summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
Diffstat (limited to 'test')
-rw-r--r--test/e2e/run_selinux_test.go64
-rw-r--r--test/e2e/runlabel_test.go68
2 files changed, 132 insertions, 0 deletions
diff --git a/test/e2e/run_selinux_test.go b/test/e2e/run_selinux_test.go
index ebe6604cc..a1a18c780 100644
--- a/test/e2e/run_selinux_test.go
+++ b/test/e2e/run_selinux_test.go
@@ -84,4 +84,68 @@ var _ = Describe("Podman run", func() {
Expect(match).Should(BeTrue())
})
+ It("podman test selinux label resolv.conf", func() {
+ session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/resolv.conf"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux label hosts", func() {
+ session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/hosts"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux label hostname", func() {
+ session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/hostname"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux label /run/secrets", func() {
+ session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-dZ", "/run/secrets"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux --privileged label resolv.conf", func() {
+ session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/resolv.conf"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux --privileged label hosts", func() {
+ session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/hosts"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux --privileged label hostname", func() {
+ session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/hostname"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman test selinux --privileged label /run/secrets", func() {
+ session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-dZ", "/run/secrets"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("container_file_t")
+ Expect(match).Should(BeTrue())
+ })
+
})
diff --git a/test/e2e/runlabel_test.go b/test/e2e/runlabel_test.go
new file mode 100644
index 000000000..8d10d3c24
--- /dev/null
+++ b/test/e2e/runlabel_test.go
@@ -0,0 +1,68 @@
+package integration
+
+import (
+ "fmt"
+ "os"
+
+ . "github.com/onsi/ginkgo"
+ . "github.com/onsi/gomega"
+)
+
+var PodmanDockerfile = `
+FROM alpine:latest
+LABEL RUN podman --version`
+
+var LsDockerfile = `
+FROM alpine:latest
+LABEL RUN ls -la`
+
+var _ = Describe("podman container runlabel", func() {
+ var (
+ tempdir string
+ err error
+ podmanTest PodmanTest
+ )
+
+ BeforeEach(func() {
+ tempdir, err = CreateTempDirInTempDir()
+ if err != nil {
+ os.Exit(1)
+ }
+ podmanTest = PodmanCreate(tempdir)
+ podmanTest.RestoreAllArtifacts()
+ })
+
+ AfterEach(func() {
+ podmanTest.Cleanup()
+ f := CurrentGinkgoTestDescription()
+ timedResult := fmt.Sprintf("Test: %s completed in %f seconds", f.TestText, f.Duration.Seconds())
+ GinkgoWriter.Write([]byte(timedResult))
+
+ })
+
+ It("podman container runlabel (podman --version)", func() {
+ image := "podman-runlabel-test:podman"
+ podmanTest.BuildImage(PodmanDockerfile, image, "false")
+
+ result := podmanTest.Podman([]string{"container", "runlabel", "RUN", image})
+ result.WaitWithDefaultTimeout()
+ Expect(result.ExitCode()).To(Equal(0))
+
+ result = podmanTest.Podman([]string{"rmi", image})
+ result.WaitWithDefaultTimeout()
+ Expect(result.ExitCode()).To(Equal(0))
+ })
+
+ It("podman container runlabel (ls -la)", func() {
+ image := "podman-runlabel-test:ls"
+ podmanTest.BuildImage(LsDockerfile, image, "false")
+
+ result := podmanTest.Podman([]string{"container", "runlabel", "RUN", image})
+ result.WaitWithDefaultTimeout()
+ Expect(result.ExitCode()).To(Equal(0))
+
+ result = podmanTest.Podman([]string{"rmi", image})
+ result.WaitWithDefaultTimeout()
+ Expect(result.ExitCode()).To(Equal(0))
+ })
+})