Skip to content

Use specific image for user namespaces tests#5235

Merged
AkihiroSuda merged 1 commit intocontainerd:masterfrom
estesp:testimage-userns-ro
Mar 20, 2021
Merged

Use specific image for user namespaces tests#5235
AkihiroSuda merged 1 commit intocontainerd:masterfrom
estesp:testimage-userns-ro

Conversation

@estesp
Copy link
Copy Markdown
Member

@estesp estesp commented Mar 20, 2021

Due to the lack of an existing /proc dir in the rootfs of the busybox image, there
seems to be a race between the mkdir prior to the mount of /proc and whether
the root dir is already readonly? May need investigation, but for now use an image
that has a /proc dir existing.

Follow-on to comments in #5216 // cc @crosbymichael

Signed-off-by: Phil Estes [email protected]

@estesp
Use specific image for user namespaces tests
33776ad 
Due to the lack of an existing /proc dir in the rootfs of busybox, there
seems to be a race between the mount of /proc and whether the root dir
is already readonly? May need investigation, but for now use an image
that has a /proc dir existing.

Signed-off-by: Phil Estes <[email protected]>
dims
dims approved these changes Mar 20, 2021
View reviewed changes
Copy link
Copy Markdown
Member

@dims dims left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@estesp
Copy link
Copy Markdown
Member Author

estesp commented Mar 20, 2021

Anyone who wants to dig deeper, you can reproduce with one or two runs of sudo make integration EXTRA_TESTFLAGS='-run TestUserNamespace' when testImage is set to the current busybox image (e.g. use tree @ f7bd43c); the readonly root FS will error on and off with:

container_linux_test.go:1650: OCI runtime create failed: container_linux.go:370: starting container process caused: process_linux.go:459: container init caused: rootfs_linux.go:59: mounting "proc" to rootfs at "/proc" caused: mkdir /run/containerd-test/io.containerd.runtime.v2.task/testing/TestUserNamespaces-ReadonlyRootFS/rootfs/proc: read-only file system: unknown
--- FAIL: TestUserNamespaces (6.75s)

@estesp estesp mentioned this pull request Mar 20, 2021
Merged
@AkihiroSuda AkihiroSuda merged commit 6150170 into containerd:master Mar 20, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dims dims dims approved these changes

@samuelkarp samuelkarp samuelkarp approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@estesp @dims @samuelkarp @AkihiroSuda