TEST-07-PID1: remove bogus test case for DelegateNamespaces=cgroup

We enable nsdelegate for cgroupfs, and hence the kernel would
always refuse writes to /sys/fs/cgroup/cgroup.pressure and friends
regardless of whether the cgns is owned by userns:
https://github.com/torvalds/linux/blob/cb82ca153949c6204af793de24b18a04236e79fd/kernel/cgroup/cgroup.c#L4132
This currently works because the mountns (thus cgroupfs) remains
to be non-delegated and we're actually operating on the real root
cgroup.

It appears that cgroupfs generally doesn't care about userns,
so I'm yet to see a way to test this properly. Let's drop this for now,
to unblock fixes in the following commits.

diff --git a/test/units/TEST-07-PID1.delegate-namespaces.sh b/test/units/TEST-07-PID1.delegate-namespaces.sh
index 9bd969119713ae619655d8a41b79829b8f99cbcd..210635ebbc566d1b17befebc7004c69361df2536 100755 (executable)
--- a/test/units/TEST-07-PID1.delegate-namespaces.sh
+++ b/test/units/TEST-07-PID1.delegate-namespaces.sh
@@ -35,11 +35,6 @@ testcase_network() {
     systemd-run -p PrivateUsersEx=self -p PrivateNetwork=yes -p DelegateNamespaces=net --wait --pipe -- ip link add veth1 type veth peer name veth2
 }
 
-testcase_cgroup() {
-    (! systemd-run -p PrivateUsersEx=self -p ProtectControlGroupsEx=private --wait --pipe -- sh -c 'echo 0 >/sys/fs/cgroup/cgroup.pressure')
-    systemd-run -p PrivateUsersEx=self -p ProtectControlGroupsEx=private -p DelegateNamespaces=cgroup --wait --pipe -- sh -c 'echo 0 >/sys/fs/cgroup/cgroup.pressure'
-}
-
 testcase_pid() {
     # MountAPIVFS=yes always bind mounts child mounts of APIVFS filesystems, which means /proc/sys is always read-only
     # so we can't write to it when running in a container.