From 537c21a49aae61f3b69c59129edaaebc9e869048 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 25 Apr 2024 17:07:13 +0200 Subject: [PATCH] test/e2e: fix volumes and suid/dev/exec options When the source dir is already mounted noexec, nodev or nosuid then a rootless user cannot mount the dir into the container without these options for obvious reasons. So in order to run the test we must ensure the dir is mounted with these options first, if they are simply skip as the test will fail otherwise. Signed-off-by: Paul Holzinger --- test/e2e/run_volume_test.go | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/test/e2e/run_volume_test.go b/test/e2e/run_volume_test.go index 24d6252ed4..fbc6de0f70 100644 --- a/test/e2e/run_volume_test.go +++ b/test/e2e/run_volume_test.go @@ -173,6 +173,20 @@ var _ = Describe("Podman run with volumes", func() { }) It("podman run with volumes and suid/dev/exec options", func() { + if isRootless() { + // We cannot undo nosuid,nodev,noexec when running rootless for obvious reasons. + // Thus we should check first if our source dir contains such options and skip the test int his case + session := SystemExec("findmnt", []string{"-n", "-o", "OPTIONS", "--target", podmanTest.TempDir}) + session.WaitWithDefaultTimeout() + Expect(session).To(ExitCleanly()) + output := session.OutputToString() + if strings.Contains(output, "noexec") || + strings.Contains(output, "nodev") || + strings.Contains(output, "nosuid") { + Skip("test file system is mounted noexec, nodev or nosuid - cannot bind mount without these options as rootless") + } + } + mountPath := filepath.Join(podmanTest.TempDir, "secrets") err := os.Mkdir(mountPath, 0755) Expect(err).ToNot(HaveOccurred())