From 1d72f651e4c5118c020a1ab7281d3de0bf31899e Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Wed, 24 Jul 2019 11:20:31 +0200
Subject: podman: support --userns=ns|container

allow to join the user namespace of another container.

Closes: https://github.com/containers/libpod/issues/3629

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 test/e2e/run_userns_test.go | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'test')

diff --git a/test/e2e/run_userns_test.go b/test/e2e/run_userns_test.go
index be3f7df49..e873f5abe 100644
--- a/test/e2e/run_userns_test.go
+++ b/test/e2e/run_userns_test.go
@@ -85,4 +85,19 @@ var _ = Describe("Podman UserNS support", func() {
 		ok, _ := session.GrepString(uid)
 		Expect(ok).To(BeTrue())
 	})
+
+	It("podman --userns=container:CTR", func() {
+		ctrName := "userns-ctr"
+		session := podmanTest.Podman([]string{"run", "-d", "--uidmap=0:0:1", "--uidmap=1:1:4998", "--name", ctrName, "alpine", "top"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+
+		// runc has an issue and we also need to join the IPC namespace.
+		session = podmanTest.Podman([]string{"run", "--rm", "--userns=container:" + ctrName, "--ipc=container:" + ctrName, "alpine", "cat", "/proc/self/uid_map"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+
+		ok, _ := session.GrepString("4998")
+		Expect(ok).To(BeTrue())
+	})
 })
-- 
cgit v1.2.3-54-g00ecf