From 821ef6486a63f7dcf7f120e4010bb4d6f1e65b9d Mon Sep 17 00:00:00 2001 From: Valentin Rothberg Date: Thu, 4 Feb 2021 15:07:44 +0100 Subject: fix logic when not creating a workdir When resolving the workdir of a container, we may need to create unless the user set it explicitly on the command line. Otherwise, we just do a presence check. Unfortunately, there was a missing return that lead us to fall through into attempting to create and chown the workdir. That caused a regression when running on a read-only root fs. Fixes: #9230 Signed-off-by: Valentin Rothberg --- test/system/030-run.bats | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'test') diff --git a/test/system/030-run.bats b/test/system/030-run.bats index 6c3812dce..3749dcac5 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -608,6 +608,19 @@ json-file | f # a subdir of a volume. run_podman run --rm --workdir /IamNotOntheImage -v $testdir/content:/IamNotOntheImage/foo $IMAGE cat foo is "$output" "$randomcontent" "cat random content" + + # Make sure that running on a read-only rootfs works (#9230). + if ! is_rootless && ! is_remote; then + # image mount is hard to test as a rootless user + # and does not work remotely + run_podman image mount $IMAGE + romount="$output" + + run_podman run --rm --rootfs $romount echo "Hello world" + is "$output" "Hello world" + + run_podman image unmount $IMAGE + fi } # https://github.com/containers/podman/issues/9096 -- cgit v1.2.3-54-g00ecf