Merge pull request #2859 from giuseppe/enable-userns-tests-rootless

test: enable userns and remote e2e tests for rootless

contrib/cirrus/rootless_test.sh

@@ -18,6 +18,8 @@ then
     exit 1
 fi
 
+export PODMAN_VARLINK_ADDRESS=unix:/tmp/podman-$(id -u)
+
 echo "."
 echo "Hello, my name is $USER and I live in $PWD can I be your friend?"
 
@@ -28,5 +30,6 @@ make
 make varlink_generate
 make test-binaries
 make ginkgo
+make ginkgo-remote
 
 record_timestamp "rootless test end"

test/e2e/libpod_suite_remoteclient_test.go

@@ -139,19 +139,21 @@ func (p *PodmanTestIntegration) CleanupVolume() {
 }
 
 func PodmanTestCreate(tempDir string) *PodmanTestIntegration {
-	if os.Geteuid() != 0 {
-		ginkgo.Skip("This function is not enabled for rootless podman")
-	}
 	pti := PodmanTestCreateUtil(tempDir, true)
 	pti.StartVarlink()
 	return pti
 }
 
 func (p *PodmanTestIntegration) StartVarlink() {
-	if _, err := os.Stat("/path/to/whatever"); os.IsNotExist(err) {
+	if os.Geteuid() == 0 {
 		os.MkdirAll("/run/podman", 0755)
 	}
-	args := []string{"varlink", "--timeout", "0", "unix:/run/podman/io.podman"}
+	varlinkEndpoint := "unix:/run/podman/io.podman"
+	if addr := os.Getenv("PODMAN_VARLINK_ADDRESS"); addr != "" {
+		varlinkEndpoint = addr
+	}
+
+	args := []string{"varlink", "--timeout", "0", varlinkEndpoint}
 	podmanOptions := getVarlinkOptions(p, args)
 	command := exec.Command(p.PodmanBinary, podmanOptions...)
 	fmt.Printf("Running: %s %s\n", p.PodmanBinary, strings.Join(podmanOptions, " "))

test/e2e/run_ns_test.go

@@ -63,7 +63,6 @@ var _ = Describe("Podman run ns", func() {
 	})
 
 	It("podman run ipcns ipcmk host test", func() {
-		SkipIfRootless()
 		setup := SystemExec("ipcmk", []string{"-M", "1024"})
 		Expect(setup.ExitCode()).To(Equal(0))
 		output := strings.Split(setup.OutputToString(), " ")
@@ -77,7 +76,6 @@ var _ = Describe("Podman run ns", func() {
 	})
 
 	It("podman run ipcns ipcmk container test", func() {
-		SkipIfRootless()
 		setup := podmanTest.Podman([]string{"run", "-d", "--name", "test1", fedoraMinimal, "sleep", "999"})
 		setup.WaitWithDefaultTimeout()
 		Expect(setup.ExitCode()).To(Equal(0))

test/e2e/run_userns_test.go

@@ -18,7 +18,12 @@ var _ = Describe("Podman UserNS support", func() {
 	)
 
 	BeforeEach(func() {
-		SkipIfRootless()
+		if os.Getenv("SKIP_USERNS") != "" {
+			Skip("Skip userns tests.")
+		}
+		if _, err := os.Stat("/proc/self/uid_map"); err != nil {
+			Skip("User namespaces not supported.")
+		}
 		tempdir, err = CreateTempDirInTempDir()
 		if err != nil {
 			os.Exit(1)
@@ -36,14 +41,7 @@ var _ = Describe("Podman UserNS support", func() {
 	})
 
 	It("podman uidmapping and gidmapping", func() {
-		if os.Getenv("SKIP_USERNS") != "" {
+		session := podmanTest.Podman([]string{"run", "--uidmap=0:100:5000", "--gidmap=0:200:5000", "alpine", "echo", "hello"})
-			Skip("Skip userns tests.")
-		}
-		if _, err := os.Stat("/proc/self/uid_map"); err != nil {
-			Skip("User namespaces not supported.")
-		}
-
-		session := podmanTest.Podman([]string{"run", "--uidmap=0:1:70000", "--gidmap=0:20000:70000", "busybox", "echo", "hello"})
 		session.WaitWithDefaultTimeout()
 		Expect(session.ExitCode()).To(Equal(0))
 		ok, _ := session.GrepString("hello")
@@ -55,14 +53,7 @@ var _ = Describe("Podman UserNS support", func() {
 	//     https://github.com/containers/libpod/pull/1066#issuecomment-403562116
 	// To avoid a potential future regression, use this as a test.
 	It("podman uidmapping and gidmapping with short-opts", func() {
-		if os.Getenv("SKIP_USERNS") != "" {
+		session := podmanTest.Podman([]string{"run", "--uidmap=0:1:5000", "--gidmap=0:200:5000", "-it", "alpine", "echo", "hello"})
-			Skip("Skip userns tests.")
-		}
-		if _, err := os.Stat("/proc/self/uid_map"); err != nil {
-			Skip("User namespaces not supported.")
-		}
-
-		session := podmanTest.Podman([]string{"run", "--uidmap=0:1:70000", "--gidmap=0:20000:70000", "-it", "busybox", "echo", "hello"})
 		session.WaitWithDefaultTimeout()
 		Expect(session.ExitCode()).To(Equal(0))
 		ok, _ := session.GrepString("hello")
@@ -70,14 +61,7 @@ var _ = Describe("Podman UserNS support", func() {
 	})
 
 	It("podman uidmapping and gidmapping with a volume", func() {
-		if os.Getenv("SKIP_USERNS") != "" {
+		session := podmanTest.Podman([]string{"run", "--uidmap=0:1:500", "--gidmap=0:200:5000", "-v", "my-foo-volume:/foo:Z", "alpine", "echo", "hello"})
-			Skip("Skip userns tests.")
-		}
-		if _, err := os.Stat("/proc/self/uid_map"); err != nil {
-			Skip("User namespaces not supported.")
-		}
-
-		session := podmanTest.Podman([]string{"run", "--uidmap=0:1:70000", "--gidmap=0:20000:70000", "-v", "my-foo-volume:/foo:Z", "busybox", "echo", "hello"})
 		session.WaitWithDefaultTimeout()
 		Expect(session.ExitCode()).To(Equal(0))
 		ok, _ := session.GrepString("hello")
@@ -85,13 +69,7 @@ var _ = Describe("Podman UserNS support", func() {
 	})
 
 	It("podman uidmapping and gidmapping --net=host", func() {
-		if os.Getenv("SKIP_USERNS") != "" {
+		session := podmanTest.Podman([]string{"run", "--net=host", "--uidmap=0:1:5000", "--gidmap=0:200:5000", "alpine", "echo", "hello"})
-			Skip("Skip userns tests.")
-		}
-		if _, err := os.Stat("/proc/self/uid_map"); err != nil {
-			Skip("User namespaces not supported.")
-		}
-		session := podmanTest.Podman([]string{"run", "--net=host", "--uidmap=0:1:70000", "--gidmap=0:20000:70000", "busybox", "echo", "hello"})
 		session.WaitWithDefaultTimeout()
 		Expect(session.ExitCode()).To(Equal(0))
 		ok, _ := session.GrepString("hello")