From 8b170a9a91ffaa0611f68b1fef64f881f2dadf8d Mon Sep 17 00:00:00 2001
From: Christian Kastner <ckk@kvr.at>
Date: Wed, 19 Feb 2020 10:03:05 +0100
Subject: [PATCH] tests: Update output patterns for libcap >= 2.29

---
 tests/test-run.sh | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/tests/test-run.sh b/tests/test-run.sh
index a01f41c..702c480 100755
--- a/tests/test-run.sh
+++ b/tests/test-run.sh
@@ -215,11 +215,18 @@ else
     $RUN $OPT --cap-drop ALL --unshare-pid capsh --print >caps.test
     assert_file_has_content caps.test 'Current: =$'
     # Check for dropping kill/fowner (we assume all uid 0 callers have this)
-    $RUN $OPT --cap-drop CAP_KILL --cap-drop CAP_FOWNER --unshare-pid capsh --print >caps.test
-    assert_not_file_has_content caps.test '^Current: =.*cap_kill'
-    assert_not_file_has_content caps.test '^Current: =.*cap_fowner'
     # But we should still have net_bind_service for example
-    assert_file_has_content caps.test '^Current: =.*cap_net_bind_service'
+    $RUN $OPT --cap-drop CAP_KILL --cap-drop CAP_FOWNER --unshare-pid capsh --print >caps.test
+	# capsh's output format changed from v2.29 -> drops are now indicated with -eip
+	if grep 'Current: =.*+eip$' caps.test; then
+        assert_not_file_has_content caps.test '^Current: =.*cap_kill.*+eip$'
+        assert_not_file_has_content caps.test '^Current: =.*cap_fowner.*+eip$'
+        assert_file_has_content caps.test '^Current: =.*cap_net_bind_service.*+eip$'
+	else
+        assert_file_has_content caps.test '^Current: =eip.*cap_kill.*-eip$'
+        assert_file_has_content caps.test '^Current: =eip.*cap_fowner.*-eip$'
+        assert_not_file_has_content caps.test '^Current: =.*cap_net_bind_service.*-eip$'
+    fi
     echo "ok - we have the expected caps as uid 0"
 fi