summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--runsc/container/container_test.go11
1 files changed, 11 insertions, 0 deletions
diff --git a/runsc/container/container_test.go b/runsc/container/container_test.go
index e4467ccba..e1674d631 100644
--- a/runsc/container/container_test.go
+++ b/runsc/container/container_test.go
@@ -434,6 +434,17 @@ func TestCapabilities(t *testing.T) {
Type: "bind",
})
+ // Capability below is needed to mount TempDir above in case the user doesn't
+ // have access to all parents that lead to TempDir.
+ caps := []string{"CAP_DAC_OVERRIDE"}
+ spec.Process.Capabilities = &specs.LinuxCapabilities{
+ Bounding: caps,
+ Effective: caps,
+ Inheritable: caps,
+ Permitted: caps,
+ Ambient: caps,
+ }
+
rootDir, bundleDir, conf, err := setupContainer(spec)
if err != nil {
t.Fatalf("error setting up container: %v", err)