From 75578aad61c1e9fae021223ece70cb83e3e2bcf2 Mon Sep 17 00:00:00 2001 From: Valentin Rothberg Date: Sat, 22 Dec 2018 14:59:43 +0100 Subject: add container-init support Add support for executing an init binary as PID 1 in a container to forward signals and reap processes. When the `--init` flag is set for podman-create or podman-run, the init binary is bind-mounted to `/dev/init` in the container and "/dev/init --" is prepended to the container's command. The default base path of the container-init binary is `/usr/libexec/podman` while the default binary is catatonit [1]. This default can be changed permanently via the `init_path` field in the `libpod.conf` configuration file (which is recommended for packaging) or temporarily via the `--init-path` flag of podman-create and podman-run. [1] https://github.com/openSUSE/catatonit Fixes: #1670 Signed-off-by: Valentin Rothberg --- test/e2e/run_test.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'test/e2e') diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index cf366b197..a0b16a254 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -87,6 +87,18 @@ var _ = Describe("Podman run", func() { Expect(session.ExitCode()).To(Equal(0)) }) + It("podman run a container with --init", func() { + session := podmanTest.Podman([]string{"run", "--init", ALPINE, "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + }) + + It("podman run a container with --init and --init-path", func() { + session := podmanTest.Podman([]string{"run", "--init", "--init-path", "/usr/libexec/podman/catatonit", ALPINE, "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + }) + It("podman run seccomp test", func() { jsonFile := filepath.Join(podmanTest.TempDir, "seccomp.json") in := []byte(`{"defaultAction":"SCMP_ACT_ALLOW","syscalls":[{"name":"getcwd","action":"SCMP_ACT_ERRNO"}]}`) -- cgit v1.2.3-54-g00ecf