Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Skip tests on systems with restricted usernamespaces #12051

Merged
merged 1 commit into from
Dec 16, 2024
Merged

Skip tests on systems with restricted usernamespaces #12051

merged 1 commit into from
Dec 16, 2024

Conversation

Mic92
Copy link
Member

@Mic92 Mic92 commented Dec 14, 2024
edited
Loading

Depends on #12050

This makes ci pass: https://github.com/NixOS/nix/actions/runs/12329995455/job/34414955507?pr=12051
even on systems that have restricted usernamespaces: 6642863

@github-actions github-actions bot added the with-tests Issues related to testing. PRs with tests have some priority label Dec 14, 2024
@mergify Mergify
Copy link
Contributor

mergify bot commented Dec 14, 2024

⚠️ The sha of the head commit of this PR conflicts with #12050. Mergify cannot evaluate rules on this PR. ⚠️

@Mic92 Mic92 force-pushed the ci-follow-up branch 4 times, most recently from 7613dd4 to 6642863 Compare December 14, 2024 12:50
@Mic92 Mic92 marked this pull request as ready for review December 14, 2024 13:47
@Mic92 Mic92 requested a review from edolstra as a code owner December 14, 2024 13:47
@Mic92 Mic92 force-pushed the ci-follow-up branch 2 times, most recently from 00e32c1 to 3b69081 Compare December 14, 2024 15:11
@dpulls dpulls
Copy link

dpulls bot commented Dec 14, 2024

🎉 All dependencies have been resolved !

roberth
roberth approved these changes Dec 15, 2024
View reviewed changes
tests/functional/common/functions.sh Outdated Show resolved Hide resolved
@Mic92 @roberth
functional-tests: skip tests if the kernel restricts unprivileged use…
da7f7ba 
…r namespaces

Update tests/functional/common/functions.sh

Co-authored-by: Robert Hensing <[email protected]>
edolstra
edolstra previously requested changes Dec 16, 2024
View reviewed changes
tests/functional/common/functions.sh
@@ -345,4 +345,15 @@ count() {

trap onError ERR

requiresUnprivilegedUserNamespaces() {
if [[ -f /proc/sys/kernel/apparmor_restrict_unprivileged_userns ]] && [[ $(< /proc/sys/kernel/apparmor_restrict_unprivileged_userns) -eq 1 ]]; then
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test should also be added to userNamespacesSupported() in src/libutil/linux/namespaces.cc. In fact, if we check for it in Nix itself, then maybe the tests will succeed even if unprivileged user namespaces are restricted.

@edolstra edolstra dismissed their stale review December 16, 2024 14:19

postponed

@edolstra edolstra merged commit bdf579d into NixOS:master Dec 16, 2024
12 checks passed
@nixos-discourse
Copy link

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/2024-12-16-nix-team-meeting-minutes-203/57483/1

@Mic92 Mic92 deleted the ci-follow-up branch December 16, 2024 16:05
@Mic92 Mic92 mentioned this pull request Dec 25, 2024
Merged
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@roberth roberth roberth approved these changes

@edolstra edolstra edolstra left review comments

Assignees
No one assigned
Labels
with-tests Issues related to testing. PRs with tests have some priority
Projects
Nix team
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Mic92 @nixos-discourse @roberth @edolstra