From c75370cc18d92a9a2cc3eafeb3b46e1d23ea0ac4 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 2 Jun 2021 22:10:22 +0200 Subject: [PATCH] test: tweak privilege tests for two more tests These tests require properly privileged root users, hence skip things when we don't have CAP_SYS_ADMIN. Fixes: #19746 --- src/test/test-execute.c | 4 ++-- src/test/test-mount-util.c | 9 +++++---- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/src/test/test-execute.c b/src/test/test-execute.c index 239fcea5e3..125e0bbf4f 100644 --- a/src/test/test-execute.c +++ b/src/test/test-execute.c @@ -924,8 +924,8 @@ int main(int argc, char *argv[]) { can_unshare = have_namespaces(); /* It is needed otherwise cgroup creation fails */ - if (getuid() != 0) - return log_tests_skipped("not root"); + if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN) <= 0) + return log_tests_skipped("not privileged"); r = enter_cgroup_subroot(NULL); if (r == -ENOMEDIUM) diff --git a/src/test/test-mount-util.c b/src/test/test-mount-util.c index 2e9116d359..ab5184121c 100644 --- a/src/test/test-mount-util.c +++ b/src/test/test-mount-util.c @@ -4,6 +4,7 @@ #include #include "alloc-util.h" +#include "capability-util.h" #include "fd-util.h" #include "fileio.h" #include "mount-util.h" @@ -75,8 +76,8 @@ static void test_bind_remount_recursive(void) { _cleanup_free_ char *subdir = NULL; const char *p; - if (geteuid() != 0) { - (void) log_tests_skipped("not running as root"); + if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN) <= 0) { + (void) log_tests_skipped("not running privileged"); return; } @@ -128,8 +129,8 @@ static void test_bind_remount_recursive(void) { static void test_bind_remount_one(void) { pid_t pid; - if (geteuid() != 0) { - (void) log_tests_skipped("not running as root"); + if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN) <= 0) { + (void) log_tests_skipped("not running privileged"); return; } -- 2.25.1