Merge pull request #41719 from elboulangero/skip-some-root-tests
This commit is contained in:
Brian Goff
GitHub
commit
560034b3d4
3 changed files with 9 additions and 0 deletions
|
|
@ -15,6 +15,7 @@ import (
|
||||||
"github.com/docker/libnetwork"
|
"github.com/docker/libnetwork"
|
||||||
"gotest.tools/v3/assert"
|
"gotest.tools/v3/assert"
|
||||||
is "gotest.tools/v3/assert/cmp"
|
is "gotest.tools/v3/assert/cmp"
|
||||||
|
"gotest.tools/v3/skip"
|
||||||
)
|
)
|
||||||
|
|
||||||
func setupFakeDaemon(t *testing.T, c *container.Container) *Daemon {
|
func setupFakeDaemon(t *testing.T, c *container.Container) *Daemon {
|
||||||
|
|
@ -62,6 +63,7 @@ func cleanupFakeContainer(c *container.Container) {
|
||||||
// in "Duplicate mount point" error from the engine.
|
// in "Duplicate mount point" error from the engine.
|
||||||
// https://github.com/moby/moby/issues/35455
|
// https://github.com/moby/moby/issues/35455
|
||||||
func TestTmpfsDevShmNoDupMount(t *testing.T) {
|
func TestTmpfsDevShmNoDupMount(t *testing.T) {
|
||||||
|
skip.If(t, os.Getuid() != 0, "skipping test that requires root")
|
||||||
c := &container.Container{
|
c := &container.Container{
|
||||||
ShmPath: "foobar", // non-empty, for c.IpcMounts() to work
|
ShmPath: "foobar", // non-empty, for c.IpcMounts() to work
|
||||||
HostConfig: &containertypes.HostConfig{
|
HostConfig: &containertypes.HostConfig{
|
||||||
|
|
@ -84,6 +86,7 @@ func TestTmpfsDevShmNoDupMount(t *testing.T) {
|
||||||
// the resulting /dev/shm mount is NOT made read-only.
|
// the resulting /dev/shm mount is NOT made read-only.
|
||||||
// https://github.com/moby/moby/issues/36503
|
// https://github.com/moby/moby/issues/36503
|
||||||
func TestIpcPrivateVsReadonly(t *testing.T) {
|
func TestIpcPrivateVsReadonly(t *testing.T) {
|
||||||
|
skip.If(t, os.Getuid() != 0, "skipping test that requires root")
|
||||||
c := &container.Container{
|
c := &container.Container{
|
||||||
HostConfig: &containertypes.HostConfig{
|
HostConfig: &containertypes.HostConfig{
|
||||||
IpcMode: containertypes.IpcMode("private"),
|
IpcMode: containertypes.IpcMode("private"),
|
||||||
|
|
@ -108,6 +111,7 @@ func TestIpcPrivateVsReadonly(t *testing.T) {
|
||||||
// TestSysctlOverride ensures that any implicit sysctls (such as
|
// TestSysctlOverride ensures that any implicit sysctls (such as
|
||||||
// Config.Domainname) are overridden by an explicit sysctl in the HostConfig.
|
// Config.Domainname) are overridden by an explicit sysctl in the HostConfig.
|
||||||
func TestSysctlOverride(t *testing.T) {
|
func TestSysctlOverride(t *testing.T) {
|
||||||
|
skip.If(t, os.Getuid() != 0, "skipping test that requires root")
|
||||||
c := &container.Container{
|
c := &container.Container{
|
||||||
Config: &containertypes.Config{
|
Config: &containertypes.Config{
|
||||||
Hostname: "foobar",
|
Hostname: "foobar",
|
||||||
|
|
@ -149,6 +153,7 @@ func TestSysctlOverride(t *testing.T) {
|
||||||
// TestSysctlOverrideHost ensures that any implicit network sysctls are not set
|
// TestSysctlOverrideHost ensures that any implicit network sysctls are not set
|
||||||
// with host networking
|
// with host networking
|
||||||
func TestSysctlOverrideHost(t *testing.T) {
|
func TestSysctlOverrideHost(t *testing.T) {
|
||||||
|
skip.If(t, os.Getuid() != 0, "skipping test that requires root")
|
||||||
c := &container.Container{
|
c := &container.Container{
|
||||||
Config: &containertypes.Config{},
|
Config: &containertypes.Config{},
|
||||||
HostConfig: &containertypes.HostConfig{
|
HostConfig: &containertypes.HostConfig{
|
||||||
|
|
|
||||||
|
|
@ -16,6 +16,7 @@ import (
|
||||||
"github.com/docker/docker/pkg/archive"
|
"github.com/docker/docker/pkg/archive"
|
||||||
"golang.org/x/sys/unix"
|
"golang.org/x/sys/unix"
|
||||||
"gotest.tools/v3/assert"
|
"gotest.tools/v3/assert"
|
||||||
|
"gotest.tools/v3/skip"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Test for CVE-2018-15664
|
// Test for CVE-2018-15664
|
||||||
|
|
@ -23,6 +24,7 @@ import (
|
||||||
// some path outside of a container's rootfs that we do not copy data to a
|
// some path outside of a container's rootfs that we do not copy data to a
|
||||||
// container path that will actually overwrite data on the host
|
// container path that will actually overwrite data on the host
|
||||||
func TestUntarWithMaliciousSymlinks(t *testing.T) {
|
func TestUntarWithMaliciousSymlinks(t *testing.T) {
|
||||||
|
skip.If(t, os.Getuid() != 0, "skipping test that requires root")
|
||||||
dir, err := ioutil.TempDir("", t.Name())
|
dir, err := ioutil.TempDir("", t.Name())
|
||||||
assert.NilError(t, err)
|
assert.NilError(t, err)
|
||||||
defer os.RemoveAll(dir)
|
defer os.RemoveAll(dir)
|
||||||
|
|
@ -84,6 +86,7 @@ func TestUntarWithMaliciousSymlinks(t *testing.T) {
|
||||||
// some path outside of a container's rootfs that we do not unwittingly leak
|
// some path outside of a container's rootfs that we do not unwittingly leak
|
||||||
// host data into the archive.
|
// host data into the archive.
|
||||||
func TestTarWithMaliciousSymlinks(t *testing.T) {
|
func TestTarWithMaliciousSymlinks(t *testing.T) {
|
||||||
|
skip.If(t, os.Getuid() != 0, "skipping test that requires root")
|
||||||
dir, err := ioutil.TempDir("", t.Name())
|
dir, err := ioutil.TempDir("", t.Name())
|
||||||
assert.NilError(t, err)
|
assert.NilError(t, err)
|
||||||
// defer os.RemoveAll(dir)
|
// defer os.RemoveAll(dir)
|
||||||
|
|
|
||||||
|
|
@ -175,6 +175,7 @@ func (e *executorWithRunning) Signal(id string, signal int) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestPluginAlreadyRunningOnStartup(t *testing.T) {
|
func TestPluginAlreadyRunningOnStartup(t *testing.T) {
|
||||||
|
skip.If(t, os.Getuid() != 0, "skipping test that requires root")
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
|
|
||||||
root, err := ioutil.TempDir("", t.Name())
|
root, err := ioutil.TempDir("", t.Name())
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue