I have been trying to figure out why I've been seeing different results between the CI jobs and s5ci jobs. What I've discovered is that the CI jobs are running as the root user in a fully privileged container, where s5ci runs unprivileged.
I am aware that there has been a long-standing desire for tests to run as an unprivileged user. Do we need to implement that constraint on the CI tests? >From my tests in the CI [0]: Sanity test case passed. Running as root(0):root(0) Capabilities: ['cap_chown', 'cap_dac_override', 'cap_dac_read_search', 'cap_fowner', 'cap_fsetid', 'cap_kill', 'cap_setgid', 'cap_setuid', 'cap_setpcap', 'cap_linux_immutable', 'cap_net_bind_service', 'cap_net_broadcast', 'cap_net_admin', 'cap_net_raw', 'cap_ipc_lock', 'cap_ipc_owner', 'cap_sys_module', 'cap_sys_rawio', 'cap_sys_chroot', 'cap_sys_ptrace', 'cap_sys_pacct', 'cap_sys_admin', 'cap_sys_boot', 'cap_sys_nice', 'cap_sys_resource', 'cap_sys_time', 'cap_sys_tty_config', 'cap_mknod', 'cap_lease', 'cap_audit_write', 'cap_audit_control', 'cap_setfcap', 'cap_mac_override', 'cap_mac_admin', 'cap_syslog', 'cap_wake_alarm', 'cap_block_suspend', 'cap_audit_read+eip'] OS reports 72 available cpu(s). Free shm: 1,023.9921875MB Found enough resources to run tests with 4 cores [0] https://logs.fd.io/production/vex-yul-rot-jenkins-1/vpp-verify-master-ubuntu1804/1331/console.log.gz
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#14981): https://lists.fd.io/g/vpp-dev/message/14981 Mute This Topic: https://lists.fd.io/mt/69288694/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
