From cd85ba196d89c6d9ba9a8a2b27dc8bfeca5effb4 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Thu, 14 May 2020 09:55:25 -0600 Subject: system tests: small fixes for rawhide+cgroups v1 Three small fixes for breaking tests on rawhide: 1) run test: looks like runc changed the format of an error message, adding a colon in one place. runc is used on rawhide when booted in cgroups v1 2) volumes test: difference in exit status and error message between runc and crun. 3) systemd test: define XDG_RUNTIME_DIR if unset. podman helpfully sets this to a reasonable default, but the 'systemctl' commands used in this test do not. Signed-off-by: Ed Santiago --- test/system/030-run.bats | 4 ++-- test/system/160-volumes.bats | 13 +++++++++++-- test/system/250-systemd.bats | 7 +++++++ 3 files changed, 20 insertions(+), 4 deletions(-) diff --git a/test/system/030-run.bats b/test/system/030-run.bats index ae2e39d6b..1bcf3896f 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -8,8 +8,8 @@ load helpers # 2019-09 Fedora 31 and rawhide (32) are switching from runc to crun # because of cgroups v2; crun emits different error messages. # Default to runc: - err_no_such_cmd="Error: .*: starting container process caused .*exec:.*stat /no/such/command: no such file or directory" - err_no_exec_dir="Error: .*: starting container process caused .*exec:.* permission denied" + err_no_such_cmd="Error: .*: starting container process caused.*exec:.*stat /no/such/command: no such file or directory" + err_no_exec_dir="Error: .*: starting container process caused.*exec:.* permission denied" # ...but check the configured runtime engine, and switch to crun as needed run_podman info --format '{{ .Host.OCIRuntime.Path }}' diff --git a/test/system/160-volumes.bats b/test/system/160-volumes.bats index cd9f3c8ad..5d65a950f 100644 --- a/test/system/160-volumes.bats +++ b/test/system/160-volumes.bats @@ -116,8 +116,17 @@ EOF chmod 755 $mountpoint/myscript # By default, volumes are mounted noexec. This should fail. - run_podman 126 run --rm --volume $myvolume:/vol:z $IMAGE /vol/myscript - is "$output" ".* OCI runtime permission denied.*" "run on volume, noexec" + # ARGH. Unfortunately, runc (used for cgroups v1) produces a different error + local expect_rc=126 + local expect_msg='.* OCI runtime permission denied.*' + run_podman info --format '{{ .Host.OCIRuntime.Path }}' + if expr "$output" : ".*/runc"; then + expect_rc=1 + expect_msg='.* exec user process caused.*permission denied' + fi + + run_podman ${expect_rc} run --rm --volume $myvolume:/vol:z $IMAGE /vol/myscript + is "$output" "$expect_msg" "run on volume, noexec" # With exec, it should pass run_podman run --rm -v $myvolume:/vol:z,exec $IMAGE /vol/myscript diff --git a/test/system/250-systemd.bats b/test/system/250-systemd.bats index cdac43c1c..4bee13414 100644 --- a/test/system/250-systemd.bats +++ b/test/system/250-systemd.bats @@ -33,6 +33,13 @@ function teardown() { # This test can fail in dev. environment because of SELinux. # quick fix: chcon -t container_runtime_exec_t ./bin/podman @test "podman generate - systemd - basic" { + # podman initializes this if unset, but systemctl doesn't + if is_rootless; then + if [ -z "$XDG_RUNTIME_DIR" ]; then + export XDG_RUNTIME_DIR=/run/user/$(id -u) + fi + fi + cname=$(random_string) run_podman create --name $cname --detach $IMAGE top -- cgit v1.2.3-54-g00ecf