syscall: update check for UserNS support for centos 7 Fixes #20796 Fixes #16283 Change-Id: Ib11992fbd2bc1fbb3b14ae5a6bf0da2e4c12f641 Reviewed-on: https://go-review.googlesource.com/49311 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>

commit: 0d482b382481734b430621c08cad58e20faf8aa8 [log] [tgz]
author: Jess Frazelle <me@jessfraz.com> Mon Jul 17 13:51:37 2017 -0400
committer: Brad Fitzpatrick <bradfitz@golang.org> Mon Jul 17 18:18:08 2017 +0000
tree: 59d2db690855039f9d8b1dd433c36406a8124a42
parent: f0cf740733b8cb53bc62e66f5e2a45385c06d726 [diff] [blame]
diff --git a/src/syscall/exec_linux_test.go b/src/syscall/exec_linux_test.go
index 5c7d8a2..114deec 100644
--- a/src/syscall/exec_linux_test.go
+++ b/src/syscall/exec_linux_test.go

@@ -57,6 +57,14 @@
 			t.Skip("kernel prohibits user namespace in unprivileged process")
 		}
 	}
+	// On Centos 7 make sure they set the kernel parameter user_namespace=1
+	// See issue 16283 and 20796.
+	if _, err := os.Stat("/sys/module/user_namespace/parameters/enable"); err == nil {
+		buf, _ := ioutil.ReadFile("/sys/module/user_namespace/parameters/enabled")
+		if !strings.HasPrefix(string(buf), "Y") {
+			t.Skip("kernel doesn't support user namespaces")
+		}
+	}
 	// When running under the Go continuous build, skip tests for
 	// now when under Kubernetes. (where things are root but not quite)
 	// Both of these are our own environment variables.
commit	0d482b382481734b430621c08cad58e20faf8aa8	[log] [tgz]
author	Jess Frazelle <me@jessfraz.com>	Mon Jul 17 13:51:37 2017 -0400
committer	Brad Fitzpatrick <bradfitz@golang.org>	Mon Jul 17 18:18:08 2017 +0000
tree	59d2db690855039f9d8b1dd433c36406a8124a42
parent	f0cf740733b8cb53bc62e66f5e2a45385c06d726 [diff] [blame]