libcontainer: check cpt/rst for containers with userns

Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>

libcontainer/integration/checkpoint_test.go

@@ -5,6 +5,7 @@ import (
 	"bytes"
 	"io/ioutil"
 	"os"
+	"os/exec"
 	"path/filepath"
 	"strings"
 	"syscall"
@@ -38,7 +39,22 @@ func showFile(t *testing.T, fname string) error {
 	return nil
 }
 
+func TestUsernsCheckpoint(t *testing.T) {
+	if _, err := os.Stat("/proc/self/ns/user"); os.IsNotExist(err) {
+		t.Skip("userns is unsupported")
+	}
+	cmd := exec.Command("criu", "check", "--feature", "userns")
+	if err := cmd.Run(); err != nil {
+		t.Skip("Unable to c/r a container with userns")
+	}
+	testCheckpoint(t, true)
+}
+
 func TestCheckpoint(t *testing.T) {
+	testCheckpoint(t, false)
+}
+
+func testCheckpoint(t *testing.T, userns bool) {
 	if testing.Short() {
 		return
 	}
@@ -62,6 +78,12 @@ func TestCheckpoint(t *testing.T) {
 		Flags:       defaultMountFlags | syscall.MS_RDONLY,
 	})
 
+	if userns {
+		config.UidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}}
+		config.GidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}}
+		config.Namespaces = append(config.Namespaces, configs.Namespace{Type: configs.NEWUSER})
+	}
+
 	factory, err := libcontainer.New(root, libcontainer.Cgroupfs)
 
 	if err != nil {