Fix test breakage in Seccomp mode.

Travis is now using Seccomp, and Docker's default Seccomp policy
disables execveat (though, weirdly, not fexecve).  It also prohibits any
operations on AF_ALG sockets.

While I'm here, replace close/dup with dup2, which is more reliable.

Also, drop the fork mutex earlier.  This way all of the exeve tests will
run, even if one fails.

https://docs.docker.com/engine/security/seccomp/

1 files changed, 8 insertions, 0 deletions

diff --git a/test/sys/test_socket.rs b/test/sys/test_socket.rs
index d4c4738e..106428b9 100644
--- a/test/sys/test_socket.rs
+++ b/test/sys/test_socket.rs
@@ -244,6 +244,10 @@ pub fn test_af_alg_cipher() {
                            ControlMessage, MsgFlags};
     use nix::sys::socket::sockopt::AlgSetKey;
 
+    // Travis's seccomp profile blocks AF_ALG
+    // https://docs.docker.com/engine/security/seccomp/
+    skip_if_seccomp!(test_af_alg_cipher);
+
     let alg_type = "skcipher";
     let alg_name = "ctr(aes)";
     // 256-bits secret key
@@ -308,6 +312,10 @@ pub fn test_af_alg_aead() {
                            ControlMessage, MsgFlags};
     use nix::sys::socket::sockopt::{AlgSetKey, AlgSetAeadAuthSize};
 
+    // Travis's seccomp profile blocks AF_ALG
+    // https://docs.docker.com/engine/security/seccomp/
+    skip_if_seccomp!(test_af_alg_aead);
+
     let auth_size = 4usize;
     let assoc_size = 16u32;