moby · tianon · Oct 9, 2024 · Sep 27, 2024 · Sep 26, 2024 · kolyshkin
diff --git a/capability/capability_linux.go b/capability/capability_linux.go
@@ -307,15 +307,15 @@ func (c *capsV3) Load() (err error) {
 			}
 			break
 		}
-		if strings.HasPrefix(line, "CapB") {
-			_, err = fmt.Sscanf(line[4:], "nd:  %08x%08x", &c.bounds[1], &c.bounds[0])
+		if val, ok := strings.CutPrefix(line, "CapBnd:\t"); ok {
+			_, err = fmt.Sscanf(val, "%08x%08x", &c.bounds[1], &c.bounds[0])
 			if err != nil {
 				break
 			}
 			continue
 		}
-		if strings.HasPrefix(line, "CapA") {
-			_, err = fmt.Sscanf(line[4:], "mb:  %08x%08x", &c.ambient[1], &c.ambient[0])
+		if val, ok := strings.CutPrefix(line, "CapAmb:\t"); ok {
+			_, err = fmt.Sscanf(val, "%08x%08x", &c.ambient[1], &c.ambient[0])
 			if err != nil {
 				break
 			}

diff --git a/capability/capability_test.go b/capability/capability_test.go
@@ -2,11 +2,13 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-package capability
+package capability_test
 
 import (
 	"runtime"
 	"testing"
+
+	. "github.com/moby/sys/capability"
 )
 
 // Based on the fact Go 1.18+ supports Linux >= 2.6.32, and
@@ -24,47 +26,68 @@ const (
 func TestLastCap(t *testing.T) {
 	last, err := LastCap()
 	switch runtime.GOOS {
-	case "linux":
-		if err != nil {
-			t.Fatal(err)
-		}
 	default:
 		if err == nil {
 			t.Fatal(runtime.GOOS, ": want error, got nil")
 		}
 		return
+	case "linux":
 	}
-
-	// Sanity checks (Linux only).
+	if err != nil {
+		t.Fatalf("LastCap: want nil, got error: %v", err)
+	}
+	// Sanity checks.
 	if last < minLastCap {
-		t.Fatalf("LastCap returned %d (%s), expected >= %d (%s)",
+		t.Errorf("LastCap: want >= %d (%s), got %d (%s)",
 			last, last, minLastCap, minLastCap)
 	}
 	if last > maxLastCap {
-		t.Fatalf("LastCap returned %d, expected <= %d (%s). Package needs to be updated.",
-			last, maxLastCap, maxLastCap)
+		t.Errorf("LastCap: want <= %d (%s), got %d (%s). Package needs to be updated.",
+			last, last, maxLastCap, maxLastCap)
 	}
 }
 
 func TestListSupported(t *testing.T) {
 	list, err := ListSupported()
 	switch runtime.GOOS {
-	case "linux":
-		if err != nil {
-			t.Fatal(err)
-		}
 	default:
 		if err == nil {
 			t.Fatal(runtime.GOOS, ": want error, got nil")
 		}
-	}
-	if runtime.GOOS != "linux" {
 		return
+	case "linux":
+	}
+	if err != nil {
+		t.Fatalf("ListSupported: want nil, got error: %v", err)
 	}
-	// Sanity check (Linux only).
 	t.Logf("got +%v (len %d)", list, len(list))
 	minLen := int(minLastCap) + 1
 	if len(list) < minLen {
-		t.Fatalf("result is too short (got %d, want %d): +%v", len(list), minLen, list)
+		t.Errorf("ListSupported: too short (want %d, got %d): +%v", minLen, len(list), list)
+	}
+}
+
+func TestNewPid2Load(t *testing.T) {
+	c, err := NewPid2(0)
+	switch runtime.GOOS {
+	default:
+		if err == nil {
+			t.Fatal(runtime.GOOS, ": want error, got nil")
+		}
+		return
+	case "linux":
+	}
+	if err != nil {
+		t.Fatalf("NewPid2: want nil, got error: %v", err)
+	}
+	err = c.Load()
+	if err != nil {
+		t.Fatalf("Load: %v", err)
+	}
+	// Assuming that at least bounding set is not empty.
+	bset := c.StringCap(BOUNDING)
+	t.Logf("Bounding set: %s", bset)
+	if len(bset) == 0 {
+		t.Fatal("loaded bounding set: want non-empty, got empty")
 	}
 }