diff --git a/src/utils.jl b/src/utils.jl index b356c4f..4dd8dab 100644 --- a/src/utils.jl +++ b/src/utils.jl @@ -234,10 +234,10 @@ function sudo_cmd() if getuid() == 0 # If we're already root, don't use any kind of sudo program _sudo_cmd = String[] - elseif Sys.which("sudo") !== nothing success(`sudo -V`) + elseif Sys.which("sudo") !== nothing && success(`sudo -V`) # If `sudo` is available, use that _sudo_cmd = ["sudo"] - elseif Sys.which("su") !== nothing + elseif Sys.which("su") !== nothing && success(`su --version`) # Fall back to `su` if all else fails _sudo_cmd = ["su", "root", "-c"] else diff --git a/test/Multiarch.jl b/test/Multiarch.jl index 13d86c4..a3f5f07 100644 --- a/test/Multiarch.jl +++ b/test/Multiarch.jl @@ -40,7 +40,7 @@ using Test, Sandbox, Base.BinaryPlatforms, LazyArtifacts multiarch_executors = Sandbox.SandboxExecutor[] elseif Sys.islinux() # On Linux, we need passwordless sudo to be able to register things - if !success(`sudo -k -n true`) + if Sys.which("sudo") !== nothing && !success(`sudo -k -n true`) @warn("Refusing to test multiarch on a system without passwordless sudo!") multiarch_executors = Sandbox.SandboxExecutor[] end diff --git a/test/Sandbox.jl b/test/Sandbox.jl index 4201e2f..38ff60f 100644 --- a/test/Sandbox.jl +++ b/test/Sandbox.jl @@ -3,9 +3,12 @@ using Test, Sandbox, SHA, Base.BinaryPlatforms all_executors = Sandbox.all_executors # Can we run `sudo` without a password? If not, don't attempt to test the privileged runner -if !success(`sudo -k -n true`) +if Sys.which("sudo") !== nothing && !success(`sudo -k -n true`) all_executors = filter(exe -> exe != PrivilegedUserNamespacesExecutor, all_executors) end +if Sandbox.getuid() == 0 + all_executors = filter(exe -> exe != UnprivilegedUserNamespacesExecutor, all_executors) +end function print_if_nonempty(stderr::Vector{UInt8}) if !isempty(stderr) diff --git a/test/UserNamespaces.jl b/test/UserNamespaces.jl index c40f1d4..8f6c4de 100644 --- a/test/UserNamespaces.jl +++ b/test/UserNamespaces.jl @@ -100,7 +100,7 @@ else end # Only test privileged runner if sudo doesn't require a password -if success(`sudo -k -n true`) +if Sys.which("sudo") !== nothing && success(`sudo -k -n true`) if executor_available(PrivilegedUserNamespacesExecutor) @testset "PrivilegedUserNamespacesExecutor" begin @test_logs (:info, "Testing Privileged User Namespaces Executor (read-only, read-write)") match_mode=:any begin diff --git a/test/runtests.jl b/test/runtests.jl index 54c72b4..8fee9c5 100644 --- a/test/runtests.jl +++ b/test/runtests.jl @@ -38,7 +38,7 @@ end # Ensure we're not running as root; that breaks unprivileged user namespaces testing if Sandbox.getuid() == 0 - error("Cannot run Sandbox.jl tests as root!") + @warn("You are running Sandbox.jl tests as root! This cannot test unprivileged namespaces!") end include("SandboxConfig.jl")