11
"github.com/containers/podman/v5/libpod/define"
12
. "github.com/containers/podman/v5/test/utils"
13
. "github.com/onsi/ginkgo/v2"
14
. "github.com/onsi/gomega"
15
. "github.com/onsi/gomega/gbytes"
16
. "github.com/onsi/gomega/gexec"
19
var _ = Describe("Verify podman containers.conf usage", func() {
22
os.Setenv("CONTAINERS_CONF", "config/containers.conf")
24
podmanTest.RestartRemoteService()
29
It("limits test", func() {
30
SkipIfRootlessCgroupsV1("Setting limits not supported on cgroupv1 for rootless users")
31
// containers.conf is set to "nofile=500:500"
32
session := podmanTest.Podman([]string{"run", "--rm", fedoraMinimal, "ulimit", "-n"})
33
session.WaitWithDefaultTimeout()
34
Expect(session).Should(ExitCleanly())
35
Expect(session.OutputToString()).To(ContainSubstring("500"))
37
session = podmanTest.Podman([]string{"run", "--rm", "--ulimit", "nofile=2048:2048", fedoraMinimal, "ulimit", "-n"})
38
session.WaitWithDefaultTimeout()
39
Expect(session).Should(ExitCleanly())
40
Expect(session.OutputToString()).To(ContainSubstring("2048"))
42
// Reset CONTAINERS_CONF to "/dev/null"
43
// Local should go back to defaults but remote should be set on server side
44
os.Setenv("CONTAINERS_CONF", "/dev/null")
45
session = podmanTest.Podman([]string{"run", "--rm", fedoraMinimal, "ulimit", "-n"})
46
session.WaitWithDefaultTimeout()
47
Expect(session).Should(ExitCleanly())
49
Expect(session.OutputToString()).To(ContainSubstring("500"))
51
Expect(session.OutputToString()).To(Not(Equal("500")))
56
It("oom-score-adj", func() {
57
SkipIfRootlessCgroupsV1("Setting limits not supported on cgroupv1 for rootless users")
58
// containers.conf is set to "oom_score_adj=999"
59
session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "cat", "/proc/self/oom_score_adj"})
60
session.WaitWithDefaultTimeout()
61
Expect(session).Should(ExitCleanly())
62
Expect(session.OutputToString()).To(Equal("999"))
64
raw, err := os.ReadFile("/proc/self/oom_score_adj")
65
Expect(err).ToNot(HaveOccurred())
67
rawS := strings.TrimSuffix(string(raw), "\n")
69
// Reset CONTAINERS_CONF to "/dev/null"
70
// Local should go back to defaults but remote should be set on server side
71
os.Setenv("CONTAINERS_CONF", "/dev/null")
72
session = podmanTest.Podman([]string{"run", "--rm", ALPINE, "cat", "/proc/self/oom_score_adj"})
73
session.WaitWithDefaultTimeout()
74
Expect(session).Should(ExitCleanly())
76
Expect(session.OutputToString()).To(Equal("999"))
79
Expect(session.OutputToString()).To(ContainSubstring(rawS))
81
Expect(session.OutputToString()).To(ContainSubstring("0"))
88
It("cgroup_conf in containers.conf", func() {
90
Skip("Setting cgroup_confs not supported on cgroupv1")
92
// FIXME: Needs crun-1.8.2-2 to allow this with --cgroup-manager=cgroupfs, once this is available remove the skip below.
93
SkipIfRootless("--cgroup-manager=cgoupfs and --cgroup-conf not supported in rootless mode with crun")
94
conffile := filepath.Join(podmanTest.TempDir, "container.conf")
96
err := os.WriteFile(conffile, []byte("[containers]\ncgroup_conf = [\"pids.max=1234\",]\n"), 0755)
97
Expect(err).ToNot(HaveOccurred())
99
os.Setenv("CONTAINERS_CONF_OVERRIDE", conffile)
101
podmanTest.RestartRemoteService()
104
// containers.conf is set to "pids.max=1234"
105
session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "cat", "/sys/fs/cgroup/pids.max"})
106
session.WaitWithDefaultTimeout()
107
Expect(session).Should(ExitCleanly())
108
Expect(session.OutputToString()).To(Equal("1234"))
110
session = podmanTest.Podman([]string{"run", "--rm", "--cgroup-conf", "pids.max=400", ALPINE, "cat", "/sys/fs/cgroup/pids.max"})
111
session.WaitWithDefaultTimeout()
112
Expect(session).Should(ExitCleanly())
113
Expect(session.OutputToString()).To(Equal("400"))
116
It("having additional env", func() {
117
// containers.conf default env includes foo
118
session := podmanTest.Podman([]string{"run", ALPINE, "printenv"})
119
session.WaitWithDefaultTimeout()
120
Expect(session).Should(ExitCleanly())
121
Expect(session.OutputToString()).To(ContainSubstring("foo=bar"))
124
It("additional devices", func() {
125
// containers.conf devices includes notone
126
session := podmanTest.Podman([]string{"run", "--device", "/dev/null:/dev/bar", ALPINE, "ls", "/dev"})
127
session.WaitWithDefaultTimeout()
128
Expect(session).Should(ExitCleanly())
129
Expect(session.OutputToString()).To(
131
ContainSubstring("bar"),
132
ContainSubstring("notone"),
136
It("shm-size", func() {
137
// containers.conf default sets shm-size=201k, which ends up as 200k
138
session := podmanTest.Podman([]string{"run", ALPINE, "grep", "shm", "/proc/self/mounts"})
139
session.WaitWithDefaultTimeout()
140
Expect(session).Should(ExitCleanly())
141
Expect(session.OutputToString()).To(ContainSubstring("size=200k"))
143
session = podmanTest.Podman([]string{"run", "--shm-size", "1g", ALPINE, "grep", "shm", "/proc/self/mounts"})
144
session.WaitWithDefaultTimeout()
145
Expect(session).Should(ExitCleanly())
146
Expect(session.OutputToString()).To(ContainSubstring("size=1048576k"))
149
It("add capabilities", func() {
150
SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1")
151
cap := podmanTest.Podman([]string{"run", ALPINE, "grep", "CapEff", "/proc/self/status"})
152
cap.WaitWithDefaultTimeout()
153
Expect(cap).Should(ExitCleanly())
155
os.Setenv("CONTAINERS_CONF", "config/containers-ns.conf")
157
podmanTest.RestartRemoteService()
159
session := podmanTest.Podman([]string{"run", BB, "grep", "CapEff", "/proc/self/status"})
160
session.WaitWithDefaultTimeout()
161
Expect(session).Should(ExitCleanly())
162
Expect(session.OutputToString()).ToNot(Equal(cap.OutputToString()))
165
It("regular capabilities", func() {
166
setup := podmanTest.RunTopContainer("test1")
167
setup.WaitWithDefaultTimeout()
168
result := podmanTest.Podman([]string{"top", "test1", "capeff"})
169
result.WaitWithDefaultTimeout()
170
Expect(result).Should(ExitCleanly())
171
Expect(result.OutputToString()).To(
173
ContainSubstring("FOWNER"),
174
ContainSubstring("SETFCAP"),
178
It("drop capabilities", func() {
179
os.Setenv("CONTAINERS_CONF", "config/containers-caps.conf")
181
podmanTest.RestartRemoteService()
183
setup := podmanTest.RunTopContainer("test1")
184
setup.WaitWithDefaultTimeout()
185
result := podmanTest.Podman([]string{"container", "top", "test1", "capeff"})
186
result.WaitWithDefaultTimeout()
187
Expect(result).Should(ExitCleanly())
188
Expect(result.OutputToString()).ToNot(
190
ContainSubstring("SETUID"),
191
ContainSubstring("FOWNER"),
195
verifyNSHandling := func(nspath, option string) {
196
SkipIfRootlessCgroupsV1("Not supported for rootless + CgroupsV1")
197
os.Setenv("CONTAINERS_CONF", "config/containers-ns.conf")
199
podmanTest.RestartRemoteService()
201
// containers.conf default ipcns to default to host
202
session := podmanTest.Podman([]string{"run", ALPINE, "ls", "-l", nspath})
203
session.WaitWithDefaultTimeout()
204
Expect(session).Should(ExitCleanly())
205
fields := strings.Split(session.OutputToString(), " ")
206
ctrNS := strings.TrimSuffix(fields[len(fields)-1], "\n")
208
cmd := exec.Command("ls", "-l", nspath)
209
res, err := cmd.Output()
210
Expect(err).ToNot(HaveOccurred())
211
fields = strings.Split(string(res), " ")
212
hostNS := strings.TrimSuffix(fields[len(fields)-1], "\n")
213
Expect(hostNS).To(Equal(ctrNS))
215
session = podmanTest.Podman([]string{"run", option, "private", ALPINE, "ls", "-l", nspath})
216
session.WaitWithDefaultTimeout()
217
Expect(session).Should(ExitCleanly())
218
fields = strings.Split(session.OutputToString(), " ")
219
ctrNS = fields[len(fields)-1]
220
Expect(hostNS).ToNot(Equal(ctrNS))
224
verifyNSHandling("/proc/self/ns/net", "--network")
228
verifyNSHandling("/proc/self/ns/ipc", "--ipc")
232
verifyNSHandling("/proc/self/ns/uts", "--uts")
236
verifyNSHandling("/proc/self/ns/pid", "--pid")
239
It("cgroupns", func() {
240
verifyNSHandling("/proc/self/ns/cgroup", "--cgroupns")
243
It("using journald for container with container log_tag", func() {
244
SkipIfJournaldUnavailable()
245
os.Setenv("CONTAINERS_CONF", "config/containers-journald.conf")
247
podmanTest.RestartRemoteService()
249
logc := podmanTest.Podman([]string{"run", "-d", ALPINE, "sh", "-c", "echo podman; sleep 0.1; echo podman; sleep 0.1; echo podman"})
250
logc.WaitWithDefaultTimeout()
251
Expect(logc).Should(ExitCleanly())
252
cid := logc.OutputToString()
254
wait := podmanTest.Podman([]string{"wait", cid})
255
wait.WaitWithDefaultTimeout()
256
Expect(wait).Should(ExitCleanly())
258
// Flake prevention: journalctl makes no timeliness guarantees.
259
time.Sleep(1 * time.Second)
260
cmd := exec.Command("journalctl", "--no-pager", "-o", "json", "--output-fields=CONTAINER_TAG", fmt.Sprintf("CONTAINER_ID_FULL=%s", cid))
261
out, err := cmd.CombinedOutput()
262
Expect(err).ToNot(HaveOccurred())
263
Expect(out).To(ContainSubstring("alpine"))
266
It("add volumes", func() {
267
conffile := filepath.Join(podmanTest.TempDir, "container.conf")
269
volume := filepath.Join(podmanTest.TempDir, "vol")
270
err = os.MkdirAll(volume, os.ModePerm)
271
Expect(err).ToNot(HaveOccurred())
272
err := os.WriteFile(conffile, []byte(fmt.Sprintf("[containers]\nvolumes=[\"%s:%s:Z\",]\n", volume, volume)), 0755)
273
Expect(err).ToNot(HaveOccurred())
275
os.Setenv("CONTAINERS_CONF", conffile)
277
podmanTest.RestartRemoteService()
279
result := podmanTest.Podman([]string{"run", ALPINE, "ls", volume})
280
result.WaitWithDefaultTimeout()
281
Expect(result).Should(ExitCleanly())
284
It("sysctl test", func() {
285
// containers.conf is set to "net.ipv4.ping_group_range=0 1000"
286
session := podmanTest.Podman([]string{"run", "--rm", fedoraMinimal, "cat", "/proc/sys/net/ipv4/ping_group_range"})
287
session.WaitWithDefaultTimeout()
288
Expect(session).Should(ExitCleanly())
289
Expect(session.OutputToString()).To(ContainSubstring("1000"))
291
// Ignore containers.conf setting if --net=host
292
session = podmanTest.Podman([]string{"run", "--rm", "--net", "host", fedoraMinimal, "cat", "/proc/sys/net/ipv4/ping_group_range"})
293
session.WaitWithDefaultTimeout()
294
Expect(session).Should(ExitCleanly())
295
Expect(session.OutputToString()).ToNot(ContainSubstring("1000"))
298
It("search domain", func() {
299
session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"})
300
session.WaitWithDefaultTimeout()
301
Expect(session).Should(ExitCleanly())
302
Expect(session.OutputToStringArray()).To(ContainElement(HavePrefix("search foobar.com")))
305
It("add dns server", func() {
306
session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"})
307
session.WaitWithDefaultTimeout()
308
Expect(session).Should(ExitCleanly())
309
Expect(session.OutputToStringArray()).To(ContainElement(HavePrefix("nameserver 1.2.3.4")))
312
It("add dns option", func() {
313
session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"})
314
session.WaitWithDefaultTimeout()
315
Expect(session).Should(ExitCleanly())
316
Expect(session.OutputToStringArray()).To(ContainElement(HavePrefix("options debug")))
319
It("remove all search domain", func() {
320
session := podmanTest.Podman([]string{"run", "--dns-search=.", ALPINE, "cat", "/etc/resolv.conf"})
321
session.WaitWithDefaultTimeout()
322
Expect(session).Should(ExitCleanly())
323
Expect(session.OutputToStringArray()).To(Not(ContainElement(HavePrefix("search"))))
326
It("add search domain", func() {
327
session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"})
328
session.WaitWithDefaultTimeout()
329
Expect(session).Should(ExitCleanly())
330
Expect(session.OutputToStringArray()).To(ContainElement(HavePrefix("search")))
331
Expect(session.OutputToString()).To(
333
ContainSubstring("foobar.com"),
334
ContainSubstring("1.2.3.4"),
335
ContainSubstring("debug"),
339
It("add timezone", func() {
340
// containers.conf timezone set to Pacific/Honolulu
341
session := podmanTest.Podman([]string{"run", "--tz", "", ALPINE, "date", "+'%H %Z'"})
342
session.WaitWithDefaultTimeout()
343
Expect(session).Should(ExitCleanly())
344
Expect(session.OutputToString()).To(ContainSubstring("HST"))
346
// verify flag still overrides
347
session = podmanTest.Podman([]string{"run", "--tz", "EST", ALPINE, "date", "+'%H %Z'"})
348
session.WaitWithDefaultTimeout()
349
Expect(session).Should(ExitCleanly())
350
Expect(session.OutputToString()).To(ContainSubstring("EST"))
353
It("add umask", func() {
354
// containers.conf umask set to 0002
355
if !strings.Contains(podmanTest.OCIRuntime, "crun") {
356
Skip("Test only works on crun")
359
session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "sh", "-c", "umask"})
360
session.WaitWithDefaultTimeout()
361
Expect(session).Should(ExitCleanly())
362
Expect(session.OutputToString()).To(Equal("0002"))
365
It("network slirp options to allow host loopback", func() {
366
session := podmanTest.Podman([]string{"run", "--network", "slirp4netns", ALPINE, "ping", "-c1", "10.0.2.2"})
368
Expect(session).Should(ExitCleanly())
371
It("podman-remote test localcontainers.conf", func() {
372
SkipIfNotRemote("this test is only for remote")
374
os.Setenv("CONTAINERS_CONF", "config/containers-remote.conf")
375
// Configuration that comes from remote server
377
session := podmanTest.Podman([]string{"run", ALPINE, "printenv", "foo"})
378
session.WaitWithDefaultTimeout()
379
Expect(session).Should(ExitCleanly())
380
Expect(session.OutputToString()).To(Equal("bar"))
382
// dns-search, server, options
383
session = podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"})
384
session.WaitWithDefaultTimeout()
385
Expect(session).Should(ExitCleanly())
386
Expect(session.OutputToStringArray()).To(ContainElement(HavePrefix("search")))
387
Expect(session.OutputToString()).To(
389
ContainSubstring("foobar.com"),
390
ContainSubstring("1.2.3.4"),
391
ContainSubstring("debug"),
395
session = podmanTest.Podman([]string{"run", "--rm", ALPINE, "cat", "/proc/sys/net/ipv4/ping_group_range"})
396
session.WaitWithDefaultTimeout()
397
Expect(session).Should(ExitCleanly())
398
Expect(session.OutputToString()).To(ContainSubstring("1000"))
401
session = podmanTest.Podman([]string{"run", ALPINE, "grep", "shm", "/proc/self/mounts"})
402
session.WaitWithDefaultTimeout()
403
Expect(session).Should(ExitCleanly())
404
Expect(session.OutputToString()).To(ContainSubstring("size=200k"))
407
session = podmanTest.Podman([]string{"run", "--rm", fedoraMinimal, "ulimit", "-n"})
408
session.WaitWithDefaultTimeout()
409
Expect(session).Should(ExitCleanly())
410
Expect(session.OutputToString()).To(ContainSubstring("500"))
412
// Configuration that comes from remote client
414
session = podmanTest.Podman([]string{"run", ALPINE, "date", "+'%H %Z'"})
415
session.WaitWithDefaultTimeout()
416
Expect(session).Should(ExitCleanly())
417
Expect(session.OutputToString()).To(
419
ContainSubstring("EST"),
420
ContainSubstring("EDT"),
424
session = podmanTest.Podman([]string{"run", "--rm", ALPINE, "sh", "-c", "umask"})
425
session.WaitWithDefaultTimeout()
426
Expect(session).Should(ExitCleanly())
427
Expect(session.OutputToString()).To(Equal("0022"))
430
It("add annotations", func() {
431
// containers.conf is set to "run.oci.keep_original_groups=1"
432
session := podmanTest.Podman([]string{"create", "--rm", "--name", "test", fedoraMinimal})
433
session.WaitWithDefaultTimeout()
434
Expect(session).Should(ExitCleanly())
436
inspect := podmanTest.Podman([]string{"inspect", "--format", "{{ .Config.Annotations }}", "test"})
437
inspect.WaitWithDefaultTimeout()
438
Expect(inspect.OutputToString()).To(ContainSubstring(fmt.Sprintf("%s:1", define.RunOCIKeepOriginalGroups)))
441
It("--add-host and no-hosts=true fails", func() {
442
session := podmanTest.Podman([]string{"run", "-dt", "--add-host", "test1:127.0.0.1", ALPINE, "top"})
443
session.WaitWithDefaultTimeout()
444
Expect(session).To(ExitWithError(125, "--no-hosts and --add-host cannot be set together"))
446
session = podmanTest.Podman([]string{"run", "-dt", "--add-host", "test1:127.0.0.1", "--no-hosts=false", ALPINE, "top"})
447
session.WaitWithDefaultTimeout()
448
Expect(session).Should(ExitCleanly())
451
It("no-hosts=true /etc/hosts does not include hostname", func() {
452
session := podmanTest.Podman([]string{"run", "--rm", "--name", "test", ALPINE, "cat", "/etc/hosts"})
453
session.WaitWithDefaultTimeout()
454
Expect(session).Should(ExitCleanly())
455
Expect(session.OutputToString()).ToNot(ContainSubstring("test"))
457
session = podmanTest.Podman([]string{"run", "--rm", "--name", "test", "--no-hosts=false", ALPINE, "cat", "/etc/hosts"})
458
session.WaitWithDefaultTimeout()
459
Expect(session).Should(ExitCleanly())
460
Expect(session.OutputToString()).To(ContainSubstring("test"))
463
It("seccomp profile path", func() {
464
configPath := filepath.Join(podmanTest.TempDir, "containers.conf")
465
os.Setenv("CONTAINERS_CONF", configPath)
467
profile := filepath.Join(podmanTest.TempDir, "seccomp.json")
468
containersConf := []byte(fmt.Sprintf("[containers]\nseccomp_profile=\"%s\"", profile))
469
err = os.WriteFile(configPath, containersConf, os.ModePerm)
470
Expect(err).ToNot(HaveOccurred())
473
podmanTest.RestartRemoteService()
476
session := podmanTest.Podman([]string{"info", "--format", "{{.Host.Security.SECCOMPProfilePath}}"})
477
session.WaitWithDefaultTimeout()
478
Expect(session).Should(ExitCleanly())
479
Expect(session.OutputToString()).To(Equal(profile))
482
It("add image_copy_tmp_dir", func() {
483
// Prevents overwriting of TMPDIR environment
484
if cacheDir, found := os.LookupEnv("TMPDIR"); found {
485
defer os.Setenv("TMPDIR", cacheDir)
486
os.Unsetenv("TMPDIR")
488
defer os.Unsetenv("TMPDIR")
491
podmanTest.RestartRemoteService()
494
session := podmanTest.Podman([]string{"info", "--format", "{{.Store.ImageCopyTmpDir}}"})
495
session.WaitWithDefaultTimeout()
496
Expect(session).Should(ExitCleanly())
497
Expect(session.OutputToString()).To(Equal("/var/tmp"))
499
storagePath := filepath.Join(podmanTest.TempDir, "storage")
500
configPath := filepath.Join(podmanTest.TempDir, "containers.conf")
501
os.Setenv("CONTAINERS_CONF", configPath)
503
containersConf := []byte("[engine]\nimage_copy_tmp_dir=\"/foobar\"")
504
err = os.WriteFile(configPath, containersConf, os.ModePerm)
505
Expect(err).ToNot(HaveOccurred())
508
podmanTest.RestartRemoteService()
511
session = podmanTest.Podman([]string{"info", "--format", "{{.Store.ImageCopyTmpDir}}"})
512
session.WaitWithDefaultTimeout()
513
Expect(session).Should(ExitCleanly())
514
Expect(session.OutputToString()).To(Equal("/foobar"))
516
containersConf = []byte(fmt.Sprintf("[engine]\nimage_copy_tmp_dir=%q", storagePath))
517
err = os.WriteFile(configPath, containersConf, os.ModePerm)
518
Expect(err).ToNot(HaveOccurred())
520
podmanTest.RestartRemoteService()
523
session = podmanTest.Podman([]string{"info", "--format", "{{.Store.ImageCopyTmpDir}}"})
524
session.WaitWithDefaultTimeout()
525
Expect(session).Should(ExitCleanly())
526
Expect(session.OutputToString()).To(ContainSubstring(storagePath))
528
containersConf = []byte("[engine]\nimage_copy_tmp_dir=\"storage1\"")
529
err = os.WriteFile(configPath, containersConf, os.ModePerm)
530
Expect(err).ToNot(HaveOccurred())
533
session = podmanTest.Podman([]string{"info", "--format", "{{.Store.ImageCopyTmpDir}}"})
534
session.WaitWithDefaultTimeout()
535
Expect(session).Should(ExitWithError(125, `invalid image_copy_tmp_dir value "storage1" (relative paths are not accepted)`))
537
os.Setenv("TMPDIR", "/hoge")
538
session = podmanTest.Podman([]string{"info", "--format", "{{.Store.ImageCopyTmpDir}}"})
539
session.WaitWithDefaultTimeout()
540
Expect(session).Should(ExitCleanly())
541
Expect(session.OutputToString()).To(Equal("/hoge"))
542
os.Unsetenv("TMPDIR")
546
// FIXME not sure why this is here
547
It("system service --help shows (default 20)", func() {
548
SkipIfRemote("system service is not supported on clients")
550
result := podmanTest.Podman([]string{"system", "service", "--help"})
551
result.WaitWithDefaultTimeout()
552
Expect(result).Should(ExitCleanly())
553
Expect(result.OutputToString()).To(ContainSubstring("(default 1234)"))
556
It("bad infra_image name", func() {
557
infra1 := "i.do/not/exist:image"
558
infra2 := "i.still.do/not/exist:image"
559
errorString := "initializing source docker://" + infra1
560
error2String := "initializing source docker://" + infra2
561
configPath := filepath.Join(podmanTest.TempDir, "containers.conf")
562
os.Setenv("CONTAINERS_CONF", configPath)
564
containersConf := []byte("[engine]\ninfra_image=\"" + infra1 + "\"")
565
err = os.WriteFile(configPath, containersConf, os.ModePerm)
566
Expect(err).ToNot(HaveOccurred())
569
podmanTest.RestartRemoteService()
572
result := podmanTest.Podman([]string{"pod", "create", "--infra-image", infra2})
573
result.WaitWithDefaultTimeout()
574
Expect(result).Should(ExitWithError(125, error2String))
576
result = podmanTest.Podman([]string{"pod", "create"})
577
result.WaitWithDefaultTimeout()
578
Expect(result).Should(ExitWithError(125, errorString))
580
result = podmanTest.Podman([]string{"create", "--pod", "new:pod1", ALPINE})
581
result.WaitWithDefaultTimeout()
582
Expect(result).Should(ExitWithError(125, errorString))
585
It("set .engine.remote=true", func() {
586
SkipIfRemote("only meaningful when running ABI/local")
588
// Need to restore CONTAINERS_CONF or AfterEach() will fail
589
if path, found := os.LookupEnv("CONTAINERS_CONF"); found {
590
defer os.Setenv("CONTAINERS_CONF", path)
593
configPath := filepath.Join(podmanTest.TempDir, "containers-engine-remote.conf")
594
os.Setenv("CONTAINERS_CONF", configPath)
595
defer os.Remove(configPath)
597
err := os.WriteFile(configPath, []byte("[engine]\nremote=true"), os.ModePerm)
598
Expect(err).ToNot(HaveOccurred())
600
// podmanTest.Podman() cannot be used as it was initialized remote==false
601
cmd := exec.Command(podmanTest.PodmanBinary, "info", "--format", "{{.Host.ServiceIsRemote}}")
602
session, err := Start(cmd, GinkgoWriter, GinkgoWriter)
603
Expect(err).ToNot(HaveOccurred())
605
description := "Should have failed as there is no running remote API service available."
606
Eventually(session, DefaultWaitTimeout).Should(Exit(125), description)
607
Expect(session.Err).Should(Say("Error: unable to connect to Podman socket"))
610
It("podman containers.conf cgroups=disabled", func() {
611
if !strings.Contains(podmanTest.OCIRuntime, "crun") {
612
// Assume this will never be fixed in runc
613
Skip("NoCgroups requires crun")
616
conffile := filepath.Join(podmanTest.TempDir, "container.conf")
617
err := os.WriteFile(conffile, []byte("[containers]\ncgroups=\"disabled\"\n"), 0755)
618
Expect(err).ToNot(HaveOccurred())
620
result := podmanTest.Podman([]string{"create", ALPINE, "true"})
621
result.WaitWithDefaultTimeout()
622
Expect(result).Should(ExitCleanly())
624
inspect := podmanTest.Podman([]string{"inspect", "--format", "{{ .HostConfig.Cgroups }}", result.OutputToString()})
625
inspect.WaitWithDefaultTimeout()
626
Expect(inspect.OutputToString()).ToNot(Equal("disabled"))
628
os.Setenv("CONTAINERS_CONF", conffile)
630
podmanTest.RestartRemoteService()
632
result = podmanTest.Podman([]string{"create", ALPINE, "true"})
633
result.WaitWithDefaultTimeout()
634
Expect(result).Should(ExitCleanly())
636
inspect = podmanTest.Podman([]string{"inspect", "--format", "{{ .HostConfig.Cgroups }}", result.OutputToString()})
637
inspect.WaitWithDefaultTimeout()
638
Expect(inspect.OutputToString()).To(Equal("disabled"))
640
// Check we can also create a pod when cgroups=disabled
641
result = podmanTest.Podman([]string{"pod", "create"})
642
result.WaitWithDefaultTimeout()
643
Expect(result).Should(ExitCleanly())
646
It("podman containers.conf runtime", func() {
647
SkipIfRemote("--runtime option is not available for remote commands")
648
conffile := filepath.Join(podmanTest.TempDir, "container.conf")
649
err := os.WriteFile(conffile, []byte("[engine]\nruntime=\"testruntime\"\n"), 0755)
650
Expect(err).ToNot(HaveOccurred())
652
os.Setenv("CONTAINERS_CONF", conffile)
653
result := podmanTest.Podman([]string{"--help"})
654
result.WaitWithDefaultTimeout()
655
Expect(result).Should(ExitCleanly())
656
Expect(result.OutputToString()).To(ContainSubstring("Path to the OCI-compatible binary used to run containers. (default \"testruntime\")"))
659
It("podman default_rootless_network_cmd", func() {
660
SkipIfNotRootless("default_rootless_network_cmd is only used rootless")
662
for _, mode := range []string{"pasta", "slirp4netns", "invalid"} {
663
conffile := filepath.Join(podmanTest.TempDir, "container.conf")
664
content := "[network]\ndefault_rootless_network_cmd=\"" + mode + "\"\n"
665
err := os.WriteFile(conffile, []byte(content), 0755)
666
Expect(err).ToNot(HaveOccurred())
668
os.Setenv("CONTAINERS_CONF_OVERRIDE", conffile)
670
podmanTest.RestartRemoteService()
673
podman := podmanTest.Podman([]string{"create", "--name", mode, ALPINE, "ip", "addr"})
674
podman.WaitWithDefaultTimeout()
676
if mode == "invalid" {
677
Expect(podman).Should(ExitWithError(125, `invalid default_rootless_network_cmd option "invalid"`))
680
Expect(podman).Should(ExitCleanly())
682
inspect := podmanTest.Podman([]string{"inspect", "--format", "{{.HostConfig.NetworkMode}}", mode})
683
inspect.WaitWithDefaultTimeout()
684
Expect(inspect).Should(ExitCleanly())
685
Expect(inspect.OutputToString()).Should(Equal(mode))