tests: more robust check for user namespaces availability (canUseSandbox)

Issue https://github.com/NixOS/nix/issues/2165
This commit is contained in:
Aleksandr Pashkov 2018-06-05 23:13:51 +03:00
parent 4ac4f675df
commit 5ee4472b8b
2 changed files with 4 additions and 6 deletions

View file

@ -57,7 +57,7 @@ rec {
git git
mercurial mercurial
] ]
++ lib.optional stdenv.isLinux libseccomp ++ lib.optional stdenv.isLinux [libseccomp pkgs.utillinux]
++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium ++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium
++ lib.optional (stdenv.isLinux || stdenv.isDarwin) ++ lib.optional (stdenv.isLinux || stdenv.isDarwin)
(aws-sdk-cpp.override { (aws-sdk-cpp.override {

View file

@ -94,12 +94,10 @@ canUseSandbox() {
return 1 return 1
fi fi
if [ -e /proc/sys/kernel/unprivileged_userns_clone ]; then if ! unshare --user true ; then
if [ "$(cat /proc/sys/kernel/unprivileged_userns_clone)" != 1 ]; then
echo "Unprivileged user namespaces disabled by sysctl, skipping this test..." echo "Unprivileged user namespaces disabled by sysctl, skipping this test..."
return 1 return 1
fi fi
fi
return 0 return 0
} }