diff options
| author | Fabricio Voznika <fvoznika@google.com> | 2018-09-30 23:22:13 -0700 |
|---|---|---|
| committer | Shentubot <shentubot@google.com> | 2018-09-30 23:23:03 -0700 |
| commit | 43e6aff50e23763d12c71b054f100fd91da46736 (patch) | |
| tree | fac486b04cfa7d74c1c58df9de51fb8041cdbe90 /runsc/container/container_test.go | |
| parent | 9c7eb13079e65100b69b41536a51d2433b05637b (diff) | |
Don't fail if Root is readonly and is not a mount point
This makes runsc more friendly to run without docker or K8s.
PiperOrigin-RevId: 215165586
Change-Id: Id45a9fc24a3c09b1645f60dbaf70e64711a7a4cd
Diffstat (limited to 'runsc/container/container_test.go')
| -rw-r--r-- | runsc/container/container_test.go | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/runsc/container/container_test.go b/runsc/container/container_test.go index c71bcc46d..aebfb2878 100644 --- a/runsc/container/container_test.go +++ b/runsc/container/container_test.go @@ -1556,6 +1556,27 @@ func TestGoferExits(t *testing.T) { } } +func TestRootNotMount(t *testing.T) { + spec := testutil.NewSpecWithArgs("/bin/true") + + root, err := ioutil.TempDir(testutil.TmpDir(), "root") + if err != nil { + t.Fatalf("failure to create tmp dir: %v", err) + } + spec.Root.Path = root + spec.Root.Readonly = true + spec.Mounts = []specs.Mount{ + {Destination: "/bin", Source: "/bin", Type: "bind", Options: []string{"ro"}}, + {Destination: "/lib", Source: "/lib", Type: "bind", Options: []string{"ro"}}, + {Destination: "/lib64", Source: "/lib64", Type: "bind", Options: []string{"ro"}}, + } + + conf := testutil.TestConfig() + if err := run(spec, conf); err != nil { + t.Fatalf("error running sandbox: %v", err) + } +} + // executeSync synchronously executes a new process. func (cont *Container) executeSync(args *control.ExecArgs) (syscall.WaitStatus, error) { pid, err := cont.Execute(args) |