1
0
mirror of https://github.com/golang/go synced 2024-11-05 12:06:15 -07:00

syscall: skip TestAmbientCapsUserns if user namespaces are not supported

Fixes #34015

Change-Id: I29798fb9c72b6f4bee8aecea96ab13b4cba2e80d
Reviewed-on: https://go-review.googlesource.com/c/go/+/195738
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
This commit is contained in:
Tobias Klauser 2019-09-17 09:05:02 +02:00 committed by Tobias Klauser
parent 85fc765341
commit d3595f7171

View File

@ -42,6 +42,18 @@ func skipInContainer(t *testing.T) {
}
}
func skipNoUserNamespaces(t *testing.T) {
if _, err := os.Stat("/proc/self/ns/user"); err != nil {
if os.IsNotExist(err) {
t.Skip("kernel doesn't support user namespaces")
}
if os.IsPermission(err) {
t.Skip("unable to test user namespaces due to permissions")
}
t.Fatalf("Failed to stat /proc/self/ns/user: %v", err)
}
}
func skipUnprivilegedUserClone(t *testing.T) {
// Skip the test if the sysctl that prevents unprivileged user
// from creating user namespaces is enabled.
@ -64,15 +76,7 @@ func isChrooted(t *testing.T) bool {
func checkUserNS(t *testing.T) {
skipInContainer(t)
if _, err := os.Stat("/proc/self/ns/user"); err != nil {
if os.IsNotExist(err) {
t.Skip("kernel doesn't support user namespaces")
}
if os.IsPermission(err) {
t.Skip("unable to test user namespaces due to permissions")
}
t.Fatalf("Failed to stat /proc/self/ns/user: %v", err)
}
skipNoUserNamespaces(t)
if isChrooted(t) {
// create_user_ns in the kernel (see
// https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/kernel/user_namespace.c)
@ -573,6 +577,7 @@ func TestAmbientCaps(t *testing.T) {
}
func TestAmbientCapsUserns(t *testing.T) {
skipNoUserNamespaces(t)
testAmbientCaps(t, true)
}