UnprivilegedPrivsepFixture: Clear capabilities config
When a context's 'capabilities' property was a non-empty list, Daemon.run() would try to manipulate Linux capabilities, and fail if the original user didn't already have (at least) these capabilities. This is appropriate for the regular use case, but the intention of UnprivilegedPrivsepFixture is that it would be a no-op that works for zero-privilege test environments. This change clears the capabilities list (setting/expecting zero privileges) in UnprivilegedPrivsepFixture, as was originally intended. Change-Id: I8a0d8275877a1f9e139127049b7e234003f901ea
This commit is contained in:
parent
a6e554bd49
commit
539ff4e4e0
|
@ -33,6 +33,8 @@ class UnprivilegedPrivsepFixture(fixtures.Fixture):
|
|||
super(UnprivilegedPrivsepFixture, self).setUp()
|
||||
|
||||
self.conf = self.useFixture(cfg_fixture.Config()).conf
|
||||
self.conf.set_override('capabilities', [],
|
||||
group=self.context.cfg_section)
|
||||
for k in ('user', 'group'):
|
||||
self.conf.set_override(
|
||||
k, None, group=self.context.cfg_section)
|
||||
|
|
Loading…
Reference in New Issue