From: Nick Rosbrook <enr0n@ubuntu.com>
Date: Thu, 20 Jun 2024 15:27:03 +0000 (-0400)
Subject: test: skip test-cgroup-id on ENOSYS from cg_cgroupid_open
X-Git-Tag: v256.2~76
X-Git-Url: http://git-history.diyao.me/?a=commitdiff_plain;h=778034f42e1e615e35e0c8e121f63ecb64d63d01;p=systemd%2F.git

test: skip test-cgroup-id on ENOSYS from cg_cgroupid_open

Most container managers will block open_by_handle_at with seccomp to
mitigate a container escape attack. LXD in particular returns ENOSYS
rather than e.g. EPERM like nspawn. Skip this test if we get ENOSYS
from open_by_handle_at via cg_cgroupid_open.

(cherry picked from commit 82f57401d933596746c32a955773bc70be53b0ac)
---

diff --git a/src/test/test-cgroup.c b/src/test/test-cgroup.c
index 8bd4af94e4..040e9e9c12 100644
--- a/src/test/test-cgroup.c
+++ b/src/test/test-cgroup.c
@@ -159,6 +159,8 @@ TEST(id) {
 
         if (ERRNO_IS_NEG_PRIVILEGE(fd2))
                 log_notice("Skipping open-by-cgroup-id test because lacking privs.");
+        else if (ERRNO_IS_NEG_NOT_SUPPORTED(fd2))
+                log_notice("Skipping open-by-cgroup-id test because syscall is missing or blocked.");
         else {
                 assert_se(fd2 >= 0);