nixos/tests: expand hardened tests
This commit is contained in:
parent
62fa45eac5
commit
586d04c588
@ -32,5 +32,15 @@ import ./make-test.nix ({ pkgs, ...} : {
|
|||||||
subtest "userns", sub {
|
subtest "userns", sub {
|
||||||
$machine->fail("unshare --user");
|
$machine->fail("unshare --user");
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Test dmesg restriction
|
||||||
|
subtest "dmesg", sub {
|
||||||
|
$machine->fail("su -l alice -c dmesg");
|
||||||
|
};
|
||||||
|
|
||||||
|
# Test access to kcore
|
||||||
|
subtest "kcore", sub {
|
||||||
|
$machine->fail("cat /proc/kcore");
|
||||||
|
};
|
||||||
'';
|
'';
|
||||||
})
|
})
|
||||||
|
Loading…
Reference in New Issue
Block a user