From f9fb62c7371e2b0ac45a6ac1cdb25cf03978e797 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@redhat.com>
Date: Wed, 3 Oct 2018 11:06:17 -0400
Subject: [PATCH] Add tests for selinux labels

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
---
 test/e2e/run_selinux_test.go | 64 ++++++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)

diff --git a/test/e2e/run_selinux_test.go b/test/e2e/run_selinux_test.go
index ebe6604ccb..a1a18c7807 100644
--- a/test/e2e/run_selinux_test.go
+++ b/test/e2e/run_selinux_test.go
@@ -84,4 +84,68 @@ var _ = Describe("Podman run", func() {
 		Expect(match).Should(BeTrue())
 	})
 
+	It("podman test selinux label resolv.conf", func() {
+		session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/resolv.conf"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux label hosts", func() {
+		session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/hosts"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux label hostname", func() {
+		session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/hostname"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux label /run/secrets", func() {
+		session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-dZ", "/run/secrets"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux --privileged label resolv.conf", func() {
+		session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/resolv.conf"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux --privileged label hosts", func() {
+		session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/hosts"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux --privileged label hostname", func() {
+		session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/hostname"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux --privileged label /run/secrets", func() {
+		session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-dZ", "/run/secrets"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
 })