keremet/rpm-ostree
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
15e945ce6e
rpm-ostree/tests/kolainst/nondestructive/misc.sh
Colin Walters d40434db47 Add support for rpm-ostree deploy --ex-cliwrap=true 
This is a better alternative to https://github.com/coreos/fedora-coreos-config/pull/830

Basically rather than trying to send this out to all FCOS users,
it's much saner to allow people to opt-in to it locally.

If we'd finished https://github.com/coreos/rpm-ostree/issues/2326
then this would be something as trivial as:
```
$ echo 'cliwrap: true' > /etc/rpm-ostree.d/cliwrap.yaml
$ rpm-ostree rebuild
```

Unfortunately that's not the world we live in, so a whole lot of
layers here need crossing to just propagate a boolean.  And it
interacts in a tricky way with our change detection code.

But, it works and will allow people to try this out.

Other fixed problems:

- Our `rpm --verify` wrapping was broken
- Dropping privileges clashed with the default directory being `/root`,
  so `chdir(/)` too
2021-05-19 14:42:18 -04:00

118 lines
3.9 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -xeuo pipefail
. ${KOLA_EXT_DATA}/libtest.sh
cd $(mktemp -d)
# make sure that package-related entries are always present,
# even when they're empty.
# Validate there's no live state by default.
rpm-ostree status --json > status.json
assert_jq status.json \
'.deployments[0]["packages"]' \
'.deployments[0]["requested-packages"]' \
'.deployments[0]["requested-local-packages"]' \
'.deployments[0]["base-removals"]' \
'.deployments[0]["requested-base-removals"]' \
'.deployments[0]["live-inprogress"]|not' \
'.deployments[0]["live-replaced"]|not' \
'.deployments[0]["layered-commit-meta"]|not' \
'.deployments[0]["staged"]|not'
rm status.json
rpm-ostree testutils validate-parse-status
echo "ok empty pkg arrays, and commit meta correct in status json"
# Ensure we return an error when passing a wrong option.
rpm-ostree --help | awk '/^$/ {in_commands=0} {if(in_commands==1){print $0}} /^Builtin Commands:/ {in_commands=1}' > commands.txt
while read cmd; do
if rpm-ostree ${cmd} --n0t-3xisting-0ption &>/dev/null; then
assert_not_reached "command ${cmd} --n0t-3xisting-0ption was successful"
fi
done < commands.txt
echo "ok error on unknown command options"
rpm-ostree status --jsonpath '$.deployments[0].booted' > jsonpath.txt
assert_file_has_content_literal jsonpath.txt 'true'
echo "ok jsonpath"
# Verify operations as non-root
runuser -u core rpm-ostree status
echo "ok status doesn't require root"
if runuser -u core rpm-ostree pkg-add foo &>err.txt; then
fatal "Was able to install a package as non-root!"
fi
assert_file_has_content err.txt 'PkgChange not allowed for user'
if runuser -u core rpm-ostree reload &>err.txt; then
assert_not_reached "Was able to reload as non-root!"
fi
# StateRoot is only in --verbose, also verify we're not showing
# unlocked.
rpm-ostree status > status.txt
assert_not_file_has_content status.txt StateRoot:
assert_not_file_has_content status.txt Unlocked:
rpm-ostree status -v > status.txt
assert_file_has_content status.txt StateRoot:
echo "ok status text"
# Also check that we can do status as non-root non-active
runuser -u bin rpm-ostree status
echo "ok status doesn't require active PAM session"
rpm-ostree status -b > status.txt
assert_streq $(grep -F -e 'ostree://' status.txt | wc -l) "1"
assert_file_has_content status.txt BootedDeployment:
echo "ok status -b"
if rpm-ostree nosuchcommand --nosuchoption 2>err.txt; then
assert_not_reached "Expected an error for nosuchcommand"
fi
assert_file_has_content err.txt 'Unknown.*command'
echo "ok error on unknown command"
# related: https://github.com/coreos/fedora-coreos-config/issues/194
rpm-ostree testutils moo
echo "ok moo"
# Reload as root https://github.com/projectatomic/rpm-ostree/issues/976
rpm-ostree reload
echo "ok reload"
# See rpmostree-scripts.c
grep ^DEFAULT /etc/crypto-policies/config
echo "ok crypto-policies DEFAULT backend"
ldd /usr/lib64/librpmostree-1.so.1 > rpmostree-lib-deps.txt
assert_not_file_has_content rpmostree-lib-deps.txt libdnf
echo "ok lib deps"
mv /etc/ostree/remotes.d{,.orig}
systemctl restart rpm-ostreed
rpm-ostree status > status.txt
assert_file_has_content status.txt 'Remote.*not found'
mv /etc/ostree/remotes.d{.orig,}
rpm-ostree reload
echo "ok remote not found"
rpm-ostree cleanup -p
originpath=$(ostree admin --print-current-dir).origin
unshare -m /bin/bash -c "mount -o remount,rw /sysroot && cp -a ${originpath}{,.orig} &&
echo 'unconfigured-state=Access to TestOS requires ONE BILLION DOLLARS' >> ${originpath}"
rpm-ostree reload
rpm-ostree status
if rpm-ostree upgrade 2>err.txt; then
echo "Upgraded from unconfigured-state"
exit 1
fi
grep -qFe 'ONE BILLION DOLLARS' err.txt
unshare -m /bin/bash -c "mount -o remount,rw /sysroot && cp -a ${originpath}{.orig,}"
rpm-ostree reload
echo "ok unconfigured-state"
### Stuff following here may mutate the host persistently ###
rpm-ostree usroverlay
echo some content > /usr/share/testcontent
echo "ok usroverlay"
Reference in New Issue View Git Blame Copy Permalink