diff options
author | Djalal Harouni <tixxdz@opendz.org> | 2016-09-25 13:04:30 +0200 |
---|---|---|
committer | Djalal Harouni <tixxdz@opendz.org> | 2016-09-25 13:04:30 +0200 |
commit | 615a1f4b26f3c7d10ad9ea638341a6920a6bc435 (patch) | |
tree | bd2c0eb3df604f41e21a9c06aedcf8a0168dc95a /src | |
parent | 8f81a5f61bcf745bae3acad599d7a9da686643e3 (diff) |
test: add CAP_MKNOD tests for PrivateDevices=
Diffstat (limited to 'src')
-rw-r--r-- | src/test/test-execute.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/test/test-execute.c b/src/test/test-execute.c index 25489cefbc..2bc1854485 100644 --- a/src/test/test-execute.c +++ b/src/test/test-execute.c @@ -133,6 +133,15 @@ static void test_exec_privatedevices(Manager *m) { test(m, "exec-privatedevices-no.service", 0, CLD_EXITED); } +static void test_exec_privatedevices_capabilities(Manager *m) { + if (detect_container() > 0) { + log_notice("testing in container, skipping private device tests"); + return; + } + test(m, "exec-privatedevices-yes-capability-mknod.service", 0, CLD_EXITED); + test(m, "exec-privatedevices-no-capability-mknod.service", 0, CLD_EXITED); +} + static void test_exec_systemcallfilter(Manager *m) { #ifdef HAVE_SECCOMP if (!is_seccomp_available()) @@ -345,6 +354,7 @@ int main(int argc, char *argv[]) { test_exec_ignoresigpipe, test_exec_privatetmp, test_exec_privatedevices, + test_exec_privatedevices_capabilities, test_exec_privatenetwork, test_exec_systemcallfilter, test_exec_systemcallerrornumber, |