Skip to content

Commit

Permalink
sudo fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
staticfloat committed Mar 28, 2023
1 parent e019208 commit 2fbdbf7
Show file tree
Hide file tree
Showing 5 changed files with 9 additions and 6 deletions.
4 changes: 2 additions & 2 deletions src/utils.jl
Original file line number Diff line number Diff line change
Expand Up @@ -234,10 +234,10 @@ function sudo_cmd()
if getuid() == 0
# If we're already root, don't use any kind of sudo program
_sudo_cmd = String[]
elseif Sys.which("sudo") !== nothing success(`sudo -V`)
elseif Sys.which("sudo") !== nothing && success(`sudo -V`)
# If `sudo` is available, use that
_sudo_cmd = ["sudo"]
elseif Sys.which("su") !== nothing
elseif Sys.which("su") !== nothing && success(`su --version`)
# Fall back to `su` if all else fails
_sudo_cmd = ["su", "root", "-c"]
else
Expand Down
2 changes: 1 addition & 1 deletion test/Multiarch.jl
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ using Test, Sandbox, Base.BinaryPlatforms, LazyArtifacts
multiarch_executors = Sandbox.SandboxExecutor[]
elseif Sys.islinux()
# On Linux, we need passwordless sudo to be able to register things
if !success(`sudo -k -n true`)
if Sys.which("sudo") !== nothing && !success(`sudo -k -n true`)
@warn("Refusing to test multiarch on a system without passwordless sudo!")
multiarch_executors = Sandbox.SandboxExecutor[]
end
Expand Down
5 changes: 4 additions & 1 deletion test/Sandbox.jl
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,12 @@ using Test, Sandbox, SHA, Base.BinaryPlatforms
all_executors = Sandbox.all_executors

# Can we run `sudo` without a password? If not, don't attempt to test the privileged runner
if !success(`sudo -k -n true`)
if Sys.which("sudo") !== nothing && !success(`sudo -k -n true`)
all_executors = filter(exe -> exe != PrivilegedUserNamespacesExecutor, all_executors)
end
if Sandbox.getuid() == 0
all_executors = filter(exe -> exe != UnprivilegedUserNamespacesExecutor, all_executors)
end

function print_if_nonempty(stderr::Vector{UInt8})
if !isempty(stderr)
Expand Down
2 changes: 1 addition & 1 deletion test/UserNamespaces.jl
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@ else
end

# Only test privileged runner if sudo doesn't require a password
if success(`sudo -k -n true`)
if Sys.which("sudo") !== nothing && success(`sudo -k -n true`)
if executor_available(PrivilegedUserNamespacesExecutor)
@testset "PrivilegedUserNamespacesExecutor" begin
@test_logs (:info, "Testing Privileged User Namespaces Executor (read-only, read-write)") match_mode=:any begin
Expand Down
2 changes: 1 addition & 1 deletion test/runtests.jl
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ end

# Ensure we're not running as root; that breaks unprivileged user namespaces testing
if Sandbox.getuid() == 0
error("Cannot run Sandbox.jl tests as root!")
@warn("You are running Sandbox.jl tests as root! This cannot test unprivileged namespaces!")
end

include("SandboxConfig.jl")
Expand Down

0 comments on commit 2fbdbf7

Please sign in to comment.