[RFC,ima-evm-utils,3/7] Add additional options to the container engine

Commit Message

Roberto Sassu July 22, 2021, 5:34 p.m. UTC

This patch adds additional options to the command line of the container
engine, necessary to run the UML kernel.

The additional options are: --cap-add=SYS_PTRACE -v /dev/shm:/dev/shm

The first adds the PTRACE capability to the container, and the second adds
a bind mount for /dev/shm.

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
 .github/workflows/ci.yml | 1 +
 .travis.yml              | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

Patch

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 4cfffbbd85f7..c3964a01cf3a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -100,6 +100,7 @@  jobs:
     container:
       image: ${{ matrix.container }}
       env: ${{ matrix.env }}
+      options: --cap-add=SYS_PTRACE -v /dev/shm:/dev/shm
 
     environment:
       name: test
diff --git a/.travis.yml b/.travis.yml
index f3e3d93e1907..b26b57637914 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -114,4 +114,4 @@  before_install:
 script:
     - INSTALL="${DISTRO%%:*}"
     - INSTALL="${INSTALL%%/*}"
-    - $CONTAINER run $CONTAINER_ARGS -t ima-evm-utils /bin/sh -c "if [ \"$VARIANT\" ]; then ARCH=\"$ARCH\" ./ci/$INSTALL.$VARIANT.sh; fi && ARCH=\"$ARCH\" CC=\"$CC\" TSS=\"$TSS\" ./ci/$INSTALL.sh && if [ ! \"$VARIANT\" ]; then which tpm_server || which swtpm || if which tssstartup; then ./tests/install-swtpm.sh; fi; fi && CC=\"$CC\" VARIANT=\"$VARIANT\" ./build.sh"
+    - $CONTAINER run $CONTAINER_ARGS --cap-add=SYS_PTRACE -v /dev/shm:/dev/shm -t ima-evm-utils /bin/sh -c "if [ \"$VARIANT\" ]; then ARCH=\"$ARCH\" ./ci/$INSTALL.$VARIANT.sh; fi && ARCH=\"$ARCH\" CC=\"$CC\" TSS=\"$TSS\" ./ci/$INSTALL.sh && if [ ! \"$VARIANT\" ]; then which tpm_server || which swtpm || if which tssstartup; then ./tests/install-swtpm.sh; fi; fi && CC=\"$CC\" VARIANT=\"$VARIANT\" ./build.sh"