Merge pull request #8714 from edsantiago/more_journald_rootless_skips

RHEL gating tests: more journald exceptions
2020-12-14 10:40:34 -05:00 · 2020-12-14 10:40:34 -05:00 · 2854cdcd58
parent 0fd31e2994 4d7e05f9ba
commit 2854cdcd58
3 changed files with 44 additions and 19 deletions
--- a/test/system/030-run.bats
+++ b/test/system/030-run.bats
@ -415,13 +415,18 @@ json-file | f
        fi

        if [[ $driver != 'none' ]]; then
-            run_podman logs myctr
-            is "$output" "$msg" "check that podman logs works as expected"
+            if [[ $driver = 'journald' ]] && journald_unavailable; then
+                # Cannot perform check
+                :
+            else
+                run_podman logs myctr
+                is "$output" "$msg" "podman logs, with driver '$driver'"
+            fi
        else
            run_podman 125 logs myctr
            if ! is_remote; then
                is "$output" ".*this container is using the 'none' log driver, cannot read logs.*" \
-                   "podman logs does not work with none log driver"
+                   "podman logs, with driver 'none', should fail with error"
            fi
        fi
        run_podman rm myctr
@ -437,14 +442,7 @@ json-file | f
    skip_if_remote "We cannot read journalctl over remote."

    # We can't use journald on RHEL as rootless, either: rhbz#1895105
-    if is_rootless; then
-        run journalctl -n 1
-        if [[ $status -ne 0 ]]; then
-            if [[ $output =~ permission ]]; then
-                skip "Cannot use rootless journald on this system"
-            fi
-        fi
-    fi
+    skip_if_journald_unavailable

    msg=$(random_string 20)
    pidfile="${PODMAN_TMPDIR}/$(random_string 20)"
--- a/test/system/035-logs.bats
+++ b/test/system/035-logs.bats
@ -55,14 +55,7 @@ ${cid[0]} d"   "Sequential output from logs"

@test "podman logs over journald" {
    # We can't use journald on RHEL as rootless: rhbz#1895105
-    if is_rootless; then
-        run journalctl -n 1
-        if [[ $status -ne 0 ]]; then
-            if [[ $output =~ permission ]]; then
-                skip "Cannot use rootless journald on this system"
-            fi
-        fi
-    fi
+    skip_if_journald_unavailable

    msg=$(random_string 20)

--- a/test/system/helpers.bash
+++ b/test/system/helpers.bash
@ -259,6 +259,31 @@ function is_cgroupsv2() {
    test "$cgroup_type" = "cgroup2fs"
 }

+# rhbz#1895105: rootless journald is unavailable except to users in
+# certain magic groups; which our testuser account does not belong to
+# (intentional: that is the RHEL default, so that's the setup we test).
+function journald_unavailable() {
+    if ! is_rootless; then
+        # root must always have access to journal
+        return 1
+    fi
+
+    run journalctl -n 1
+    if [[ $status -eq 0 ]]; then
+        return 1
+    fi
+
+    if [[ $output =~ permission ]]; then
+        return 0
+    fi
+
+    # This should never happen; if it does, it's likely that a subsequent
+    # test will fail. This output may help track that down.
+    echo "WEIRD: 'journalctl -n 1' failed with a non-permission error:"
+    echo "$output"
+    return 1
+}
+
 ###########################
 #  _add_label_if_missing  #  make sure skip messages include rootless/remote
 ###########################
@ -315,6 +340,15 @@ function skip_if_cgroupsv1() {
    fi
 }

+##################################
+#  skip_if_journald_unavailable  #  rhbz#1895105: rootless journald permissions
+##################################
+function skip_if_journald_unavailable {
+    if journald_unavailable; then
+        skip "Cannot use rootless journald on this system"
+    fi
+}
+
 #########
 #  die  #  Abort with helpful message
 #########