containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

RHEL gating tests: more journald exceptions 

Followup to #8284, due to my not having noticed #8096.

RHEL gating tests are failing again due to rhbz#1895105, the
one where we can't run journalctl rootless on RHEL. #8284 fixed
this for some RHEL builds of older podman, but I missed #8096
which added yet another logs test.

This brings us to three journalctl exceptions, which means
it gets complicated because I have to refactor it all.

**THIS IS NOT SUSTAINABLE**. We need some way to have a similar
setup in CI, with a permission-less rootless login, so we don't
add yet another logs test some day and discover, months later,
that it doesn't work on RHEL and then have to go into crisis
mode.

Signed-off-by: Ed Santiago <santiago@redhat.com>
This commit is contained in:
Ed Santiago 2020-12-14 06:40:46 -07:00
parent a226e6ed31
commit 4d7e05f9ba
3 changed files with 44 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
test/system/030-run.bats
View File

@ -415,13 +415,18 @@ json-file | f
fi
if [[ $driver != 'none' ]]; then
run_podman logs myctr
is "$output" "$msg" "check that podman logs works as expected"
if [[ $driver = 'journald' ]] && journald_unavailable; then
# Cannot perform check
:
else
run_podman logs myctr
is "$output" "$msg" "podman logs, with driver '$driver'"
fi
else
run_podman 125 logs myctr
if ! is_remote; then
is "$output" ".*this container is using the 'none' log driver, cannot read logs.*" \
"podman logs does not work with none log driver"
"podman logs, with driver 'none', should fail with error"
fi
fi
run_podman rm myctr
@ -437,14 +442,7 @@ json-file | f
skip_if_remote "We cannot read journalctl over remote."
# We can't use journald on RHEL as rootless, either: rhbz#1895105
if is_rootless; then
run journalctl -n 1
if [[ $status -ne 0 ]]; then
if [[ $output =~ permission ]]; then
skip "Cannot use rootless journald on this system"
fi
fi
fi
skip_if_journald_unavailable
msg=$(random_string 20)
pidfile="${PODMAN_TMPDIR}/$(random_string 20)"

9
test/system/035-logs.bats
View File

@ -55,14 +55,7 @@ ${cid[0]} d" "Sequential output from logs"
@test "podman logs over journald" {
# We can't use journald on RHEL as rootless: rhbz#1895105
if is_rootless; then
run journalctl -n 1
if [[ $status -ne 0 ]]; then
if [[ $output =~ permission ]]; then
skip "Cannot use rootless journald on this system"
fi
fi
fi
skip_if_journald_unavailable
msg=$(random_string 20)

34
test/system/helpers.bash
View File

@ -259,6 +259,31 @@ function is_cgroupsv2() {
test "$cgroup_type" = "cgroup2fs"
}
# rhbz#1895105: rootless journald is unavailable except to users in
# certain magic groups; which our testuser account does not belong to
# (intentional: that is the RHEL default, so that's the setup we test).
function journald_unavailable() {
if ! is_rootless; then
# root must always have access to journal
return 1
fi
run journalctl -n 1
if [[ $status -eq 0 ]]; then
return 1
fi
if [[ $output =~ permission ]]; then
return 0
fi
# This should never happen; if it does, it's likely that a subsequent
# test will fail. This output may help track that down.
echo "WEIRD: 'journalctl -n 1' failed with a non-permission error:"
echo "$output"
return 1
}
###########################
# _add_label_if_missing # make sure skip messages include rootless/remote
###########################
@ -315,6 +340,15 @@ function skip_if_cgroupsv1() {
fi
}
##################################
# skip_if_journald_unavailable # rhbz#1895105: rootless journald permissions
##################################
function skip_if_journald_unavailable {
if journald_unavailable; then
skip "Cannot use rootless journald on this system"
fi
}
#########
# die # Abort with helpful message
#########