diff options
| author | Dan Walsh <dwalsh@redhat.com> | 2015-05-11 18:28:36 -0400 |
|---|---|---|
| committer | Jessica Frazelle <princess@docker.com> | 2015-05-27 12:50:16 -0700 |
| commit | 160dc79db095767de74deb75b8e1ae86f213593c (patch) | |
| tree | 5051439d4ddb393ea3398085fccd938bf51ec37b /runconfig/config_test.go | |
| parent | 7b57fae04668cc4841f0d31f8ce16ac8d044b446 (diff) | |
| download | docker-160dc79db095767de74deb75b8e1ae86f213593c.tar.gz | |
Modify volume mounts SELinux labels on the fly based on :Z or :z
This patch is extending the qualifiers on the -v command to allow
an admin to tell the system to relabel, content. There might be a
need for something similar for changing the DAC Permissions.
Signed-off-by: Jessica Frazelle <princess@docker.com>
Diffstat (limited to 'runconfig/config_test.go')
| -rw-r--r-- | runconfig/config_test.go | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/runconfig/config_test.go b/runconfig/config_test.go index 8b1a49f11b..27727a495e 100644 --- a/runconfig/config_test.go +++ b/runconfig/config_test.go @@ -114,6 +114,14 @@ func TestParseRunVolumes(t *testing.T) { t.Fatalf("Error parsing volume flags, `-v /hostTmp:/containerTmp:ro -v /hostVar:/containerVar:rw` should mount-bind /hostTmp into /containeTmp and /hostVar into /hostContainer. Received %v", hostConfig.Binds) } + if _, hostConfig := mustParse(t, "-v /hostTmp:/containerTmp:roZ -v /hostVar:/containerVar:rwZ"); hostConfig.Binds == nil || compareRandomizedStrings(hostConfig.Binds[0], hostConfig.Binds[1], "/hostTmp:/containerTmp:roZ", "/hostVar:/containerVar:rwZ") != nil { + t.Fatalf("Error parsing volume flags, `-v /hostTmp:/containerTmp:roZ -v /hostVar:/containerVar:rwZ` should mount-bind /hostTmp into /containeTmp and /hostVar into /hostContainer. Received %v", hostConfig.Binds) + } + + if _, hostConfig := mustParse(t, "-v /hostTmp:/containerTmp:Z -v /hostVar:/containerVar:z"); hostConfig.Binds == nil || compareRandomizedStrings(hostConfig.Binds[0], hostConfig.Binds[1], "/hostTmp:/containerTmp:Z", "/hostVar:/containerVar:z") != nil { + t.Fatalf("Error parsing volume flags, `-v /hostTmp:/containerTmp:Z -v /hostVar:/containerVar:z` should mount-bind /hostTmp into /containeTmp and /hostVar into /hostContainer. Received %v", hostConfig.Binds) + } + if config, hostConfig := mustParse(t, "-v /hostTmp:/containerTmp -v /containerVar"); hostConfig.Binds == nil || len(hostConfig.Binds) > 1 || hostConfig.Binds[0] != "/hostTmp:/containerTmp" { t.Fatalf("Error parsing volume flags, `-v /hostTmp:/containerTmp -v /containerVar` should mount-bind only /hostTmp into /containeTmp. Received %v", hostConfig.Binds) } else if _, exists := config.Volumes["/containerVar"]; !exists { |