[Piuparts-devel] [Git][debian/piuparts][helmutg/feature-nonroot] 3 commits: Add autopkgtest for unshared piuparts
Nicolas Dandrimont (@olasd)
gitlab at salsa.debian.org
Thu Nov 14 10:01:00 GMT 2024
Nicolas Dandrimont pushed to branch helmutg/feature-nonroot at Debian / piuparts
Commits:
bd35c1ca by Nicolas Dandrimont at 2024-11-14T10:48:36+01:00
Add autopkgtest for unshared piuparts
- - - - -
451b6cc2 by Helmut Grohne at 2024-11-14T10:48:36+01:00
attempt to fix unshared piuparts on gitlab runners
We get "Permission denied" while debootstrap tries to mount its proc
filesystem. I guess that we somehow fail the mnt_already_visible test in
fs/namespace.c. If that holds true, mounting an initial proc should
help.
- - - - -
2e8af6a8 by Nicolas Dandrimont at 2024-11-14T10:48:36+01:00
skip unshare autopkgtest if --mount-proc is unavailable
The salsaci runners are running on docker, which shadows enough parts of
/proc that unshare is unable to remount it in the new namespace. Skip
the test if that's the case.
- - - - -
3 changed files:
- debian/tests/control
- + debian/tests/unshare
- piuparts.py
Changes:
=====================================
debian/tests/control
=====================================
@@ -5,3 +5,7 @@ Restrictions: needs-root
Tests: all-python-versions
Depends: piuparts, python3-all, debootstrap
Restrictions: needs-root
+
+Tests: unshare
+Depends: piuparts, uidmap, debootstrap
+Restrictions: needs-root, skippable
=====================================
debian/tests/unshare
=====================================
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -eu
+
+if [ -z "$AUTOPKGTEST_NORMAL_USER" ]; then
+ echo "No normal user available, test cannot be run"
+ exit 77
+fi
+
+AUTOPKGTEST_NORMAL_UID="$(id -u "$AUTOPKGTEST_NORMAL_USER")"
+AUTOPKGTEST_NORMAL_GID="$(id -g "$AUTOPKGTEST_NORMAL_USER")"
+
+if ! grep -qx "$AUTOPKGTEST_NORMAL_UID:.*" /etc/subuid; then
+ echo "Adding a subuid allocation for $AUTOPKGTEST_NORMAL_USER"
+ echo "$AUTOPKGTEST_NORMAL_UID:1000000:65536" >> /etc/subuid
+fi
+
+if ! grep -qx "$AUTOPKGTEST_NORMAL_GID:.*" /etc/subgid; then
+ echo "Adding a subgid allocation for $AUTOPKGTEST_NORMAL_USER's group"
+ echo "$AUTOPKGTEST_NORMAL_GID:1000000:65536" >> /etc/subgid
+fi
+
+if ! unshare --user --map-auto --setuid 0 --setgid 0 --mount --pid --fork --mount-proc true; then
+ echo "Unshare failed, bailing"
+ exit 77
+fi
+
+. "$(dirname "$0")/common.sh"
+
+echo running "$0"
+
+test_this piuparts --version
+
+cd "$AUTOPKGTEST_TMP"
+
+create_packages
+
+chown "$AUTOPKGTEST_NORMAL_USER:" t.deb f.deb
+
+test_this runuser -u "$AUTOPKGTEST_NORMAL_USER" -- piuparts t.deb
=====================================
piuparts.py
=====================================
@@ -3651,6 +3651,7 @@ def main():
"--mount",
"--pid",
"--fork",
+ "--mount-proc",
*sys.argv,
],
)
View it on GitLab: https://salsa.debian.org/debian/piuparts/-/compare/07602b82fda617980051e9ca89c7bfc88bd963d7...2e8af6a885c43f71fb11a3fd182608e750588f3f
--
View it on GitLab: https://salsa.debian.org/debian/piuparts/-/compare/07602b82fda617980051e9ca89c7bfc88bd963d7...2e8af6a885c43f71fb11a3fd182608e750588f3f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/piuparts-devel/attachments/20241114/f8c7e3cf/attachment-0001.htm>
More information about the Piuparts-devel
mailing list