubstring("cannot set ro or rw options more than once")) + + // check that multiple z options are not working + session = podmanTest.Podman([]string{"run", "--volumes-from", ctrID + ":z,z,ro", ALPINE, "cat", mountpoint + filename}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(125)) + Expect(session.ErrorToString()).To(ContainSubstring("cannot set :z more than once in mount options")) + + // create new read only volume + session = podmanTest.Podman([]string{"create", "--volume", vol + ":" + mountpoint + ":ro", ALPINE, "cat", mountpoint + filename}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + ctrID = session.OutputToString() + + // check if the original volume was mounted as read only that --volumes-from also mount it as read only + session = podmanTest.Podman([]string{"run", "--volumes-from", ctrID, ALPINE, "touch", mountpoint + "abc.txt"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(1)) + Expect(session.ErrorToString()).To(ContainSubstring("Read-only file system")) }) It("podman run --volumes-from flag with built-in volumes", func() { |