diff options
Diffstat (limited to 'tests/supplementary-groups.sh')
| -rw-r--r-- | tests/supplementary-groups.sh | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/tests/supplementary-groups.sh b/tests/supplementary-groups.sh new file mode 100644 index 000000000..fd3da2945 --- /dev/null +++ b/tests/supplementary-groups.sh @@ -0,0 +1,33 @@ +source common.sh + +requireSandboxSupport +[[ $busybox =~ busybox ]] || skipTest "no busybox" +if ! command -p -v unshare; then skipTest "Need unshare"; fi +needLocalStore "The test uses --store always so we would just be bypassing the daemon" + +unshare --mount --map-root-user bash <<EOF + source common.sh + + setLocalStore () { + export NIX_REMOTE=\$TEST_ROOT/\$1 + mkdir -p \$NIX_REMOTE + } + + cmd=(nix-build ./hermetic.nix --arg busybox "$busybox" --arg seed 1) + + # Fails with default setting + # TODO better error + setLocalStore store1 + expectStderr 1 "\${cmd[@]}" | grepQuiet "unable to start build process" + + # Fails with `drop-supplementary-groups` + # TODO better error + setLocalStore store2 + NIX_CONFIG='drop-supplementary-groups = true' \ + expectStderr 1 "\${cmd[@]}" | grepQuiet "unable to start build process" + + # Works without `drop-supplementary-groups` + setLocalStore store3 + NIX_CONFIG='drop-supplementary-groups = false' \ + "\${cmd[@]}" +EOF |