From d43372b9014f369631609d5636975f4b336c6dbd Mon Sep 17 00:00:00 2001 From: Sami Wagiaalla Date: Wed, 28 Oct 2015 16:23:11 -0400 Subject: [PATCH] Add SELinuxOptions to emptyDir e2e This enables the tests to use the kubelet's SELinux labeling. Otherwise SELinux will prevent access and the tests fail. --- test/e2e/empty_dir.go | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/test/e2e/empty_dir.go b/test/e2e/empty_dir.go index 60f0239eb18..bc9c357262b 100644 --- a/test/e2e/empty_dir.go +++ b/test/e2e/empty_dir.go @@ -132,7 +132,6 @@ func doTestSetgidFSGroup(f *Framework, image string, medium api.StorageMedium) { fmt.Sprintf("--file_owner=%v", filePath), } - pod.Spec.SecurityContext = &api.PodSecurityContext{} fsGroup := int64(123) pod.Spec.SecurityContext.FSGroup = &fsGroup @@ -161,7 +160,7 @@ func doTestVolumeModeFSGroup(f *Framework, image string, medium api.StorageMediu } fsGroup := int64(1001) - pod.Spec.SecurityContext = &api.PodSecurityContext{FSGroup: &fsGroup} + pod.Spec.SecurityContext.FSGroup = &fsGroup msg := fmt.Sprintf("emptydir volume type on %v", formatMedium(medium)) out := []string{ @@ -187,7 +186,6 @@ func doTest0644FSGroup(f *Framework, image string, medium api.StorageMedium) { fmt.Sprintf("--file_perm=%v", filePath), } - pod.Spec.SecurityContext = &api.PodSecurityContext{} fsGroup := int64(123) pod.Spec.SecurityContext.FSGroup = &fsGroup @@ -330,6 +328,11 @@ func testPodWithVolume(image, path string, source *api.EmptyDirVolumeSource) *ap }, }, }, + SecurityContext: &api.PodSecurityContext{ + SELinuxOptions: &api.SELinuxOptions{ + Level: "s0", + }, + }, RestartPolicy: api.RestartPolicyNever, Volumes: []api.Volume{ {