p4u1/docker-cli
0
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
ca5f5427a88cedfc6e519f493909a22cd057ac8f
docker-cli/components/engine/integration-cli
History
Michael Holzheu ca5f5427a8 TestRunSeccompUnconfinedCloneUserns: Check for unprivileged_userns_clone 
On Ubuntu and Debian there is a sysctl which allows to block
clone(CLONE_NEWUSER) via "sysctl kernel.unprivileged_userns_clone=0"
for unprivileged users that do not have CAP_SYS_ADMIN.

See: https://lists.ubuntu.com/archives/kernel-team/2016-January/067926.html

The DockerSuite.TestRunSeccompUnconfinedCloneUserns testcase fails if
"kernel.unprivileged_userns_clone" is set to 0:

 docker_cli_run_unix_test.go:1040:
    c.Fatalf("expected clone userns with --security-opt seccomp=unconfined
              to succeed, got %s: %v", out, err)
 ... Error: expected clone userns with --security-opt seccomp=unconfined
              to succeed, got clone failed: Operation not permitted
 : exit status 1

So add a check and skip the testcase if kernel.unprivileged_userns_clone is 0.

Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Upstream-commit: 87e4e3af68741afcebf11499d1dcbc91b655b349
Component: engine
2016-07-29 12:16:03 -04:00
..
fixtures
Trusted push now adds the tag to every first level delegation role for which we have keys
2016-03-21 10:56:09 -07:00
benchmark_test.go
Move layer mount refcounts to mountedLayer
2016-03-23 14:42:52 -07:00
check_test.go
Split advertised address from listen address
2016-07-24 09:23:07 -07:00
daemon_swarm_hack.go
Implement service integration tests
2016-07-05 21:39:42 -04:00
daemon_swarm.go
fix race in TestApiSwarmRaftQuorum
2016-07-26 21:32:56 -04:00
daemon.go
Use const http status code instead of just numbers see #24783
2016-07-19 10:40:20 +03:00
docker_api_attach_test.go
Swarm integration tests
2016-06-13 22:16:18 -07:00
docker_api_auth_test.go
Return remote API errors as JSON
2016-06-07 18:45:27 -07:00
docker_api_build_test.go
Merge pull request #23322 from tkopczynski/20784-builder-dockerfile-symlink
2016-06-15 10:52:49 +02:00
docker_api_containers_test.go
update comparison log in container config
2016-07-16 11:26:19 +08:00
docker_api_create_test.go
Return remote API errors as JSON
2016-06-07 18:45:27 -07:00
docker_api_events_test.go
Windows CI: Integrity check for busybox top
2016-02-24 11:00:47 -08:00
docker_api_exec_resize_test.go
Remove exec-driver global daemon option.
2015-11-05 17:09:58 -05:00
docker_api_exec_test.go
Return remote API errors as JSON
2016-06-07 18:45:27 -07:00
docker_api_images_test.go
Assert error in body of function inspectField*
2016-01-29 23:39:07 +08:00
docker_api_info_test.go
Remove execution driver
2016-07-11 14:52:27 +08:00
docker_api_inspect_test.go
Windows CI: PortTestInspectApi*
2016-01-26 20:23:40 -08:00
docker_api_inspect_unix_test.go
Checkers on docker_api_inspect_unix_test.go
2015-11-23 22:03:14 -05:00
docker_api_logs_test.go
Return remote API errors as JSON
2016-06-07 18:45:27 -07:00
docker_api_network_test.go
Update client code with api changes
2016-04-15 12:48:01 +02:00
docker_api_resize_test.go
Return remote API errors as JSON
2016-06-07 18:45:27 -07:00
docker_api_service_update_test.go
Change docker service update semantics
2016-06-17 17:09:40 -07:00
docker_api_stats_test.go
Fix flaky TestApiStatsNetworkStats test
2016-05-23 19:00:19 -07:00
docker_api_stats_unix_test.go
TestApiStatsContainerGetMemoryLimit: Add cgroup memory test
2016-05-04 20:46:41 +02:00
docker_api_swarm_test.go
Merge pull request #25077 from cpuguy83/fix_TestApiSwarmRestartCluster
2016-07-28 10:15:31 -07:00
docker_api_test.go
Swarm integration tests
2016-06-13 22:16:18 -07:00
docker_api_update_unix_test.go
Fix minor vet warnings
2016-02-03 10:43:01 -08:00
docker_api_version_test.go
Modify import paths to point to the new engine-api package.
2016-01-06 19:48:59 -05:00
docker_api_volumes_test.go
integration-cli: remove not necessary -d again
2016-02-28 13:48:15 +01:00
docker_cli_attach_test.go
Better error on attach no tty
2016-05-25 13:32:48 -07:00
docker_cli_attach_unix_test.go
Improve remote integration-cli tests
2016-02-11 07:31:49 -08:00
docker_cli_authz_unix_test.go
authz: cleanups
2016-06-12 17:23:19 +02:00
docker_cli_build_test.go
Windows: nanoserver tlist not tasklist
2016-07-22 12:55:46 -07:00
docker_cli_build_unix_test.go
Fix events test flakiness.
2016-02-18 16:10:29 -05:00
docker_cli_by_digest_test.go
Treat digest only images as dangling
2016-06-30 11:32:49 -07:00
docker_cli_commit_test.go
Vendor engine-api to 70d266e96080e3c3d63c55a4d8659e00ac1f7e6c
2016-02-29 19:28:37 +08:00
docker_cli_config_test.go
Support TLS remote test daemon
2016-02-25 14:12:17 -05:00
docker_cli_cp_from_container_test.go
Use checker assert for integration-cli/docker_cli_cp_* four files.
2015-10-26 10:22:28 +08:00
docker_cli_cp_test.go
fix typos
2016-06-02 17:17:22 +08:00
docker_cli_cp_to_container_test.go
Fix typos found across repository
2015-12-13 18:04:12 +02:00
docker_cli_cp_to_container_unix_test.go
Fix copy chown settings to not default to real root
2016-02-18 14:44:13 -08:00
docker_cli_cp_utils.go
Use checker assert for integration-cli/docker_cli_cp_* four files.
2015-10-26 10:22:28 +08:00
docker_cli_create_test.go
Fix create command flags
2016-06-07 14:11:11 +02:00
docker_cli_daemon_experimental_test.go
Handle plugin shutdown when liveRestore is set.
2016-07-22 15:26:43 -07:00
docker_cli_daemon_test.go
Add break after found = true
2016-07-26 23:28:44 +08:00
docker_cli_diff_test.go
Fix TestDiffEmptyArgClientError O:)
2016-06-06 13:58:29 +02:00
docker_cli_events_test.go
Make daemon events listen for plugin lifecycle events.
2016-07-26 10:51:47 -07:00
docker_cli_events_unix_test.go
Add live-restore state to daemon reload event
2016-07-28 17:10:40 -07:00
docker_cli_exec_test.go
Migrate exec command to cobra
2016-07-29 02:10:36 +00:00
docker_cli_exec_unix_test.go
Revert hack in TestExecTTY
2016-03-08 10:54:18 +08:00
docker_cli_experimental_test.go
Move userns cli test to a separate file, remove experimental flag
2016-02-09 09:31:09 +02:00
docker_cli_export_import_test.go
Using checkers assert for integration-cli/docker_cli_export_import_test.go
2015-10-21 08:57:20 -04:00
docker_cli_external_graphdriver_unix_test.go
Fix spelling in comments, strings and documentation
2016-07-03 20:58:11 +03:00
docker_cli_external_volume_driver_unix_test.go
DockerExternalVolumeSuite: add daemon to test
2016-06-28 13:52:48 -04:00
docker_cli_health_test.go
Remove out-of-date health test
2016-06-16 13:09:57 +01:00
docker_cli_help_test.go
Migrate rm command to cobra
2016-06-07 22:19:16 +08:00
docker_cli_history_test.go
fix typos
2016-06-02 17:17:22 +08:00
docker_cli_images_test.go
Remove deprecated -f flag on docker tag
2016-06-01 09:44:25 -07:00
docker_cli_import_test.go
Fix docker import tests
2016-05-23 15:34:40 -07:00
docker_cli_info_test.go
Add live-restore state to docker info output
2016-07-28 17:10:40 -07:00
docker_cli_info_unix_test.go
Add security info to docker info
2016-06-14 12:23:45 -07:00
docker_cli_inspect_experimental_test.go
Assert error in body of function inspectField*
2016-01-29 23:39:07 +08:00
docker_cli_inspect_test.go
Windows: Fix RO test cases
2016-06-20 10:15:20 -07:00
docker_cli_kill_test.go
Windows CI: Port TestKill*
2016-02-24 13:33:25 -08:00
docker_cli_links_test.go
Fix regression on --link on bridge network
2016-07-22 18:52:46 -07:00
docker_cli_links_unix_test.go
use of checkers on Integration test
2015-10-18 09:00:08 +08:00
docker_cli_login_test.go
distribution: errors: do not access the errors slice if it's empty
2016-03-16 09:00:39 +01:00
docker_cli_logout_test.go
Change v1 pull 404 message to include tag
2016-03-29 10:04:59 -07:00
docker_cli_logs_bench_test.go
Fixes some issues with jsonfile write/read
2016-03-21 11:05:58 -04:00
docker_cli_logs_test.go
Add support for reading logs extra attrs
2016-05-06 20:42:20 -04:00
docker_cli_nat_test.go
Assert error in body of function inspectField*
2016-01-29 23:39:07 +08:00
docker_cli_netmode_test.go
fix typos
2016-06-02 17:17:22 +08:00
docker_cli_network_unix_test.go
Rename --net to --network
2016-07-12 13:01:35 -07:00
docker_cli_oom_killed_test.go
Add the swapMemorySupport requirement to OOM tests
2016-05-10 11:28:00 -07:00
docker_cli_pause_test.go
Get events until a time in the past.
2016-04-14 16:22:16 -07:00
docker_cli_plugins_test.go
Check for plugin state before enable and disable.
2016-07-25 19:24:28 -07:00
docker_cli_port_test.go
Expose bridge IPv6 setting to docker network inspect
2016-02-11 22:13:47 +00:00
docker_cli_proxy_test.go
Support TLS remote test daemon
2016-02-25 14:12:17 -05:00
docker_cli_ps_test.go
add support for filtering by network ID
2016-06-07 16:50:31 +02:00
docker_cli_pull_local_test.go
fixed spelling error in cli pull local test
2016-05-19 17:52:42 -05:00
docker_cli_pull_test.go
Move implicit pull test to use local registry
2016-05-02 18:14:13 -07:00
docker_cli_pull_trusted_test.go
Pull, Pull-A, and Build will only pull tags from the targets role or the targets/releases role.
2016-03-21 10:56:49 -07:00
docker_cli_push_test.go
integration-cli: ensure digest is the same after cross-repo push
2016-07-06 13:12:42 +02:00
docker_cli_registry_user_agent_test.go
Pass upstream client's user agent through to registry on operations beyond pulls
2016-03-21 14:31:47 -07:00
docker_cli_rename_test.go
Merge pull request #23360 from sainath14/rename_error
2016-06-24 19:54:09 +02:00
docker_cli_restart_test.go
Fix test case
2016-04-26 19:22:48 +08:00
docker_cli_rm_test.go
Merge pull request #19959 from WeiZhang555/fix-cli-print-err
2016-02-03 10:56:19 -08:00
docker_cli_rmi_test.go
update "image delete" error to match actual behavior
2016-07-18 23:17:55 +02:00
docker_cli_run_test.go
fix typos
2016-07-23 11:32:23 +08:00
docker_cli_run_unix_test.go
TestRunSeccompUnconfinedCloneUserns: Check for unprivileged_userns_clone
2016-07-29 12:16:03 -04:00
docker_cli_save_load_test.go
Say something useful during docker load
2016-06-08 17:17:05 +02:00
docker_cli_save_load_unix_test.go
Fix docker load progressbar, fixes #21957
2016-04-12 22:45:42 -04:00
docker_cli_search_test.go
Use spf13/cobra for docker search
2016-06-03 19:50:01 +02:00
docker_cli_service_create_hack_test.go
Use newer default values for mounts CLI
2016-07-06 22:34:39 -04:00
docker_cli_service_health_test.go
extend health check to start service
2016-07-25 15:49:22 -07:00
docker_cli_service_update_test.go
fix panic on --label-add
2016-07-25 19:20:44 -04:00
docker_cli_sni_test.go
Disable flakey TestClientSetsTLSServerName
2016-02-02 19:56:31 -08:00
docker_cli_stack_test.go
cli: docker service|node|stack ps instead of tasks
2016-07-27 11:06:42 -07:00
docker_cli_start_test.go
Fix docker start error with renamed container
2016-06-18 16:43:30 -07:00
docker_cli_stats_test.go
Do not remove containers from stats list on err
2016-04-13 16:36:34 -04:00
docker_cli_stop_test.go
Add test case for stopping a restarting container
2016-04-10 15:39:28 +08:00
docker_cli_swarm_test.go
cli: docker service|node|stack ps instead of tasks
2016-07-27 11:06:42 -07:00
docker_cli_tag_test.go
Remove deprecated -f flag on docker tag
2016-06-01 09:44:25 -07:00
docker_cli_top_test.go
Merge pull request #12648 from estesp/userns-impl
2015-10-10 11:38:07 -07:00
docker_cli_update_test.go
Fix flaky TestUpdateRestartPolicy on Windows
2016-03-14 12:49:24 +01:00
docker_cli_update_unix_test.go
Soften limitation of update kernel memory
2016-07-12 08:07:24 +08:00
docker_cli_userns_test.go
Run privileged containers when userns are specified
2016-03-14 17:09:25 +02:00
docker_cli_v2_only_test.go
Login update and endpoint refactor
2016-03-01 11:52:32 -08:00
docker_cli_version_test.go
Build and test Docker on IBM Power and Z using gccgo. Enable CI on Power and Z.
2015-11-14 03:16:45 +00:00
docker_cli_volume_test.go
Update usage and help to (almost) match the existing docker behaviour
2016-05-31 14:41:37 -07:00
docker_cli_wait_test.go
Better logging for errors in some tests
2016-03-25 10:02:52 -04:00
docker_deprecated_api_v124_test.go
remove deprecated feature of passing HostConfig at API container start
2016-06-01 22:25:17 +08:00
docker_deprecated_api_v124_unix_test.go
remove deprecated feature of passing HostConfig at API container start
2016-06-01 22:25:17 +08:00
docker_experimental_network_test.go
Add "--ipv6" flag in IT for network create when using ipv6 subnets
2016-03-24 16:19:59 -07:00
docker_hub_pull_suite_test.go
fix typos
2016-06-02 17:17:22 +08:00
docker_test_vars.go
Windows: Allow nanoserver image for CLI
2016-07-20 09:59:52 -07:00
docker_utils.go
Fix spelling in comments, strings and documentation
2016-07-03 20:58:11 +03:00
events_utils.go
Fix incorrect usage of logrus when formatting string is present
2016-06-11 15:37:36 -07:00
npipe_windows.go
Windows CI: Allow npipe protocol for sock requests
2016-03-02 14:22:51 -08:00
npipe.go
Windows CI: Allow npipe protocol for sock requests
2016-03-02 14:22:51 -08:00
registry_mock.go
integration-cli: log error when starting registry
2016-01-11 20:16:13 +01:00
registry.go
fix typos
2016-07-23 11:32:23 +08:00
requirements_unix.go
TestRunSeccompUnconfinedCloneUserns: Check for unprivileged_userns_clone
2016-07-29 12:16:03 -04:00
requirements.go
Add a test that the default seccomp profile allows execution of 32 bit binaries
2016-07-27 18:42:34 +01:00
test_vars_exec.go
test_vars_noexec.go
test_vars_noseccomp.go
Allow non-seccomp platforms to pass integration-cli tests
2015-12-07 20:14:52 -05:00
test_vars_seccomp.go
Allow non-seccomp platforms to pass integration-cli tests
2015-12-07 20:14:52 -05:00
test_vars_unix.go
Factorize sleeping containers
2016-01-27 08:48:08 -08:00
test_vars_windows.go
Fixing flaky tests on Windows (again)
2016-03-11 14:48:52 -08:00
trust_server.go
Use const http status code instead of just numbers see #24783
2016-07-19 10:40:20 +03:00
utils.go
Add a getPrefixAndSlashFromDaemonPlatform …
2016-02-03 15:16:00 +01:00