summaryrefslogtreecommitdiff
path: root/test/test-execute
diff options
context:
space:
mode:
authorDjalal Harouni <tixxdz@opendz.org>2016-09-25 13:04:30 +0200
committerDjalal Harouni <tixxdz@opendz.org>2016-09-25 13:04:30 +0200
commit615a1f4b26f3c7d10ad9ea638341a6920a6bc435 (patch)
treebd2c0eb3df604f41e21a9c06aedcf8a0168dc95a /test/test-execute
parent8f81a5f61bcf745bae3acad599d7a9da686643e3 (diff)
test: add CAP_MKNOD tests for PrivateDevices=
Diffstat (limited to 'test/test-execute')
-rw-r--r--test/test-execute/exec-privatedevices-no-capability-mknod.service7
-rw-r--r--test/test-execute/exec-privatedevices-yes-capability-mknod.service7
2 files changed, 14 insertions, 0 deletions
diff --git a/test/test-execute/exec-privatedevices-no-capability-mknod.service b/test/test-execute/exec-privatedevices-no-capability-mknod.service
new file mode 100644
index 0000000000..6d39469da8
--- /dev/null
+++ b/test/test-execute/exec-privatedevices-no-capability-mknod.service
@@ -0,0 +1,7 @@
+[Unit]
+Description=Test CAP_MKNOD capability for PrivateDevices=no
+
+[Service]
+PrivateDevices=no
+ExecStart=/bin/sh -x -c 'capsh --print | grep cap_mknod'
+Type=oneshot
diff --git a/test/test-execute/exec-privatedevices-yes-capability-mknod.service b/test/test-execute/exec-privatedevices-yes-capability-mknod.service
new file mode 100644
index 0000000000..fb1fc2875a
--- /dev/null
+++ b/test/test-execute/exec-privatedevices-yes-capability-mknod.service
@@ -0,0 +1,7 @@
+[Unit]
+Description=Test CAP_MKNOD capability for PrivateDevices=yes
+
+[Service]
+PrivateDevices=yes
+ExecStart=/bin/sh -x -c '! capsh --print | grep cap_mknod'
+Type=oneshot