229,230c229,231
< if not (is_su or self.isolation_key('unprivileged_userns_clone')):
< pytest.skip('requires root or unprivileged_userns_clone')
---
> if not is_su:
> if not self.isolation_key('unprivileged_userns_clone'):
> pytest.skip('unprivileged clone is not available')
232,235c233,234
< self.load(
< 'ns_inspect',
< isolation={'namespaces': {'pid': True, 'credential': True}},
< )
---
> if not self.isolation_key('user'):
> pytest.skip('user namespace is not supported')
236a236,246
> if not self.isolation_key('mnt'):
> pytest.skip('mnt namespace is not supported')
>
> isolation = {'namespaces': {'pid': True}}
>
> if not is_su:
> isolation['namespaces']['mount'] = True
> isolation['namespaces']['credential'] = True
>
> self.load('ns_inspect', isolation=isolation)
>
272,274c282,285
< def test_go_isolation_rootfs_container(self, temp_dir):
< if not self.isolation_key('unprivileged_userns_clone'):
< pytest.skip('unprivileged clone is not available')
---
> def test_go_isolation_rootfs_container(self, is_su, temp_dir):
> if not is_su:
> if not self.isolation_key('unprivileged_userns_clone'):
> pytest.skip('unprivileged clone is not available')
276,277c287,288
< if not self.isolation_key('mnt'):
< pytest.skip('mnt namespace is not supported')
---
> if not self.isolation_key('user'):
> pytest.skip('user namespace is not supported')
279,282c290,291
< isolation = {
< 'namespaces': {'mount': True, 'credential': True},
< 'rootfs': temp_dir,
< }
---
> if not self.isolation_key('mnt'):
> pytest.skip('mnt namespace is not supported')
283a293,304
> if not self.isolation_key('pid'):
> pytest.skip('pid namespace is not supported')
>
> isolation = {'rootfs': temp_dir}
>
> if not is_su:
> isolation['namespaces'] = {
> 'mount': True,
> 'credential': True,
> 'pid': True
> }
>
314,316c335,338
< def test_go_isolation_rootfs_default_tmpfs(self, temp_dir):
< if not self.isolation_key('unprivileged_userns_clone'):
< pytest.skip('unprivileged clone is not available')
---
> def test_go_isolation_rootfs_default_tmpfs(self, is_su, temp_dir):
> if not is_su:
> if not self.isolation_key('unprivileged_userns_clone'):
> pytest.skip('unprivileged clone is not available')
318,319c340,341
< if not self.isolation_key('mnt'):
< pytest.skip('mnt namespace is not supported')
---
> if not self.isolation_key('user'):
> pytest.skip('user namespace is not supported')
321,324c343,344
< isolation = {
< 'namespaces': {'mount': True, 'credential': True},
< 'rootfs': temp_dir,
< }
---
> if not self.isolation_key('mnt'):
> pytest.skip('mnt namespace is not supported')
325a346,357
> if not self.isolation_key('pid'):
> pytest.skip('pid namespace is not supported')
>
> isolation = {'rootfs': temp_dir}
>
> if not is_su:
> isolation['namespaces'] = {
> 'mount': True,
> 'credential': True,
> 'pid': True
> }
>