diff options
Diffstat (limited to 'test')
-rw-r--r-- | test/e2e/inspect_test.go | 18 | ||||
-rw-r--r-- | test/e2e/network_connect_disconnect_test.go | 38 | ||||
-rw-r--r-- | test/e2e/network_test.go | 7 | ||||
-rw-r--r-- | test/e2e/run_networking_test.go | 14 | ||||
-rw-r--r-- | test/e2e/run_volume_test.go | 53 | ||||
-rw-r--r-- | test/system/055-rm.bats | 7 |
6 files changed, 135 insertions, 2 deletions
diff --git a/test/e2e/inspect_test.go b/test/e2e/inspect_test.go index d417fc49d..772ebed05 100644 --- a/test/e2e/inspect_test.go +++ b/test/e2e/inspect_test.go @@ -490,4 +490,22 @@ var _ = Describe("Podman inspect", func() { } Expect(found).To(BeTrue()) }) + + It("Dropped capabilities are sorted", func() { + ctrName := "testCtr" + session := podmanTest.Podman([]string{"run", "-d", "--cap-drop", "CAP_AUDIT_WRITE", "--cap-drop", "CAP_MKNOD", "--cap-drop", "CAP_NET_RAW", "--name", ctrName, ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + + inspect := podmanTest.Podman([]string{"inspect", ctrName}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(BeZero()) + + data := inspect.InspectContainerToJSON() + Expect(len(data)).To(Equal(1)) + Expect(len(data[0].HostConfig.CapDrop)).To(Equal(3)) + Expect(data[0].HostConfig.CapDrop[0]).To(Equal("CAP_AUDIT_WRITE")) + Expect(data[0].HostConfig.CapDrop[1]).To(Equal("CAP_MKNOD")) + Expect(data[0].HostConfig.CapDrop[2]).To(Equal("CAP_NET_RAW")) + }) }) diff --git a/test/e2e/network_connect_disconnect_test.go b/test/e2e/network_connect_disconnect_test.go index 3be95e254..eb8ad7181 100644 --- a/test/e2e/network_connect_disconnect_test.go +++ b/test/e2e/network_connect_disconnect_test.go @@ -37,7 +37,6 @@ var _ = Describe("Podman network connect and disconnect", func() { dis := podmanTest.Podman([]string{"network", "disconnect", "foobar", "test"}) dis.WaitWithDefaultTimeout() Expect(dis.ExitCode()).ToNot(BeZero()) - }) It("bad container name in network disconnect should result in error", func() { @@ -51,7 +50,25 @@ var _ = Describe("Podman network connect and disconnect", func() { dis := podmanTest.Podman([]string{"network", "disconnect", netName, "foobar"}) dis.WaitWithDefaultTimeout() Expect(dis.ExitCode()).ToNot(BeZero()) + }) + + It("network disconnect with net mode slirp4netns should result in error", func() { + SkipIfRootless("network connect and disconnect are only rootful") + netName := "slirp" + stringid.GenerateNonCryptoID() + session := podmanTest.Podman([]string{"network", "create", netName}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + defer podmanTest.removeCNINetwork(netName) + session = podmanTest.Podman([]string{"create", "--name", "test", "--network", "slirp4netns", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + defer podmanTest.removeCNINetwork(netName) + + con := podmanTest.Podman([]string{"network", "disconnect", netName, "test"}) + con.WaitWithDefaultTimeout() + Expect(con.ExitCode()).ToNot(BeZero()) + Expect(con.ErrorToString()).To(ContainSubstring(`network mode "slirp4netns" is not supported`)) }) It("podman network disconnect", func() { @@ -89,7 +106,6 @@ var _ = Describe("Podman network connect and disconnect", func() { dis := podmanTest.Podman([]string{"network", "connect", "foobar", "test"}) dis.WaitWithDefaultTimeout() Expect(dis.ExitCode()).ToNot(BeZero()) - }) It("bad container name in network connect should result in error", func() { @@ -103,7 +119,25 @@ var _ = Describe("Podman network connect and disconnect", func() { dis := podmanTest.Podman([]string{"network", "connect", netName, "foobar"}) dis.WaitWithDefaultTimeout() Expect(dis.ExitCode()).ToNot(BeZero()) + }) + + It("network connect with net mode slirp4netns should result in error", func() { + SkipIfRootless("network connect and disconnect are only rootful") + netName := "slirp" + stringid.GenerateNonCryptoID() + session := podmanTest.Podman([]string{"network", "create", netName}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + defer podmanTest.removeCNINetwork(netName) + session = podmanTest.Podman([]string{"create", "--name", "test", "--network", "slirp4netns", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + defer podmanTest.removeCNINetwork(netName) + + con := podmanTest.Podman([]string{"network", "connect", netName, "test"}) + con.WaitWithDefaultTimeout() + Expect(con.ExitCode()).ToNot(BeZero()) + Expect(con.ErrorToString()).To(ContainSubstring(`network mode "slirp4netns" is not supported`)) }) It("podman connect on a container that already is connected to the network should error", func() { diff --git a/test/e2e/network_test.go b/test/e2e/network_test.go index a7eb6e629..53521cdc4 100644 --- a/test/e2e/network_test.go +++ b/test/e2e/network_test.go @@ -150,6 +150,13 @@ var _ = Describe("Podman network", func() { defer podmanTest.removeCNINetwork(net) Expect(session.ExitCode()).To(BeZero()) + // Tests Default Table Output + session = podmanTest.Podman([]string{"network", "ls", "--filter", "id=" + netID}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + expectedTable := "NETWORK ID NAME VERSION PLUGINS" + Expect(session.OutputToString()).To(ContainSubstring(expectedTable)) + session = podmanTest.Podman([]string{"network", "ls", "--format", "{{.Name}} {{.ID}}", "--filter", "id=" + netID}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(BeZero()) diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index a6237a49a..0e6e636bc 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -766,4 +766,18 @@ var _ = Describe("Podman run networking", func() { session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(BeZero()) }) + + It("podman run check dnsname adds dns search domain", func() { + Skip("needs dnsname#57") + net := "dnsname" + stringid.GenerateNonCryptoID() + session := podmanTest.Podman([]string{"network", "create", net}) + session.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(net) + Expect(session.ExitCode()).To(BeZero()) + + session = podmanTest.Podman([]string{"run", "--network", net, ALPINE, "cat", "/etc/resolv.conf"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + Expect(session.OutputToString()).To(ContainSubstring("search dns.podman")) + }) }) diff --git a/test/e2e/run_volume_test.go b/test/e2e/run_volume_test.go index 20c43bf4a..454dfdc83 100644 --- a/test/e2e/run_volume_test.go +++ b/test/e2e/run_volume_test.go @@ -2,8 +2,10 @@ package integration import ( "fmt" + "io/ioutil" "os" "os/exec" + "os/user" "path/filepath" "strings" @@ -590,4 +592,55 @@ VOLUME /test/` Expect(session.ExitCode()).To(Equal(0)) Expect(len(session.OutputToStringArray())).To(Equal(2)) }) + + It("podman run with U volume flag", func() { + SkipIfRemote("Overlay volumes only work locally") + + u, err := user.Current() + Expect(err).To(BeNil()) + name := u.Username + if name == "root" { + name = "containers" + } + + content, err := ioutil.ReadFile("/etc/subuid") + if err != nil { + Skip("cannot read /etc/subuid") + } + if !strings.Contains(string(content), name) { + Skip("cannot find mappings for the current user") + } + + if os.Getenv("container") != "" { + Skip("Overlay mounts not supported when running in a container") + } + if rootless.IsRootless() { + if _, err := exec.LookPath("fuse_overlay"); err != nil { + Skip("Fuse-Overlayfs required for rootless overlay mount test") + } + } + + mountPath := filepath.Join(podmanTest.TempDir, "secrets") + os.Mkdir(mountPath, 0755) + vol := mountPath + ":" + dest + ":U" + + session := podmanTest.Podman([]string{"run", "--rm", "--user", "888:888", "-v", vol, ALPINE, "stat", "-c", "%u:%g", dest}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + found, _ := session.GrepString("888:888") + Expect(found).Should(BeTrue()) + + session = podmanTest.Podman([]string{"run", "--rm", "--user", "888:888", "--userns", "auto", "-v", vol, ALPINE, "stat", "-c", "%u:%g", dest}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + found, _ = session.GrepString("888:888") + Expect(found).Should(BeTrue()) + + vol = vol + ",O" + session = podmanTest.Podman([]string{"run", "--rm", "--user", "888:888", "--userns", "keep-id", "-v", vol, ALPINE, "stat", "-c", "%u:%g", dest}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + found, _ = session.GrepString("888:888") + Expect(found).Should(BeTrue()) + }) }) diff --git a/test/system/055-rm.bats b/test/system/055-rm.bats index 0107114b5..a5770f20f 100644 --- a/test/system/055-rm.bats +++ b/test/system/055-rm.bats @@ -51,6 +51,13 @@ load helpers run_podman rm $rand $external_cid } +@test "podman rm <-> run --rm race" { + # A container's lock is released before attempting to stop it. This opens + # the window for race conditions that led to #9479. + run_podman run --rm -d $IMAGE sleep infinity + run_podman rm -af +} + # I'm sorry! This test takes 13 seconds. There's not much I can do about it, # please know that I think it's justified: podman 1.5.0 had a strange bug # in with exit status was not preserved on some code paths with 'rm -f' |