1
#!/usr/bin/env bats -*- bats -*-
8
# bats test_tags=distro-integration
9
@test "podman exec - basic test" {
10
rand_filename=$(random_string 20)
11
rand_content=$(random_string 50)
13
# Start a container. Write random content to random file, then stay
14
# alive as long as file exists. (This test will remove that file soon.)
15
run_podman run -d $IMAGE sh -c \
16
"echo $rand_content >/$rand_filename;echo READY;while [ -f /$rand_filename ]; do sleep 1; done"
20
run_podman exec $cid sh -c "cat /$rand_filename"
21
is "$output" "$rand_content" "Can exec and see file in running container"
24
# Specially defined situations: exec a dir, or no such command.
25
# We don't check the full error message because runc & crun differ.
27
# UPDATE 2023-07-17 runc on RHEL8 (but not Debian) now says "is a dir"
28
# and exits 255 instead of 126 as it does everywhere else.
29
run_podman '?' exec $cid /etc
30
is "$output" ".*\(permission denied\|is a directory\)" \
32
assert "$status" -ne 0 "exit status from 'exec /etc'"
33
run_podman 127 exec $cid /no/such/command
34
is "$output" ".*such file or dir" "podman exec /no/such/command"
36
run_podman 125 exec $cid
37
is "$output" ".*must provide a non-empty command to start an exec session" "podman exec must include a command"
39
# Done. Tell the container to stop.
40
# The '-d' is because container exit is racy: the exec process itself
41
# could get caught and killed by cleanup, causing this step to exit 137
42
run_podman exec -d $cid rm -f /$rand_filename
45
is "$output" "0" "output from podman wait (container exit code)"
50
# bats test_tags=distro-integration
51
@test "podman exec - leak check" {
52
skip_if_remote "test is meaningless over remote"
54
# Start a container in the background then run exec command
55
# three times and make sure no any exec pid hash file leak
56
run_podman run -td $IMAGE /bin/sh
59
is "$(check_exec_pid)" "" "exec pid hash file indeed doesn't exist"
62
run_podman exec $cid /bin/true
65
is "$(check_exec_pid)" "" "there isn't any exec pid hash file leak"
67
run_podman rm -t 0 -f $cid
70
# Issue #4785 - piping to exec statement - fixed in #4818
71
# Issue #5046 - piping to exec truncates results (actually a conmon issue)
72
@test "podman exec - cat from stdin" {
73
run_podman run -d $IMAGE top
76
echo_string=$(random_string 20)
77
run_podman exec -i $cid cat < <(echo $echo_string)
78
is "$output" "$echo_string" "output read back from 'exec cat'"
80
# #5046 - large file content gets lost via exec
81
# Generate a large file with random content; get a hash of its content
82
local bigfile=${PODMAN_TMPDIR}/bigfile
83
dd if=/dev/urandom of=$bigfile bs=1024 count=1500
84
expect=$(sha512sum $bigfile | awk '{print $1}')
85
# Transfer it to container, via exec, make sure correct #bytes are sent
86
run_podman exec -i $cid dd of=/tmp/bigfile bs=512 <$bigfile
87
is "${lines[0]}" "3000+0 records in" "dd: number of records in"
88
is "${lines[1]}" "3000+0 records out" "dd: number of records out"
89
# Verify sha. '% *' strips off the path, keeping only the SHA
90
run_podman exec $cid sha512sum /tmp/bigfile
91
is "${output% *}" "$expect " "SHA of file in container"
94
run_podman rm -f -t0 $cid
97
# #6829 : add username to /etc/passwd inside container if --userns=keep-id
98
@test "podman exec - with keep-id" {
99
skip_if_not_rootless "--userns=keep-id only works in rootless mode"
100
# Multiple --userns options confirm command-line override (last one wins)
101
run_podman run -d --userns=private --userns=keep-id $IMAGE sh -c 'echo READY;top'
105
run_podman exec $cid id -un
106
is "$output" "$(id -un)" "container is running as current user"
108
run_podman rm -f -t0 $cid
111
# #11496: podman-remote loses output
112
@test "podman exec/run - missing output" {
113
local bigfile=${PODMAN_TMPDIR}/bigfile
114
local newfile=${PODMAN_TMPDIR}/newfile
115
# create a big file, bigger than the 8K buffer size
116
base64 /dev/urandom | head -c 20K > $bigfile
118
run_podman run --rm -v $bigfile:/tmp/test:Z $IMAGE cat /tmp/test
119
printf "%s" "$output" > $newfile
120
# use cmp to compare the files, this is very helpful since it will
121
# tell us the first wrong byte in case this fails
122
run cmp $bigfile $newfile
123
is "$output" "" "run output is identical with the file"
125
run_podman run -d --stop-timeout 0 -v $bigfile:/tmp/test:Z $IMAGE sleep inf
128
run_podman exec $cid cat /tmp/test
129
printf "%s" "$output" > $newfile
130
# use cmp to compare the files, this is very helpful since it will
131
# tell us the first wrong byte in case this fails
132
run cmp $bigfile $newfile
133
is "$output" "" "exec output is identical with the file"
136
run_podman rm -t 0 -f $cid
139
@test "podman exec --wait" {
140
skip_if_remote "test is meaningless over remote"
142
# wait on bogus container
143
run_podman 125 exec --wait 5 "bogus_container" echo hello
144
assert "$output" = "Error: timed out waiting for container: bogus_container"
146
run_podman create --name "wait_container" $IMAGE top
147
run_podman 255 exec --wait 5 "wait_container" echo hello
148
assert "$output" = "Error: can only create exec sessions on running containers: container state improper"
150
run_podman rm -f wait_container
153
@test "podman run umask" {
155
run_podman run --rm -q $IMAGE grep Umask /proc/self/status
156
is "$output" "Umask:.*0022" "default_umask should not be modified"
158
run_podman run -q --rm --umask $umask $IMAGE grep Umask /proc/self/status
159
is "$output" "Umask:.*$umask" "umask should be modified"
161
# FIXME: even in December 2023, exec test fails with Debian runc (1.1.10).
162
# And even if we some day get a fixed version on Debian, these tests have
163
# to pass on RHEL, and we have no control over runc version there.
164
if [[ "$(podman_runtime)" == "runc" ]]; then
165
echo "# Passed run test; skipping exec because runtime != crun" >&3
169
run_podman run -q -d --umask $umask $IMAGE sleep inf
171
run_podman exec $cid grep Umask /proc/self/status
172
is "$output" "Umask:.*$umask" "exec umask should match container umask"
173
run_podman exec $cid sh -c "touch /foo; stat -c '%a' /foo"
174
is "$output" "42" "umask should apply to newly created file"
176
run_podman rm -f -t0 $cid
179
@test "podman exec --tty" {
180
# Run all tests, report failures at end
181
defer-assertion-failures
183
# Outer loops: different variations on the RUN container
184
for run_opt_t in "" "-t"; do
185
for run_term_env in "" "explicit_RUN_term"; do
187
if [[ -n "$run_term_env" ]]; then
188
run_opt_env="--env=TERM=$run_term_env"
190
run_podman run -d $run_opt_t $run_opt_env --name test $IMAGE top
192
# Inner loops: different variations on EXEC
193
for exec_opt_t in "" "-t"; do
194
for exec_term_env in "" "explicit_EXEC_term"; do
197
# if -t is set anywhere, either run or exec, go with xterm
198
if [[ -n "$run_opt_t$exec_opt_t" ]]; then
201
# ...unless overridden by explicit --env
202
if [[ -n "$run_term_env$exec_term_env" ]]; then
203
# (exec overrides run)
204
expected="${exec_term_env:-$run_term_env}"
208
if [[ -n "$exec_term_env" ]]; then
209
exec_opt_env="--env=TERM=$exec_term_env"
212
local desc="run $run_opt_t $run_opt_env, exec $exec_opt_t $exec_opt_env"
213
TERM=exec-term run_podman exec $exec_opt_t $exec_opt_env test sh -c 'echo -n $TERM'
214
assert "$output" = "$expected" "$desc"
218
run_podman rm -f -t0 test
223
@test "podman exec - does not leak session IDs on invalid command" {
224
run_podman run -d $IMAGE top
228
run_podman 127 exec $cid blahblah
229
run_podman 125 exec -d $cid blahblah
232
run_podman inspect --format "{{len .ExecIDs}}" $cid
233
assert "$output" = "0" ".ExecIDs must be empty"
236
# 'exec --preserve-fd' passes a list of additional file descriptors into the container
237
@test "podman exec --preserve-fd" {
238
skip_if_remote "preserve-fd is meaningless over remote"
240
runtime=$(podman_runtime)
241
if [[ $runtime != "crun" ]]; then
242
skip "runtime is $runtime; preserve-fd requires crun"
245
run_podman run -d $IMAGE top
248
content=$(random_string 20)
249
echo "$content" > $PODMAN_TMPDIR/tempfile
251
# /proc/self/fd will have 0 1 2, possibly 3 & 4, but no 2-digit fds other than 40
252
run_podman exec --preserve-fd=9,40 $cid sh -c '/bin/ls -C -w999 /proc/self/fd; cat <&9; cat <&40' 9<<<"fd9" 10</dev/null 40<$PODMAN_TMPDIR/tempfile
253
assert "${lines[0]}" !~ [123][0-9] "/proc/self/fd must not contain 10-39"
254
assert "${lines[1]}" = "fd9" "cat from fd 9"
255
assert "${lines[2]}" = "$content" "cat from fd 40"