diff options
| author | Christian Kastner <ckk@kvr.at> | 2020-02-19 10:03:05 +0100 |
|---|---|---|
| committer | Christian Kastner <ckk@kvr.at> | 2020-02-19 10:07:10 +0100 |
| commit | 8b170a9a91ffaa0611f68b1fef64f881f2dadf8d (patch) | |
| tree | fff4195d8dfbfbd4cd995a44651e04f7bd5b82f5 | |
| parent | 8e27bbbde7876d84b5c169b9f05e8db14af63a45 (diff) | |
| download | bubblewrap-8b170a9a91ffaa0611f68b1fef64f881f2dadf8d.tar.gz | |
tests: Update output patterns for libcap >= 2.29
| -rwxr-xr-x | tests/test-run.sh | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/tests/test-run.sh b/tests/test-run.sh index a01f41c..702c480 100755 --- a/tests/test-run.sh +++ b/tests/test-run.sh @@ -215,11 +215,18 @@ else $RUN $OPT --cap-drop ALL --unshare-pid capsh --print >caps.test assert_file_has_content caps.test 'Current: =$' # Check for dropping kill/fowner (we assume all uid 0 callers have this) - $RUN $OPT --cap-drop CAP_KILL --cap-drop CAP_FOWNER --unshare-pid capsh --print >caps.test - assert_not_file_has_content caps.test '^Current: =.*cap_kill' - assert_not_file_has_content caps.test '^Current: =.*cap_fowner' # But we should still have net_bind_service for example - assert_file_has_content caps.test '^Current: =.*cap_net_bind_service' + $RUN $OPT --cap-drop CAP_KILL --cap-drop CAP_FOWNER --unshare-pid capsh --print >caps.test + # capsh's output format changed from v2.29 -> drops are now indicated with -eip + if grep 'Current: =.*+eip$' caps.test; then + assert_not_file_has_content caps.test '^Current: =.*cap_kill.*+eip$' + assert_not_file_has_content caps.test '^Current: =.*cap_fowner.*+eip$' + assert_file_has_content caps.test '^Current: =.*cap_net_bind_service.*+eip$' + else + assert_file_has_content caps.test '^Current: =eip.*cap_kill.*-eip$' + assert_file_has_content caps.test '^Current: =eip.*cap_fowner.*-eip$' + assert_not_file_has_content caps.test '^Current: =.*cap_net_bind_service.*-eip$' + fi echo "ok - we have the expected caps as uid 0" fi |