nixpkgs

mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-22 15:03:28 +00:00

History

aszlig 27f36b5e57 nixos/tests/confinement: Parametrise subtests This is to make sure that we test all of the DynamicUser/User/Group and PrivateTmp options in a uniform way. The reason why we need to do this is because we recently introduced support for the DynamicUser option and since there are some corner cases where we might end up with more elevated privileges (eg. writable directories in some cases), we want to make sure that the environment is as restrictive as with a static User/Group assignment. I also removed various checks that try to os.chown(), since with our new recursive checker those are redundant. Signed-off-by: aszlig <aszlig@nix.build>	2024-05-13 00:40:38 +02:00
..
checkperms.py
default.nix	nixos/tests/confinement: Parametrise subtests	2024-05-13 00:40:38 +02:00

nixos/tests/confinement: Parametrise subtests

This is to make sure that we test all of the DynamicUser/User/Group and
PrivateTmp options in a uniform way. The reason why we need to do this
is because we recently introduced support for the DynamicUser option and
since there are some corner cases where we might end up with more
elevated privileges (eg. writable directories in some cases), we want to
make sure that the environment is as restrictive as with a static
User/Group assignment.

I also removed various checks that try to os.chown(), since with our new
recursive checker those are redundant.

Signed-off-by: aszlig <aszlig@nix.build>

2024-05-13 00:40:38 +02:00

checkperms.py

default.nix

nixos/tests/confinement: Parametrise subtests

2024-05-13 00:40:38 +02:00