tests/hardened: Fix usage with 5.8

Linux >= 5.8 improved /proc mount options. `hidepid=2` is now displayed as `hidepid=invisible`
author: Tim Steinbach <tim@nequissimus.com> 2020-10-05 09:07:21 -0400
committer: Tim Steinbach <tim@nequissimus.com> 2020-10-05 09:07:21 -0400
commit: 03197f94ce2d4b0feb673840d30f602e93357040 (patch)
tree: 1d37bfa42719a7d1780a7a11d3369aa058b827a0 /nixos/tests/hardened.nix
parent: dedd67610abaf200798e445bdc8356bfbac7ebd6 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/nixos/tests/hardened.nix b/nixos/tests/hardened.nix
index 8d845de70e248..ab5fa609e0725 100644
--- a/nixos/tests/hardened.nix
+++ b/nixos/tests/hardened.nix
@@ -67,7 +67,10 @@ import ./make-test-python.nix ({ pkgs, latestKernel ? false, ... } : {
 
       # Test hidepid
       with subtest("hidepid=2 option is applied and works"):
-          machine.succeed("grep -Fq hidepid=2 /proc/mounts")
+          # Linux >= 5.8 shows "invisible"
+          machine.succeed(
+              "grep -Fq hidepid=2 /proc/mounts || grep -Fq hidepid=invisible /proc/mounts"
+          )
           # cannot use pgrep -u here, it segfaults when access to process info is denied
           machine.succeed("[ `su - sybil -c 'ps --no-headers --user root | wc -l'` = 0 ]")
           machine.succeed("[ `su - alice -c 'ps --no-headers --user root | wc -l'` != 0 ]")
author	Tim Steinbach <tim@nequissimus.com>	2020-10-05 09:07:21 -0400
committer	Tim Steinbach <tim@nequissimus.com>	2020-10-05 09:07:21 -0400
commit	03197f94ce2d4b0feb673840d30f602e93357040 (patch)
tree	1d37bfa42719a7d1780a7a11d3369aa058b827a0 /nixos/tests/hardened.nix
parent	dedd67610abaf200798e445bdc8356bfbac7ebd6 (diff)