test(linux-sandbox): make /dev mount-order test host-agnostic

Fixes #15786 by removing brittle full-argv equality in the root-cwd bwrap test while preserving key ordering and protected carveout assertions.
2026-05-06 14:21:08 +03:00 · 2026-03-26 17:14:10 -07:00
parent a27cd2d281
commit 494fd02eb2
1 changed files with 34 additions and 21 deletions
--- a/codex-rs/linux-sandbox/src/bwrap.rs
+++ b/codex-rs/linux-sandbox/src/bwrap.rs
@@ -767,32 +767,45 @@ mod tests {
            Path::new("/"),
        )
        .expect("bwrap fs args");
-        assert_eq!(
-            args.args,
-            vec![
-                // Start from a read-only view of the full filesystem.
+        // Host filesystem state can add extra protected-root carveouts (for
+        // example `/.git`) when `/` is writable, so avoid full-vector equality.
+        assert!(
+            args.args.starts_with(&[
                "--ro-bind".to_string(),
                "/".to_string(),
                "/".to_string(),
-                // Recreate a writable /dev inside the sandbox.
                "--dev".to_string(),
                "/dev".to_string(),
-                // Make the writable root itself writable again.
-                "--bind".to_string(),
-                "/".to_string(),
-                "/".to_string(),
-                // Mask the default protected .codex subpath under that writable
-                // root. Because the root is `/` in this test, the carveout path
-                // appears as `/.codex`.
-                "--ro-bind".to_string(),
-                "/dev/null".to_string(),
-                "/.codex".to_string(),
-                // Rebind /dev after the root bind so device nodes remain
-                // writable/usable inside the writable root.
-                "--bind".to_string(),
-                "/dev".to_string(),
-                "/dev".to_string(),
-            ]
+            ]),
+            "expected read-only root followed by writable /dev setup: {:#?}",
+            args.args
+        );
+
+        let writable_root_bind_index = args
+            .args
+            .windows(3)
+            .position(|window| window == ["--bind", "/", "/"])
+            .expect("expected writable root bind");
+        let dev_rebind_index = args
+            .args
+            .windows(3)
+            .position(|window| window == ["--bind", "/dev", "/dev"])
+            .expect("expected /dev rebind");
+        assert!(
+            writable_root_bind_index < dev_rebind_index,
+            "expected /dev rebind after writable root bind: {:#?}",
+            args.args
+        );
+
+        let codex_carveout_index = args
+            .args
+            .windows(3)
+            .position(|window| window[0] == "--ro-bind" && window[2] == "/.codex")
+            .expect("expected read-only /.codex carveout");
+        assert!(
+            writable_root_bind_index < codex_carveout_index && codex_carveout_index < dev_rebind_index,
+            "expected /.codex carveout after writable root bind and before /dev rebind: {:#?}",
+            args.args
        );
    }