Inspect grsec_lock as root in testinfra

On Linux 6.6/noble, stat-ing this file requires being root.
freedomofpress · Oct 28, 2024 · 7d42439 · 7d42439
1 parent c969757
commit 7d42439
Showing 1 changed file with 5 additions and 4 deletions.
diff --git a/molecule/testinfra/common/test_grsecurity.py b/molecule/testinfra/common/test_grsecurity.py
@@ -62,10 +62,11 @@ def test_grsecurity_lock_file(host):
     Ensure system is rerunning a grsecurity kernel by testing for the
     `grsec_lock` file, which is automatically created by grsecurity.
     """
-    f = host.file("/proc/sys/kernel/grsecurity/grsec_lock")
-    assert f.mode == 0o600
-    assert f.user == "root"
-    assert f.size == 0
+    with host.sudo():
+        f = host.file("/proc/sys/kernel/grsecurity/grsec_lock")
+        assert f.mode == 0o600
+        assert f.user == "root"
+        assert f.size == 0
 
 
 def test_grsecurity_kernel_is_running(host):