Add tests for group checking in newuidmap/newgidmap

tests/newgidmap/02_newgidmap_relaxed_gid_check/newgidmap.test

@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "setup uid mapping when primary groups don't match"
+
+save_config
+
+unpriv_userns=$( sysctl -n kernel.unprivileged_userns_clone )
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; \
+	rm -rf /tmp/test-gidmap; \
+        sysctl -q kernel.unprivileged_userns_clone=$unpriv_userns' 0
+
+change_config
+
+sysctl -q kernel.unprivileged_userns_clone=1
+
+echo -n "Create world writable tmp directory..."
+mkdir -m 0777 /tmp/test-gidmap
+echo "OK"
+
+echo -n "setup gidmapping... "
+runuser foo -g foo -c "unshare -U sleep 10 & pid=\$!; \
+        newgidmap \$pid 0 1000 1 1 1000000 1000; ret=\$?; \
+	cat /proc/\$pid/gid_map >/tmp/test-gidmap/gid_map;
+        kill \$pid; exit \$ret"
+../../common/compare_file.pl /tmp/test-gidmap/gid_map data/gid_map
+echo "OK"
+
+echo -n "setup gidmapping with different primary group... "
+runuser foo -g bar -c "unshare -U sleep 10 & pid=\$!; \
+        newgidmap \$pid 0 1001 1 1 1000000 1000; ret=\$?; \
+	cat /proc/\$pid/gid_map >/tmp/test-gidmap/gid_map;
+        kill \$pid; exit \$ret"
+../../common/compare_file.pl /tmp/test-gidmap/gid_map data/gid_map.bar
+echo "OK"
+
+log_status "$0" "SUCCESS"
+
+sysctl -q kernel.unprivileged_userns_clone=$unpriv_userns
+rm -rf /tmp/test-gidmap;
+
+restore_config
+trap '' 0
+