1. docker
  2. Commit 46ade6acb5b6cdb80287a83afd16c20c6a8b4dff
Browse code

add a test for ensuring the behavior of read-only /dev/shm

The test ensures that `docker run --read-only -v /var/empty:/dev/shm:ro`
makes /dev/shm read-only

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>

Akihiro Suda authored on 2016/11/25 14:54:38
Showing 1 changed files
integration-cli/docker_cli_run_test.go
History View file @ 46ade6a
... ... 
@@ -4879,3 +4879,16 @@ func (s *delayedReader) Read([]byte) (int, error) {
4879 4879 
 	time.Sleep(500 * time.Millisecond)
4880 4880 
 	return 0, io.EOF
4881 4881 
 }
4882 
+
4883 
+// #28823 (originally #28639)
4884 
+func (s *DockerSuite) TestRunMountReadOnlyDevShm(c *check.C) {
4885 
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
4886 
+	emptyDir, err := ioutil.TempDir("", "test-read-only-dev-shm")
4887 
+	c.Assert(err, check.IsNil)
4888 
+	defer os.RemoveAll(emptyDir)
4889 
+	out, _, err := dockerCmdWithError("run", "--rm", "--read-only",
4890 
+		"-v", fmt.Sprintf("%s:/dev/shm:ro", emptyDir),
4891 
+		"busybox", "touch", "/dev/shm/foo")
4892 
+	c.Assert(err, checker.NotNil, check.Commentf(out))
4893 
+	c.Assert(out, checker.Contains, "Read-only file system")
4894 
+}