mirror of
https://github.com/opencontainers/runc.git
synced 2025-09-26 19:41:35 +08:00
36 lines
834 B
Bash
36 lines
834 B
Bash
#!/usr/bin/env bats
|
|
|
|
load helpers
|
|
|
|
function setup() {
|
|
if is_kernel_gte 5.6; then
|
|
skip "requires kernel < 5.6"
|
|
fi
|
|
|
|
requires arch_x86_64
|
|
|
|
setup_seccompagent
|
|
setup_busybox
|
|
}
|
|
|
|
function teardown() {
|
|
teardown_seccompagent
|
|
teardown_bundle
|
|
}
|
|
|
|
# Support for seccomp notify requires Linux > 5.6, check that on older kernels
|
|
# return an error.
|
|
@test "runc run [seccomp] (SCMP_ACT_NOTIFY old kernel)" {
|
|
# Use just any seccomp profile with a notify action.
|
|
update_config ' .linux.seccomp = {
|
|
"defaultAction": "SCMP_ACT_ALLOW",
|
|
"listenerPath": "'"$SECCCOMP_AGENT_SOCKET"'",
|
|
"architectures": [ "SCMP_ARCH_X86","SCMP_ARCH_X32", "SCMP_ARCH_X86_64" ],
|
|
"syscalls": [{ "names": [ "mkdir" ], "action": "SCMP_ACT_NOTIFY" }]
|
|
}'
|
|
|
|
runc run test_busybox
|
|
[ "$status" -ne 0 ]
|
|
[[ "$output" == *"seccomp notify unsupported:"* ]]
|
|
}
|