summaryrefslogtreecommitdiffhomepage
path: root/runsc/container
diff options
context:
space:
mode:
authorFabricio Voznika <fvoznika@google.com>2018-05-21 17:47:13 -0700
committerShentubot <shentubot@google.com>2018-05-21 17:48:04 -0700
commited2b86a54942dfd245e9f872e6da52d9bde0da6d (patch)
treecf7bd285e655222b0b0ee9fa7b9f94d595e71f12 /runsc/container
parent61b0b19497e9ac417de5a600e6ff06d52db4268f (diff)
Fix test failure when user can't mount temp dir
PiperOrigin-RevId: 197491098 Change-Id: Ifb75bd4e4f41b84256b6d7afc4b157f6ce3839f3
Diffstat (limited to 'runsc/container')
-rw-r--r--runsc/container/container_test.go11
1 files changed, 11 insertions, 0 deletions
diff --git a/runsc/container/container_test.go b/runsc/container/container_test.go
index e4467ccba..e1674d631 100644
--- a/runsc/container/container_test.go
+++ b/runsc/container/container_test.go
@@ -434,6 +434,17 @@ func TestCapabilities(t *testing.T) {
Type: "bind",
})
+ // Capability below is needed to mount TempDir above in case the user doesn't
+ // have access to all parents that lead to TempDir.
+ caps := []string{"CAP_DAC_OVERRIDE"}
+ spec.Process.Capabilities = &specs.LinuxCapabilities{
+ Bounding: caps,
+ Effective: caps,
+ Inheritable: caps,
+ Permitted: caps,
+ Ambient: caps,
+ }
+
rootDir, bundleDir, conf, err := setupContainer(spec)
if err != nil {
t.Fatalf("error setting up container: %v", err)