validation: exclude user namespaces and cgroup namespaces

Cgroup namespaces test fails because runc does not support it yet.
User namespaces test fails because of many unexpected issues when
running unshare with runc, etc.

We are going to revisit these tests later, to figure out how to deal
with them. Let's exclude these two types of namespaces for now.

Signed-off-by: Dongsu Park <[email protected]>

Author: Dongsu Park

validation/linux_ns_path.go

@@ -107,15 +107,6 @@ func checkNamespacePath(unsharePid int, ns string) error {
 	rtns := getRuntimeToolsNamespace(ns)
 	g.AddOrReplaceLinuxNamespace(rtns, unshareNsPath)
 
-	// The spec is not clear about userns mappings when reusing an
-	// existing userns. Anyway in reality, we should set up uid/gid
-	// mappings, to make userns work in most runtimes.
-	// See https://github.com/opencontainers/runtime-spec/issues/961
-	//         if ns == "user" {
-	//             g.AddLinuxUIDMapping(uint32(1000), uint32(0), uint32(1000))
-	//             g.AddLinuxGIDMapping(uint32(1000), uint32(0), uint32(1000))
-	//         }
-
 	return util.RuntimeOutsideValidate(g, func(config *rspec.Spec, state *rspec.State) error {
 		containerNsPath := fmt.Sprintf("/proc/%d/ns/%s", state.Pid, ns)
 		containerNsInode, err := os.Readlink(containerNsPath)
@@ -164,12 +155,10 @@ func main() {
 		name       string
 		unshareOpt string
 	}{
-		{"cgroup", "--cgroup"},
 		{"ipc", "--ipc"},
 		{"mnt", "--mount"},
 		{"net", "--net"},
 		{"pid", "--pid"},
-		{"user", "--user"},
 		{"uts", "--uts"},
 	}