aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/test/test-execute.c23
1 files changed, 20 insertions, 3 deletions
diff --git a/src/test/test-execute.c b/src/test/test-execute.c
index bc9a2021f..971176d65 100644
--- a/src/test/test-execute.c
+++ b/src/test/test-execute.c
@@ -158,6 +158,8 @@ static void test_exec_privatedevices(Manager *m) {
}
static void test_exec_privatedevices_capabilities(Manager *m) {
+ int r;
+
if (detect_container() > 0) {
log_notice("testing in container, skipping private device tests");
return;
@@ -167,6 +169,14 @@ static void test_exec_privatedevices_capabilities(Manager *m) {
return;
}
+ /* We use capsh to test if the capabilities are
+ * properly set, so be sure that it exists */
+ r = find_binary("capsh", NULL);
+ if (r < 0) {
+ log_error_errno(r, "Skipping %s, could not find capsh binary: %m", __func__);
+ return;
+ }
+
test(m, "exec-privatedevices-yes-capability-mknod.service", 0, CLD_EXITED);
test(m, "exec-privatedevices-no-capability-mknod.service", 0, CLD_EXITED);
test(m, "exec-privatedevices-yes-capability-sys-rawio.service", 0, CLD_EXITED);
@@ -174,6 +184,8 @@ static void test_exec_privatedevices_capabilities(Manager *m) {
}
static void test_exec_protectkernelmodules(Manager *m) {
+ int r;
+
if (detect_container() > 0) {
log_notice("testing in container, skipping protectkernelmodules tests");
return;
@@ -183,6 +195,13 @@ static void test_exec_protectkernelmodules(Manager *m) {
return;
}
+ r = find_binary("capsh", NULL);
+ if (r < 0) {
+ log_error_errno(r, "Skipping %s, could not find capsh binary: %m", __func__);
+ return;
+ }
+
+
test(m, "exec-protectkernelmodules-no-capabilities.service", 0, CLD_EXITED);
test(m, "exec-protectkernelmodules-yes-capabilities.service", 0, CLD_EXITED);
test(m, "exec-protectkernelmodules-yes-mount-propagation.service", 0, CLD_EXITED);
@@ -359,11 +378,9 @@ static void test_exec_runtimedirectory(Manager *m) {
static void test_exec_capabilityboundingset(Manager *m) {
int r;
- /* We use capsh to test if the capabilities are
- * properly set, so be sure that it exists */
r = find_binary("capsh", NULL);
if (r < 0) {
- log_error_errno(r, "Skipping test_exec_capabilityboundingset, could not find capsh binary: %m");
+ log_error_errno(r, "Skipping %s, could not find capsh binary: %m", __func__);
return;
}