• Kirill Smelkov's avatar
    trun: Deactivate most capabilities before spawning user test · a9af3a8a
    Kirill Smelkov authored
    In the previous patch we asked unshare to keep capabilities so that FUSE
    mounting works from under regular user. However full set of capabilities
    is too much, and in particular if cap_dac_override is present(*), it means
    that writes to files that have read-only permission, is not rejected by
    -> Adjust trun to retain only those capabilities that we actually need
       = CAP_SYS_ADMIN to mount things.
    This should fix the following Go build failure:
        --- FAIL: TestReadOnlyWriteFile (0.00s)
            ioutil_test.go:90: Expected an error when writing to read-only file /tmp/TestReadOnlyWriteFile3940340549/blurp.txt
        FAIL	io/ioutil	0.053s
    P.S. And if we would unshare to root instead (unshare -Umr) it should be
    still a good idea to drop extra capabilities, as we still want to reject
    writes to read-only files.
    (*) see https://man7.org/linux/man-pages/man7/capabilities.7.html
    /helped-and-reviewed-by @jerome
    /reviewed-on !13
setup.py 954 Bytes