[Pkg-utopia-maintainers] Bug#908092: dbus: skip autopkgtest ulimit test when in a container

Simon McVittie smcv at debian.org
Fri Sep 7 20:46:23 BST 2018


On Wed, 05 Sep 2018 at 22:02:01 -0700, Steve Langasek wrote:
> This is because armhf is the single architecture on which Ubuntu runs its
> autopkgtests in containers rather than in VMs, and these are unprivileged
> containers, which means "root" processes don't actually have the
> capabilities necessary to re-raise limits after they've been lowered.

I'm not sure whether such a container should be considered to satisfy the
needs-root restriction. How much root does/should needs-root guarantee?

Perhaps there should be separate restrictions for "needs fully privileged
root" and "needs unprivileged-container root"? (But I'm not sure which
one needs-root should be.)

> I've uploaded the attached patch to Ubuntu in order to have passing tests
> again on armhf.  I'm not sure if you would consider it sufficiently correct
> for Debian, since this means we're also skipping this test on privileged
> containers, but I guess it should be a starting point for discussion.

Can we probe for the required capability, perhaps with

    capsh | grep '^Current:.*\<cap_sys_resource\>'

or something?

Thanks,
    smcv



More information about the Pkg-utopia-maintainers mailing list