release.nix: Add a test for sandboxing

Right now it only tests whether seccomp correctly forges the return value of chown, but the long-term goal is to test the full sandboxing functionality at some point in the future. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
author: aszlig <aszlig@redmoonstudios.org> 2016-11-16T11·46+0100
committer: aszlig <aszlig@redmoonstudios.org> 2016-11-16T15·48+0100
commit: 651a18dd2466662e7027e4dc04147e4f38c7bbf8 (patch)
tree: 10e617243eb0fa5a7e76f99dfcc4885ccfa12a94 /release.nix
parent: b90a43533249a50f238a5e6cc9d77edb0fe6d748 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/release.nix b/release.nix
index fbed401df099..958460d6ffe7 100644
--- a/release.nix
+++ b/release.nix
@@ -200,6 +200,10 @@ let
       nix = build.x86_64-linux; system = "x86_64-linux";
     });
 
+    tests.sandbox = (import ./tests/sandbox.nix rec {
+      nix = build.x86_64-linux; system = "x86_64-linux";
+    });
+
     tests.binaryTarball =
       with import <nixpkgs> { system = "x86_64-linux"; };
       vmTools.runInLinuxImage (runCommand "nix-binary-tarball-test"
author	aszlig <aszlig@redmoonstudios.org>	2016-11-16T11·46+0100
committer	aszlig <aszlig@redmoonstudios.org>	2016-11-16T15·48+0100
commit	651a18dd2466662e7027e4dc04147e4f38c7bbf8 (patch)
tree	10e617243eb0fa5a7e76f99dfcc4885ccfa12a94 /release.nix
parent	b90a43533249a50f238a5e6cc9d77edb0fe6d748 (diff)