shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-05 06:52:22 +03:00
Code
5e37d1930b
systemd/test/test-execute
History
Frantisek Sumsal e9cdcbed77 test: ignore IAB capabilities in test-execute 
libcap v2.33 introduces a new capability set called IAB[0] which is shown
in the output of `capsh --print` and interferes with the test checks. Let's
drop the IAB set from the output, for now, to mitigate this.

This could be (and probably should be) replaced in the future by the
newly introduced testing options[1][2] in libcap v2.32, namely:
    --has-p=xxx
    --has-i=xxx
    --has-a=xxx

but this needs to wait until the respective libcap version gets a wider
adoption. Until then, let's stick with the relatively ugly sed.

Fixes: #15046

[0] https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=943b011b5e53624eb9cab4e96c1985326e077cdd
[1] https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=588d0439cb6495b03f0ab9f213f0b6b339e7d4b7
[2] https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=e7709bbc1c4712f2ddfc6e6f42892928a8a03782
2020-03-09 18:22:16 +01:00
..
exec-ambientcapabilities-merge-nfsnobody.service
exec-ambientcapabilities-merge-nobody.service
exec-ambientcapabilities-merge.service
exec-ambientcapabilities-nfsnobody.service
exec-ambientcapabilities-nobody.service
exec-ambientcapabilities.service
exec-basic.service execute: Make '+' exec prefix ignore PrivateTmp=yes 2020-02-29 19:32:01 +09:00
exec-bindpaths.service
exec-capabilityboundingset-invert.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-capabilityboundingset-merge.service
exec-capabilityboundingset-reset.service
exec-capabilityboundingset-simple.service
exec-condition-failed.service core: ExecCondition= for services 2019-07-17 11:35:02 +02:00
exec-condition-skip.service core: ExecCondition= for services 2019-07-17 11:35:02 +02:00
exec-cpuaffinity1.service
exec-cpuaffinity2.service
exec-cpuaffinity3.service
exec-dynamicuser-fixeduser-adm.service test: add tests for DynamicUser= with static User= whose UID and GID are different 2018-07-26 16:32:10 +09:00
exec-dynamicuser-fixeduser-games.service test: add tests for DynamicUser= with static User= whose UID and GID are different 2018-07-26 16:32:10 +09:00
exec-dynamicuser-fixeduser-one-supplementarygroup.service test: fix tests for supplementary groups 2018-10-02 09:48:53 +02:00
exec-dynamicuser-fixeduser.service test: fix tests for supplementary groups 2018-10-02 09:48:53 +02:00
exec-dynamicuser-statedir-migrate-step1.service test-execute: add tests for $RUNTIME_DIRECTORY= or friends 2018-09-13 17:02:58 +09:00
exec-dynamicuser-statedir-migrate-step2.service test-execute: add tests for $RUNTIME_DIRECTORY= or friends 2018-09-13 17:02:58 +09:00
exec-dynamicuser-statedir.service test-execute: Filter /dev/.lxc in exec-dynamicuser-statedir.service 2019-10-04 11:56:29 +02:00
exec-dynamicuser-supplementarygroups.service tests: fix fallthrough condition for supplementary groups 2018-10-11 22:24:03 +02:00
exec-environment-empty.service
exec-environment-multiple.service
exec-environment-no-substitute.service core: add ':' prefix to ExecXYZ= skip env var substitution 2019-02-20 17:58:14 +01:00
exec-environment.service
exec-environmentfile.service
exec-group-nfsnobody.service
exec-group-nobody.service
exec-group-nogroup.service
exec-group.service
exec-ignoresigpipe-no.service
exec-ignoresigpipe-yes.service
exec-inaccessiblepaths-mount-propagation.service
exec-inaccessiblepaths-sys.service test-execute: block /sys not /proc 2019-03-15 15:46:41 +01:00
exec-ioschedulingclass-best-effort.service
exec-ioschedulingclass-idle.service
exec-ioschedulingclass-none.service
exec-ioschedulingclass-realtime.service
exec-oomscoreadjust-negative.service
exec-oomscoreadjust-positive.service
exec-passenvironment-absent.service
exec-passenvironment-empty.service
exec-passenvironment-repeated.service
exec-passenvironment.service
exec-personality-aarch64.service
exec-personality-ppc64.service
exec-personality-ppc64le.service
exec-personality-s390.service
exec-personality-x86-64.service
exec-personality-x86.service test: Pass personality test even when i686 userland runs on x86_64 kernel 2019-10-10 00:52:16 +01:00
exec-privatedevices-disabled-by-prefix.service
exec-privatedevices-no-capability-mknod.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-privatedevices-no-capability-sys-rawio.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-privatedevices-no.service
exec-privatedevices-yes-capability-mknod.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-privatedevices-yes-capability-sys-rawio.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-privatedevices-yes-with-group.service test: add test case for PrivateDevices=y and Group=daemon 2019-12-18 11:09:30 -08:00
exec-privatedevices-yes.service
exec-privatenetwork-yes.service test-network: ignore tunnel devices automatically added by kernel 2019-02-06 22:04:32 +09:00
exec-privatetmp-disabled-by-prefix.service execute: Make '+' exec prefix ignore PrivateTmp=yes 2020-02-29 19:32:01 +09:00
exec-privatetmp-no.service
exec-privatetmp-yes.service
exec-protecthome-tmpfs-vs-protectsystem-strict.service test: add a testcase for ProtectHome=tmpfs vs ProtectSystem=strict 2019-03-13 11:53:59 +09:00
exec-protectkernellogs-no-capabilities.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-protectkernellogs-yes-capabilities.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-protectkernelmodules-no-capabilities.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-protectkernelmodules-yes-capabilities.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-protectkernelmodules-yes-mount-propagation.service
exec-readonlypaths-mount-propagation.service
exec-readonlypaths-simple.service
exec-readonlypaths-with-bindpaths.service core: be more lenient when checking whether sandboxing is necessary 2019-11-20 12:30:04 +01:00
exec-readonlypaths.service namespace: don't try to remount superblocks 2018-08-30 11:17:16 +01:00
exec-readwritepaths-mount-propagation.service
exec-restrictnamespaces-merge-all.service
exec-restrictnamespaces-merge-and.service
exec-restrictnamespaces-merge-or.service
exec-restrictnamespaces-mnt-blacklist.service
exec-restrictnamespaces-mnt.service
exec-restrictnamespaces-no.service
exec-restrictnamespaces-yes.service
exec-runtimedirectory-mode.service test-execute: add tests for $RUNTIME_DIRECTORY= or friends 2018-09-13 17:02:58 +09:00
exec-runtimedirectory-owner-nfsnobody.service
exec-runtimedirectory-owner-nobody.service
exec-runtimedirectory-owner-nogroup.service
exec-runtimedirectory-owner.service
exec-runtimedirectory.service test-execute: add tests for $RUNTIME_DIRECTORY= or friends 2018-09-13 17:02:58 +09:00
exec-specifier-interpolation.service
exec-specifier.service shared: add %g, %G specifiers for group / gid (#10368) 2018-10-13 17:26:48 +09:00
exec-specifier@.service shared: add %g, %G specifiers for group / gid (#10368) 2018-10-13 17:26:48 +09:00
exec-standardinput-data.service
exec-standardinput-file-cat.service test: add test for https://github.com/systemd/systemd/issues/14560 2020-01-20 17:19:51 +01:00
exec-standardinput-file.service
exec-standardoutput-append.service
exec-standardoutput-file.service
exec-supplementarygroups-multiple-groups-default-group-user.service shared: add %g, %G specifiers for group / gid (#10368) 2018-10-13 17:26:48 +09:00
exec-supplementarygroups-multiple-groups-withgid.service shared: add %g, %G specifiers for group / gid (#10368) 2018-10-13 17:26:48 +09:00
exec-supplementarygroups-multiple-groups-withuid.service tests: fix fallthrough condition for supplementary groups 2018-10-11 22:24:03 +02:00
exec-supplementarygroups-single-group-user.service tests: fix fallthrough condition for supplementary groups 2018-10-11 22:24:03 +02:00
exec-supplementarygroups-single-group.service test: fix tests for supplementary groups 2018-10-02 09:48:53 +02:00
exec-supplementarygroups.service shared: add %g, %G specifiers for group / gid (#10368) 2018-10-13 17:26:48 +09:00
exec-systemcallerrornumber-name.service
exec-systemcallerrornumber-number.service
exec-systemcallfilter-failing2.service test-execute: turn off coredump generation in test services 2019-05-24 10:48:28 +02:00
exec-systemcallfilter-failing.service test-execute: turn off coredump generation in test services 2019-05-24 10:48:28 +02:00
exec-systemcallfilter-not-failing2.service
exec-systemcallfilter-not-failing.service
exec-systemcallfilter-system-user-nfsnobody.service
exec-systemcallfilter-system-user-nobody.service
exec-systemcallfilter-system-user.service
exec-systemcallfilter-with-errno-multi.service test-execute: add a test for systemcall filter (#10273) 2018-10-05 14:46:30 +09:00
exec-systemcallfilter-with-errno-name.service
exec-systemcallfilter-with-errno-number.service
exec-temporaryfilesystem-options.service namespace: don't try to remount superblocks 2018-08-30 11:17:16 +01:00
exec-temporaryfilesystem-ro.service namespace: fix mode for TemporaryFileSystem= 2018-09-01 17:22:14 +09:00
exec-temporaryfilesystem-rw.service namespace: fix mode for TemporaryFileSystem= 2018-09-01 17:22:14 +09:00
exec-temporaryfilesystem-usr.service
exec-umask-0177.service test-execute: also tests under the condition that unshare() is filtered 2018-10-03 08:33:23 +02:00
exec-umask-default.service test-execute: also tests under the condition that unshare() is filtered 2018-10-03 08:33:23 +02:00
exec-unsetenvironment.service
exec-user-nfsnobody.service
exec-user-nobody.service
exec-user.service
exec-workingdirectory-trailing-dot.service
exec-workingdirectory.service