diff options
Diffstat (limited to 'tests/root-without-cap-sys-admin')
| -rw-r--r-- | tests/root-without-cap-sys-admin | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/tests/root-without-cap-sys-admin b/tests/root-without-cap-sys-admin new file mode 100644 index 0000000..419f7b3 --- /dev/null +++ b/tests/root-without-cap-sys-admin @@ -0,0 +1,17 @@ +#!/bin/sh +set -eu +export LC_ALL=C.UTF-8 +[ "$(whoami)" = "root" ] + +if grep --null-data --quiet --no-messages '^container=lxc$' /proc/1/environ; then + # see https://stackoverflow.com/questions/65748254/ + echo "cannot run under lxc -- Skipping test..." >&2 + exit 0 +fi + +capsh --drop=cap_sys_admin -- -c 'exec "$@"' exec \ + {{ CMD }} --mode=root --variant=apt \ + --customize-hook='chroot "$1" sh -c "test ! -e /proc/self/fd"' \ + {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }} +tar -tf /tmp/debian-chroot.tar | sort | diff -u tar1.txt - +rm /tmp/debian-chroot.tar |