From 38ab252f98f222acb6545e60832a57c992a1a280 Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Tue, 21 Sep 2021 14:20:16 +0200 Subject: [PATCH] Enable all capabilities in ns fakeroot mode --- lib/core/namespace.sh | 2 +- tests/unit-tests/test-namespace.sh | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/lib/core/namespace.sh b/lib/core/namespace.sh index e9d3a53..f15bbb4 100644 --- a/lib/core/namespace.sh +++ b/lib/core/namespace.sh @@ -99,7 +99,7 @@ function run_env_as_bwrap_fakeroot(){ local args=() [[ "$1" != "" ]] && args=("-c" "$(insert_quotes_on_spaces "${@}")") - JUNEST_ENV=1 "$backend_command" $COMMON_BWRAP_OPTION --uid 0 --gid 0 $backend_args sudo "${DEFAULT_SH[@]}" "${args[@]}" + JUNEST_ENV=1 "$backend_command" $COMMON_BWRAP_OPTION --cap-add ALL --uid 0 --gid 0 $backend_args sudo "${DEFAULT_SH[@]}" "${args[@]}" } diff --git a/tests/unit-tests/test-namespace.sh b/tests/unit-tests/test-namespace.sh index d2cafd9..6b53e9c 100755 --- a/tests/unit-tests/test-namespace.sh +++ b/tests/unit-tests/test-namespace.sh @@ -104,14 +104,14 @@ function test_is_user_namespace_enabled_with_userns_clone_file_enabled(){ function test_run_env_as_bwrap_fakeroot() { assertCommandSuccess run_env_as_bwrap_fakeroot "" "" "false" - assertEquals "bwrap $COMMON_BWRAP_OPTION --uid 0 --gid 0 sudo /bin/sh --login" "$(cat $STDOUTF)" + assertEquals "bwrap $COMMON_BWRAP_OPTION --cap-add ALL --uid 0 --gid 0 sudo /bin/sh --login" "$(cat $STDOUTF)" _test_copy_common_files } function test_run_env_as_bwrap_fakeroot_with_backend_command() { assertCommandSuccess run_env_as_bwrap_fakeroot "mybwrap" "" "false" - assertEquals "mybwrap $COMMON_BWRAP_OPTION --uid 0 --gid 0 sudo /bin/sh --login" "$(cat $STDOUTF)" + assertEquals "mybwrap $COMMON_BWRAP_OPTION --cap-add ALL --uid 0 --gid 0 sudo /bin/sh --login" "$(cat $STDOUTF)" _test_copy_common_files } @@ -134,7 +134,7 @@ function test_run_env_as_bwrap_user_with_backend_command() { function test_run_env_as_bwrap_fakeroot_no_copy() { assertCommandSuccess run_env_as_bwrap_fakeroot "" "" "true" "" - assertEquals "bwrap $COMMON_BWRAP_OPTION --uid 0 --gid 0 sudo /bin/sh --login" "$(cat $STDOUTF)" + assertEquals "bwrap $COMMON_BWRAP_OPTION --cap-add ALL --uid 0 --gid 0 sudo /bin/sh --login" "$(cat $STDOUTF)" [[ ! -e ${JUNEST_HOME}/etc/hosts ]] assertEquals 0 $? @@ -186,7 +186,7 @@ function test_run_env_as_bwrap_user_no_copy() { function test_run_env_as_bwrap_fakeroot_with_backend_args() { assertCommandSuccess run_env_as_bwrap_fakeroot "" "--bind /usr /usr" "false" - assertEquals "bwrap $COMMON_BWRAP_OPTION --uid 0 --gid 0 --bind /usr /usr sudo /bin/sh --login" "$(cat $STDOUTF)" + assertEquals "bwrap $COMMON_BWRAP_OPTION --cap-add ALL --uid 0 --gid 0 --bind /usr /usr sudo /bin/sh --login" "$(cat $STDOUTF)" _test_copy_common_files } @@ -201,7 +201,7 @@ function test_run_env_as_bwrap_user_with_backend_args() { function test_run_env_as_bwrap_fakeroot_with_command() { assertCommandSuccess run_env_as_bwrap_fakeroot "" "" "false" "ls -la" - assertEquals "bwrap $COMMON_BWRAP_OPTION --uid 0 --gid 0 sudo /bin/sh --login -c \"ls -la\"" "$(cat $STDOUTF)" + assertEquals "bwrap $COMMON_BWRAP_OPTION --cap-add ALL --uid 0 --gid 0 sudo /bin/sh --login -c \"ls -la\"" "$(cat $STDOUTF)" _test_copy_common_files } @@ -216,7 +216,7 @@ function test_run_env_as_bwrap_user_with_command() { function test_run_env_as_bwrap_fakeroot_with_backend_args_and_command() { assertCommandSuccess run_env_as_bwrap_fakeroot "" "--bind /usr /usr" "false" "ls -la" - assertEquals "bwrap $COMMON_BWRAP_OPTION --uid 0 --gid 0 --bind /usr /usr sudo /bin/sh --login -c \"ls -la\"" "$(cat $STDOUTF)" + assertEquals "bwrap $COMMON_BWRAP_OPTION --cap-add ALL --uid 0 --gid 0 --bind /usr /usr sudo /bin/sh --login -c \"ls -la\"" "$(cat $STDOUTF)" _test_copy_common_files }