Implements additionalGids field for run_oci
This will allow init to have customs supplementary groups.
BUG=b:77140916
TEST=init process has supplementary groups after adding additionalGids
field in cofig.json.
Change-Id: I163113969c785a525d4f29dd6e36ed87ea11a34d
Reviewed-on: https://chromium-review.googlesource.com/1175513
Commit-Ready: Risan <risan@chromium.org>
Tested-by: Risan <risan@chromium.org>
Reviewed-by: Luis Hector Chavez <lhchavez@chromium.org>
diff --git a/libcontainer/libcontainer_unittest.cc b/libcontainer/libcontainer_unittest.cc
index b4896e5..8763cc0 100644
--- a/libcontainer/libcontainer_unittest.cc
+++ b/libcontainer/libcontainer_unittest.cc
@@ -167,6 +167,7 @@
int wait_called_count;
int reset_signal_mask_called_count;
int reset_signal_handlers_called_count;
+ int set_supplementary_gids_called_count;
int pid;
std::map<minijail_hook_event_t, std::vector<MinijailHookCallback>> hooks;
};
@@ -393,6 +394,7 @@
EXPECT_EQ(1, g_mock_minijail_state->wait_called_count);
EXPECT_EQ(1, g_mock_minijail_state->reset_signal_mask_called_count);
EXPECT_EQ(1, g_mock_minijail_state->reset_signal_handlers_called_count);
+ EXPECT_EQ(0, g_mock_minijail_state->set_supplementary_gids_called_count);
}
TEST_F(ContainerTest, TestKillContainer) {
@@ -687,4 +689,10 @@
void minijail_close_open_fds(struct minijail* j) {}
+void minijail_set_supplementary_gids(struct minijail* j,
+ size_t size,
+ const gid_t* list) {
+ ++libcontainer::g_mock_minijail_state->set_supplementary_gids_called_count;
+}
+
} // extern "C"