github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/cmd/snap-confine/spread-tests/main/mount-ns-sharing/task.yaml

github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/cmd/snap-confine/spread-tests/main/mount-ns-sharing/task.yaml (about)

     1  summary: mount namespace is shared among processes
     2  details: |
     3      The mount namespace is automatically shared amongst processes belonging to
     4      a given snap. The namespace is preserved until the machine reboots or until
     5      it is discarded with snap-discard-ns.
     6  prepare: |
     7      # NOTE: devmode is required because otherwise we cannot read /proc/self/ns/mnt
     8      snap install --devmode snapd-hacker-toolbelt
     9  execute: |
    10      export PATH=/snap/bin:$PATH
    11      echo "The mount namespace inside a snap is different"
    12      outer_mnt_ns=$(readlink /proc/self/ns/mnt)
    13      inner_mnt_ns=$(snapd-hacker-toolbelt.busybox readlink /proc/self/ns/mnt)
    14      [ "$outer_mnt_ns" != "$inner_mnt_ns" ]
    15      echo "The mount namespace is stable across invocations"
    16      for i in $(seq 100); do
    17          [ "$inner_mnt_ns" = "$(snapd-hacker-toolbelt.busybox readlink /proc/self/ns/mnt)" ]
    18      done
    19  restore: |
    20      snap remove --purge snapd-hacker-toolbelt