tests: more robust check for user namespaces availability (canUseSandbox)

Issue https://github.com/NixOS/nix/issues/2165

2 files changed, 4 insertions, 6 deletions

diff --git a/release-common.nix b/release-common.nix
index d7fb8125f..fbdb8aca1 100644
--- a/release-common.nix
+++ b/release-common.nix
@@ -57,7 +57,7 @@ rec {
       git
       mercurial
     ]
-    ++ lib.optional stdenv.isLinux libseccomp
+    ++ lib.optional stdenv.isLinux [libseccomp pkgs.utillinux]
     ++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium
     ++ lib.optional (stdenv.isLinux || stdenv.isDarwin)
       (aws-sdk-cpp.override {
diff --git a/tests/common.sh.in b/tests/common.sh.in
index 195205988..fddd25b36 100644
--- a/tests/common.sh.in
+++ b/tests/common.sh.in
@@ -94,11 +94,9 @@ canUseSandbox() {
         return 1
     fi
 
-    if [ -e /proc/sys/kernel/unprivileged_userns_clone ]; then
-        if [ "$(cat /proc/sys/kernel/unprivileged_userns_clone)" != 1 ]; then
-            echo "Unprivileged user namespaces disabled by sysctl, skipping this test..."
-            return 1
-        fi
+    if ! unshare --user true ; then
+        echo "Unprivileged user namespaces disabled by sysctl, skipping this test..."
+        return 1
     fi
 
     return 0