Tests failing on master

Tomi Ollila tomi.ollila at iki.fi
Thu Nov 21 14:16:17 PST 2019 

On Sun, Nov 17 2019, David Bremner wrote:

> Yes, being root would break some of the tests, e.g. those that rely on
> removing permissions to generate an error. Probably we should just
> document that running the test suite as root is not supported? If
> someone can explain a good reason to run as root (maybe some odd
> auto-builder, the tests in question could probably be modified to do
> something more extreme (e.g. delete a file) rather than chmod.

Yes, rootless podman containers!

if I run e.g

  $ podman run --rm -it -v $HOME:$HOME -w $HOME/vc/ext/notmuch \
         notmuch-buildenv-debian10: /bin/zsh

  [root at e489c80816a9 notmuch]# id
  uid=0(root) gid=0(root) groups=0(root)

  [root at e489c80816a9 notmuch]# pwd
  /home/too/vc/ext/notmuch

  [root at e489c80816a9 build]# ls -l configure 
  -rwxr-xr-x. 1 root root 41920 Nov 17 21:00 configure

  [root at e489c80816a9 build]# exit

  $ ls -l $HOME/vc/ext/notmuch/configure
  -rwxr-xr-x. 1 too too 41920 Nov 17 23:00 /home/too/vc/ext/notmuch/configure

  $ podman unshare cat /proc/self/uid_map
  0       1000          1
  1     100000      65536


The last line, would have had same results if run inside container, tells
that uid 0 (root) inside container was mapped to uid 1000 (too) outside, 
on "host" side, and 1 uid was mapped, from uid 1 onwards in container,
uids are mapped starting from 100000 outside.

All that means, that I can do, without sudo, all kinds of things when 
using this container technology. Files owned by my uid outside container
are seen as owned by root inside container.

Since last spring, I've been gradually moving all things I used docker
to podman. And everything has (in my use cases) worked better. In Fedora
it just works (already). In Ubuntu 16.04 and RHEL 7.7 it also worked when
I tried, but lack of fuse-overlayfs makes it slow (to start) in these
systems. I hope every system in 2020 has good podman support...


All that long text written, I can take care notmuch tests can be run on
podman containers... 

>
> cheers,
>
> d

YEA,

Tomi

More information about the notmuch mailing list