blob: 55c96bc2e1f714044ca3c58725be419c5ce6055c (
plain)
1
2
3
4
5
6
7
8
|
{ runCommand, libcap }:
runCommand "cant-get-capabilities" { nativeBuildInputs = [ libcap.out ]; } ''
if [ "$(/run/wrappers/bin/ohno 2>&1)" != "failed to inherit capabilities: Operation not permitted" ]; then
echo "Oh no! We gained capabilities!"
exit 1
fi
touch $out
''
|
