Merge pull request #1585 from rhatdan/labels

Add tests for selinux labels
2018-10-26 07:30:39 -07:00 · 2018-10-26 07:30:39 -07:00 · aa853b2091
parent 6e1aeb06f8 f9fb62c737
commit aa853b2091
1 changed files with 64 additions and 0 deletions
--- a/test/e2e/run_selinux_test.go
+++ b/test/e2e/run_selinux_test.go
@ -84,4 +84,68 @@ var _ = Describe("Podman run", func() {
 		Expect(match).Should(BeTrue())
 	})

+	It("podman test selinux label resolv.conf", func() {
+		session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/resolv.conf"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux label hosts", func() {
+		session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/hosts"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux label hostname", func() {
+		session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/hostname"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux label /run/secrets", func() {
+		session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-dZ", "/run/secrets"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux --privileged label resolv.conf", func() {
+		session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/resolv.conf"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux --privileged label hosts", func() {
+		session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/hosts"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux --privileged label hostname", func() {
+		session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/hostname"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
+	It("podman test selinux --privileged label /run/secrets", func() {
+		session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-dZ", "/run/secrets"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		match, _ := session.GrepString("container_file_t")
+		Expect(match).Should(BeTrue())
+	})
+
 })