Containers: fix problems with privileged mode

https://progress.opensuse.org/issues/135518
ilausuch · Oct 5, 2023 · a7b5042 · a7b5042
1 parent 8d52eb3
commit a7b5042
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 9 deletions.
diff --git a/lib/main_containers.pm b/lib/main_containers.pm
@@ -98,10 +98,7 @@ sub load_host_tests_podman {
         # In Public Cloud we don't have internal resources
         load_image_test($run_args) unless is_public_cloud || is_alp;
         load_3rd_party_image_test($run_args);
-
-        ## Temporarily disabled, see poo#135518
-        #load_container_engine_privileged_mode($run_args);
-
+        load_container_engine_privileged_mode($run_args);
         loadtest 'containers/podman_bci_systemd';
         loadtest 'containers/podman_pods';
         # Default for ALP is Netavark
@@ -125,10 +122,7 @@ sub load_host_tests_docker {
     # In Public Cloud we don't have internal resources
     load_image_test($run_args) unless is_public_cloud || is_alp;
     load_3rd_party_image_test($run_args);
-
-    ## Temporarily disabled, see poo#135518
-    #load_container_engine_privileged_mode($run_args);
-
+    load_container_engine_privileged_mode($run_args);
     # Firewall is not installed in Public Cloud, JeOS OpenStack and MicroOS but it is in SLE Micro
     loadtest 'containers/docker_firewall' unless (is_public_cloud || is_openstack || is_microos);
     unless (is_sle("<=15") && is_aarch64) {

diff --git a/tests/containers/privileged_mode.pm b/tests/containers/privileged_mode.pm
@@ -39,7 +39,7 @@ sub run {
     validate_script_output("$runtime run --rm --privileged $image cat /proc/1/status | grep CapBnd", sub { m/$capbnd/ });
 
     # Podman inside the container
-    assert_script_run("$runtime run -it --privileged --name outer-container $image /bin/bash");
+    assert_script_run("$runtime run -d --privileged --name outer-container $image sleep infinite");
     assert_script_run("$runtime exec outer-container zypper in -y podman");
     assert_script_run("$runtime exec outer-container podman run -it $image ls");
 }