diff options
author | Brian Silverman <bsilver16384@gmail.com> | 2016-08-18 14:01:45 +0000 |
---|---|---|
committer | Philipp Wollermann <philwo@google.com> | 2016-08-18 17:25:25 +0000 |
commit | 774553eea688338caae754c49fbfc66d9a3475b7 (patch) | |
tree | b1c111f8928e6871aaf88c614da8c9a2c9151a65 /src/test | |
parent | feb5d0862e31bd3d998ed4f429d4711403ae3fcf (diff) |
Add a test for sandboxing when nobody's UID is different
Please don't merge before I8b8c3596fd2a4c125071406eefd407ca402099dd. The
test will fail then.
I've seen two issues with this functionality breaking: #481 and #1637.
Seems like it's time to add a test which catches the issue on the
Debian/Ubuntu machines people commonly test on. The test fails on my
Debian system before I8b8c3596fd2a4c125071406eefd407ca402099dd, and
passes with that change applied.
--
Change-Id: Ib785c874cdb9192920f9935b696bfd6c9c0e5f4f
Reviewed-on: https://bazel-review.git.corp.google.com/#/c/5451/
MOS_MIGRATED_REVID=130635565
Diffstat (limited to 'src/test')
-rwxr-xr-x | src/test/shell/bazel/bazel_sandboxing_test.sh | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/test/shell/bazel/bazel_sandboxing_test.sh b/src/test/shell/bazel/bazel_sandboxing_test.sh index 9e6bc857d8..5238c09f77 100755 --- a/src/test/shell/bazel/bazel_sandboxing_test.sh +++ b/src/test/shell/bazel/bazel_sandboxing_test.sh @@ -434,6 +434,19 @@ EOF expect_log "Sandboxed execution failed, which may be legitimate" } +function test_sandbox_different_nobody_uid() { + cat /etc/passwd | sed 's/\(^nobody:[^:]*:\)[0-9]*:[0-9]*/\15000:16000/g' > \ + "${TEST_TMPDIR}/passwd" + unshare --user --mount --map-root-user -- bash - \ + << EOF || fail "Hermetic genrule with different UID for nobody failed" \ +set -e +set -u + +mount --bind ${TEST_TMPDIR}/passwd /etc/passwd +bazel build examples/genrule:works &> ${TEST_log} +EOF +} + # The test shouldn't fail if the environment doesn't support running it. check_supported_platform || exit 0 check_sandbox_allowed || exit 0 |