diff options
| author | Pietro Albini <pietro.albini@ferrous-systems.com> | 2021-08-12 11:28:06 +0200 |
|---|---|---|
| committer | Pietro Albini <pietro.albini@ferrous-systems.com> | 2021-08-12 14:40:09 +0200 |
| commit | 7a7d2d1779d47cba5686136047e591346ca9f097 (patch) | |
| tree | 76782fe0fb1d16d43431ea5ee87a6be6c0363080 | |
| parent | 4e900176b6c402035a6e52da03d453c848f0b336 (diff) | |
| download | rust-7a7d2d1779d47cba5686136047e591346ca9f097.tar.gz rust-7a7d2d1779d47cba5686136047e591346ca9f097.zip | |
fix command-create-pidfd test inside unprivileged docker containers
| -rw-r--r-- | src/test/ui/command/command-create-pidfd.rs | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/src/test/ui/command/command-create-pidfd.rs b/src/test/ui/command/command-create-pidfd.rs index 93321ac536a..4df443c66d6 100644 --- a/src/test/ui/command/command-create-pidfd.rs +++ b/src/test/ui/command/command-create-pidfd.rs @@ -15,7 +15,18 @@ fn has_clone3() -> bool { let err = (res == -1) .then(|| Error::last_os_error()) .expect("probe syscall should not succeed"); - err.raw_os_error() != Some(libc::ENOSYS) + + // If the `clone3` syscall is not implemented in the current kernel version it should return an + // `ENOSYS` error. Docker also blocks the whole syscall inside unprivileged containers, and + // returns `EPERM` (instead of `ENOSYS`) when a program tries to invoke the syscall. Because of + // that we need to check for *both* `ENOSYS` and `EPERM`. + // + // Note that Docker's behavior is breaking other projects (notably glibc), so they're planning + // to update their filtering to return `ENOSYS` in a future release: + // + // https://github.com/moby/moby/issues/42680 + // + err.raw_os_error() != Some(libc::ENOSYS) && err.raw_os_error() != Some(libc::EPERM) } fn main() { |