summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
Diffstat (limited to 'test')
-rw-r--r--test/apiv2/01-basic.at2
-rw-r--r--test/apiv2/44-mounts.at2
-rw-r--r--test/e2e/network_connect_disconnect_test.go7
-rw-r--r--test/e2e/run_selinux_test.go49
-rw-r--r--test/python/docker/build_labels/Dockerfile1
-rw-r--r--test/python/docker/compat/test_images.py8
-rw-r--r--test/system/410-selinux.bats20
7 files changed, 83 insertions, 6 deletions
diff --git a/test/apiv2/01-basic.at b/test/apiv2/01-basic.at
index 1ddf49c6f..1357e0ca6 100644
--- a/test/apiv2/01-basic.at
+++ b/test/apiv2/01-basic.at
@@ -18,7 +18,7 @@ t HEAD libpod/_ping 200
for i in /version version; do
t GET $i 200 \
.Components[0].Name="Podman Engine" \
- .Components[0].Details.APIVersion=3.0.0 \
+ .Components[0].Details.APIVersion=3.1.0-dev \
.Components[0].Details.MinAPIVersion=3.0.0 \
.Components[0].Details.Os=linux \
.ApiVersion=1.40 \
diff --git a/test/apiv2/44-mounts.at b/test/apiv2/44-mounts.at
index fe202576d..5dc560852 100644
--- a/test/apiv2/44-mounts.at
+++ b/test/apiv2/44-mounts.at
@@ -4,7 +4,7 @@ podman pull $IMAGE &>/dev/null
# Test various HostConfig options
tmpfs_name="/mytmpfs"
-t POST containers/create?name=hostconfig_test '"Image":"'$IMAGE'","Cmd":["df"],"HostConfig":{"TmpFs":{"'$tmpfs_name'":"rw"}}' 201 \
+t POST containers/create?name=hostconfig_test '"Image":"'$IMAGE'","Cmd":["df"],"HostConfig":{"Binds":["/tmp/doesnotexist:/test1"],"TmpFs":{"'$tmpfs_name'":"rw"}}' 201 \
.Id~[0-9a-f]\\{64\\}
cid=$(jq -r '.Id' <<<"$output")
diff --git a/test/e2e/network_connect_disconnect_test.go b/test/e2e/network_connect_disconnect_test.go
index eb8ad7181..e9a7b421f 100644
--- a/test/e2e/network_connect_disconnect_test.go
+++ b/test/e2e/network_connect_disconnect_test.go
@@ -193,6 +193,13 @@ var _ = Describe("Podman network connect and disconnect", func() {
exec = podmanTest.Podman([]string{"exec", "-it", "test", "ip", "addr", "show", "eth1"})
exec.WaitWithDefaultTimeout()
Expect(exec.ExitCode()).To(BeZero())
+
+ // make sure no logrus errors are shown https://github.com/containers/podman/issues/9602
+ rm := podmanTest.Podman([]string{"rm", "-f", "test"})
+ rm.WaitWithDefaultTimeout()
+ Expect(rm.ExitCode()).To(BeZero())
+ Expect(rm.ErrorToString()).To(Equal(""))
+
})
It("podman network connect when not running", func() {
diff --git a/test/e2e/run_selinux_test.go b/test/e2e/run_selinux_test.go
index 8c712b1be..6abe152a9 100644
--- a/test/e2e/run_selinux_test.go
+++ b/test/e2e/run_selinux_test.go
@@ -2,6 +2,7 @@ package integration
import (
"os"
+ "path/filepath"
. "github.com/containers/podman/v3/test/utils"
. "github.com/onsi/ginkgo"
@@ -294,4 +295,52 @@ var _ = Describe("Podman run", func() {
Expect(session.ExitCode()).To(Equal(0))
Expect(session.OutputToString()).To(ContainSubstring("container_t"))
})
+
+ It("podman test --ipc=net", func() {
+ session := podmanTest.Podman([]string{"run", "--net=host", ALPINE, "cat", "/proc/self/attr/current"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(ContainSubstring("container_t"))
+ })
+
+ It("podman test --ipc=net", func() {
+ session := podmanTest.Podman([]string{"run", "--net=host", ALPINE, "cat", "/proc/self/attr/current"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(ContainSubstring("container_t"))
+ })
+
+ It("podman test --runtime=/PATHTO/kata-runtime", func() {
+ runtime := podmanTest.OCIRuntime
+ podmanTest.OCIRuntime = filepath.Join(podmanTest.TempDir, "kata-runtime")
+ err := os.Symlink("/bin/true", podmanTest.OCIRuntime)
+ Expect(err).To(BeNil())
+ if IsRemote() {
+ podmanTest.StopRemoteService()
+ podmanTest.StartRemoteService()
+ }
+ session := podmanTest.Podman([]string{"create", ALPINE})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ cid := session.OutputToString()
+ session = podmanTest.Podman([]string{"inspect", "--format", "{{ .ProcessLabel }}", cid})
+ session.WaitWithDefaultTimeout()
+ Expect(session.OutputToString()).To(ContainSubstring("container_kvm_t"))
+
+ podmanTest.OCIRuntime = runtime
+ if IsRemote() {
+ podmanTest.StopRemoteService()
+ podmanTest.StartRemoteService()
+ }
+ })
+
+ It("podman test init labels", func() {
+ session := podmanTest.Podman([]string{"create", ubi_init, "/sbin/init"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ cid := session.OutputToString()
+ session = podmanTest.Podman([]string{"inspect", "--format", "{{ .ProcessLabel }}", cid})
+ session.WaitWithDefaultTimeout()
+ Expect(session.OutputToString()).To(ContainSubstring("container_init_t"))
+ })
})
diff --git a/test/python/docker/build_labels/Dockerfile b/test/python/docker/build_labels/Dockerfile
new file mode 100644
index 000000000..f6e07066c
--- /dev/null
+++ b/test/python/docker/build_labels/Dockerfile
@@ -0,0 +1 @@
+FROM quay.io/libpod/alpine:latest
diff --git a/test/python/docker/compat/test_images.py b/test/python/docker/compat/test_images.py
index 842e38f31..4a90069a9 100644
--- a/test/python/docker/compat/test_images.py
+++ b/test/python/docker/compat/test_images.py
@@ -149,6 +149,14 @@ class TestImages(unittest.TestCase):
self.assertEqual(len(self.client.images.list()), 2)
+ def test_build_image(self):
+ labels = {"apple": "red", "grape": "green"}
+ _ = self.client.images.build(path="test/python/docker/build_labels", labels=labels, tag="labels")
+ image = self.client.images.get("labels")
+ self.assertEqual(image.labels["apple"], labels["apple"])
+ self.assertEqual(image.labels["grape"], labels["grape"])
+
+
if __name__ == "__main__":
# Setup temporary space
diff --git a/test/system/410-selinux.bats b/test/system/410-selinux.bats
index 7482d3e55..215b2832e 100644
--- a/test/system/410-selinux.bats
+++ b/test/system/410-selinux.bats
@@ -39,17 +39,17 @@ function check_label() {
}
@test "podman selinux: container with label=disable" {
- skip_if_rootless
-
check_label "--security-opt label=disable" "spc_t"
}
@test "podman selinux: privileged container" {
- skip_if_rootless
-
check_label "--privileged --userns=host" "spc_t"
}
+@test "podman selinux: init container" {
+ check_label "--systemd=always" "container_init_t"
+}
+
@test "podman selinux: pid=host" {
# FIXME FIXME FIXME: Remove these lines once all VMs have >= 2.146.0
# (this is ugly, but better than an unconditional skip)
@@ -74,6 +74,18 @@ function check_label() {
check_label "--security-opt label=level:s0:c1,c2" "container_t" "s0:c1,c2"
}
+@test "podman selinux: inspect kvm labels" {
+ skip_if_no_selinux
+ skip_if_remote "runtime flag is not passed over remote"
+ if [ ! -e /usr/bin/kata-runtime ]; then
+ skip "kata-runtime not available"
+ fi
+
+ run_podman create --runtime=kata --name myc $IMAGE
+ run_podman inspect --format='{{ .ProcessLabel }}' myc
+ is "$output" ".*container_kvm_t.*"
+}
+
# pr #6752
@test "podman selinux: inspect multiple labels" {
skip_if_no_selinux