diff options
| author | Ludovic Courtès <[email protected]> | 2025-01-22 23:48:14 +0100 |
|---|---|---|
| committer | Ludovic Courtès <[email protected]> | 2025-03-26 17:57:44 +0100 |
| commit | 2f65438eba584c5c0181af917445bb6025d3d0c8 (patch) | |
| tree | fa48bad3063e290a20634cdb0bfa5f218ec2408c /tests/processes.scm | |
| parent | f854095b6ffb6ed86c8a66126825b7d41b5ccf96 (diff) | |
tests: Run in a chroot and unprivileged user namespaces.
* build-aux/test-env.in: Pass ‘--disable-chroot’ only when unprivileged
user namespace support is lacking and warn in that case.
* tests/store.scm ("build-things, check mode"): Use ‘gettimeofday’
rather than a shared file as a source of entropy.
("symlink is symlink")
("isolated environment", "inputs are read-only")
("inputs cannot be remounted read-write")
("build root cannot be made world-readable")
("/tmp, store, and /dev/{null,full} are writable")
("network is unreachable"): New tests.
* tests/processes.scm ("client + lock"): Skip when
‘unprivileged-user-namespace-supported?’ returns true.
Change-Id: I3b3c3ebdf6db5fd36ee70251d07b893c17ca1b84
Diffstat (limited to 'tests/processes.scm')
| -rw-r--r-- | tests/processes.scm | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/tests/processes.scm b/tests/processes.scm index ba518f2d9e..a72ba16f58 100644 --- a/tests/processes.scm +++ b/tests/processes.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2018 Ludovic Courtès <[email protected]> +;;; Copyright © 2018, 2025 Ludovic Courtès <[email protected]> ;;; Copyright © 2019 Mathieu Othacehe <[email protected]> ;;; ;;; This file is part of GNU Guix. @@ -25,6 +25,8 @@ #:use-module (guix gexp) #:use-module ((guix utils) #:select (call-with-temporary-directory)) #:use-module (gnu packages bootstrap) + #:use-module ((gnu build linux-container) + #:select (unprivileged-user-namespace-supported?)) #:use-module (guix tests) #:use-module (srfi srfi-1) #:use-module (srfi srfi-64) @@ -84,6 +86,11 @@ (and (kill (process-id daemon) 0) (string-suffix? "guix-daemon" (first (process-command daemon))))))) +(when (unprivileged-user-namespace-supported?) + ;; The test below assumes the build process can communicate with the outside + ;; world via the TOKEN1 and TOKEN2 files, which is impossible when + ;; guix-daemon is set up to build in separate namespaces. + (test-skip 1)) (test-assert* "client + lock" (with-store store (call-with-temporary-directory |