1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-05 23:51:28 +03:00
systemd/test/test-execute
Frantisek Sumsal e9cdcbed77 test: ignore IAB capabilities in test-execute
libcap v2.33 introduces a new capability set called IAB[0] which is shown
in the output of `capsh --print` and interferes with the test checks. Let's
drop the IAB set from the output, for now, to mitigate this.

This could be (and probably should be) replaced in the future by the
newly introduced testing options[1][2] in libcap v2.32, namely:
    --has-p=xxx
    --has-i=xxx
    --has-a=xxx

but this needs to wait until the respective libcap version gets a wider
adoption. Until then, let's stick with the relatively ugly sed.

Fixes: #15046

[0] https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=943b011b5e53624eb9cab4e96c1985326e077cdd
[1] https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=588d0439cb6495b03f0ab9f213f0b6b339e7d4b7
[2] https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=e7709bbc1c4712f2ddfc6e6f42892928a8a03782
2020-03-09 18:22:16 +01:00
..
exec-ambientcapabilities-merge-nfsnobody.service
exec-ambientcapabilities-merge-nobody.service
exec-ambientcapabilities-merge.service
exec-ambientcapabilities-nfsnobody.service
exec-ambientcapabilities-nobody.service
exec-ambientcapabilities.service
exec-basic.service
exec-bindpaths.service
exec-capabilityboundingset-invert.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-capabilityboundingset-merge.service
exec-capabilityboundingset-reset.service
exec-capabilityboundingset-simple.service
exec-condition-failed.service
exec-condition-skip.service
exec-cpuaffinity1.service
exec-cpuaffinity2.service
exec-cpuaffinity3.service
exec-dynamicuser-fixeduser-adm.service
exec-dynamicuser-fixeduser-games.service
exec-dynamicuser-fixeduser-one-supplementarygroup.service
exec-dynamicuser-fixeduser.service
exec-dynamicuser-statedir-migrate-step1.service
exec-dynamicuser-statedir-migrate-step2.service
exec-dynamicuser-statedir.service
exec-dynamicuser-supplementarygroups.service
exec-environment-empty.service
exec-environment-multiple.service
exec-environment-no-substitute.service
exec-environment.service
exec-environmentfile.service
exec-group-nfsnobody.service
exec-group-nobody.service
exec-group-nogroup.service
exec-group.service
exec-ignoresigpipe-no.service
exec-ignoresigpipe-yes.service
exec-inaccessiblepaths-mount-propagation.service
exec-inaccessiblepaths-sys.service
exec-ioschedulingclass-best-effort.service
exec-ioschedulingclass-idle.service
exec-ioschedulingclass-none.service
exec-ioschedulingclass-realtime.service
exec-oomscoreadjust-negative.service
exec-oomscoreadjust-positive.service
exec-passenvironment-absent.service
exec-passenvironment-empty.service
exec-passenvironment-repeated.service
exec-passenvironment.service
exec-personality-aarch64.service
exec-personality-ppc64.service
exec-personality-ppc64le.service
exec-personality-s390.service
exec-personality-x86-64.service
exec-personality-x86.service
exec-privatedevices-disabled-by-prefix.service
exec-privatedevices-no-capability-mknod.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-privatedevices-no-capability-sys-rawio.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-privatedevices-no.service
exec-privatedevices-yes-capability-mknod.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-privatedevices-yes-capability-sys-rawio.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-privatedevices-yes-with-group.service
exec-privatedevices-yes.service
exec-privatenetwork-yes.service
exec-privatetmp-disabled-by-prefix.service
exec-privatetmp-no.service
exec-privatetmp-yes.service
exec-protecthome-tmpfs-vs-protectsystem-strict.service
exec-protectkernellogs-no-capabilities.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-protectkernellogs-yes-capabilities.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-protectkernelmodules-no-capabilities.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-protectkernelmodules-yes-capabilities.service test: ignore IAB capabilities in test-execute 2020-03-09 18:22:16 +01:00
exec-protectkernelmodules-yes-mount-propagation.service
exec-readonlypaths-mount-propagation.service
exec-readonlypaths-simple.service
exec-readonlypaths-with-bindpaths.service
exec-readonlypaths.service
exec-readwritepaths-mount-propagation.service
exec-restrictnamespaces-merge-all.service
exec-restrictnamespaces-merge-and.service
exec-restrictnamespaces-merge-or.service
exec-restrictnamespaces-mnt-blacklist.service
exec-restrictnamespaces-mnt.service
exec-restrictnamespaces-no.service
exec-restrictnamespaces-yes.service
exec-runtimedirectory-mode.service
exec-runtimedirectory-owner-nfsnobody.service
exec-runtimedirectory-owner-nobody.service
exec-runtimedirectory-owner-nogroup.service
exec-runtimedirectory-owner.service
exec-runtimedirectory.service
exec-specifier-interpolation.service
exec-specifier.service
exec-specifier@.service
exec-standardinput-data.service
exec-standardinput-file-cat.service
exec-standardinput-file.service
exec-standardoutput-append.service
exec-standardoutput-file.service
exec-supplementarygroups-multiple-groups-default-group-user.service
exec-supplementarygroups-multiple-groups-withgid.service
exec-supplementarygroups-multiple-groups-withuid.service
exec-supplementarygroups-single-group-user.service
exec-supplementarygroups-single-group.service
exec-supplementarygroups.service
exec-systemcallerrornumber-name.service
exec-systemcallerrornumber-number.service
exec-systemcallfilter-failing2.service
exec-systemcallfilter-failing.service
exec-systemcallfilter-not-failing2.service
exec-systemcallfilter-not-failing.service
exec-systemcallfilter-system-user-nfsnobody.service
exec-systemcallfilter-system-user-nobody.service
exec-systemcallfilter-system-user.service
exec-systemcallfilter-with-errno-multi.service
exec-systemcallfilter-with-errno-name.service
exec-systemcallfilter-with-errno-number.service
exec-temporaryfilesystem-options.service
exec-temporaryfilesystem-ro.service
exec-temporaryfilesystem-rw.service
exec-temporaryfilesystem-usr.service
exec-umask-0177.service
exec-umask-default.service
exec-unsetenvironment.service
exec-user-nfsnobody.service
exec-user-nobody.service
exec-user.service
exec-workingdirectory-trailing-dot.service
exec-workingdirectory.service