aboutsummaryrefslogtreecommitdiffstats
path: root/sys
diff options
context:
space:
mode:
authorMickaël Salaün <mic@linux.microsoft.com>2025-07-03 16:37:04 +0200
committerAleksandr Nogikh <nogikh@google.com>2025-07-03 16:24:09 +0000
commitc42f29fb7d319c08ea66a8b4e26d6125361cff41 (patch)
tree45ab739b5919712a82ab85c2689867dbf8008efb /sys
parentce6342fbea03d95b46b4a868ff81086f81f22ad9 (diff)
sys/linux/test: fix sandbox restrictions for Landlock tests
The setuid sandboxes are not correct because some tests require mount. Let's make it simple and remove them. After all, Landlock is available to any user. Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
Diffstat (limited to 'sys')
-rw-r--r--sys/linux/test/landlock_fs_accesses3
-rw-r--r--sys/linux/test/landlock_fs_forbidden3
-rw-r--r--sys/linux/test/landlock_sb_delete3
3 files changed, 0 insertions, 9 deletions
diff --git a/sys/linux/test/landlock_fs_accesses b/sys/linux/test/landlock_fs_accesses
index 933ba5667..2d137703e 100644
--- a/sys/linux/test/landlock_fs_accesses
+++ b/sys/linux/test/landlock_fs_accesses
@@ -1,7 +1,4 @@
# Create and access multiple type of files
-#
-# Device creation requires some privileges:
-# requires: -sandbox=namespace -sandbox=setuid
# Makes a character device /dev/null
diff --git a/sys/linux/test/landlock_fs_forbidden b/sys/linux/test/landlock_fs_forbidden
index 26c272ab9..1a1100548 100644
--- a/sys/linux/test/landlock_fs_forbidden
+++ b/sys/linux/test/landlock_fs_forbidden
@@ -1,7 +1,4 @@
# Access denied to whole syscalls, which return EPERM.
-#
-# Manipuling namespaces requires some privileges:
-# requires: -sandbox=setuid
# Makes a private mount point for MS_MOVE.
diff --git a/sys/linux/test/landlock_sb_delete b/sys/linux/test/landlock_sb_delete
index a45042b8a..07490505a 100644
--- a/sys/linux/test/landlock_sb_delete
+++ b/sys/linux/test/landlock_sb_delete
@@ -1,7 +1,4 @@
# Creates a new mount point.
-#
-# Mounting requires some privileges:
-# requires: -sandbox=setuid
mkdirat(0xffffffffffffff9c, &AUTO='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &AUTO='./file0\x00', &AUTO='tmpfs\x00', 0x0, 0x0)
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-11 17:41:36 +0000