Migrates TestContainersAPINetworkMountsNoChown to api tests

This fix migrates TestContainersAPINetworkMountsNoChown from integration-cli to api tests in integration. Signed-off-by: Yong Tang <[email protected]>
trebonian · Feb 6, 2018 · c028da3 · c028da3
1 parent 30a8c6c
commit c028da3
Show file tree

Hide file tree

Showing 2 changed files with 59 additions and 77 deletions.
diff --git a/integration-cli/docker_api_containers_unix_test.go b/integration-cli/docker_api_containers_unix_test.go
diff --git a/integration/container/mounts_linux_test.go b/integration/container/mounts_linux_test.go
@@ -9,8 +9,15 @@ import (
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/container"
 	"github.com/docker/docker/api/types/mount"
+	"github.com/docker/docker/api/types/network"
+	"github.com/docker/docker/client"
 	"github.com/docker/docker/integration-cli/daemon"
 	"github.com/docker/docker/pkg/stdcopy"
+	"github.com/docker/docker/pkg/system"
+	"github.com/gotestyourself/gotestyourself/fs"
+	"github.com/gotestyourself/gotestyourself/skip"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestContainerShmNoLeak(t *testing.T) {
@@ -82,3 +89,55 @@ func TestContainerShmNoLeak(t *testing.T) {
 		t.Fatalf("mount leaked: %s", string(out))
 	}
 }
+
+func TestContainerNetworkMountsNoChown(t *testing.T) {
+	// chown only applies to Linux bind mounted volumes; must be same host to verify
+	skip.If(t, testEnv.DaemonInfo.OSType != "linux" || !testEnv.IsLocalDaemon())
+
+	defer setupTest(t)()
+
+	ctx := context.Background()
+
+	tmpDir := fs.NewDir(t, "network-file-mounts", fs.WithMode(0755), fs.WithFile("nwfile", "network file bind mount", fs.WithMode(0644)))
+	defer tmpDir.Remove()
+
+	tmpNWFileMount := tmpDir.Join("nwfile")
+
+	config := container.Config{
+		Image: "busybox",
+	}
+	hostConfig := container.HostConfig{
+		Mounts: []mount.Mount{
+			{
+				Type:   "bind",
+				Source: tmpNWFileMount,
+				Target: "/etc/resolv.conf",
+			},
+			{
+				Type:   "bind",
+				Source: tmpNWFileMount,
+				Target: "/etc/hostname",
+			},
+			{
+				Type:   "bind",
+				Source: tmpNWFileMount,
+				Target: "/etc/hosts",
+			},
+		},
+	}
+
+	cli, err := client.NewEnvClient()
+	require.NoError(t, err)
+	defer cli.Close()
+
+	ctrCreate, err := cli.ContainerCreate(ctx, &config, &hostConfig, &network.NetworkingConfig{}, "")
+	require.NoError(t, err)
+	// container will exit immediately because of no tty, but we only need the start sequence to test the condition
+	err = cli.ContainerStart(ctx, ctrCreate.ID, types.ContainerStartOptions{})
+	require.NoError(t, err)
+
+	// check that host-located bind mount network file did not change ownership when the container was started
+	statT, err := system.Stat(tmpNWFileMount)
+	require.NoError(t, err)
+	assert.Equal(t, uint32(0), statT.UID(), "bind mounted network file should not change ownership from root")
+}