UnprivilegedPrivsepFixture: Clear capabilities config

When a context's 'capabilities' property was a non-empty list, Daemon.run() would try to manipulate Linux capabilities, and fail if the original user didn't already have (at least) these capabilities. This is appropriate for the regular use case, but the intention of UnprivilegedPrivsepFixture is that it would be a no-op that works for zero-privilege test environments. This change clears the capabilities list (setting/expecting zero privileges) in UnprivilegedPrivsepFixture, as was originally intended. Change-Id: I8a0d8275877a1f9e139127049b7e234003f901ea
2016-02-10 14:52:58 +11:00 · 2016-02-10 14:52:58 +11:00 · 539ff4e4e0
parent a6e554bd49
commit 539ff4e4e0
1 changed files with 2 additions and 0 deletions
--- a/oslo_privsep/tests/fixture.py
+++ b/oslo_privsep/tests/fixture.py
@ -33,6 +33,8 @@ class UnprivilegedPrivsepFixture(fixtures.Fixture):
        super(UnprivilegedPrivsepFixture, self).setUp()

        self.conf = self.useFixture(cfg_fixture.Config()).conf
+        self.conf.set_override('capabilities', [],
+                               group=self.context.cfg_section)
        for k in ('user', 'group'):
            self.conf.set_override(
                k, None, group=self.context.cfg_section)