opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-10-25 02:04:43 +08:00
Code Issues Packages Projects Releases Wiki Activity

run, create: add new security-opt proc-opts

Browse Source 
it allows to customize the options passed down to the OCI runtime for
setting up the /proc mount.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
2020-08-04 23:01:55 +02:00
parent d777a7bd5c
commit feff414ae1
8 changed files with 37 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
test/e2e/run_test.go
View File

@ -827,6 +827,15 @@ USER mail`
Expect(isSharedOnly).Should(BeTrue())
})
It("podman run --security-opts proc-opts=", func() {
session := podmanTest.Podman([]string{"run", "--security-opt", "proc-opts=nosuid,exec", fedoraMinimal, "findmnt", "-noOPTIONS", "/proc"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
output := session.OutputToString()
Expect(output).To(ContainSubstring("nosuid"))
Expect(output).To(Not(ContainSubstring("exec")))
})
It("podman run --mount type=bind,bind-nonrecursive", func() {
SkipIfRootless()
session := podmanTest.Podman([]string{"run", "--mount", "type=bind,bind-nonrecursive,slave,src=/,target=/host", fedoraMinimal, "findmnt", "-nR", "/host"})