diff options
Diffstat (limited to 'test/system')
| -rw-r--r-- | test/system/005-info.bats | 1 | ||||
| -rw-r--r-- | test/system/030-run.bats | 14 | ||||
| -rw-r--r-- | test/system/120-load.bats | 36 | ||||
| -rw-r--r-- | test/system/160-volumes.bats | 4 | ||||
| -rw-r--r-- | test/system/200-pod.bats | 11 | ||||
| -rw-r--r-- | test/system/255-auto-update.bats | 6 | ||||
| -rw-r--r-- | test/system/410-selinux.bats | 3 | ||||
| -rw-r--r-- | test/system/500-networking.bats | 21 | ||||
| -rw-r--r-- | test/system/520-checkpoint.bats | 4 |
9 files changed, 46 insertions, 54 deletions
diff --git a/test/system/005-info.bats b/test/system/005-info.bats index 045045fa6..5f3cdff7e 100644 --- a/test/system/005-info.bats +++ b/test/system/005-info.bats @@ -43,7 +43,6 @@ host.conmon.package | .*conmon.* host.cgroupManager | \\\(systemd\\\|cgroupfs\\\) host.cgroupVersion | v[12] host.ociRuntime.path | $expr_path -host.ociRuntime.package | .*\\\(crun\\\|runc\\\).* store.configFile | $expr_path store.graphDriverName | [a-z0-9]\\\+\\\$ store.graphRoot | $expr_path diff --git a/test/system/030-run.bats b/test/system/030-run.bats index 2d5ecab39..ec85ef166 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -5,18 +5,8 @@ load helpers @test "podman run - basic tests" { rand=$(random_string 30) - # 2019-09 Fedora 31 and rawhide (32) are switching from runc to crun - # because of cgroups v2; crun emits different error messages. - # Default to runc: - err_no_such_cmd="Error: .*: starting container process caused.*exec:.*stat /no/such/command: no such file or directory" - err_no_exec_dir="Error: .*: starting container process caused.*exec:.* permission denied" - - # ...but check the configured runtime engine, and switch to crun as needed - run_podman info --format '{{ .Host.OCIRuntime.Path }}' - if expr "$output" : ".*/crun"; then - err_no_such_cmd="Error: crun: executable file.* not found in \$PATH: No such file or directory: OCI runtime attempted to invoke a command that was not found" - err_no_exec_dir="Error: crun: open executable: Operation not permitted: OCI permission denied" - fi + err_no_such_cmd="Error:.*/no/such/command.*[Nn]o such file or directory" + err_no_exec_dir="Error:.*exec.*permission denied" tests=" true | 0 | diff --git a/test/system/120-load.bats b/test/system/120-load.bats index f5ba93d8a..8bf785081 100644 --- a/test/system/120-load.bats +++ b/test/system/120-load.bats @@ -104,10 +104,6 @@ verify_iid_and_name() { # If we can't sudo, we can't test. _sudo true || skip "cannot sudo to $notme" - # FIXME FIXME FIXME: it'd be reeeeeeally nice if we could pass --root - # to the non-self user, hence avoid vandalizing - # their storage. - # Preserve digest of original image; we will compare against it later run_podman image inspect --format '{{.Digest}}' $IMAGE src_digest=$output @@ -117,12 +113,8 @@ verify_iid_and_name() { run_podman tag $IMAGE $newname # Copy it there. - # FIXME: the first '.*' in the expect string below is unfortunate; it's - # a workaround for Ubuntu which gripes: - # "warning.*defaulting to su since machinectl is not available" - # Reexamine this once #12829 is fixed run_podman image scp $newname ${notme}@localhost:: - is "$output" ".*Copying blob .*Copying config.*Writing manifest.*Storing signatures" + is "$output" "Copying blob .*Copying config.*Writing manifest.*Storing signatures" # confirm that image was copied. FIXME: also try $PODMAN image inspect? _sudo $PODMAN image exists $newname @@ -132,13 +124,6 @@ verify_iid_and_name() { run_podman image scp -q ${notme}@localhost::$newname expect="Loaded image(s): $newname" - # FIXME FIXME FIXME: ubuntu has no machinectl, emits useless warning message instead - if ! is_rootless; then - # FIXME: root on fedora uses machinectl, which emits useless \n and \r (#12829) - NL=$'\n' - CR=$'\r' - expect="$NL$expect$CR" - fi is "$output" "$expect" "-q silences output" # Confirm that we have it, and that its digest matches our original @@ -150,17 +135,14 @@ verify_iid_and_name() { run_podman untag $IMAGE $newname # Negative test for nonexistent image. - # FIXME FIXME: cannot test on root, because it uses machinectl (#12829) - if is_rootless; then - # FIXME: error message is 2 lines, the 2nd being "exit status 125". - # FIXME: is that fixable, or do we have to live with it? - nope="nope.nope/nonesuch:notag" - run_podman 125 image scp ${notme}@localhost::$nope - is "$output" "Error: $nope: image not known.*" "Pulling nonexistent image" - - run_podman 125 image scp $nope ${notme}@localhost:: - is "$output" "Error: $nope: image not known.*" "Pushing nonexistent image" - fi + # FIXME: error message is 2 lines, the 2nd being "exit status 125". + # FIXME: is that fixable, or do we have to live with it? + nope="nope.nope/nonesuch:notag" + run_podman 125 image scp ${notme}@localhost::$nope + is "$output" "Error: $nope: image not known.*" "Pulling nonexistent image" + + run_podman 125 image scp $nope ${notme}@localhost:: + is "$output" "Error: $nope: image not known.*" "Pushing nonexistent image" # Negative test for copying to a different name run_podman 125 image scp $IMAGE ${notme}@localhost::newname:newtag diff --git a/test/system/160-volumes.bats b/test/system/160-volumes.bats index b6030ba3c..a3c972b3e 100644 --- a/test/system/160-volumes.bats +++ b/test/system/160-volumes.bats @@ -213,6 +213,8 @@ EOF # Podman volume user test @test "podman volume user test" { is_rootless || skip "only meaningful when run rootless" + skip_if_remote "not applicable on podman-remote" + user="1000:2000" newuser="100:200" tmpdir=${PODMAN_TMPDIR}/volume_$(random_string) @@ -375,7 +377,7 @@ NeedsChown | true run_podman run --rm --volume $myvolume:/etc $IMAGE ls /etc/passwd run_podman volume inspect --format '{{ .NeedsCopyUp }}' $myvolume - is "${output}" "false" "If content in dest '/etc' non-empty NeedsCopyUP should still have happend and be false" + is "${output}" "false" "If content in dest '/etc' non-empty NeedsCopyUP should still have happened and be false" run_podman volume inspect --format '{{.Mountpoint}}' $myvolume mountpoint="$output" diff --git a/test/system/200-pod.bats b/test/system/200-pod.bats index 51fcea104..bccd04e8d 100644 --- a/test/system/200-pod.bats +++ b/test/system/200-pod.bats @@ -29,8 +29,7 @@ function teardown() { } @test "podman pod top - containers in different PID namespaces" { - # With infra=false, we don't get a /pause container (we also - # don't pull k8s.gcr.io/pause ) + # With infra=false, we don't get a /pause container no_infra='--infra=false' run_podman pod create $no_infra podid="$output" @@ -148,9 +147,6 @@ EOF # Pod no longer exists run_podman 1 pod exists $podid run_podman 1 pod exists $podname - - # Pause image hasn't been pulled - run_podman 1 image exists k8s.gcr.io/pause:3.5 } # Random byte @@ -329,8 +325,6 @@ EOF local infra_name="infra_container_$(random_string 10 | tr A-Z a-z)" local pod_name="$(random_string 10 | tr A-Z a-z)" - # Note that the internal pause image is built even when --infra-image is - # set to the K8s one. run_podman --noout pod create --name $pod_name --infra-name "$infra_name" --infra-image "k8s.gcr.io/pause:3.5" is "$output" "" "output should be empty" run_podman '?' pod create --infra-name "$infra_name" @@ -339,9 +333,6 @@ EOF fi run_podman pod rm -f $pod_name run_podman images -a - - # Pause image hasn't been pulled - run_podman 1 image exists k8s.gcr.io/pause:3.5 } @test "podman pod create --share" { diff --git a/test/system/255-auto-update.bats b/test/system/255-auto-update.bats index 7540270bd..5a8bf4218 100644 --- a/test/system/255-auto-update.bats +++ b/test/system/255-auto-update.bats @@ -373,8 +373,10 @@ EOF systemctl enable --now podman-auto-update-$cname.timer systemctl list-timers --all - # While systemd v245 and later uses 'Finished', older versions uses 'Started' for oneshot services - local expect='(Finished|Started) Podman auto-update testing service' + # systemd <245 displays 'Started Podman auto-update ...' + # systemd 245 - <250 displays 'Finished Podman auto-update ...' + # systemd 250 - ???? displays 'Finished <unit name> - Podman auto-...' + local expect='(Started|Finished.*) Podman auto-update testing service' local failed_start=failed local count=0 while [ $count -lt 120 ]; do diff --git a/test/system/410-selinux.bats b/test/system/410-selinux.bats index dbdfd4b9d..056a056f6 100644 --- a/test/system/410-selinux.bats +++ b/test/system/410-selinux.bats @@ -245,7 +245,8 @@ function check_label() { is "$output" "system_u:object_r:container_file_t:$level $tmpdir" \ "Confined Relabel Correctly" - if is_rootless; then + # podman-remote has no 'unshare' + if is_rootless && ! is_remote; then run_podman unshare touch $tmpdir/test1 # Relabel entire directory run_podman unshare chcon system_u:object_r:usr_t:s0 $tmpdir diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats index 5a721c965..9f70c1c6c 100644 --- a/test/system/500-networking.bats +++ b/test/system/500-networking.bats @@ -589,4 +589,25 @@ load helpers run_podman network rm -t 0 -f $netname } +@test "podman run CONTAINERS_CONF dns options" { + skip_if_remote "CONTAINERS_CONF redirect does not work on remote" + # Test on the CLI and via containers.conf + containersconf=$PODMAN_TMPDIR/containers.conf + + searchIP="100.100.100.100" + cat >$containersconf <<EOF +[containers] + dns_searches = [ "example.com"] + dns_servers = [ + "1.1.1.1", + "$searchIP", + "1.0.0.1", + "8.8.8.8", +] +EOF + CONTAINERS_CONF=$containersconf run_podman run --rm $IMAGE grep "example.com" /etc/resolv.conf + CONTAINERS_CONF=$containersconf run_podman run --rm $IMAGE grep $searchIP /etc/resolv.conf + is "$output" "nameserver $searchIP" "Should only be one $searchIP not multiple" +} + # vim: filetype=sh diff --git a/test/system/520-checkpoint.bats b/test/system/520-checkpoint.bats index 046dfd126..fcb7fbb84 100644 --- a/test/system/520-checkpoint.bats +++ b/test/system/520-checkpoint.bats @@ -15,6 +15,10 @@ function setup() { skip "FIXME: checkpointing broken in Ubuntu 2004, 2104, 2110, ..." fi + if [[ "$(uname -r)" =~ "5.17" ]]; then + skip "FIXME: checkpointing broken on kernel 5.17 (#12949)" + fi + # None of these tests work rootless.... if is_rootless; then # ...however, is that a genuine cast-in-stone limitation, or one |