Add test to verify idmapping/shiftfs on tmpfs bind-mount.

Signed-off-by: Cesar Talledo <[email protected]>
DekusDenial · Jun 9, 2023 · 477600f · 477600f
1 parent 41ad682
commit 477600f
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 0 deletions.
diff --git a/tests/docker/mounts.bats b/tests/docker/mounts.bats
@@ -5,6 +5,7 @@
 #
 
 load ../helpers/run
+load ../helpers/fs
 load ../helpers/docker
 load ../helpers/uid-shift
 load ../helpers/sysbox-health
@@ -361,6 +362,42 @@ function teardown() {
   docker_stop "$syscont"
 }
 
+@test "docker tmpfs bind mount" {
+  local tmpfs_dir="/mnt/scratch/temp"
+
+  rm -rf $tmpfs_dir
+  mkdir $tmpfs_dir
+  mount -t tmpfs -o size=64K tmpfs $tmpfs_dir
+
+  # start container with tmpfs mount
+  local syscont=$(docker_run --rm --mount type=bind,source=${tmpfs_dir},target=/mnt ${CTR_IMG_REPO}/alpine tail -f /dev/null)
+
+  docker exec "$syscont" sh -c "mount | grep /mnt"
+  [ "$status" -eq 0 ]
+
+  if sysbox_using_idmapped_mnt && kernel_supports_idmapping_tmpfs; then
+	  [[ "$output" =~ "idmapped" ]]
+  elif sysbox_using_shiftfs; then
+	  [[ "$output" =~ "shiftfs" ]]
+  fi
+
+  # verify the mount permissions show up correctly inside the container
+  docker exec "$syscont" sh -c "ls -l / | grep mnt"
+  [ "$status" -eq 0 ]
+  if sysbox_using_idmapped_mnt && kernel_supports_idmapping_tmpfs; then
+	  verify_perm_owner "drwxrwxrwt" "root" "root" "$output"
+  elif sysbox_using_shiftfs; then
+	  verify_perm_owner "drwxrwxrwt" "root" "root" "$output"
+  else
+	  verify_perm_owner "drwxrwxrwt" "nobody" "nobody" "$output"
+  fi
+
+  # cleanup
+  docker_stop "$syscont"
+  umount $tmpfs_dir
+  rm -rf $tmpfs_dir
+}
+
 @test "vol mount on /var/lib/docker" {
 
   docker volume rm testVol

diff --git a/tests/helpers/uid-shift.bash b/tests/helpers/uid-shift.bash
@@ -1,5 +1,7 @@
 #!/bin/bash
 
+. $(dirname ${BASH_SOURCE[0]})/environment.bash
+
 #
 # Uid shifting helper functions
 #
@@ -38,6 +40,11 @@ function kernel_supports_overlayfs_on_idmapped_mnt() {
 	sysbox_mgr_log_search "Overlayfs on ID-mapped mounts supported by kernel: yes"
 }
 
+function kernel_supports_idmapping_tmpfs() {
+	local cur_kernel=$(get_kernel_release_semver)
+	semver_ge ${cur_kernel} "6.3.0"
+}
+
 function sysbox_idmapped_mnt_disabled {
 	sysbox_mgr_log_search "Use of ID-mapped mounts disabled"
 }