2 files changed, 26 insertions, 0 deletions

diff --git a/test/buildah-bud/apply-podman-deltas b/test/buildah-bud/apply-podman-deltas
index 44a33b0b8..e42c8aa52 100755
--- a/test/buildah-bud/apply-podman-deltas
+++ b/test/buildah-bud/apply-podman-deltas
@@ -191,6 +191,16 @@ skip_if_remote "--stdin option will not be implemented in podman-remote" \
 # BEGIN tests which are skipped due to actual podman-remote bugs.
 
 ###############################################################################
+# BEGIN emergency handling of github git-protocol shutdown
+#
+# Please remove this as soon as we vendor buildah with #3701
+
+skip "emergency workaround until buildah #3701 gets vendored in" \
+     "bud-git-context" \
+     "bud using gitrepo and branch"
+
+# END   emergency handling of github git-protocol shutdown
+###############################################################################
 # Done.
 
 exit $RC
diff --git a/test/system/170-run-userns.bats b/test/system/170-run-userns.bats
index a5be591ef..c020a73ab 100644
--- a/test/system/170-run-userns.bats
+++ b/test/system/170-run-userns.bats
@@ -78,3 +78,19 @@ EOF
     # Then check that the main user is not mapped into the user namespace
     CONTAINERS_CONF=$PODMAN_TMPDIR/userns_auto.conf run_podman 0 run --rm $IMAGE awk '{if($2 == "0"){exit 1}}' /proc/self/uid_map /proc/self/gid_map
 }
+
+@test "podman userns=auto and secrets" {
+    ns_user="containers"
+    if is_rootless; then
+        ns_user=$(id -un)
+    fi
+    egrep -q "${ns_user}:" /etc/subuid || skip "no IDs allocated for user ${ns_user}"
+    test_name="test_$(random_string 12)"
+    secret_file=$PODMAN_TMPDIR/secret$(random_string 12)
+    secret_content=$(random_string)
+    echo ${secret_content} > ${secret_file}
+    run_podman secret create ${test_name} ${secret_file}
+    run_podman run --rm --secret=${test_name} --userns=auto:size=1000 $IMAGE cat /run/secrets/${test_name}
+    is ${output} ${secret_content} "Secrets should work with user namespace"
+    run_podman secret rm ${test_name}
+}