github.com/containers/libpod@v1.9.4-0.20220419124438-4284fd425507/test/e2e/containers_conf_test.go (about) 1 // +build !remoteclient 2 3 package integration 4 5 import ( 6 "fmt" 7 "io/ioutil" 8 "os" 9 "os/exec" 10 "path/filepath" 11 "strings" 12 13 . "github.com/containers/libpod/test/utils" 14 . "github.com/onsi/ginkgo" 15 . "github.com/onsi/gomega" 16 ) 17 18 var _ = Describe("Podman run", func() { 19 var ( 20 tempdir string 21 err error 22 podmanTest *PodmanTestIntegration 23 ) 24 25 BeforeEach(func() { 26 tempdir, err = CreateTempDirInTempDir() 27 if err != nil { 28 os.Exit(1) 29 } 30 podmanTest = PodmanTestCreate(tempdir) 31 podmanTest.Setup() 32 podmanTest.SeedImages() 33 os.Setenv("CONTAINERS_CONF", "config/containers.conf") 34 }) 35 36 AfterEach(func() { 37 podmanTest.Cleanup() 38 f := CurrentGinkgoTestDescription() 39 processTestResult(f) 40 os.Unsetenv("CONTAINERS_CONF") 41 }) 42 43 It("podman run limits test", func() { 44 SkipIfRootless() 45 //containers.conf is set to "nofile=500:500" 46 session := podmanTest.Podman([]string{"run", "--rm", fedoraMinimal, "ulimit", "-n"}) 47 session.WaitWithDefaultTimeout() 48 Expect(session.ExitCode()).To(Equal(0)) 49 Expect(session.OutputToString()).To(ContainSubstring("500")) 50 51 session = podmanTest.Podman([]string{"run", "--rm", "--ulimit", "nofile=2048:2048", fedoraMinimal, "ulimit", "-n"}) 52 session.WaitWithDefaultTimeout() 53 Expect(session.ExitCode()).To(Equal(0)) 54 Expect(session.OutputToString()).To(ContainSubstring("2048")) 55 }) 56 57 It("podman run with containers.conf having additional env", func() { 58 //containers.conf default env includes foo 59 session := podmanTest.Podman([]string{"run", ALPINE, "printenv"}) 60 session.WaitWithDefaultTimeout() 61 Expect(session.ExitCode()).To(Equal(0)) 62 Expect(session.OutputToString()).To(ContainSubstring("foo=bar")) 63 }) 64 65 It("podman run with additional devices", func() { 66 //containers.conf devices includes notone 67 session := podmanTest.Podman([]string{"run", "--device", "/dev/null:/dev/bar", ALPINE, "ls", "/dev"}) 68 session.WaitWithDefaultTimeout() 69 Expect(session.ExitCode()).To(Equal(0)) 70 Expect(session.OutputToString()).To(ContainSubstring("bar")) 71 Expect(session.OutputToString()).To(ContainSubstring("notone")) 72 }) 73 74 It("podman run shm-size", func() { 75 //containers.conf default sets shm-size=201k, which ends up as 200k 76 session := podmanTest.Podman([]string{"run", ALPINE, "grep", "shm", "/proc/self/mounts"}) 77 session.WaitWithDefaultTimeout() 78 Expect(session.ExitCode()).To(Equal(0)) 79 Expect(session.OutputToString()).To(ContainSubstring("size=200k")) 80 }) 81 82 It("podman Capabilities in containers.conf", func() { 83 SkipIfRootless() 84 os.Setenv("CONTAINERS_CONF", "config/containers.conf") 85 cap := podmanTest.Podman([]string{"run", ALPINE, "grep", "CapEff", "/proc/self/status"}) 86 cap.WaitWithDefaultTimeout() 87 Expect(cap.ExitCode()).To(Equal(0)) 88 89 os.Setenv("CONTAINERS_CONF", "config/containers-ns.conf") 90 session := podmanTest.Podman([]string{"run", "busybox", "grep", "CapEff", "/proc/self/status"}) 91 session.WaitWithDefaultTimeout() 92 Expect(session.ExitCode()).To(Equal(0)) 93 Expect(session.OutputToString()).ToNot(Equal(cap.OutputToString())) 94 }) 95 96 It("podman Regular capabilties", func() { 97 SkipIfRootless() 98 os.Setenv("CONTAINERS_CONF", "config/containers.conf") 99 setup := podmanTest.RunTopContainer("test1") 100 setup.WaitWithDefaultTimeout() 101 result := podmanTest.Podman([]string{"top", "test1", "capeff"}) 102 result.WaitWithDefaultTimeout() 103 Expect(result.ExitCode()).To(Equal(0)) 104 Expect(result.OutputToString()).To(ContainSubstring("SYS_CHROOT")) 105 Expect(result.OutputToString()).To(ContainSubstring("NET_RAW")) 106 }) 107 108 It("podman drop capabilties", func() { 109 os.Setenv("CONTAINERS_CONF", "config/containers-caps.conf") 110 setup := podmanTest.RunTopContainer("test1") 111 setup.WaitWithDefaultTimeout() 112 result := podmanTest.Podman([]string{"container", "top", "test1", "capeff"}) 113 result.WaitWithDefaultTimeout() 114 Expect(result.ExitCode()).To(Equal(0)) 115 Expect(result.OutputToString()).ToNot(ContainSubstring("SYS_CHROOT")) 116 Expect(result.OutputToString()).ToNot(ContainSubstring("NET_RAW")) 117 }) 118 119 verifyNSHandling := func(nspath, option string) { 120 os.Setenv("CONTAINERS_CONF", "config/containers-ns.conf") 121 //containers.conf default ipcns to default to host 122 session := podmanTest.Podman([]string{"run", ALPINE, "ls", "-l", nspath}) 123 session.WaitWithDefaultTimeout() 124 Expect(session.ExitCode()).To(Equal(0)) 125 fields := strings.Split(session.OutputToString(), " ") 126 ctrNS := strings.TrimSuffix(fields[len(fields)-1], "\n") 127 128 cmd := exec.Command("ls", "-l", nspath) 129 res, err := cmd.Output() 130 Expect(err).To(BeNil()) 131 fields = strings.Split(string(res), " ") 132 hostNS := strings.TrimSuffix(fields[len(fields)-1], "\n") 133 Expect(hostNS).To(Equal(ctrNS)) 134 135 session = podmanTest.Podman([]string{"run", option, "private", ALPINE, "ls", "-l", nspath}) 136 fields = strings.Split(session.OutputToString(), " ") 137 ctrNS = fields[len(fields)-1] 138 Expect(hostNS).ToNot(Equal(ctrNS)) 139 } 140 141 It("podman compare netns", func() { 142 verifyNSHandling("/proc/self/ns/net", "--network") 143 }) 144 145 It("podman compare ipcns", func() { 146 verifyNSHandling("/proc/self/ns/ipc", "--ipc") 147 }) 148 149 It("podman compare utsns", func() { 150 verifyNSHandling("/proc/self/ns/uts", "--uts") 151 }) 152 153 It("podman compare pidns", func() { 154 verifyNSHandling("/proc/self/ns/pid", "--pid") 155 }) 156 157 It("podman compare cgroupns", func() { 158 verifyNSHandling("/proc/self/ns/cgroup", "--cgroupns") 159 }) 160 161 It("podman containers.conf additionalvolumes", func() { 162 conffile := filepath.Join(podmanTest.TempDir, "container.conf") 163 tempdir, err = CreateTempDirInTempDir() 164 if err != nil { 165 os.Exit(1) 166 } 167 err := ioutil.WriteFile(conffile, []byte(fmt.Sprintf("[containers]\nvolumes=[\"%s:%s:Z\",]\n", tempdir, tempdir)), 0755) 168 if err != nil { 169 os.Exit(1) 170 } 171 172 os.Setenv("CONTAINERS_CONF", conffile) 173 result := podmanTest.Podman([]string{"run", ALPINE, "ls", tempdir}) 174 result.WaitWithDefaultTimeout() 175 Expect(result.ExitCode()).To(Equal(0)) 176 }) 177 178 It("podman run containers.conf sysctl test", func() { 179 SkipIfRootless() 180 //containers.conf is set to "net.ipv4.ping_group_range=0 1000" 181 session := podmanTest.Podman([]string{"run", "--rm", fedoraMinimal, "cat", "/proc/sys/net/ipv4/ping_group_range"}) 182 session.WaitWithDefaultTimeout() 183 Expect(session.ExitCode()).To(Equal(0)) 184 Expect(session.OutputToString()).To(ContainSubstring("1000")) 185 }) 186 187 It("podman run containers.conf search domain", func() { 188 session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"}) 189 session.WaitWithDefaultTimeout() 190 Expect(session.ExitCode()).To(Equal(0)) 191 session.LineInOuputStartsWith("search foobar.com") 192 }) 193 194 It("podman run add dns server", func() { 195 session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"}) 196 session.WaitWithDefaultTimeout() 197 Expect(session.ExitCode()).To(Equal(0)) 198 session.LineInOuputStartsWith("server 1.2.3.4") 199 }) 200 201 It("podman run add dns option", func() { 202 session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"}) 203 session.WaitWithDefaultTimeout() 204 Expect(session.ExitCode()).To(Equal(0)) 205 session.LineInOuputStartsWith("options debug") 206 }) 207 208 It("podman run containers.conf remove all search domain", func() { 209 session := podmanTest.Podman([]string{"run", "--dns-search=.", ALPINE, "cat", "/etc/resolv.conf"}) 210 session.WaitWithDefaultTimeout() 211 Expect(session.ExitCode()).To(Equal(0)) 212 Expect(session.LineInOuputStartsWith("search")).To(BeFalse()) 213 }) 214 })