tests: more robust check for user namespaces availability (canUseSandbox)

Issue https://github.com/NixOS/nix/issues/2165
This commit is contained in:
Aleksandr Pashkov 2018-06-05 23:13:51 +03:00
parent 4ac4f675df
commit 5ee4472b8b
2 changed files with 4 additions and 6 deletions

View file

@ -57,7 +57,7 @@ rec {
git
mercurial
]
++ lib.optional stdenv.isLinux libseccomp
++ lib.optional stdenv.isLinux [libseccomp pkgs.utillinux]
++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium
++ lib.optional (stdenv.isLinux || stdenv.isDarwin)
(aws-sdk-cpp.override {

View file

@ -94,12 +94,10 @@ canUseSandbox() {
return 1
fi
if [ -e /proc/sys/kernel/unprivileged_userns_clone ]; then
if [ "$(cat /proc/sys/kernel/unprivileged_userns_clone)" != 1 ]; then
if ! unshare --user true ; then
echo "Unprivileged user namespaces disabled by sysctl, skipping this test..."
return 1
fi
fi
return 0
}