[Pkg-golang-commits] [golang] 01/01: Skip userns tests when chrooted (Closes: #807303)

Tianon Gravi tianon at debian.org
Wed Feb 3 05:58:47 UTC 2016 

This is an automated email from the git hooks/post-receive script.

tianon pushed a commit to branch debian-sid
in repository golang.

commit cc958b9eb93bb9134967d470c95c6f67c5bd2d47
Author: Tianon Gravi <tianon at debian.org>
Date:   Tue Feb 2 21:58:25 2016 -0800

    Skip userns tests when chrooted (Closes: #807303)
---
 debian/changelog                                   |  1 +
 debian/patches/series                              |  1 +
 .../patches/skip-userns-tests-when-chrooted.patch  | 37 ++++++++++++++++++++++
 3 files changed, 39 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 39da664..c1412e6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,7 @@ golang (2:1.5.3-2) UNRELEASED; urgency=medium
   [ Michael Hudson-Doyle ]
   * Respect "nocheck" in DEB_BUILD_OPTIONS while building to skip tests
     (Closes: #807290)
+  * Skip userns tests when chrooted (Closes: #807303)
 
  -- Tianon Gravi <tianon at debian.org>  Tue, 02 Feb 2016 21:54:29 -0800
 
diff --git a/debian/patches/series b/debian/patches/series
index e69de29..54ee857 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -0,0 +1 @@
+skip-userns-tests-when-chrooted.patch
diff --git a/debian/patches/skip-userns-tests-when-chrooted.patch b/debian/patches/skip-userns-tests-when-chrooted.patch
new file mode 100644
index 0000000..15bd724
--- /dev/null
+++ b/debian/patches/skip-userns-tests-when-chrooted.patch
@@ -0,0 +1,37 @@
+Description: skip tests that create a user namespace when chrooted
+Origin: https://go.googlesource.com/go/+/21efa7b2bc872958bcb252f5ab4dc52b2b0abeae
+Applied-Upstream: commit:21efa7b2bc872958bcb252f5ab4dc52b2b0abeae
+
+--- a/src/syscall/exec_linux_test.go
++++ b/src/syscall/exec_linux_test.go
+@@ -17,6 +17,17 @@
+ 	"testing"
+ )
+ 
++// Check if we are in a chroot by checking if the inode of / is
++// different from 2 (there is no better test available to non-root on
++// linux).
++func isChrooted(t *testing.T) bool {
++	root, err := os.Stat("/")
++	if err != nil {
++		t.Fatalf("cannot stat /: %v", err)
++	}
++	return root.Sys().(*syscall.Stat_t).Ino != 2
++}
++
+ func whoamiCmd(t *testing.T, uid, gid int, setgroups bool) *exec.Cmd {
+ 	if _, err := os.Stat("/proc/self/ns/user"); err != nil {
+ 		if os.IsNotExist(err) {
+@@ -24,6 +35,12 @@
+ 		}
+ 		t.Fatalf("Failed to stat /proc/self/ns/user: %v", err)
+ 	}
++	if isChrooted(t) {
++		// create_user_ns in the kernel (see
++		// https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/kernel/user_namespace.c)
++		// forbids the creation of user namespaces when chrooted.
++		t.Skip("cannot create user namespaces when chrooted")
++	}
+ 	cmd := exec.Command("whoami")
+ 	cmd.SysProcAttr = &syscall.SysProcAttr{
+ 		Cloneflags: syscall.CLONE_NEWUSER,

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-golang/golang.git

More information about the pkg-golang-commits mailing list