diff options
Diffstat (limited to 'test/system')
| -rw-r--r-- | test/system/005-info.bats | 5 | ||||
| -rw-r--r-- | test/system/080-pause.bats | 19 | ||||
| -rw-r--r-- | test/system/410-selinux.bats | 12 |
3 files changed, 36 insertions, 0 deletions
diff --git a/test/system/005-info.bats b/test/system/005-info.bats index 4b419841e..96ca2c1bd 100644 --- a/test/system/005-info.bats +++ b/test/system/005-info.bats @@ -33,16 +33,21 @@ cgroupVersion: v[12] expr_nvr="[a-z0-9-]\\\+-[a-z0-9.]\\\+-[a-z0-9]\\\+\." expr_path="/[a-z0-9\\\/.-]\\\+\\\$" + # FIXME: if we're ever able to get package versions on Debian, + # add '-[0-9]' to all '*.package' queries below. tests=" host.buildahVersion | [0-9.] host.conmon.path | $expr_path +host.conmon.package | .*conmon.* host.cgroupManager | \\\(systemd\\\|cgroupfs\\\) host.cgroupVersion | v[12] host.ociRuntime.path | $expr_path +host.ociRuntime.package | .*\\\(crun\\\|runc\\\).* store.configFile | $expr_path store.graphDriverName | [a-z0-9]\\\+\\\$ store.graphRoot | $expr_path store.imageStore.number | 1 +host.slirp4netns.executable | $expr_path " parse_table "$tests" | while read field expect; do diff --git a/test/system/080-pause.bats b/test/system/080-pause.bats index ea4c85f8f..1eb47dcfb 100644 --- a/test/system/080-pause.bats +++ b/test/system/080-pause.bats @@ -57,4 +57,23 @@ load helpers run_podman 125 unpause $cname } +@test "podman unpause --all" { + if is_rootless && ! is_cgroupsv2; then + skip "'podman pause' (rootless) only works with cgroups v2" + fi + + cname=$(random_string 10) + run_podman create --name notrunning $IMAGE + run_podman run -d --name $cname $IMAGE sleep 100 + cid="$output" + run_podman pause $cid + run_podman inspect --format '{{.State.Status}}' $cid + is "$output" "paused" "podman inspect .State.Status" + run_podman unpause --all + is "$output" "$cid" "podman unpause output" + run_podman ps --format '{{.ID}} {{.Names}} {{.Status}}' + is "$output" "${cid:0:12} $cname Up.*" "podman ps on resumed container" + run_podman rm -f $cname + run_podman rm -f notrunning +} # vim: filetype=sh diff --git a/test/system/410-selinux.bats b/test/system/410-selinux.bats index 4ef9c8b30..5ee0e0715 100644 --- a/test/system/410-selinux.bats +++ b/test/system/410-selinux.bats @@ -50,6 +50,18 @@ function check_label() { check_label "--systemd=always" "container_init_t" } +@test "podman selinux: init container with --security-opt type" { + check_label "--systemd=always --security-opt=label=type:spc_t" "spc_t" +} + +@test "podman selinux: init container with --security-opt level&type" { + check_label "--systemd=always --security-opt=label=level:s0:c1,c2 --security-opt=label=type:spc_t" "spc_t" "s0:c1,c2" +} + +@test "podman selinux: init container with --security-opt level" { + check_label "--systemd=always --security-opt=label=level:s0:c1,c2" "container_init_t" "s0:c1,c2" +} + @test "podman selinux: pid=host" { # FIXME this test fails when run rootless with runc: # Error: container_linux.go:367: starting container process caused: process_linux.go:495: container init caused: readonly path /proc/asound: operation not permitted: OCI permission denied |