diff options
| author | Fabricio Voznika <fvoznika@google.com> | 2018-05-21 17:47:13 -0700 |
|---|---|---|
| committer | Shentubot <shentubot@google.com> | 2018-05-21 17:48:04 -0700 |
| commit | ed2b86a54942dfd245e9f872e6da52d9bde0da6d (patch) | |
| tree | cf7bd285e655222b0b0ee9fa7b9f94d595e71f12 /runsc | |
| parent | 61b0b19497e9ac417de5a600e6ff06d52db4268f (diff) | |
Fix test failure when user can't mount temp dir
PiperOrigin-RevId: 197491098
Change-Id: Ifb75bd4e4f41b84256b6d7afc4b157f6ce3839f3
Diffstat (limited to 'runsc')
| -rw-r--r-- | runsc/container/container_test.go | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/runsc/container/container_test.go b/runsc/container/container_test.go index e4467ccba..e1674d631 100644 --- a/runsc/container/container_test.go +++ b/runsc/container/container_test.go @@ -434,6 +434,17 @@ func TestCapabilities(t *testing.T) { Type: "bind", }) + // Capability below is needed to mount TempDir above in case the user doesn't + // have access to all parents that lead to TempDir. + caps := []string{"CAP_DAC_OVERRIDE"} + spec.Process.Capabilities = &specs.LinuxCapabilities{ + Bounding: caps, + Effective: caps, + Inheritable: caps, + Permitted: caps, + Ambient: caps, + } + rootDir, bundleDir, conf, err := setupContainer(spec) if err != nil { t.Fatalf("error setting up container: %v", err) |