mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-12-27 05:43:50 +03:00
nixos/tests/chromium: Check new userns sandbox.
Since Chromium version 42, we have a new user namespaces sandbox in the
upstream project. It's more integrated so the chrome://sandbox page
reports it as "Namespace Sandbox" instead of SUID sandbox, which we were
re-using (or abusing?) in our patch.
So if either "SUID Sandbox" or "Namespace Sandbox" reports with "Yes",
it's fine on our side.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
(cherry picked from commit 9de4caddc1
)
This commit is contained in:
parent
ba0f957d7b
commit
8a13fb2482
@ -154,7 +154,7 @@ import ./make-test.nix (
|
||||
|
||||
my $clipboard = $machine->succeed("${pkgs.xclip}/bin/xclip -o");
|
||||
die "sandbox not working properly: $clipboard"
|
||||
unless $clipboard =~ /suid sandbox.*yes/mi
|
||||
unless $clipboard =~ /(?:suid|namespace) sandbox.*yes/mi
|
||||
&& $clipboard =~ /pid namespaces.*yes/mi
|
||||
&& $clipboard =~ /network namespaces.*yes/mi
|
||||
&& $clipboard =~ /seccomp.*sandbox.*yes/mi;
|
||||
|
Loading…
Reference in New Issue
Block a user