From 97e60383c0648e961c317188003130639c1de8d6 Mon Sep 17 00:00:00 2001
From: Djalal Harouni <tixxdz@opendz.org>
Date: Tue, 15 Nov 2016 15:50:19 +0100
Subject: test: add tests for RestrictNamespaces=

---
 src/test/test-execute.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'src/test/test-execute.c')

diff --git a/src/test/test-execute.c b/src/test/test-execute.c
index 6029853e3e..b2ea358b8c 100644
--- a/src/test/test-execute.c
+++ b/src/test/test-execute.c
@@ -219,6 +219,18 @@ static void test_exec_systemcallerrornumber(Manager *m) {
 #endif
 }
 
+static void test_exec_restrict_namespaces(Manager *m) {
+#ifdef HAVE_SECCOMP
+        if (!is_seccomp_available())
+                return;
+
+        test(m, "exec-restrict-namespaces-no.service", 0, CLD_EXITED);
+        test(m, "exec-restrict-namespaces-yes.service", 1, CLD_EXITED);
+        test(m, "exec-restrict-namespaces-mnt.service", 0, CLD_EXITED);
+        test(m, "exec-restrict-namespaces-mnt-blacklist.service", 1, CLD_EXITED);
+#endif
+}
+
 static void test_exec_systemcall_system_mode_with_user(Manager *m) {
 #ifdef HAVE_SECCOMP
         if (!is_seccomp_available())
@@ -435,6 +447,7 @@ int main(int argc, char *argv[]) {
                 test_exec_privatenetwork,
                 test_exec_systemcallfilter,
                 test_exec_systemcallerrornumber,
+                test_exec_restrict_namespaces,
                 test_exec_user,
                 test_exec_group,
                 test_exec_supplementary_groups,
-- 
cgit v1.2.3-54-g00ecf