Comment 3 for bug 1856083
Revision history for this message
| Lucas Kanashiro (lucaskanashiro) wrote | #3 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0f7b58d
(Get the code!)
I've been investigating the TestDevicesSetAllow failure and here are my findings so far:
* Here is the TestDevicesSetAllow function: https:/
* When it tries the read the file "devices.allow" in cgroups path (in a temp dir) it doesn't exist and the error is raised: https:/
* Calling the Set function with a given configuration should create this file since the config has a list with allowed devices and it doesn't allow all devices: https:/
* Right in the beginning of the Set function it checks if it is running in a user namespace, if that is true it returns nil and the given configuration is not written in any config file, and this is the case here: https:/
So this is the reason of the failure, it is running in a user namespace and the test doesn't expect that. The other test failure (TestDevicesSet
I also checked the RunningInUserNS function which determines if it is running in an user namespace: https:/
* It calls the function CurrentProcessU
* I checked the content of /proc/self/uid_map in a focal and eoan amd64 containers and both contain the same value: 0 1000000 1000000000
* Since CurrentProcessU
* The condition in UIDMapInUserNS is not satisfied and then it returns true: https:/
Due to this the Set function mentioned before returns nil before doing any change in the configuration and the test fails.
P.S.: All the links I added is pointing to master but the parts of the code I mentioned here haven't changed so far (compared to the version we have in the archive - 1.0.0~rc8+