Fixes bug #21226.
Linux 3.19 introduced a fix for a security vulnerability in user namespaces.
This fix introduced a new proc file called 'setgroups' and was backported to
many older kernels. However, some users run a kernel that is new enough to
support user namespaces yet old enough to not include the patch, so we must
skip the tests.
* tests/containers.scm: Skip all tests if /proc/self/setgroups does not exist.
(define (assert-exit x)
(primitive-exit (if x 0 1)))
-;; Skip these tests unless user namespaces are available.
-(unless (file-exists? "/proc/self/ns/user")
+;; Skip these tests unless user namespaces are available and the setgroups
+;; file (introduced in Linux 3.19 to address a security issue) exists.
+(unless (and (file-exists? "/proc/self/ns/user")
+ (file-exists? "/proc/self/setgroups"))
(exit 77))
(test-begin "containers")