[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: privilege level of isolation-container



Paul Gevers <elbrus@debian.org> writes:

> On 08-11-2020 15:31, wferi@niif.hu wrote:
>
>> Turns out Ubuntu runs autopkgtests in unprivileged containers on armhf,
>> which breaks tests requiring unlimited mlock or large socket buffers
>> (needing SO_RCVBUFFORCE and similar).  These work fine in the Debian LXC
>> runners employed by current debci, by I wonder what's the correct way to
>> handle this situation.  Should I raise the test requirements of Corosync
>> (and everything above it) to isolation-machine?  It would be a pity to
>> lose the tests, since pre-setting net.core.[rw]mem_max = 8388608 would
>> be enough to get them run.  Adding privilege tests would also be
>> acceptable lacking any better option.  What's your advice?
>
> If you can check for the required privileges, I would add the skippable
> restriction, test for the required privileges, and if you don't have
> them, exit 77.

Hi Paul,

Thanks, that would be rather repetitive, but certainly doable.  I've
just realized that in these cases Corosync startup has already failed
during installation (which is ignored by debhelper under systemd), so
the check is already done and could be grepped from the journal.  Can I
depend on a fixed locale in the autopkgtest environment?
-- 
Best,
Feri


Reply to: