summaryrefslogtreecommitdiffhomepage
path: root/test/e2e/integration_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'test/e2e/integration_test.go')
-rw-r--r--test/e2e/integration_test.go53
1 files changed, 50 insertions, 3 deletions
diff --git a/test/e2e/integration_test.go b/test/e2e/integration_test.go
index aaffabfd0..49cd74887 100644
--- a/test/e2e/integration_test.go
+++ b/test/e2e/integration_test.go
@@ -430,11 +430,44 @@ func TestTmpMount(t *testing.T) {
}
}
+// TestSyntheticDirs checks that submounts can be created inside a readonly
+// mount even if the target path does not exist.
+func TestSyntheticDirs(t *testing.T) {
+ ctx := context.Background()
+ d := dockerutil.MakeContainer(ctx, t)
+ defer d.CleanUp(ctx)
+
+ opts := dockerutil.RunOpts{
+ Image: "basic/alpine",
+ // Make the root read-only to force use of synthetic dirs
+ // inside the root gofer mount.
+ ReadOnly: true,
+ Mounts: []mount.Mount{
+ // Mount inside read-only gofer-backed root.
+ {
+ Type: mount.TypeTmpfs,
+ Target: "/foo/bar/baz",
+ },
+ // Mount inside sysfs, which always uses synthetic dirs
+ // for submounts.
+ {
+ Type: mount.TypeTmpfs,
+ Target: "/sys/foo/bar/baz",
+ },
+ },
+ }
+ // Make sure the directories exist.
+ if _, err := d.Run(ctx, opts, "ls", "/foo/bar/baz", "/sys/foo/bar/baz"); err != nil {
+ t.Fatalf("docker run failed: %v", err)
+ }
+
+}
+
// TestHostOverlayfsCopyUp tests that the --overlayfs-stale-read option causes
// runsc to hide the incoherence of FDs opened before and after overlayfs
// copy-up on the host.
func TestHostOverlayfsCopyUp(t *testing.T) {
- runIntegrationTest(t, nil, "sh", "-c", "gcc -O2 -o test_copy_up test_copy_up.c && ./test_copy_up")
+ runIntegrationTest(t, nil, "./test_copy_up")
}
// TestHostOverlayfsRewindDir tests that rewinddir() "causes the directory
@@ -449,14 +482,14 @@ func TestHostOverlayfsCopyUp(t *testing.T) {
// automated tests yield newly-added files from readdir() even if the fsgofer
// does not explicitly rewinddir(), but overlayfs does not.
func TestHostOverlayfsRewindDir(t *testing.T) {
- runIntegrationTest(t, nil, "sh", "-c", "gcc -O2 -o test_rewinddir test_rewinddir.c && ./test_rewinddir")
+ runIntegrationTest(t, nil, "./test_rewinddir")
}
// Basic test for linkat(2). Syscall tests requires CAP_DAC_READ_SEARCH and it
// cannot use tricks like userns as root. For this reason, run a basic link test
// to ensure some coverage.
func TestLink(t *testing.T) {
- runIntegrationTest(t, nil, "sh", "-c", "gcc -O2 -o link_test link_test.c && ./link_test")
+ runIntegrationTest(t, nil, "./link_test")
}
// This test ensures we can run ping without errors.
@@ -487,6 +520,20 @@ func TestPing6Loopback(t *testing.T) {
runIntegrationTest(t, []string{"NET_ADMIN"}, "./ping6.sh")
}
+// This test checks that the owner of the sticky directory can delete files
+// inside it belonging to other users. It also checks that the owner of a file
+// can always delete its file when the file is inside a sticky directory owned
+// by another user.
+func TestStickyDir(t *testing.T) {
+ if vfs2Used, err := dockerutil.UsingVFS2(); err != nil {
+ t.Fatalf("failed to read config for runtime %s: %v", dockerutil.Runtime(), err)
+ } else if !vfs2Used {
+ t.Skip("sticky bit test fails on VFS1.")
+ }
+
+ runIntegrationTest(t, nil, "./test_sticky")
+}
+
func runIntegrationTest(t *testing.T, capAdd []string, args ...string) {
ctx := context.Background()
d := dockerutil.MakeContainer(ctx, t)