mirror of
https://github.com/systemd/systemd
synced 2024-10-02 22:37:25 +00:00
test: skip test-cgroup-id on ENOSYS from cg_cgroupid_open
Most container managers will block open_by_handle_at with seccomp to mitigate a container escape attack. LXD in particular returns ENOSYS rather than e.g. EPERM like nspawn. Skip this test if we get ENOSYS from open_by_handle_at via cg_cgroupid_open.
This commit is contained in:
parent
2c1ada796a
commit
82f57401d9
|
@ -159,6 +159,8 @@ TEST(id) {
|
||||||
|
|
||||||
if (ERRNO_IS_NEG_PRIVILEGE(fd2))
|
if (ERRNO_IS_NEG_PRIVILEGE(fd2))
|
||||||
log_notice("Skipping open-by-cgroup-id test because lacking privs.");
|
log_notice("Skipping open-by-cgroup-id test because lacking privs.");
|
||||||
|
else if (ERRNO_IS_NEG_NOT_SUPPORTED(fd2))
|
||||||
|
log_notice("Skipping open-by-cgroup-id test because syscall is missing or blocked.");
|
||||||
else {
|
else {
|
||||||
assert_se(fd2 >= 0);
|
assert_se(fd2 >= 0);
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue