github.com/containers/podman/v4@v4.9.4/test/e2e/run_seccomp_test.go (about) 1 package integration 2 3 import ( 4 . "github.com/containers/podman/v4/test/utils" 5 . "github.com/onsi/ginkgo/v2" 6 . "github.com/onsi/gomega" 7 . "github.com/onsi/gomega/gexec" 8 ) 9 10 var _ = Describe("Podman run", func() { 11 12 It("podman run --seccomp-policy default", func() { 13 session := podmanTest.Podman([]string{"run", "-q", "--seccomp-policy", "default", alpineSeccomp, "ls"}) 14 session.WaitWithDefaultTimeout() 15 Expect(session).Should(ExitCleanly()) 16 }) 17 18 It("podman run --seccomp-policy ''", func() { 19 // Empty string is interpreted as "default". 20 session := podmanTest.Podman([]string{"run", "-q", "--seccomp-policy", "", alpineSeccomp, "ls"}) 21 session.WaitWithDefaultTimeout() 22 Expect(session).Should(ExitCleanly()) 23 }) 24 25 It("podman run --seccomp-policy invalid", func() { 26 session := podmanTest.Podman([]string{"run", "--seccomp-policy", "invalid", alpineSeccomp, "ls"}) 27 session.WaitWithDefaultTimeout() 28 Expect(session).To(ExitWithError()) 29 }) 30 31 It("podman run --seccomp-policy image (block all syscalls)", func() { 32 session := podmanTest.Podman([]string{"run", "--seccomp-policy", "image", alpineSeccomp, "ls"}) 33 session.WaitWithDefaultTimeout() 34 // TODO: we're getting a "cannot start a container that has 35 // stopped" error which seems surprising. Investigate 36 // why that is so. 37 Expect(session).To(ExitWithError()) 38 }) 39 40 It("podman run --seccomp-policy image (bogus profile)", func() { 41 session := podmanTest.Podman([]string{"run", "--seccomp-policy", "image", alpineBogusSeccomp, "ls"}) 42 session.WaitWithDefaultTimeout() 43 Expect(session).Should(Exit(125)) 44 }) 45 })