diff options
Diffstat (limited to 'runsc/test/testutil')
| -rw-r--r-- | runsc/test/testutil/BUILD | 1 | ||||
| -rw-r--r-- | runsc/test/testutil/testutil.go | 26 |
2 files changed, 9 insertions, 18 deletions
diff --git a/runsc/test/testutil/BUILD b/runsc/test/testutil/BUILD index ca91e07ff..03ab3c4ac 100644 --- a/runsc/test/testutil/BUILD +++ b/runsc/test/testutil/BUILD @@ -18,6 +18,5 @@ go_library( "//runsc/specutils", "@com_github_cenkalti_backoff//:go_default_library", "@com_github_opencontainers_runtime-spec//specs-go:go_default_library", - "@com_github_syndtr_gocapability//capability:go_default_library", ], ) diff --git a/runsc/test/testutil/testutil.go b/runsc/test/testutil/testutil.go index 77bd56912..4f012a8ea 100644 --- a/runsc/test/testutil/testutil.go +++ b/runsc/test/testutil/testutil.go @@ -32,7 +32,6 @@ import ( "github.com/cenkalti/backoff" specs "github.com/opencontainers/runtime-spec/specs-go" - "github.com/syndtr/gocapability/capability" "gvisor.googlesource.com/gvisor/runsc/boot" "gvisor.googlesource.com/gvisor/runsc/specutils" ) @@ -104,14 +103,14 @@ func FindFile(path string) (string, error) { // TestConfig return the default configuration to use in tests. func TestConfig() *boot.Config { return &boot.Config{ - Debug: true, - LogFormat: "text", - LogPackets: true, - Network: boot.NetworkNone, - Strace: true, - MultiContainer: true, - FileAccess: boot.FileAccessProxyExclusive, - TestOnlyAllowRunAsCurrentUser: true, + Debug: true, + LogFormat: "text", + LogPackets: true, + Network: boot.NetworkNone, + Strace: true, + MultiContainer: true, + FileAccess: boot.FileAccessProxyExclusive, + TestOnlyAllowRunAsCurrentUserWithoutChroot: true, } } @@ -238,14 +237,7 @@ func WaitForHTTP(port int, timeout time.Duration) error { // RunAsRoot ensures the test runs with CAP_SYS_ADMIN. If need it will create // a new user namespace and reexecute the test as root inside of the namespace. func RunAsRoot(m *testing.M) { - caps, err := capability.NewPid2(os.Getpid()) - if err != nil { - panic(err.Error()) - } - if err := caps.Load(); err != nil { - panic(err.Error()) - } - if caps.Get(capability.EFFECTIVE, capability.CAP_SYS_ADMIN) { + if specutils.HasCapSysAdmin() { // Capability: check! Good to run. os.Exit(m.Run()) } |