Skip to content

Commit

Permalink
test access stdio in userns container
Browse files Browse the repository at this point in the history
Signed-off-by: lifubang <[email protected]>
  • Loading branch information
lifubang committed Oct 27, 2024
1 parent 02ad8b3 commit 2b7dda7
Showing 1 changed file with 20 additions and 0 deletions.
20 changes: 20 additions & 0 deletions tests/integration/userns.bats
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,26 @@ function teardown() {
fi
}

@test "runc check stdio permission in userns [terminal=false]" {
update_config ' (.. | select(.terminal? != null)) .terminal |= false
| (.. | select(.[]? == "sh")) += ["-c", "echo errormsg > /dev/stderr"]'

touch log
__runc create test_busybox >log 2>&1

runc start test_busybox
[ "$status" -eq 0 ]

out=$(cat log)
# Keep this to debug is useful once we have a regression about this.
echo "$out" >&2

# We should let stdio could be accessed in user ns container.
# Please see https://github.com/opencontainers/runc/issues/4475
# We should not get error: touch: /dev/stderr: Permission denied.
[[ "$out" = "errormsg" ]]
}

@test "userns with simple mount" {
update_config ' .process.args += ["-c", "stat /tmp/mount-1/foo.txt"]
| .mounts += [{"source": "source-accessible/dir", "destination": "/tmp/mount-1", "options": ["bind"]}] '
Expand Down

0 comments on commit 2b7dda7

Please sign in to comment.