From f9bb6f7478493c35be4a2a63056f92a23d8052c6 Mon Sep 17 00:00:00 2001 From: Honza Horak Date: Thu, 4 Jan 2024 17:06:38 +0100 Subject: [PATCH 1/2] Revert "each container in run_change_password_test mounts its own volume" This reverts commit 62a0e88ae0e5f19c3dad1cb6fea3778dfa2dbf2f. Creating a new volume directory was actually NOOP, because the variable volume_options was not updated. What we need to get rid of SELinux messages that this fix tried to address is to properly shut down previous container. That will be done in the following commit. Background: podman's :Z modificator for volumes works the way that the latest container run with the same volume directory mounted with :Z modificator has access, the previous containers are kept running, but access to the shared directory is suddenly removed. That caused the first instance of PostgreSQL server to crash with SIGSEGV actually, while triggering some SELinux error message during that. --- test/run_test | 5 ----- 1 file changed, 5 deletions(-) diff --git a/test/run_test b/test/run_test index c560434c..9dc6929b 100755 --- a/test/run_test +++ b/test/run_test @@ -634,11 +634,6 @@ $volume_options echo " Changing passwords" - # create separate mounting directory for second container, as selinux does - # not allow two containers accesing one mounting directory if mounted with - # Z option - create_volume_dir || ret=1 - DOCKER_ARGS=" -e POSTGRESQL_DATABASE=${database} -e POSTGRESQL_USER=${user} From fc304f442433d7c5631c65ca1d5e96ba2e114f37 Mon Sep 17 00:00:00 2001 From: Honza Horak Date: Thu, 4 Jan 2024 17:12:00 +0100 Subject: [PATCH 2/2] Gracefully shut down the original container With keeping the container running, we see SELinux error messages and sudden crash of the PostgreSQL container. Let's properly shut down the container before using its volume privately mounted into a different container. Background: podman's :Z modificator for volumes works the way that the latest container run with the same volume directory mounted with :Z modificator has access, the previous containers are kept running, but access to the shared directory is suddenly removed. That caused the first instance of PostgreSQL server to crash with SIGSEGV actually, while triggering some SELinux error message during that. --- test/run_test | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/test/run_test b/test/run_test index 9dc6929b..a3269624 100755 --- a/test/run_test +++ b/test/run_test @@ -634,6 +634,13 @@ $volume_options echo " Changing passwords" + echo "Kill the previous container and create a new one" + local cidfile=$CID_FILE_DIR/"${name}" + docker kill $(cat $cidfile) + docker rm -f $(cat $cidfile) + # Don't forget to remove its .cid file + rm $cidfile + DOCKER_ARGS=" -e POSTGRESQL_DATABASE=${database} -e POSTGRESQL_USER=${user}