tests: containers: Skip if setgroups file does not exist. Fixes bug #21226. Linux 3.19 introduced a fix for a security vulnerability in user namespaces. This fix introduced a new proc file called 'setgroups' and was backported to many older kernels. However, some users run a kernel that is new enough to support user namespaces yet old enough to not include the patch, so we must skip the tests. * tests/containers.scm: Skip all tests if /proc/self/setgroups does not exist.
1 files changed, 4 insertions(+), 2 deletions(-) M tests/containers.scm
M tests/containers.scm => tests/containers.scm +4 -2
@@ 26,8 26,10 @@ (define (assert-exit x) (primitive-exit (if x 0 1))) ;; Skip these tests unless user namespaces are available. (unless (file-exists? "/proc/self/ns/user") ;; Skip these tests unless user namespaces are available and the setgroups ;; file (introduced in Linux 3.19 to address a security issue) exists. (unless (and (file-exists? "/proc/self/ns/user") (file-exists? "/proc/self/setgroups")) (exit 77)) (test-begin "containers")