Unit tests

test/docker_tests/configurations/mount-tests/docker-compose.mount-test.api_noread.yml

@@ -1,5 +1,5 @@
 # Expected outcome: Mounts table shows /tmp/api is mounted and writable but NOT readable (R=❌, W=✅)
-# Note: This is a diagnostic-only container (entrypoint sleeps); the test chmods/chowns /tmp/api to mode 0300.
+# Note: This is a diagnostic-only container (entrypoint sleeps); the test chmods /tmp/api to mode 0300.
 services:
   netalertx:
     network_mode: host
@@ -8,15 +8,27 @@ services:
       dockerfile: Dockerfile
     image: netalertx-test
     container_name: netalertx-test-mount-api_noread
-    entrypoint: ["sh", "-lc", "sleep infinity"]
+    user: "20211:20211"
+    entrypoint:
+      - /bin/sh
+      - -c
+      - |
+        mkdir -p /tmp/api
+        chmod 0300 /tmp/api
+        exec /entrypoint.sh
     cap_drop:
       - ALL
     cap_add:
+      - CHOWN
       - NET_ADMIN
       - NET_RAW
       - NET_BIND_SERVICE
+      - SETUID
+      - SETGID
     environment:
       NETALERTX_DEBUG: 0
+      PUID: 20211
+      PGID: 20211
       NETALERTX_DATA: /data
       NETALERTX_DB: /data/db
       NETALERTX_CONFIG: /data/config
@@ -33,7 +45,7 @@ services:
         read_only: false
 
     tmpfs:
-      - "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
+      - "/tmp:mode=1777,uid=20211,gid=20211,rw,nosuid,nodev,async,noatime,nodiratime"
 
 volumes:
-  test_netalertx_data:
+  test_netalertx_data: