system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-07-22 18:55:10 +00:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

TEST-07-PID1: Test access to allocated loop instead of loop0

Browse source 
loop0 and 1 can be used by systemd-repart and vanish
but we can guarantee that $LODEV was allocated and is available.
This commit is contained in:
Richard Maw 2024-04-17 13:03:12 +01:00 committed by Daan De Meyer
parent 733d0594f0
commit c5073aa204
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
test/units/testsuite-07.exec-context.sh
View file

@ -158,13 +158,13 @@ if ! systemd-detect-virt -cq; then
-p DevicePolicy=closed
-p DevicePolicy=strict
-p DeviceAllow="char-mem rm" # Allow read & mknod for /dev/{null,zero,...}
-p DeviceAllow="/dev/loop0 rw"
-p DeviceAllow="/dev/loop0 w" # Allow write for /dev/loop0
-p DeviceAllow="$LODEV rw"
-p DeviceAllow="$LODEV w" # Allow write for the loop
# Everything else should be disallowed per the strict policy
)
systemd-run --wait --pipe --unit "$SERVICE_NAME" "${ARGUMENTS[@]}" \
bash -xec 'test -r /dev/null; test ! -w /dev/null; test ! -r /dev/loop0; test -w /dev/loop0; test ! -r /dev/tty; test ! -w /dev/tty'
bash -xec "test -r /dev/null; test ! -w /dev/null; test ! -r $LODEV; test -w $LODEV; test ! -r /dev/tty; test ! -w /dev/tty"
if ! systemctl --version | grep -qF -- "-BPF_FRAMEWORK"; then
# SocketBind*=