On Mon, 21 May 2018 00:29:55 +0100
Simon McVittie <s...@debian.org> wrote:
> However, it seems plausible that Docker wouldn't allow the fake schroot
> or the fake pbuilder to run either - I don't think Docker containers are
> allowed to exercise CAP_SYS_ADMIN, which is needed when playing with
> mount points. It might be necessary to skip that part. Unfortunately
> systemd-detect-virt --container doesn't seem to detect Docker as anything
> more specific than "container-other", so the test script might have to
> resort to looking for mentions of docker in /proc/self/mountinfo,
> or pessimistically assume that "container-other" has all possible
> container limitations.
Then, how about checking /proc/1/mountinfo with " /docker" and "cgroup"
like this?
diff --git a/debian/tests/debian-testing b/debian/tests/debian-testing
index 9b39896..52d4584 100755
--- a/debian/tests/debian-testing
+++ b/debian/tests/debian-testing
@@ -32,6 +32,16 @@ sub capture {
return $output;
}
+my $check_non_docker_env;
+if (run([qw(grep "\ \/docker.*cgroup" /proc/1/mountinfo)], '&>', '/dev/null'))
{
+ diag("it seems docker environment");
+ $check_non_docker_env = 0;
+}
+else {
+ diag("okay, it's not docker environment");
+ $check_non_docker_env = 1;
+}
+
my @maybe_unshare_mount_ns;
if (verbose_run(['unshare', '-m', 'true'])) {
@@ -255,8 +265,10 @@ if (!verbose_run(['debootstrap',
BAIL_OUT("debootstrap failed: $?");
}
-check_chroot(chroot => 'chroot.d', can_mknod_ptmx => $can_mknod_ptmx,
- kernel => $kernel, container => $container);
+if ($check_non_docker_env) {
+ check_chroot(chroot => 'chroot.d', can_mknod_ptmx => $can_mknod_ptmx,
+ kernel => $kernel, container => $container);
+}
if ($^O ne 'linux') {
diag("Cannot use systemd-nspawn on non-Linux");
