Sandstorm tests fail on Debian/Ubuntu without kernel.unprivileged_userns_clone=1 #3477
Comments
|
Hm, normally this failing really isn't fatal, since if you're doing a system-wide install it starts up as root and can use the privileged sandbox, so under normal usage But, if you're running the tests then yeah, this is going to make stuff not work. Maybe we could add a flag for the install script to use 'test appropriate settings' rather than using the 'app developer defaults' for both. Also, I wonder if it might make some sense to provide a way to run the tests with sandstorm started as root anyway -- there are some code paths that only run if we start up as root, and so the current setup means we can't write automated tests for those. @kentonv, interested in your thoughts here too. |
|
Getting the tests to run with root privileges seems like it would lead to a lot of issues so I don't feel like that's really worth the effort. The sandbox code is very low-level and almost never changes, which makes it unlikely to break. I suppose the test script could contain some sort of check for Throwing something in the readme also seems like a fine answer. Note that I don't think we should change |
As documented on the mailing list, Sandstorm tests fail on Debian and Ubuntu without the sysctl
kernel.unprivileged_userns_clone=1. I suggest that the test running script document this failure and suggest a resolution. I'm happy to create the PR, but I'd like to know if we should changeinstall.shso that it suggests resolution instead of giving up silently or if we should add a test for this known failure intests/run-local.sh.The text was updated successfully, but these errors were encountered: