summaryrefslogtreecommitdiffstats
path: root/src/shared/tests.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/shared/tests.c')
-rw-r--r--src/shared/tests.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/src/shared/tests.c b/src/shared/tests.c
index 9169513..a919212 100644
--- a/src/shared/tests.c
+++ b/src/shared/tests.c
@@ -29,6 +29,7 @@
#include "strv.h"
#include "tests.h"
#include "tmpfile-util.h"
+#include "uid-range.h"
char* setup_fake_runtime_dir(void) {
char t[] = "/tmp/fake-xdg-runtime-XXXXXX", *p;
@@ -166,6 +167,24 @@ bool have_namespaces(void) {
assert_not_reached();
}
+bool userns_has_single_user(void) {
+ _cleanup_(uid_range_freep) UIDRange *uidrange = NULL, *gidrange = NULL;
+
+ /* Check if we're in a user namespace with only a single user mapped in. We special case this
+ * scenario in a few tests because it's the only kind of namespace that can be created unprivileged
+ * and as such happens more often than not, so we make sure to deal with it so that all tests pass
+ * in such environments. */
+
+ if (uid_range_load_userns(NULL, UID_RANGE_USERNS_INSIDE, &uidrange) < 0)
+ return false;
+
+ if (uid_range_load_userns(NULL, GID_RANGE_USERNS_INSIDE, &gidrange) < 0)
+ return false;
+
+ return uidrange->n_entries == 1 && uidrange->entries[0].nr == 1 &&
+ gidrange->n_entries == 1 && gidrange->entries[0].nr == 1;
+}
+
bool can_memlock(void) {
/* Let's see if we can mlock() a larger blob of memory. BPF programs are charged against
* RLIMIT_MEMLOCK, hence let's first make sure we can lock memory at all, and skip the test if we
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 10:39:00 +0000