diff options
-rw-r--r-- | src/test/test-execute.c | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/src/test/test-execute.c b/src/test/test-execute.c index bc9a2021f..971176d65 100644 --- a/src/test/test-execute.c +++ b/src/test/test-execute.c @@ -158,6 +158,8 @@ static void test_exec_privatedevices(Manager *m) { } static void test_exec_privatedevices_capabilities(Manager *m) { + int r; + if (detect_container() > 0) { log_notice("testing in container, skipping private device tests"); return; @@ -167,6 +169,14 @@ static void test_exec_privatedevices_capabilities(Manager *m) { return; } + /* We use capsh to test if the capabilities are + * properly set, so be sure that it exists */ + r = find_binary("capsh", NULL); + if (r < 0) { + log_error_errno(r, "Skipping %s, could not find capsh binary: %m", __func__); + return; + } + test(m, "exec-privatedevices-yes-capability-mknod.service", 0, CLD_EXITED); test(m, "exec-privatedevices-no-capability-mknod.service", 0, CLD_EXITED); test(m, "exec-privatedevices-yes-capability-sys-rawio.service", 0, CLD_EXITED); @@ -174,6 +184,8 @@ static void test_exec_privatedevices_capabilities(Manager *m) { } static void test_exec_protectkernelmodules(Manager *m) { + int r; + if (detect_container() > 0) { log_notice("testing in container, skipping protectkernelmodules tests"); return; @@ -183,6 +195,13 @@ static void test_exec_protectkernelmodules(Manager *m) { return; } + r = find_binary("capsh", NULL); + if (r < 0) { + log_error_errno(r, "Skipping %s, could not find capsh binary: %m", __func__); + return; + } + + test(m, "exec-protectkernelmodules-no-capabilities.service", 0, CLD_EXITED); test(m, "exec-protectkernelmodules-yes-capabilities.service", 0, CLD_EXITED); test(m, "exec-protectkernelmodules-yes-mount-propagation.service", 0, CLD_EXITED); @@ -359,11 +378,9 @@ static void test_exec_runtimedirectory(Manager *m) { static void test_exec_capabilityboundingset(Manager *m) { int r; - /* We use capsh to test if the capabilities are - * properly set, so be sure that it exists */ r = find_binary("capsh", NULL); if (r < 0) { - log_error_errno(r, "Skipping test_exec_capabilityboundingset, could not find capsh binary: %m"); + log_error_errno(r, "Skipping %s, could not find capsh binary: %m", __func__); return; } |