diff options
| author | Andrei Vagin <avagin@google.com> | 2019-01-18 16:07:28 -0800 |
|---|---|---|
| committer | Shentubot <shentubot@google.com> | 2019-01-18 16:08:39 -0800 |
| commit | c0a981629cf44688687548490c5e665d851afe06 (patch) | |
| tree | f9813b9ff4d0429d8b10d80c52081988d5124e0a /runsc/container | |
| parent | c063a1350f4ac6249fb26e6125c9cc99db14263b (diff) | |
Start a sandbox process in a new userns only if CAP_SETUID is set
In addition, it fixes a race condition in TestMultiContainerGoferStop.
There are two scripts copy the same set of files into the same directory
and sometime one of this command fails with EXIST.
PiperOrigin-RevId: 230011247
Change-Id: I9289f72e65dc407cdcd0e6cd632a509e01f43e9c
Diffstat (limited to 'runsc/container')
| -rw-r--r-- | runsc/container/multi_container_test.go | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/runsc/container/multi_container_test.go b/runsc/container/multi_container_test.go index 8490999ea..8922e6dbe 100644 --- a/runsc/container/multi_container_test.go +++ b/runsc/container/multi_container_test.go @@ -739,11 +739,6 @@ func TestMultiContainerGoferStop(t *testing.T) { t.Fatal("error finding test_app:", err) } - dir, err := ioutil.TempDir(testutil.TmpDir(), "gofer-stop-test") - if err != nil { - t.Fatal("ioutil.TempDir failed:", err) - } - // Setup containers. Root container just reaps children, while the others // perform some IOs. Children are executed in 3 batches of 10. Within the // batch there is overlap between containers starting and being destroyed. In @@ -751,6 +746,12 @@ func TestMultiContainerGoferStop(t *testing.T) { cmds := [][]string{{app, "reaper"}} const batchSize = 10 for i := 0; i < 3*batchSize; i++ { + dir, err := ioutil.TempDir(testutil.TmpDir(), "gofer-stop-test") + if err != nil { + t.Fatal("ioutil.TempDir failed:", err) + } + defer os.RemoveAll(dir) + cmd := "find /bin -type f | head | xargs -I SRC cp SRC " + dir cmds = append(cmds, []string{"sh", "-c", cmd}) } |