diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/e2e/pod_pod_namespaces.go | 19 | ||||
| -rw-r--r-- | test/system/030-run.bats | 4 | ||||
| -rw-r--r-- | test/system/060-mount.bats | 73 | ||||
| -rw-r--r-- | test/system/160-volumes.bats | 2 | ||||
| -rw-r--r-- | test/system/200-pod.bats | 24 |
5 files changed, 119 insertions, 3 deletions
diff --git a/test/e2e/pod_pod_namespaces.go b/test/e2e/pod_pod_namespaces.go index 41e9c5683..20b8bdb39 100644 --- a/test/e2e/pod_pod_namespaces.go +++ b/test/e2e/pod_pod_namespaces.go @@ -60,6 +60,25 @@ var _ = Describe("Podman pod create", func() { Expect(NAMESPACE1).To(Equal(NAMESPACE2)) }) + It("podman pod container share ipc && /dev/shm ", func() { + session := podmanTest.Podman([]string{"pod", "create"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + podID := session.OutputToString() + + session = podmanTest.Podman([]string{"pod", "start", podID}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"run", "--rm", "--pod", podID, ALPINE, "touch", "/dev/shm/test"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"run", "--rm", "--pod", podID, ALPINE, "ls", "/dev/shm/test"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + }) + It("podman pod container dontshare PIDNS", func() { session := podmanTest.Podman([]string{"pod", "create"}) session.WaitWithDefaultTimeout() diff --git a/test/system/030-run.bats b/test/system/030-run.bats index 6b6964c63..b0c855d81 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -14,8 +14,8 @@ load helpers # ...but check the configured runtime engine, and switch to crun as needed run_podman info --format '{{ .Host.OCIRuntime.Path }}' if expr "$output" : ".*/crun"; then - err_no_such_cmd="Error: executable file.* not found in \$PATH: No such file or directory: OCI runtime command not found error" - err_no_exec_dir="Error: open executable: Operation not permitted: OCI runtime permission denied error" + err_no_such_cmd="Error: executable file.* not found in \$PATH: No such file or directory: OCI not found" + err_no_exec_dir="Error: open executable: Operation not permitted: OCI permission denied" fi tests=" diff --git a/test/system/060-mount.bats b/test/system/060-mount.bats index ece87acf6..73d210084 100644 --- a/test/system/060-mount.bats +++ b/test/system/060-mount.bats @@ -78,4 +78,77 @@ load helpers is "$output" "" "podman image mount, no args, after umount" } +@test "podman run --mount image" { + skip_if_rootless "too hard to test rootless" + + # Run a container with an image mount + run_podman run --rm --mount type=image,src=$IMAGE,dst=/image-mount $IMAGE diff /etc/os-release /image-mount/etc/os-release + + # Make sure the mount is read only + run_podman 1 run --rm --mount type=image,src=$IMAGE,dst=/image-mount $IMAGE touch /image-mount/read-only + is "$output" "touch: /image-mount/read-only: Read-only file system" + + # Make sure that rw,readwrite work + run_podman run --rm --mount type=image,src=$IMAGE,dst=/image-mount,rw=true $IMAGE touch /image-mount/readwrite + run_podman run --rm --mount type=image,src=$IMAGE,dst=/image-mount,readwrite=true $IMAGE touch /image-mount/readwrite + + skip_if_remote "mounting remote is meaningless" + + # The mount should be cleaned up during container removal as no other entity mounted the image + run_podman image umount $IMAGE + is "$output" "" "image mount should have been cleaned up during container removal" + + # Now make sure that the image mount is not cleaned up during container removal when another entity mounted the image + run_podman image mount $IMAGE + run_podman run --rm --mount type=image,src=$IMAGE,dst=/image-mount $IMAGE diff /etc/os-release /image-mount/etc/os-release + + run_podman image inspect --format '{{.ID}}' $IMAGE + iid="$output" + + run_podman image umount $IMAGE + is "$output" "$iid" "podman image umount: image ID of what was umounted" + + run_podman image umount $IMAGE + is "$output" "" "image mount should have been cleaned up via 'image umount'" + + # Run a container in the background (source is the ID instead of name) + run_podman run -d --mount type=image,src=$iid,dst=/image-mount,readwrite=true $IMAGE sleep infinity + cid="$output" + + # Unmount the image + run_podman image umount $IMAGE + is "$output" "$iid" "podman image umount: image ID of what was umounted" + run_podman image umount $IMAGE + is "$output" "" "image mount should have been cleaned up via 'image umount'" + + # Make sure that the mount in the container is unaffected + run_podman exec $cid diff /etc/os-release /image-mount/etc/os-release + run_podman exec $cid find /image-mount/etc/ + + # Clean up + run_podman rm -f $cid +} + +@test "podman run --mount image inspection" { + skip_if_rootless "too hard to test rootless" + + # Run a container in the background + run_podman run -d --mount type=image,src=$IMAGE,dst=/image-mount,rw=true $IMAGE sleep infinity + cid="$output" + + run_podman inspect --format "{{(index .Mounts 0).Type}}" $cid + is "$output" "image" "inspect data includes image mount type" + + run_podman inspect --format "{{(index .Mounts 0).Source}}" $cid + is "$output" "$IMAGE" "inspect data includes image mount source" + + run_podman inspect --format "{{(index .Mounts 0).Destination}}" $cid + is "$output" "/image-mount" "inspect data includes image mount source" + + run_podman inspect --format "{{(index .Mounts 0).RW}}" $cid + is "$output" "true" "inspect data includes image mount source" + + run_podman rm -f $cid +} + # vim: filetype=sh diff --git a/test/system/160-volumes.bats b/test/system/160-volumes.bats index 9f4bb76a2..c19e61669 100644 --- a/test/system/160-volumes.bats +++ b/test/system/160-volumes.bats @@ -119,7 +119,7 @@ EOF # noexec option. This should fail. # ARGH. Unfortunately, runc (used for cgroups v1) produces a different error local expect_rc=126 - local expect_msg='.* OCI runtime permission denied.*' + local expect_msg='.* OCI permission denied.*' run_podman info --format '{{ .Host.OCIRuntime.Path }}' if expr "$output" : ".*/runc"; then expect_rc=1 diff --git a/test/system/200-pod.bats b/test/system/200-pod.bats index 1d17c8cad..b0f645c53 100644 --- a/test/system/200-pod.bats +++ b/test/system/200-pod.bats @@ -116,6 +116,30 @@ function teardown() { run_podman 1 pod exists $podname } +@test "podman pod - communicating via /dev/shm " { + if is_remote && is_rootless; then + skip "FIXME: pending #7139" + fi + + podname=pod$(random_string) + run_podman 1 pod exists $podname + run_podman pod create --infra=true --name=$podname + podid="$output" + run_podman pod exists $podname + run_podman pod exists $podid + + run_podman run --rm --pod $podname $IMAGE touch /dev/shm/test1 + run_podman run --rm --pod $podname $IMAGE ls /dev/shm/test1 + is "$output" "/dev/shm/test1" + + # ...then rm the pod, then rmi the pause image so we don't leave strays. + run_podman pod rm $podname + + # Pod no longer exists + run_podman 1 pod exists $podid + run_podman 1 pod exists $podname +} + # Random byte function octet() { echo $(( $RANDOM & 255 )) |