Skip to content

Commit

Permalink
test: add --rm to podman run commands
Browse files Browse the repository at this point in the history 
Signed-off-by: Giuseppe Scrivano <[email protected]>
  • Loading branch information
@giuseppe
giuseppe committed Dec 20, 2021
1 parent f45070e commit 46a094a
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions test/system/170-run-userns.bats
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,38 +17,38 @@ function _require_crun() {
skip_if_rootless "chroot is not allowed in rootless mode"
skip_if_remote "--group-add keep-groups not supported in remote mode"
_require_crun
run chroot --groups 1234 / ${PODMAN} run --uidmap 0:200000:5000 --group-add keep-groups $IMAGE id
run chroot --groups 1234 / ${PODMAN} run --rm --uidmap 0:200000:5000 --group-add keep-groups $IMAGE id
is "$output" ".*65534(nobody)" "Check group leaked into user namespace"
}

@test "podman --group-add keep-groups while not in a userns" {
skip_if_rootless "chroot is not allowed in rootless mode"
skip_if_remote "--group-add keep-groups not supported in remote mode"
_require_crun
run chroot --groups 1234,5678 / ${PODMAN} run --group-add keep-groups $IMAGE id
run chroot --groups 1234,5678 / ${PODMAN} run --rm --group-add keep-groups $IMAGE id
is "$output" ".*1234" "Check group leaked into container"
}

@test "podman --group-add without keep-groups while in a userns" {
skip_if_rootless "chroot is not allowed in rootless mode"
skip_if_remote "--group-add keep-groups not supported in remote mode"
run chroot --groups 1234,5678 / ${PODMAN} run --uidmap 0:200000:5000 --group-add 457 $IMAGE id
run chroot --groups 1234,5678 / ${PODMAN} run --rm --uidmap 0:200000:5000 --group-add 457 $IMAGE id
is "$output" ".*457" "Check group leaked into container"
}

@test "podman --remote --group-add keep-groups " {
if is_remote; then
run_podman 125 run --group-add keep-groups $IMAGE id
run_podman 125 run --rm --group-add keep-groups $IMAGE id
is "$output" ".*not supported in remote mode" "Remote check --group-add keep-groups"
fi
}

@test "podman --group-add without keep-groups " {
run_podman run --group-add 457 $IMAGE id
run_podman run --rm --group-add 457 $IMAGE id
is "$output" ".*457" "Check group leaked into container"
}

@test "podman --group-add keep-groups plus added groups " {
run_podman 125 run --group-add keep-groups --group-add 457 $IMAGE id
run_podman 125 run --rm --group-add keep-groups --group-add 457 $IMAGE id
is "$output" ".*the '--group-add keep-groups' option is not allowed with any other --group-add options" "Check group leaked into container"
}

0 comments on commit 46a094a

Please sign in to comment.