[Pkg-utopia-maintainers] Bug#908092: dbus: skip autopkgtest ulimit test when in a container
Simon McVittie
smcv at debian.org
Fri Sep 7 20:46:23 BST 2018
On Wed, 05 Sep 2018 at 22:02:01 -0700, Steve Langasek wrote:
> This is because armhf is the single architecture on which Ubuntu runs its
> autopkgtests in containers rather than in VMs, and these are unprivileged
> containers, which means "root" processes don't actually have the
> capabilities necessary to re-raise limits after they've been lowered.
I'm not sure whether such a container should be considered to satisfy the
needs-root restriction. How much root does/should needs-root guarantee?
Perhaps there should be separate restrictions for "needs fully privileged
root" and "needs unprivileged-container root"? (But I'm not sure which
one needs-root should be.)
> I've uploaded the attached patch to Ubuntu in order to have passing tests
> again on armhf. I'm not sure if you would consider it sufficiently correct
> for Debian, since this means we're also skipping this test on privileged
> containers, but I guess it should be a starting point for discussion.
Can we probe for the required capability, perhaps with
capsh | grep '^Current:.*\<cap_sys_resource\>'
or something?
Thanks,
smcv
More information about the Pkg-utopia-maintainers
mailing list