Add a test for the new suid/exec/dev options

Signed-off-by: Matthew Heon <[email protected]>

test/e2e/run_volume_test.go

@@ -162,4 +162,26 @@ var _ = Describe("Podman run with volumes", func() {
 		Expect(session.OutputToString()).To(ContainSubstring("/testvol1"))
 		Expect(session.OutputToString()).To(ContainSubstring("/testvol2"))
 	})
+
+	It("podman run with volumes and suid/dev/exec options", func() {
+		mountPath := filepath.Join(podmanTest.TempDir, "secrets")
+		os.Mkdir(mountPath, 0755)
+		session := podmanTest.Podman([]string{"run", "--rm", "-v", fmt.Sprintf("%s:/run/test:suid,dev,exec", mountPath), ALPINE, "grep", "/run/test", "/proc/self/mountinfo"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		found, matches := session.GrepString("/run/test")
+		Expect(found).Should(BeTrue())
+		Expect(matches[0]).To(Not(ContainSubstring("noexec")))
+		Expect(matches[0]).To(Not(ContainSubstring("nodev")))
+		Expect(matches[0]).To(Not(ContainSubstring("nosuid")))
+
+		session = podmanTest.Podman([]string{"run", "--rm", "--tmpfs", "/run/test:suid,dev,exec", ALPINE, "grep", "/run/test", "/proc/self/mountinfo"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		found, matches = session.GrepString("/run/test")
+		Expect(found).Should(BeTrue())
+		Expect(matches[0]).To(Not(ContainSubstring("noexec")))
+		Expect(matches[0]).To(Not(ContainSubstring("nodev")))
+		Expect(matches[0]).To(Not(ContainSubstring("nosuid")))
+	})
 })