opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-12-02 02:58:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #25617 from giuseppe/use-securejoin-openinroot

Browse Source 
container: replace code with securejoin.OpenInRoot()
This commit is contained in:
openshift-merge-bot[bot]
2025-03-19 13:37:37 +00:00
committed by GitHub
parent 0031c9500a c0627de21d
commit 5c9fd29808
2 changed files with 11 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
test/e2e/play_kube_test.go
View File

@@ -5545,7 +5545,7 @@ spec:
playKube := podmanTest.Podman([]string{"kube", "play", kubeYaml})
playKube.WaitWithDefaultTimeout()
Expect(playKube).Should(ExitWithError(125, fmt.Sprintf(`subpath "testing/onlythis" is outside of the volume "%s/root/volumes/testvol/_data`, podmanTest.TempDir)))
Expect(playKube).Should(ExitWithError(125, fmt.Sprintf("securejoin.OpenInRoot testing/onlythis: openat2 %s/root/volumes/testvol/_data/testing/onlythis: no such file or directory", podmanTest.TempDir)))
})
It("with unsafe hostPath subpaths", func() {
@@ -5559,9 +5559,7 @@ spec:
err = generateKubeYaml("pod", pod, kubeYaml)
Expect(err).To(Not(HaveOccurred()))
playKube := podmanTest.Podman([]string{"kube", "play", kubeYaml})
playKube.WaitWithDefaultTimeout()
Expect(playKube).Should(ExitWithError(125, fmt.Sprintf(`subpath "testing/symlink" is outside of the volume "%s"`, hostPathLocation)))
podmanTest.PodmanExitCleanly("kube", "play", kubeYaml)
})
It("with configMap subpaths", func() {