From 807f6f8d8f98422cfcfe7e474e26a985d951af4d Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Fri, 31 Aug 2018 09:31:34 +0200 Subject: rootless: check uid with Geteuid() instead of Getuid() change the tests to use chroot to set a numeric UID/GID. Go syscall.Credential doesn't change the effective UID/GID of the process. Signed-off-by: Giuseppe Scrivano Closes: #1372 Approved by: mheon --- test/e2e/libpod_suite_test.go | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'test/e2e') diff --git a/test/e2e/libpod_suite_test.go b/test/e2e/libpod_suite_test.go index 8c9183450..dcc5fd913 100644 --- a/test/e2e/libpod_suite_test.go +++ b/test/e2e/libpod_suite_test.go @@ -10,7 +10,6 @@ import ( "os/exec" "path/filepath" "strings" - "syscall" "testing" "time" @@ -190,11 +189,13 @@ func (p *PodmanTest) PodmanAsUser(args []string, uid, gid uint32, env []string) } else { fmt.Printf("Running: (env: %v) %s %s\n", env, p.PodmanBinary, strings.Join(podmanOptions, " ")) } - command := exec.Command(p.PodmanBinary, podmanOptions...) + var command *exec.Cmd if uid != 0 || gid != 0 { - command.SysProcAttr = &syscall.SysProcAttr{} - command.SysProcAttr.Credential = &syscall.Credential{Uid: uid, Gid: gid} + nsEnterOpts := append([]string{"--userspec", fmt.Sprintf("%d:%d", uid, gid), "/", p.PodmanBinary}, podmanOptions...) + command = exec.Command("chroot", nsEnterOpts...) + } else { + command = exec.Command(p.PodmanBinary, podmanOptions...) } if env != nil { command.Env = env -- cgit v1.2.3-54-g00ecf