Skip to content

Commit

Permalink
tests: integration: add setgid mkdirall test
Browse files Browse the repository at this point in the history 
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
  • Loading branch information
@cyphar
cyphar committed Sep 13, 2024
1 parent ab75240 commit 85b09d6
Showing 1 changed file with 22 additions and 0 deletions.
22 changes: 22 additions & 0 deletions tests/integration/mounts.bats
View file
Original file line number Diff line number Diff line change
Expand Up @@ -211,6 +211,28 @@ function test_mount_order() {
[[ "$output" =~ 'filesystem .*proc.* must be mounted on ordinary directory' ]]

Check warning on line 211 in tests/integration/mounts.bats

View workflow job for this annotation

GitHub Actions / shellcheck 

Remove quotes from right-hand side of =~ to match as a regex rather than literally.
}

# https://github.com/opencontainers/runc/issues/4401
@test "runc run [setgid / + mkdirall]" {
mkdir rootfs/setgid
chmod =7755 rootfs/setgid

Check failure on line 217 in tests/integration/mounts.bats

View workflow job for this annotation

GitHub Actions / shellcheck 

Remove spaces around = to assign (or use [ ] to compare, or quote '=' if literal).

update_config '.mounts += [{
type: "tmpfs",
source: "tmpfs",
destination: "/setgid/a/b/c",
options: ["ro", "nodev", "nosuid"]
}]'

runc run test_busybox
[ "$status" -eq 0 ]

# Verify that the setgid bit is inherited.
[[ "$(stat -c %a rootfs/setgid)" == 7755 ]]
[[ "$(stat -c %a rootfs/setgid/a)" == 2755 ]]
[[ "$(stat -c %a rootfs/setgid/b)" == 2755 ]]
[[ "$(stat -c %a rootfs/setgid/c)" == 2755 ]]
}

@test "runc run [ro /sys/fs/cgroup mounts]" {
# Without cgroup namespace.
update_config '.linux.namespaces -= [{"type": "cgroup"}]'
Expand Down

0 comments on commit 85b09d6

Please sign in to comment.