github.com/containers/podman/v5@v5.1.0-rc1/test/system/160-volumes.bats (about) 1 #!/usr/bin/env bats -*- bats -*- 2 # 3 # podman volume-related tests 4 # 5 6 load helpers 7 8 function setup() { 9 basic_setup 10 11 run_podman '?' volume rm -a 12 } 13 14 function teardown() { 15 run_podman '?' rm -a --volumes 16 run_podman '?' volume rm -t 0 -a -f 17 18 basic_teardown 19 } 20 21 22 # Simple volume tests: share files between host and container 23 @test "podman run --volumes : basic" { 24 run_podman volume list --noheading 25 is "$output" "" "baseline: empty results from list --noheading" 26 run_podman volume list -n 27 is "$output" "" "baseline: empty results from list -n" 28 29 # Create three temporary directories 30 vol1=${PODMAN_TMPDIR}/v1_$(random_string) 31 vol2=${PODMAN_TMPDIR}/v2_$(random_string) 32 vol3=${PODMAN_TMPDIR}/v3_$(random_string) 33 mkdir $vol1 $vol2 $vol3 34 35 # In each directory, write a random string to a file 36 echo $(random_string) >$vol1/file1_in 37 echo $(random_string) >$vol2/file2_in 38 echo $(random_string) >$vol3/file3_in 39 40 # Run 'cat' on each file, and compare against local files. Mix -v / --volume 41 # flags, and specify them out of order just for grins. The shell wildcard 42 # expansion must sort vol1/2/3 lexically regardless. 43 v_opts="-v $vol1:/vol1:z --volume $vol3:/vol3:z -v $vol2:/vol2:z" 44 run_podman run --rm $v_opts $IMAGE sh -c "cat /vol?/file?_in" 45 46 for i in 1 2 3; do 47 eval voldir=\$vol${i} 48 is "${lines[$(($i - 1))]}" "$(< $voldir/file${i}_in)" \ 49 "contents of /vol${i}/file${i}_in" 50 done 51 52 # Confirm that container sees vol1 as a mount point 53 run_podman run --rm $v_opts $IMAGE mount 54 is "$output" ".* on /vol1 type .*" "'mount' in container lists vol1" 55 56 # Have the container do write operations, confirm them on host 57 out1=$(random_string) 58 run_podman run --rm $v_opts $IMAGE sh -c "echo $out1 >/vol1/file1_out; 59 cp /vol2/file2_in /vol3/file3_out" 60 is "$(<$vol1/file1_out)" "$out1" "contents of /vol1/file1_out" 61 is "$(<$vol3/file3_out)" "$(<$vol2/file2_in)" "contents of /vol3/file3_out" 62 63 # Writing to read-only volumes: not allowed 64 run_podman 1 run --rm -v $vol1:/vol1ro:z,ro $IMAGE sh -c "touch /vol1ro/abc" 65 is "$output" ".*Read-only file system" "touch on read-only volume" 66 } 67 68 69 @test "podman volume duplicates" { 70 vol1=${PODMAN_TMPDIR}/v1_$(random_string) 71 vol2=${PODMAN_TMPDIR}/v2_$(random_string) 72 mkdir $vol1 $vol2 73 74 # if volumes source and dest match then pass 75 run_podman run --rm -v $vol1:/vol1 -v $vol1:/vol1 $IMAGE /bin/true 76 run_podman 125 run --rm -v $vol1:$vol1 -v $vol2:$vol1 $IMAGE /bin/true 77 is "$output" "Error: $vol1: duplicate mount destination" "diff volumes mounted on same dest should fail" 78 79 # if named volumes source and dest match then pass 80 run_podman run --rm -v vol1:/vol1 -v vol1:/vol1 $IMAGE /bin/true 81 run_podman 125 run --rm -v vol1:/vol1 -v vol2:/vol1 $IMAGE /bin/true 82 is "$output" "Error: /vol1: duplicate mount destination" "diff named volumes mounted on same dest should fail" 83 84 # if tmpfs volumes source and dest match then pass 85 run_podman run --rm --tmpfs /vol1 --tmpfs /vol1 $IMAGE /bin/true 86 run_podman 125 run --rm --tmpfs $vol1 --tmpfs $vol1:ro $IMAGE /bin/true 87 is "$output" "Error: $vol1: duplicate mount destination" "diff named volumes and tmpfs mounted on same dest should fail" 88 89 run_podman 125 run --rm -v vol2:/vol2 --tmpfs /vol2 $IMAGE /bin/true 90 is "$output" "Error: /vol2: duplicate mount destination" "diff named volumes and tmpfs mounted on same dest should fail" 91 92 run_podman 125 run --rm -v $vol1:/vol1 --tmpfs /vol1 $IMAGE /bin/true 93 is "$output" "Error: /vol1: duplicate mount destination" "diff named volumes and tmpfs mounted on same dest should fail" 94 } 95 96 # Filter volumes by name 97 @test "podman volume filter --name" { 98 suffix=$(random_string) 99 prefix="volume" 100 101 for i in 1 2; do 102 myvolume=${prefix}_${i}_${suffix} 103 run_podman volume create $myvolume 104 is "$output" "$myvolume" "output from volume create $i" 105 done 106 107 run_podman volume ls --filter name=${prefix}_1.+ --format "{{.Name}}" 108 is "$output" "${prefix}_1_${suffix}" "--filter name=${prefix}_1.+ shows only one volume" 109 110 # The _1* is intentional as asterisk has different meaning in glob and regexp. Make sure this is regexp 111 run_podman volume ls --filter name=${prefix}_1* --format "{{.Name}}" 112 is "$output" "${prefix}_1_${suffix}.*${prefix}_2_${suffix}.*" "--filter name=${prefix}_1* shows ${prefix}_1_${suffix} and ${prefix}_2_${suffix}" 113 114 for i in 1 2; do 115 run_podman volume rm ${prefix}_${i}_${suffix} 116 done 117 } 118 119 # Named volumes 120 @test "podman volume create / run" { 121 myvolume=myvol$(random_string) 122 mylabel=$(random_string) 123 124 # Create a named volume 125 run_podman volume create -d local --label l=$mylabel $myvolume 126 is "$output" "$myvolume" "output from volume create" 127 128 # Confirm that it shows up in 'volume ls', and confirm values 129 run_podman volume ls --format json 130 tests=" 131 Name | $myvolume 132 Driver | local 133 Labels.l | $mylabel 134 " 135 parse_table "$tests" | while read field expect; do 136 actual=$(jq -r ".[0].$field" <<<"$output") 137 is "$actual" "$expect" "volume ls .$field" 138 done 139 140 # Run a container that writes to a file in that volume 141 mountpoint=$(jq -r '.[0].Mountpoint' <<<"$output") 142 rand=$(random_string) 143 run_podman run --rm --volume $myvolume:/vol $IMAGE sh -c "echo $rand >/vol/myfile" 144 145 # Confirm that the file is visible, with content, outside the container 146 is "$(<$mountpoint/myfile)" "$rand" "we see content created in container" 147 148 # Clean up 149 run_podman volume rm $myvolume 150 } 151 152 # Removing volumes with --force 153 @test "podman volume rm --force" { 154 run_podman run -d --volume myvol:/myvol $IMAGE top 155 cid=$output 156 run_podman 2 volume rm myvol 157 is "$output" "Error: volume myvol is being used by the following container(s): $cid: volume is being used" "should error since container is running" 158 run_podman volume rm myvol --force -t0 159 } 160 161 # Running scripts (executables) from a volume 162 @test "podman volume: exec/noexec" { 163 myvolume=myvol$(random_string) 164 165 run_podman volume create $myvolume 166 is "$output" "$myvolume" "output from volume create" 167 168 run_podman volume inspect --format '{{.Mountpoint}}' $myvolume 169 mountpoint="$output" 170 171 # Create a script, make it runnable 172 rand=$(random_string) 173 cat >$mountpoint/myscript <<EOF 174 #!/bin/sh 175 echo "got here -$rand-" 176 EOF 177 chmod 755 $mountpoint/myscript 178 179 # By default, volumes are mounted exec, but we have manually added the 180 # noexec option. This should fail. 181 run_podman 126 run --rm --volume $myvolume:/vol:noexec,z $IMAGE /vol/myscript 182 183 # crun and runc emit different messages, and even runc is inconsistent 184 # with itself (output changed some time in 2022?). Deal with all. 185 assert "$output" =~ 'exec.* permission denied' "run on volume, noexec" 186 187 # With the default, it should pass 188 run_podman run --rm -v $myvolume:/vol:z $IMAGE /vol/myscript 189 is "$output" "got here -$rand-" "script in volume is runnable with default (exec)" 190 191 # Clean up 192 run_podman volume rm $myvolume 193 } 194 195 196 # Anonymous temporary volumes, and persistent autocreated named ones 197 @test "podman volume, implicit creation with run" { 198 # No hostdir arg: create anonymous container with random name 199 rand=$(random_string) 200 run_podman run -v /myvol $IMAGE sh -c "echo $rand >/myvol/myfile" 201 202 run_podman volume ls -q 203 tempvolume="$output" 204 205 # We should see the file created in the container 206 run_podman volume inspect --format '{{.Mountpoint}}' $tempvolume 207 mountpoint="$output" 208 test -e "$mountpoint/myfile" 209 is "$(< $mountpoint/myfile)" "$rand" "file contents, anonymous volume" 210 211 # Remove the container, using rm --volumes. Volume should now be gone. 212 run_podman rm -a --volumes 213 run_podman volume ls -q 214 is "$output" "" "anonymous volume is removed after container is rm'ed" 215 216 # Create a *named* container. This one should persist after container ends 217 myvol=myvol$(random_string) 218 rand=$(random_string) 219 220 # Duplicate "-v" confirms #8307, fix for double-lock on same volume 221 run_podman run --rm -v $myvol:/myvol:z -v $myvol:/myvol2:z $IMAGE \ 222 sh -c "echo $rand >/myvol/myfile" 223 run_podman volume ls -q 224 is "$output" "$myvol" "autocreated named container persists" 225 226 # ...and should be usable, read/write, by a second container 227 run_podman run --rm -v $myvol:/myvol:z $IMAGE \ 228 sh -c "cp /myvol/myfile /myvol/myfile2" 229 230 run_podman volume rm $myvol 231 232 if is_rootless; then 233 # Autocreated volumes should also work with keep-id 234 # All we do here is check status; podman 1.9.1 would fail with EPERM 235 myvol=myvol$(random_string) 236 run_podman run --rm -v $myvol:/myvol:z --userns=keep-id $IMAGE \ 237 touch /myvol/myfile 238 run_podman volume rm $myvol 239 fi 240 } 241 242 243 # Podman volume import test 244 @test "podman volume import test" { 245 skip_if_remote "volumes import is not applicable on podman-remote" 246 run_podman volume create --driver local my_vol 247 run_podman run --rm -v my_vol:/data $IMAGE sh -c "echo hello >> /data/test" 248 run_podman volume create my_vol2 249 250 tarfile=${PODMAN_TMPDIR}/hello$(random_string | tr A-Z a-z).tar 251 run_podman volume export my_vol --output=$tarfile 252 # we want to use `run_podman volume export my_vol` but run_podman is wrapping EOF 253 run_podman volume import my_vol2 - < $tarfile 254 rm -f $tarfile 255 run_podman run --rm -v my_vol2:/data $IMAGE sh -c "cat /data/test" 256 is "$output" "hello" "output from second container" 257 run_podman volume rm my_vol 258 run_podman volume rm my_vol2 259 } 260 261 # stdout with NULs is easier to test here than in ginkgo 262 @test "podman volume export to stdout" { 263 skip_if_remote "N/A on podman-remote" 264 265 local volname="myvol_$(random_string 10)" 266 local mountpoint="/data$(random_string 8)" 267 268 run_podman volume create $volname 269 assert "$output" == "$volname" "volume create emits the name it was given" 270 271 local content="mycontent-$(random_string 20)-the-end" 272 run_podman run --rm --volume "$volname:$mountpoint" $IMAGE \ 273 sh -c "echo $content >$mountpoint/testfile" 274 assert "$output" = "" 275 276 # We can't use run_podman because bash can't handle NUL characters. 277 # Can't even store them in variables, so we need immediate redirection 278 # The "-v" is only for debugging: tar will emit the filename to stderr. 279 # If this test ever fails, that may give a clue. 280 echo "$_LOG_PROMPT $PODMAN volume export $volname | tar -x ..." 281 tar_output="$($PODMAN volume export $volname | tar -x -v --to-stdout)" 282 echo "$tar_output" 283 assert "$tar_output" == "$content" "extracted content" 284 285 # Clean up 286 run_podman volume rm $volname 287 } 288 289 # Podman volume user test 290 @test "podman volume user test" { 291 is_rootless || skip "only meaningful when run rootless" 292 skip_if_remote "not applicable on podman-remote" 293 294 user="1000:2000" 295 newuser="100:200" 296 tmpdir=${PODMAN_TMPDIR}/volume_$(random_string) 297 mkdir $tmpdir 298 touch $tmpdir/test1 299 300 run_podman run --name user --user $user -v $tmpdir:/data:U $IMAGE stat -c "%u:%g" /data 301 is "$output" "$user" "user should be changed" 302 303 # Now chown the source directory and make sure recursive chown happens 304 run_podman unshare chown -R $newuser $tmpdir 305 run_podman start --attach user 306 is "$output" "$user" "user should be the same" 307 308 # Now chown the file in source directory and make sure recursive chown 309 # doesn't happen 310 run_podman unshare chown -R $newuser $tmpdir/test1 311 run_podman start --attach user 312 is "$output" "$user" "user should be the same" 313 # test1 should still be chowned to $newuser 314 run_podman unshare stat -c "%u:%g" $tmpdir/test1 315 is "$output" "$newuser" "user should not be changed" 316 317 run_podman unshare rm $tmpdir/test1 318 run_podman rm user 319 } 320 321 322 # Confirm that container sees the correct id 323 @test "podman volume with --userns=keep-id" { 324 is_rootless || skip "only meaningful when run rootless" 325 326 myvoldir=${PODMAN_TMPDIR}/volume_$(random_string) 327 mkdir $myvoldir 328 touch $myvoldir/myfile 329 330 containersconf=${PODMAN_TMPDIR}/containers.conf 331 cat >$containersconf <<EOF 332 [containers] 333 userns="keep-id" 334 EOF 335 336 # With keep-id 337 run_podman run --rm -v $myvoldir:/vol:z --userns=keep-id $IMAGE \ 338 stat -c "%u:%g:%s" /vol/myfile 339 is "$output" "$(id -u):$(id -g):0" "with keep-id: stat(file in container) == my uid" 340 341 # Without 342 run_podman run --rm -v $myvoldir:/vol:z $IMAGE \ 343 stat -c "%u:%g:%s" /vol/myfile 344 is "$output" "0:0:0" "w/o keep-id: stat(file in container) == root" 345 346 # With keep-id from containers.conf 347 CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --rm -v $myvoldir:/vol:z $IMAGE \ 348 stat -c "%u:%g:%s" /vol/myfile 349 is "$output" "$(id -u):$(id -g):0" "with keep-id from containers.conf: stat(file in container) == my uid" 350 351 # With keep-id from containers.conf overridden with --userns=nomap 352 CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --rm -v $myvoldir:/vol:z --userns=nomap $IMAGE \ 353 stat -c "%u:%g:%s" /vol/myfile 354 is "$output" "65534:65534:0" "w/o overridden containers.conf keep-id->nomap: stat(file in container) == root" 355 } 356 357 358 # 'volume prune' identifies and cleans up unused volumes 359 @test "podman volume prune" { 360 # Create four named volumes 361 local -a v=() 362 for i in 1 2 3 4;do 363 vol=myvol${i}$(random_string) 364 v[$i]=$vol 365 run_podman volume create $vol 366 done 367 368 # Create two additional labeled volumes 369 for i in 5 6; do 370 vol=myvol${i}$(random_string) 371 v[$i]=$vol 372 run_podman volume create $vol --label "mylabel" 373 done 374 375 # (Assert that output is formatted, not a one-line blob: #8011) 376 run_podman volume inspect ${v[1]} 377 assert "${#lines[*]}" -ge 10 "Output from 'volume inspect'; see #8011" 378 379 # Run two containers: one mounting v1, one mounting v2 & v3 380 run_podman run --name c1 --volume ${v[1]}:/vol1 $IMAGE date 381 run_podman run --name c2 --volume ${v[2]}:/vol2 -v ${v[3]}:/vol3 \ 382 $IMAGE date 383 384 # List available volumes for pruning after using 1,2,3 385 run_podman volume prune <<< N 386 is "$(echo $(sort <<<${lines[*]:1:3}))" "${v[4]} ${v[5]} ${v[6]}" "volume prune, with 1,2,3 in use, lists 4,5,6" 387 388 # List available volumes for pruning after using 1,2,3 and filtering; see #8913 389 run_podman volume prune --filter label=mylabel <<< N 390 is "$(echo $(sort <<<${lines[*]:1:2}))" "${v[5]} ${v[6]}" "volume prune, with 1,2,3 in use and 4 filtered out, lists 5,6" 391 392 # prune should remove v4 393 run_podman volume prune --force 394 is "$(echo $(sort <<<$output))" "${v[4]} ${v[5]} ${v[6]}" \ 395 "volume prune, with 1, 2, 3 in use, deletes only 4, 5, 6" 396 397 # Remove the container using v2 and v3. Prune should now remove those. 398 # The 'echo sort' is to get the output sorted and in one line. 399 run_podman rm c2 400 run_podman volume prune --force 401 is "$(echo $(sort <<<$output))" "${v[2]} ${v[3]}" \ 402 "volume prune, after rm c2, deletes volumes 2 and 3" 403 404 # Remove the final container. Prune should now remove v1. 405 run_podman rm c1 406 run_podman volume prune --force 407 is "$output" "${v[1]}" "volume prune, after rm c2 & c1, deletes volume 1" 408 409 # Further prunes are NOPs 410 run_podman volume prune --force 411 is "$output" "" "no more volumes to prune" 412 } 413 414 # bats test_tags=distro-integration 415 @test "podman volume type=bind" { 416 myvoldir=${PODMAN_TMPDIR}/volume_$(random_string) 417 mkdir $myvoldir 418 touch $myvoldir/myfile 419 420 myvolume=myvol$(random_string) 421 run_podman 125 volume create -o type=bind -o device=/bogus $myvolume 422 is "$output" "Error: invalid volume option device for driver 'local': faccessat /bogus: no such file or directory" "should fail with bogus directory not existing" 423 424 run_podman volume create -o type=bind -o device=/$myvoldir $myvolume 425 is "$output" "$myvolume" "should successfully create myvolume" 426 427 run_podman run --rm -v $myvolume:/vol:z $IMAGE \ 428 stat -c "%u:%s" /vol/myfile 429 is "$output" "0:0" "w/o keep-id: stat(file in container) == root" 430 } 431 432 @test "podman volume type=tmpfs" { 433 myvolume=myvol$(random_string) 434 run_podman volume create -o type=tmpfs -o o=size=2M -o device=tmpfs $myvolume 435 is "$output" "$myvolume" "should successfully create myvolume" 436 437 run_podman run --rm -v $myvolume:/vol $IMAGE stat -f -c "%T" /vol 438 is "$output" "tmpfs" "volume should be tmpfs" 439 440 run_podman run --rm -v $myvolume:/vol $IMAGE sh -c "mount| grep /vol" 441 is "$output" "tmpfs on /vol type tmpfs.*size=2048k.*" "size should be set to 2048k" 442 } 443 444 # Named volumes copyup 445 @test "podman volume create copyup" { 446 myvolume=myvol$(random_string) 447 mylabel=$(random_string) 448 449 # Create a named volume 450 run_podman volume create $myvolume 451 is "$output" "$myvolume" "output from volume create" 452 453 # Confirm that it shows up in 'volume ls', and confirm values 454 run_podman volume ls --format json 455 tests=" 456 Name | $myvolume 457 Driver | local 458 NeedsCopyUp | true 459 NeedsChown | true 460 " 461 parse_table "$tests" | while read field expect; do 462 actual=$(jq -r ".[0].$field" <<<"$output") 463 is "$actual" "$expect" "volume ls .$field" 464 done 465 466 run_podman run --rm --volume $myvolume:/vol $IMAGE true 467 run_podman volume inspect --format '{{ .NeedsCopyUp }}' $myvolume 468 is "${output}" "true" "If content in dest '/vol' empty NeedsCopyUP should still be true" 469 run_podman volume inspect --format '{{ .NeedsChown }}' $myvolume 470 is "${output}" "false" "After first use within a container NeedsChown should still be false" 471 472 run_podman run --rm --volume $myvolume:/etc $IMAGE ls /etc/passwd 473 run_podman volume inspect --format '{{ .NeedsCopyUp }}' $myvolume 474 is "${output}" "false" "If content in dest '/etc' non-empty NeedsCopyUP should still have happened and be false" 475 476 run_podman volume inspect --format '{{.Mountpoint}}' $myvolume 477 mountpoint="$output" 478 test -e "$mountpoint/passwd" 479 480 # Clean up 481 run_podman volume rm -t -1 --force $myvolume 482 } 483 484 @test "podman volume mount" { 485 skip_if_remote "podman --remote volume mount not supported" 486 myvolume=myvol$(random_string) 487 myfile=myfile$(random_string) 488 mytext=$(random_string) 489 490 # Create a named volume 491 run_podman volume create $myvolume 492 is "$output" "$myvolume" "output from volume create" 493 494 if ! is_rootless ; then 495 # image mount is hard to test as a rootless user 496 # and does not work remotely 497 run_podman volume mount ${myvolume} 498 mnt=${output} 499 echo $mytext >$mnt/$myfile 500 run_podman run -v ${myvolume}:/vol:z $IMAGE cat /vol/$myfile 501 is "$output" "$mytext" "$myfile should exist within the containers volume and contain $mytext" 502 run_podman volume unmount ${myvolume} 503 else 504 run_podman 125 volume mount ${myvolume} 505 is "$output" "Error: cannot run command \"podman volume mount\" in rootless mode, must execute.*podman unshare.*first" "Should fail and complain about unshare" 506 fi 507 } 508 509 @test "podman --image-volume" { 510 tmpdir=$PODMAN_TMPDIR/volume-test 511 mkdir -p $tmpdir 512 containerfile=$tmpdir/Containerfile 513 cat >$containerfile <<EOF 514 FROM $IMAGE 515 VOLUME /data 516 EOF 517 fs=$(stat -f -c %T .) 518 run_podman build -t volume_image $tmpdir 519 520 containersconf=$tmpdir/containers.conf 521 cat >$containersconf <<EOF 522 [engine] 523 image_volume_mode="tmpfs" 524 EOF 525 526 run_podman run --image-volume tmpfs --rm volume_image stat -f -c %T /data 527 is "$output" "tmpfs" "Should be tmpfs" 528 529 run_podman 1 run --image-volume ignore --rm volume_image stat -f -c %T /data 530 is "$output" "stat: can't read file system information for '/data': No such file or directory" "Should fail with /data does not exist" 531 532 CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --rm volume_image stat -f -c %T /data 533 is "$output" "tmpfs" "Should be tmpfs" 534 535 CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --image-volume anonymous --rm volume_image stat -f -c %T /data 536 assert "$output" != "tmpfs" "Should match hosts $fs" 537 538 CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --image-volume tmpfs --rm volume_image stat -f -c %T /data 539 is "$output" "tmpfs" "Should be tmpfs" 540 541 CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman 1 run --image-volume ignore --rm volume_image stat -f -c %T /data 542 is "$output" "stat: can't read file system information for '/data': No such file or directory" "Should fail with /data does not exist" 543 544 run_podman rm --all --force -t 0 545 run_podman image rm --force localhost/volume_image 546 } 547 548 @test "podman volume rm --force bogus" { 549 run_podman 1 volume rm bogus 550 is "$output" "Error: no volume with name \"bogus\" found: no such volume" "Should print error" 551 run_podman volume rm --force bogus 552 is "$output" "" "Should print no output" 553 554 run_podman volume create testvol 555 run_podman volume rm --force bogus testvol 556 assert "$output" = "testvol" "removed volume" 557 558 run_podman volume ls -q 559 assert "$output" = "" "no volumes" 560 } 561 562 @test "podman ps -f" { 563 vol1="/v1_$(random_string)" 564 run_podman run -d --rm --volume ${PODMAN_TMPDIR}:$vol1 $IMAGE top 565 cid=$output 566 567 run_podman ps --noheading --no-trunc -q -f volume=$vol1 568 is "$output" "$cid" "Should find container by volume" 569 570 run_podman ps --noheading --no-trunc -q --filter volume=/NoSuchVolume 571 is "$output" "" "ps --filter volume=/NoSuchVolume" 572 573 # Clean up 574 run_podman rm -f -t 0 -a 575 } 576 577 @test "podman run with building volume and selinux file label" { 578 skip_if_no_selinux 579 run_podman create --security-opt label=filetype:usr_t --volume myvol:/myvol $IMAGE top 580 run_podman volume inspect myvol --format '{{ .Mountpoint }}' 581 path=${output} 582 run ls -Zd $path 583 is "$output" "system_u:object_r:usr_t:s0 $path" "volume should be labeled with usr_t type" 584 run_podman volume rm myvol --force 585 } 586 587 @test "podman volume create --ignore - do not chown" { 588 local user_id=2000 589 local group_id=2000 590 local volume_name=$(random_string) 591 592 # Create a volume and get its mount point 593 run_podman volume create --ignore ${volume_name} 594 run_podman volume inspect --format '{{.Mountpoint}}' $volume_name 595 mountpoint="$output" 596 597 # Run a container with the volume mounted 598 run_podman run --rm --user ${group_id}:${user_id} -v ${volume_name}:/vol $IMAGE 599 600 # Podman chowns the mount point according to the user used in the previous command 601 local original_owner=$(stat --format %g:%u ${mountpoint}) 602 603 # Creating an existing volume with ignore should be a noop 604 run_podman volume create --ignore ${volume_name} 605 606 # Verify that the mountpoint was not chowned 607 owner=$(stat --format %g:%u ${mountpoint}) 608 is "$owner" "${original_owner}" "The volume was chowned by podman volume create" 609 610 run_podman volume rm $volume_name --force 611 } 612 613 # vim: filetype=sh