Skip to content

Commit

Permalink
tests/docker.base/user-no-caps: Set SELinux to permissive mode
Browse files Browse the repository at this point in the history 
With the current SELinux policy the docker daemon does not have
access to the '/root' directory.  Set SELinux to permisive mode
so this test can run.

Fixes runtime errors like these:

  Error response from daemon: OCI runtime create failed: "mkdir /var/lib/docker/overlay2/.../merged/root: permission denied

Signed-off-by: Geoff Levand <[email protected]>
  • Loading branch information
@glevand
glevand committed Mar 28, 2018
1 parent 3b30f3f commit 6559cd4
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions kola/tests/docker/docker.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -435,6 +435,11 @@ func dockerUserNoCaps(c cluster.TestCluster) {

genDockerContainer(c, m, "captest", []string{"capsh", "sh", "grep", "cat", "ls"})

// With the current SELinux policy the docker daemon does not have
// access to the '/root' directory. Set SELinux to permisive mode
// so this test can run.
c.MustSSH(m, "sudo setenforce 0")

output := c.MustSSH(m, `docker run --user 1000:1000 \
-v /root:/root \
captest sh -c \
Expand Down

0 comments on commit 6559cd4

Please sign in to comment.