github.com/hanks177/podman/v4@v4.1.3-0.20220613032544-16d90015bc83/test/e2e/containers_conf_test.go (about) 1 package integration 2 3 import ( 4 "fmt" 5 "io/ioutil" 6 "os" 7 "os/exec" 8 "path/filepath" 9 "strings" 10 11 . "github.com/hanks177/podman/v4/test/utils" 12 . "github.com/onsi/ginkgo" 13 . "github.com/onsi/gomega" 14 . "github.com/onsi/gomega/gbytes" 15 . "github.com/onsi/gomega/gexec" 16 ) 17 18 var _ = Describe("Verify podman containers.conf usage", func() { 19 var ( 20 tempdir string 21 err error 22 podmanTest *PodmanTestIntegration 23 ) 24 25 BeforeEach(func() { 26 tempdir, err = CreateTempDirInTempDir() 27 if err != nil { 28 os.Exit(1) 29 } 30 podmanTest = PodmanTestCreate(tempdir) 31 podmanTest.Setup() 32 os.Setenv("CONTAINERS_CONF", "config/containers.conf") 33 if IsRemote() { 34 podmanTest.RestartRemoteService() 35 } 36 37 }) 38 39 AfterEach(func() { 40 podmanTest.Cleanup() 41 f := CurrentGinkgoTestDescription() 42 processTestResult(f) 43 os.Unsetenv("CONTAINERS_CONF") 44 }) 45 46 It("limits test", func() { 47 SkipIfRootlessCgroupsV1("Setting limits not supported on cgroupv1 for rootless users") 48 // containers.conf is set to "nofile=500:500" 49 session := podmanTest.Podman([]string{"run", "--rm", fedoraMinimal, "ulimit", "-n"}) 50 session.WaitWithDefaultTimeout() 51 Expect(session).Should(Exit(0)) 52 Expect(session.OutputToString()).To(ContainSubstring("500")) 53 54 session = podmanTest.Podman([]string{"run", "--rm", "--ulimit", "nofile=2048:2048", fedoraMinimal, "ulimit", "-n"}) 55 session.WaitWithDefaultTimeout() 56 Expect(session).Should(Exit(0)) 57 Expect(session.OutputToString()).To(ContainSubstring("2048")) 58 }) 59 60 It("having additional env", func() { 61 // containers.conf default env includes foo 62 session := podmanTest.Podman([]string{"run", ALPINE, "printenv"}) 63 session.WaitWithDefaultTimeout() 64 Expect(session).Should(Exit(0)) 65 Expect(session.OutputToString()).To(ContainSubstring("foo=bar")) 66 }) 67 68 It("additional devices", func() { 69 // containers.conf devices includes notone 70 session := podmanTest.Podman([]string{"run", "--device", "/dev/null:/dev/bar", ALPINE, "ls", "/dev"}) 71 session.WaitWithDefaultTimeout() 72 Expect(session).Should(Exit(0)) 73 Expect(session.OutputToString()).To( 74 And( 75 ContainSubstring("bar"), 76 ContainSubstring("notone"), 77 )) 78 }) 79 80 It("shm-size", func() { 81 // containers.conf default sets shm-size=201k, which ends up as 200k 82 session := podmanTest.Podman([]string{"run", ALPINE, "grep", "shm", "/proc/self/mounts"}) 83 session.WaitWithDefaultTimeout() 84 Expect(session).Should(Exit(0)) 85 Expect(session.OutputToString()).To(ContainSubstring("size=200k")) 86 87 session = podmanTest.Podman([]string{"run", "--shm-size", "1g", ALPINE, "grep", "shm", "/proc/self/mounts"}) 88 session.WaitWithDefaultTimeout() 89 Expect(session).Should(Exit(0)) 90 Expect(session.OutputToString()).To(ContainSubstring("size=1048576k")) 91 }) 92 93 It("add capabilities", func() { 94 SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1") 95 cap := podmanTest.Podman([]string{"run", ALPINE, "grep", "CapEff", "/proc/self/status"}) 96 cap.WaitWithDefaultTimeout() 97 Expect(cap).Should(Exit(0)) 98 99 os.Setenv("CONTAINERS_CONF", "config/containers-ns.conf") 100 if IsRemote() { 101 podmanTest.RestartRemoteService() 102 } 103 session := podmanTest.Podman([]string{"run", BB, "grep", "CapEff", "/proc/self/status"}) 104 session.WaitWithDefaultTimeout() 105 Expect(session).Should(Exit(0)) 106 Expect(session.OutputToString()).ToNot(Equal(cap.OutputToString())) 107 }) 108 109 It("regular capabilities", func() { 110 setup := podmanTest.RunTopContainer("test1") 111 setup.WaitWithDefaultTimeout() 112 result := podmanTest.Podman([]string{"top", "test1", "capeff"}) 113 result.WaitWithDefaultTimeout() 114 Expect(result).Should(Exit(0)) 115 Expect(result.Out.Contents()).To( 116 And( 117 ContainSubstring("SYS_CHROOT"), 118 ContainSubstring("NET_RAW"), 119 )) 120 }) 121 122 It("drop capabilities", func() { 123 os.Setenv("CONTAINERS_CONF", "config/containers-caps.conf") 124 if IsRemote() { 125 podmanTest.RestartRemoteService() 126 } 127 setup := podmanTest.RunTopContainer("test1") 128 setup.WaitWithDefaultTimeout() 129 result := podmanTest.Podman([]string{"container", "top", "test1", "capeff"}) 130 result.WaitWithDefaultTimeout() 131 Expect(result).Should(Exit(0)) 132 Expect(result.Out.Contents()).ToNot( 133 And( 134 ContainSubstring("SYS_CHROOT"), 135 ContainSubstring("NET_RAW"), 136 )) 137 }) 138 139 verifyNSHandling := func(nspath, option string) { 140 SkipIfRootlessCgroupsV1("Not supported for rootless + CgroupsV1") 141 os.Setenv("CONTAINERS_CONF", "config/containers-ns.conf") 142 if IsRemote() { 143 podmanTest.RestartRemoteService() 144 } 145 // containers.conf default ipcns to default to host 146 session := podmanTest.Podman([]string{"run", ALPINE, "ls", "-l", nspath}) 147 session.WaitWithDefaultTimeout() 148 Expect(session).Should(Exit(0)) 149 fields := strings.Split(session.OutputToString(), " ") 150 ctrNS := strings.TrimSuffix(fields[len(fields)-1], "\n") 151 152 cmd := exec.Command("ls", "-l", nspath) 153 res, err := cmd.Output() 154 Expect(err).ToNot(HaveOccurred()) 155 fields = strings.Split(string(res), " ") 156 hostNS := strings.TrimSuffix(fields[len(fields)-1], "\n") 157 Expect(hostNS).To(Equal(ctrNS)) 158 159 session = podmanTest.Podman([]string{"run", option, "private", ALPINE, "ls", "-l", nspath}) 160 fields = strings.Split(session.OutputToString(), " ") 161 ctrNS = fields[len(fields)-1] 162 Expect(hostNS).ToNot(Equal(ctrNS)) 163 } 164 165 It("netns", func() { 166 verifyNSHandling("/proc/self/ns/net", "--network") 167 }) 168 169 It("ipcns", func() { 170 verifyNSHandling("/proc/self/ns/ipc", "--ipc") 171 }) 172 173 It("utsns", func() { 174 verifyNSHandling("/proc/self/ns/uts", "--uts") 175 }) 176 177 It("pidns", func() { 178 verifyNSHandling("/proc/self/ns/pid", "--pid") 179 }) 180 181 It("cgroupns", func() { 182 verifyNSHandling("/proc/self/ns/cgroup", "--cgroupns") 183 }) 184 185 It("using journald for container with container log_tag", func() { 186 SkipIfInContainer("journalctl inside a container doesn't work correctly") 187 os.Setenv("CONTAINERS_CONF", "config/containers-journald.conf") 188 if IsRemote() { 189 podmanTest.RestartRemoteService() 190 } 191 logc := podmanTest.Podman([]string{"run", "-d", ALPINE, "sh", "-c", "echo podman; sleep 0.1; echo podman; sleep 0.1; echo podman"}) 192 logc.WaitWithDefaultTimeout() 193 Expect(logc).Should(Exit(0)) 194 cid := logc.OutputToString() 195 196 wait := podmanTest.Podman([]string{"wait", cid}) 197 wait.WaitWithDefaultTimeout() 198 Expect(wait).Should(Exit(0)) 199 200 cmd := exec.Command("journalctl", "--no-pager", "-o", "json", "--output-fields=CONTAINER_TAG", fmt.Sprintf("CONTAINER_ID_FULL=%s", cid)) 201 out, err := cmd.CombinedOutput() 202 Expect(err).ToNot(HaveOccurred()) 203 Expect(out).To(ContainSubstring("alpine")) 204 }) 205 206 It("add volumes", func() { 207 conffile := filepath.Join(podmanTest.TempDir, "container.conf") 208 tempdir, err = CreateTempDirInTempDir() 209 Expect(err).ToNot(HaveOccurred()) 210 211 err := ioutil.WriteFile(conffile, []byte(fmt.Sprintf("[containers]\nvolumes=[\"%s:%s:Z\",]\n", tempdir, tempdir)), 0755) 212 Expect(err).ToNot(HaveOccurred()) 213 214 os.Setenv("CONTAINERS_CONF", conffile) 215 if IsRemote() { 216 podmanTest.RestartRemoteService() 217 } 218 result := podmanTest.Podman([]string{"run", ALPINE, "ls", tempdir}) 219 result.WaitWithDefaultTimeout() 220 Expect(result).Should(Exit(0)) 221 }) 222 223 It("sysctl test", func() { 224 // containers.conf is set to "net.ipv4.ping_group_range=0 1000" 225 session := podmanTest.Podman([]string{"run", "--rm", fedoraMinimal, "cat", "/proc/sys/net/ipv4/ping_group_range"}) 226 session.WaitWithDefaultTimeout() 227 Expect(session).Should(Exit(0)) 228 Expect(session.OutputToString()).To(ContainSubstring("1000")) 229 230 // Ignore containers.conf setting if --net=host 231 session = podmanTest.Podman([]string{"run", "--rm", "--net", "host", fedoraMinimal, "cat", "/proc/sys/net/ipv4/ping_group_range"}) 232 session.WaitWithDefaultTimeout() 233 Expect(session).Should(Exit(0)) 234 Expect(session.OutputToString()).ToNot((ContainSubstring("1000"))) 235 }) 236 237 It("search domain", func() { 238 session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"}) 239 session.WaitWithDefaultTimeout() 240 Expect(session).Should(Exit(0)) 241 Expect(session.OutputToStringArray()).To(ContainElement(HavePrefix("search foobar.com"))) 242 }) 243 244 It("add dns server", func() { 245 session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"}) 246 session.WaitWithDefaultTimeout() 247 Expect(session).Should(Exit(0)) 248 Expect(session.OutputToStringArray()).To(ContainElement(HavePrefix("nameserver 1.2.3.4"))) 249 }) 250 251 It("add dns option", func() { 252 session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"}) 253 session.WaitWithDefaultTimeout() 254 Expect(session).Should(Exit(0)) 255 Expect(session.OutputToStringArray()).To(ContainElement(HavePrefix("options debug"))) 256 }) 257 258 It("remove all search domain", func() { 259 session := podmanTest.Podman([]string{"run", "--dns-search=.", ALPINE, "cat", "/etc/resolv.conf"}) 260 session.WaitWithDefaultTimeout() 261 Expect(session).Should(Exit(0)) 262 Expect(session.OutputToStringArray()).To(Not(ContainElement(HavePrefix("search")))) 263 }) 264 265 It("add search domain", func() { 266 session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"}) 267 session.WaitWithDefaultTimeout() 268 Expect(session).Should(Exit(0)) 269 Expect(session.OutputToStringArray()).To(ContainElement(HavePrefix("search"))) 270 Expect(session.Out.Contents()).To( 271 And( 272 ContainSubstring("foobar.com"), 273 ContainSubstring("1.2.3.4"), 274 ContainSubstring("debug"), 275 )) 276 }) 277 278 It("add timezone", func() { 279 // containers.conf timezone set to Pacific/Honolulu 280 session := podmanTest.Podman([]string{"run", "--tz", "", ALPINE, "date", "+'%H %Z'"}) 281 session.WaitWithDefaultTimeout() 282 Expect(session).Should(Exit(0)) 283 Expect(session.OutputToString()).To(ContainSubstring("HST")) 284 285 // verify flag still overrides 286 session = podmanTest.Podman([]string{"run", "--tz", "EST", ALPINE, "date", "+'%H %Z'"}) 287 session.WaitWithDefaultTimeout() 288 Expect(session).Should(Exit(0)) 289 Expect(session.OutputToString()).To(ContainSubstring("EST")) 290 }) 291 292 It("add umask", func() { 293 // containers.conf umask set to 0002 294 if !strings.Contains(podmanTest.OCIRuntime, "crun") { 295 Skip("Test only works on crun") 296 } 297 298 session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "sh", "-c", "umask"}) 299 session.WaitWithDefaultTimeout() 300 Expect(session).Should(Exit(0)) 301 Expect(session.OutputToString()).To(Equal("0002")) 302 }) 303 304 It("network slirp options to allow host loopback", func() { 305 session := podmanTest.Podman([]string{"run", "--network", "slirp4netns", ALPINE, "ping", "-c1", "10.0.2.2"}) 306 session.Wait(30) 307 Expect(session).Should(Exit(0)) 308 }) 309 310 It("podman-remote test localcontainers.conf", func() { 311 SkipIfNotRemote("this test is only for remote") 312 313 os.Setenv("CONTAINERS_CONF", "config/containers-remote.conf") 314 // Configuration that comes from remote server 315 // env 316 session := podmanTest.Podman([]string{"run", ALPINE, "printenv", "foo"}) 317 session.WaitWithDefaultTimeout() 318 Expect(session).Should(Exit(0)) 319 Expect(session.OutputToString()).To(Equal("bar")) 320 321 // dns-search, server, options 322 session = podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"}) 323 session.WaitWithDefaultTimeout() 324 Expect(session).Should(Exit(0)) 325 Expect(session.OutputToStringArray()).To(ContainElement(HavePrefix("search"))) 326 Expect(session.Out.Contents()).To( 327 And( 328 ContainSubstring("foobar.com"), 329 ContainSubstring("1.2.3.4"), 330 ContainSubstring("debug"), 331 )) 332 333 // sysctls 334 session = podmanTest.Podman([]string{"run", "--rm", ALPINE, "cat", "/proc/sys/net/ipv4/ping_group_range"}) 335 session.WaitWithDefaultTimeout() 336 Expect(session).Should(Exit(0)) 337 Expect(session.Out.Contents()).To(ContainSubstring("1000")) 338 339 // shm-size 340 session = podmanTest.Podman([]string{"run", ALPINE, "grep", "shm", "/proc/self/mounts"}) 341 session.WaitWithDefaultTimeout() 342 Expect(session).Should(Exit(0)) 343 Expect(session.Out.Contents()).To(ContainSubstring("size=200k")) 344 345 // ulimits 346 session = podmanTest.Podman([]string{"run", "--rm", fedoraMinimal, "ulimit", "-n"}) 347 session.WaitWithDefaultTimeout() 348 Expect(session).Should(Exit(0)) 349 Expect(session.Out.Contents()).To(ContainSubstring("500")) 350 351 // Configuration that comes from remote client 352 // Timezone 353 session = podmanTest.Podman([]string{"run", ALPINE, "date", "+'%H %Z'"}) 354 session.WaitWithDefaultTimeout() 355 Expect(session).Should(Exit(0)) 356 Expect(session.Out.Contents()).To( 357 Or( 358 ContainSubstring("EST"), 359 ContainSubstring("EDT"), 360 )) 361 362 // Umask 363 session = podmanTest.Podman([]string{"run", "--rm", ALPINE, "sh", "-c", "umask"}) 364 session.WaitWithDefaultTimeout() 365 Expect(session).Should(Exit(0)) 366 Expect(session.OutputToString()).To(Equal("0022")) 367 }) 368 369 It("add annotations", func() { 370 // containers.conf is set to "run.oci.keep_original_groups=1" 371 session := podmanTest.Podman([]string{"create", "--rm", "--name", "test", fedoraMinimal}) 372 session.WaitWithDefaultTimeout() 373 Expect(session).Should(Exit(0)) 374 375 inspect := podmanTest.Podman([]string{"inspect", "--format", "{{ .Config.Annotations }}", "test"}) 376 inspect.WaitWithDefaultTimeout() 377 Expect(inspect.Out.Contents()).To(ContainSubstring("run.oci.keep_original_groups:1")) 378 }) 379 380 It("--add-host and no-hosts=true fails", func() { 381 session := podmanTest.Podman([]string{"run", "-dt", "--add-host", "test1:127.0.0.1", ALPINE, "top"}) 382 session.WaitWithDefaultTimeout() 383 Expect(session).To(ExitWithError()) 384 Expect(session.Err.Contents()).To(ContainSubstring("--no-hosts and --add-host cannot be set together")) 385 386 session = podmanTest.Podman([]string{"run", "-dt", "--add-host", "test1:127.0.0.1", "--no-hosts=false", ALPINE, "top"}) 387 session.WaitWithDefaultTimeout() 388 Expect(session).Should(Exit(0)) 389 }) 390 391 It("no-hosts=true /etc/hosts does not include hostname", func() { 392 session := podmanTest.Podman([]string{"run", "--rm", "--name", "test", ALPINE, "cat", "/etc/hosts"}) 393 session.WaitWithDefaultTimeout() 394 Expect(session).Should(Exit(0)) 395 Expect(session.Out.Contents()).ToNot(ContainSubstring("test")) 396 397 session = podmanTest.Podman([]string{"run", "--rm", "--name", "test", "--no-hosts=false", ALPINE, "cat", "/etc/hosts"}) 398 session.WaitWithDefaultTimeout() 399 Expect(session).Should(Exit(0)) 400 Expect(session.Out.Contents()).To(ContainSubstring("test")) 401 }) 402 403 It("seccomp profile path", func() { 404 configPath := filepath.Join(podmanTest.TempDir, "containers.conf") 405 os.Setenv("CONTAINERS_CONF", configPath) 406 407 profile := filepath.Join(podmanTest.TempDir, "seccomp.json") 408 containersConf := []byte(fmt.Sprintf("[containers]\nseccomp_profile=\"%s\"", profile)) 409 err = ioutil.WriteFile(configPath, containersConf, os.ModePerm) 410 Expect(err).ToNot(HaveOccurred()) 411 412 if IsRemote() { 413 podmanTest.RestartRemoteService() 414 } 415 416 session := podmanTest.Podman([]string{"info", "--format", "{{.Host.Security.SECCOMPProfilePath}}"}) 417 session.WaitWithDefaultTimeout() 418 Expect(session).Should(Exit(0)) 419 Expect(session.OutputToString()).To(Equal(profile)) 420 }) 421 422 It("add image_copy_tmp_dir", func() { 423 session := podmanTest.Podman([]string{"info", "--format", "{{.Store.ImageCopyTmpDir}}"}) 424 session.WaitWithDefaultTimeout() 425 Expect(session).Should(Exit(0)) 426 Expect(session.OutputToString()).To(Equal("/var/tmp")) 427 428 storagePath := filepath.Join(podmanTest.TempDir, "storage") 429 configPath := filepath.Join(podmanTest.TempDir, "containers.conf") 430 os.Setenv("CONTAINERS_CONF", configPath) 431 432 containersConf := []byte("[engine]\nimage_copy_tmp_dir=\"/foobar\"") 433 err = ioutil.WriteFile(configPath, containersConf, os.ModePerm) 434 Expect(err).ToNot(HaveOccurred()) 435 436 if IsRemote() { 437 podmanTest.RestartRemoteService() 438 } 439 440 session = podmanTest.Podman([]string{"info", "--format", "{{.Store.ImageCopyTmpDir}}"}) 441 session.WaitWithDefaultTimeout() 442 Expect(session).Should(Exit(0)) 443 Expect(session.OutputToString()).To(Equal("/foobar")) 444 445 containersConf = []byte(fmt.Sprintf("[engine]\nimage_copy_tmp_dir=%q", storagePath)) 446 err = ioutil.WriteFile(configPath, containersConf, os.ModePerm) 447 Expect(err).ToNot(HaveOccurred()) 448 if IsRemote() { 449 podmanTest.RestartRemoteService() 450 } 451 452 session = podmanTest.Podman([]string{"info", "--format", "{{.Store.ImageCopyTmpDir}}"}) 453 session.WaitWithDefaultTimeout() 454 Expect(session).Should(Exit(0)) 455 Expect(session.Out.Contents()).To(ContainSubstring(storagePath)) 456 457 containersConf = []byte("[engine]\nimage_copy_tmp_dir=\"storage1\"") 458 err = ioutil.WriteFile(configPath, containersConf, os.ModePerm) 459 Expect(err).ToNot(HaveOccurred()) 460 461 if !IsRemote() { 462 session = podmanTest.Podman([]string{"info", "--format", "{{.Store.ImageCopyTmpDir}}"}) 463 session.WaitWithDefaultTimeout() 464 Expect(session).Should(Exit(125)) 465 Expect(session.Err.Contents()).To(ContainSubstring("invalid image_copy_tmp_dir value \"storage1\" (relative paths are not accepted)")) 466 } 467 }) 468 469 // FIXME not sure why this is here 470 It("system service --help shows (default 20)", func() { 471 SkipIfRemote("system service is not supported on clients") 472 473 result := podmanTest.Podman([]string{"system", "service", "--help"}) 474 result.WaitWithDefaultTimeout() 475 Expect(result).Should(Exit(0)) 476 Expect(result.Out.Contents()).To(ContainSubstring("(default 1234)")) 477 }) 478 479 It("bad infra_image name", func() { 480 infra1 := "i.do/not/exist:image" 481 infra2 := "i.still.do/not/exist:image" 482 errorString := "initializing source docker://" + infra1 483 error2String := "initializing source docker://" + infra2 484 configPath := filepath.Join(podmanTest.TempDir, "containers.conf") 485 os.Setenv("CONTAINERS_CONF", configPath) 486 487 containersConf := []byte("[engine]\ninfra_image=\"" + infra1 + "\"") 488 err = ioutil.WriteFile(configPath, containersConf, os.ModePerm) 489 Expect(err).ToNot(HaveOccurred()) 490 491 if IsRemote() { 492 podmanTest.RestartRemoteService() 493 } 494 495 result := podmanTest.Podman([]string{"pod", "create", "--infra-image", infra2}) 496 result.WaitWithDefaultTimeout() 497 Expect(result).Should(Exit(125)) 498 Expect(result.Err.Contents()).To(ContainSubstring(error2String)) 499 500 result = podmanTest.Podman([]string{"pod", "create"}) 501 result.WaitWithDefaultTimeout() 502 Expect(result).Should(Exit(125)) 503 Expect(result.Err.Contents()).To(ContainSubstring(errorString)) 504 505 result = podmanTest.Podman([]string{"create", "--pod", "new:pod1", ALPINE}) 506 result.WaitWithDefaultTimeout() 507 Expect(result).Should(Exit(125)) 508 Expect(result.Err.Contents()).To(ContainSubstring(errorString)) 509 }) 510 511 It("set .engine.remote=true", func() { 512 SkipIfRemote("only meaningful when running ABI/local") 513 514 // Need to restore CONTAINERS_CONF or AfterEach() will fail 515 if path, found := os.LookupEnv("CONTAINERS_CONF"); found { 516 defer os.Setenv("CONTAINERS_CONF", path) 517 } 518 519 configPath := filepath.Join(podmanTest.TempDir, "containers-engine-remote.conf") 520 os.Setenv("CONTAINERS_CONF", configPath) 521 defer os.Remove(configPath) 522 523 err := ioutil.WriteFile(configPath, []byte("[engine]\nremote=true"), os.ModePerm) 524 Expect(err).ToNot(HaveOccurred()) 525 526 // podmanTest.Podman() cannot be used as it was initialized remote==false 527 cmd := exec.Command(podmanTest.PodmanBinary, "info", "--format", "{{.Host.ServiceIsRemote}}") 528 session, err := Start(cmd, GinkgoWriter, GinkgoWriter) 529 Expect(err).ToNot(HaveOccurred()) 530 531 description := "Should have failed as there is no running remote API service available." 532 Eventually(session, DefaultWaitTimeout).Should(Exit(125), description) 533 Expect(session.Err).Should(Say("Error: unable to connect to Podman socket")) 534 }) 535 536 It("podman containers.conf cgroups=disabled", func() { 537 if !strings.Contains(podmanTest.OCIRuntime, "crun") { 538 Skip("FIXME: requires crun") 539 } 540 541 conffile := filepath.Join(podmanTest.TempDir, "container.conf") 542 err := ioutil.WriteFile(conffile, []byte("[containers]\ncgroups=\"disabled\"\n"), 0755) 543 Expect(err).ToNot(HaveOccurred()) 544 545 result := podmanTest.Podman([]string{"create", ALPINE, "true"}) 546 result.WaitWithDefaultTimeout() 547 Expect(result).Should(Exit(0)) 548 549 inspect := podmanTest.Podman([]string{"inspect", "--format", "{{ .HostConfig.Cgroups }}", result.OutputToString()}) 550 inspect.WaitWithDefaultTimeout() 551 Expect(inspect.OutputToString()).ToNot(Equal("disabled")) 552 553 os.Setenv("CONTAINERS_CONF", conffile) 554 if IsRemote() { 555 podmanTest.RestartRemoteService() 556 } 557 result = podmanTest.Podman([]string{"create", ALPINE, "true"}) 558 result.WaitWithDefaultTimeout() 559 Expect(result).Should(Exit(0)) 560 561 inspect = podmanTest.Podman([]string{"inspect", "--format", "{{ .HostConfig.Cgroups }}", result.OutputToString()}) 562 inspect.WaitWithDefaultTimeout() 563 Expect(inspect.OutputToString()).To(Equal("disabled")) 564 565 // Check we can also create a pod when cgroups=disabled 566 result = podmanTest.Podman([]string{"pod", "create"}) 567 result.WaitWithDefaultTimeout() 568 Expect(result).Should(Exit(0)) 569 }) 570 571 It("podman containers.conf runtime", func() { 572 SkipIfRemote("--runtime option is not available for remote commands") 573 conffile := filepath.Join(podmanTest.TempDir, "container.conf") 574 err := ioutil.WriteFile(conffile, []byte("[engine]\nruntime=\"testruntime\"\n"), 0755) 575 Expect(err).ToNot(HaveOccurred()) 576 577 os.Setenv("CONTAINERS_CONF", conffile) 578 result := podmanTest.Podman([]string{"--help"}) 579 result.WaitWithDefaultTimeout() 580 Expect(result).Should(Exit(0)) 581 Expect(result.OutputToString()).To(ContainSubstring("Path to the OCI-compatible binary used to run containers. (default \"testruntime\")")) 582 }) 583 })