Comment 9 for bug 1974177

> 1) Following line in debian/tests/unshare will break Debian (since
> the script runs with "set -e"):
>
> [ "$distro" = ubuntu ] && umask 022
>
> Either use || or an if-clause. Besides that, you can just source
> /etc/os-release and then use the ID variable.

It only breaks Debian if the distro=$(...) line (22) isn't
incorporated (which, were this change to be upstreamed, it should be).
As to sourcing /etc/os-release, that's effectively what it's doing in
that line (admittedly via lsb_release, but that seems to me a
reasonably standard means of querying os-release).

> 2) Running the unshare autopkgtest with a kinetic schroot fails:
>
> autopkgtest [12:48:47]: test unshare: [-----------------------
> + [ -z x ]
> + grep -q ^1$ /proc/sys/kernel/unprivileged_userns_clone
> + dpkg --print-architecture
> [...]
> + mmdebstrap --mode=unshare --variant=apt kinetic /tmp/autopkgtest.4hxHnh/autopkgtest_tmp/chroot.tar
> W: unshare syscall failed: Operation not permitted
>
> Does it need more checks or does it need to declare to be better
> isolated?

Good point, it needs more isolation. Knowing that the unshare-wrapper
test involved isolation-machine I'd only tested under qemu.
Incidentally, that one winds up skipped on Ubuntu because
linux-image-amd64 is not installable (and skip-not-installable is
set), which is presumably why we added the (unwrapped) unshare test in
the first place. Still, that test works happily with a Debian qemu
setup.

I've subsequently tested with LXD as well, and that works with the
(unwrapped) unshare test, but requires a privileged container with
nesting to execute successfully:

$ autopkgtest-build-lxd images:ubuntu/kinetic/amd64
$ autopkgtest . -- lxd autopkgtest/ubuntu/kinetic/amd64 -c security.privileged=true -c security.nesting=true

So perhaps isolation-machine is more appropriate there anyway. I'll
amend d/t/control accordingly.