From 039eaccb5b27cedf39a0b8b84697300bf53a6335 Mon Sep 17 00:00:00 2001
From: Matthew Heon <mheon@redhat.com>
Date: Tue, 23 Jun 2020 11:20:30 -0400
Subject: Add tests for --privileged with other flags

With Podman v2.0, we broke (or thought we were going to break)
using `--privileged` with `--group-add` and `--security-opt`
(specifically using `--security-opt` for SELinux config).

Signed-off-by: Matthew Heon <mheon@redhat.com>
---
 test/e2e/run_selinux_test.go | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'test/e2e/run_selinux_test.go')

diff --git a/test/e2e/run_selinux_test.go b/test/e2e/run_selinux_test.go
index 358137aa9..8b33a05b2 100644
--- a/test/e2e/run_selinux_test.go
+++ b/test/e2e/run_selinux_test.go
@@ -177,4 +177,13 @@ var _ = Describe("Podman run", func() {
 		Expect(session.OutputToString()).To(Equal(session1.OutputToString()))
 	})
 
+	It("podman run --privileged and --security-opt SELinux options", func() {
+		session := podmanTest.Podman([]string{"run", "-it", "--privileged", "--security-opt", "label=type:spc_t", "--security-opt", "label=level:s0:c1,c2", ALPINE, "cat", "/proc/self/attr/current"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("spc_t")
+		Expect(match).To(BeTrue())
+		match2, _ := session.GrepString("s0:c1,c2")
+		Expect(match2).To(BeTrue())
+	})
 })
-- 
cgit v1.2.3-54-g00ecf