2017-11-18 18:32:01 +01:00
# SPDX-License-Identifier: LGPL-2.1+
2017-04-13 20:47:20 -04:00
test_data_files = '' '
2017-04-17 19:25:00 -04:00
a . service
2019-06-06 23:27:20 +02:00
a - conj . service
2017-04-17 19:25:00 -04:00
b . service
2017-10-11 14:07:51 +02:00
basic . target
2017-04-17 19:25:00 -04:00
c . service
d . service
2017-10-11 14:07:51 +02:00
daughter . service
cgroup: Implement default propagation of MemoryLow with DefaultMemoryLow
In cgroup v2 we have protection tunables -- currently MemoryLow and
MemoryMin (there will be more in future for other resources, too). The
design of these protection tunables requires not only intermediate
cgroups to propagate protections, but also the units at the leaf of that
resource's operation to accept it (by setting MemoryLow or MemoryMin).
This makes sense from an low-level API design perspective, but it's a
good idea to also have a higher-level abstraction that can, by default,
propagate these resources to children recursively. In this patch, this
happens by having descendants set memory.low to N if their ancestor has
DefaultMemoryLow=N -- assuming they don't set a separate MemoryLow
value.
Any affected unit can opt out of this propagation by manually setting
`MemoryLow` to some value in its unit configuration. A unit can also
stop further propagation by setting `DefaultMemoryLow=` with no
argument. This removes further propagation in the subtree, but has no
effect on the unit itself (for that, use `MemoryLow=0`).
Our use case in production is simplifying the configuration of machines
which heavily rely on memory protection tunables, but currently require
tweaking a huge number of unit files to make that a reality. This
directive makes that significantly less fragile, and decreases the risk
of misconfiguration.
After this patch is merged, I will implement DefaultMemoryMin= using the
same principles.
2019-03-28 12:50:50 +00:00
dml . slice
dml - passthrough . slice
dml - passthrough - empty . service
dml - passthrough - set - dml . service
dml - passthrough - set - ml . service
dml - override . slice
dml - override - empty . service
dml - discard . slice
dml - discard - empty . service
dml - discard - set - ml . service
2017-04-17 19:25:00 -04:00
e . service
2017-10-11 14:07:51 +02:00
end . service
2017-04-17 19:25:00 -04:00
f . service
g . service
2017-10-11 14:07:51 +02:00
grandchild . service
h . service
2017-04-17 19:25:00 -04:00
hello - after - sleep . target
hello . service
2019-10-08 16:52:10 +02:00
hwdb . d / 10 - bad . hwdb
2019-06-06 23:27:20 +02:00
i . service
2017-10-11 14:07:51 +02:00
journal - data / journal - 1 . txt
journal - data / journal - 2 . txt
cgroup: Add DisableControllers= directive to disable controller in subtree
Some controllers (like the CPU controller) have a performance cost that
is non-trivial on certain workloads. While this can be mitigated and
improved to an extent, there will for some controllers always be some
overheads associated with the benefits gained from the controller.
Inside Facebook, the fix applied has been to disable the CPU controller
forcibly with `cgroup_disable=cpu` on the kernel command line.
This presents a problem: to disable or reenable the controller, a reboot
is required, but this is quite cumbersome and slow to do for many
thousands of machines, especially machines where disabling/enabling a
stateful service on a machine is a matter of several minutes.
Currently systemd provides some configuration knobs for these in the
form of `[Default]CPUAccounting`, `[Default]MemoryAccounting`, and the
like. The limitation of these is that Default*Accounting is overrideable
by individual services, of which any one could decide to reenable a
controller within the hierarchy at any point just by using a controller
feature implicitly (eg. `CPUWeight`), even if the use of that CPU
feature could just be opportunistic. Since many services are provided by
the distribution, or by upstream teams at a particular organisation,
it's not a sustainable solution to simply try to find and remove
offending directives from these units.
This commit presents a more direct solution -- a DisableControllers=
directive that forcibly disallows a controller from being enabled within
a subtree.
2018-12-03 14:38:06 +00:00
nomem . slice
nomemleaf . service
2017-04-17 19:25:00 -04:00
parent - deep . slice
parent . slice
sched_idle_bad . service
sched_idle_ok . service
sched_rr_bad . service
sched_rr_change . service
sched_rr_ok . service
shutdown . target
sleep . service
sockets . target
son . service
sysinit . target
2018-03-25 20:50:15 +02:00
test - execute / exec - basic . service
2018-03-03 22:15:36 +09:00
test - execute / exec - ambientcapabilities - merge - nfsnobody . service
test - execute / exec - ambientcapabilities - merge - nobody . service
test - execute / exec - ambientcapabilities - merge . service
test - execute / exec - ambientcapabilities - nfsnobody . service
test - execute / exec - ambientcapabilities - nobody . service
test - execute / exec - ambientcapabilities . service
2017-12-06 00:36:55 +09:00
test - execute / exec - bindpaths . service
2017-10-11 14:07:51 +02:00
test - execute / exec - capabilityboundingset - invert . service
test - execute / exec - capabilityboundingset - merge . service
test - execute / exec - capabilityboundingset - reset . service
test - execute / exec - capabilityboundingset - simple . service
2019-06-28 17:02:30 -07:00
test - execute / exec - condition - failed . service
test - execute / exec - condition - skip . service
2017-12-06 10:44:20 +09:00
test - execute / exec - cpuaffinity1 . service
test - execute / exec - cpuaffinity2 . service
test - execute / exec - cpuaffinity3 . service
2018-07-26 11:59:53 +09:00
test - execute / exec - dynamicuser - fixeduser - adm . service
test - execute / exec - dynamicuser - fixeduser - games . service
2017-10-11 14:07:51 +02:00
test - execute / exec - dynamicuser - fixeduser - one - supplementarygroup . service
test - execute / exec - dynamicuser - fixeduser . service
2017-12-03 14:27:32 +09:00
test - execute / exec - dynamicuser - statedir - migrate - step1 . service
test - execute / exec - dynamicuser - statedir - migrate - step2 . service
2017-12-06 00:36:55 +09:00
test - execute / exec - dynamicuser - statedir . service
2017-10-11 14:07:51 +02:00
test - execute / exec - dynamicuser - supplementarygroups . service
2019-02-07 15:25:37 -08:00
test - execute / exec - environment - no - substitute . service
2017-04-17 19:25:00 -04:00
test - execute / exec - environment - empty . service
test - execute / exec - environment - multiple . service
test - execute / exec - environment . service
2017-10-11 14:07:51 +02:00
test - execute / exec - environmentfile . service
test - execute / exec - group - nfsnobody . service
2018-03-02 15:55:02 +09:00
test - execute / exec - group - nobody . service
2017-12-05 10:59:44 +01:00
test - execute / exec - group - nogroup . service
2017-10-11 14:07:51 +02:00
test - execute / exec - group . service
test - execute / exec - ignoresigpipe - no . service
test - execute / exec - ignoresigpipe - yes . service
test - execute / exec - inaccessiblepaths - mount - propagation . service
2019-03-15 15:27:32 +01:00
test - execute / exec - inaccessiblepaths - sys . service
2017-10-11 14:07:51 +02:00
test - execute / exec - ioschedulingclass - best - effort . service
test - execute / exec - ioschedulingclass - idle . service
test - execute / exec - ioschedulingclass - none . service
test - execute / exec - ioschedulingclass - realtime . service
test - execute / exec - oomscoreadjust - negative . service
test - execute / exec - oomscoreadjust - positive . service
2017-04-17 19:25:00 -04:00
test - execute / exec - passenvironment - absent . service
test - execute / exec - passenvironment - empty . service
test - execute / exec - passenvironment - repeated . service
test - execute / exec - passenvironment . service
2017-10-11 14:07:51 +02:00
test - execute / exec - personality - aarch64 . service
2017-04-17 19:25:00 -04:00
test - execute / exec - personality - ppc64 . service
test - execute / exec - personality - ppc64le . service
2017-10-11 14:07:51 +02:00
test - execute / exec - personality - s390 . service
test - execute / exec - personality - x86 - 64 . service
test - execute / exec - personality - x86 . service
2018-05-01 13:42:32 +09:00
test - execute / exec - privatedevices - disabled - by - prefix . service
2017-04-17 19:25:00 -04:00
test - execute / exec - privatedevices - no - capability - mknod . service
2017-10-11 14:07:51 +02:00
test - execute / exec - privatedevices - no - capability - sys - rawio . service
test - execute / exec - privatedevices - no . service
2017-04-17 19:25:00 -04:00
test - execute / exec - privatedevices - yes - capability - mknod . service
2017-10-11 14:07:51 +02:00
test - execute / exec - privatedevices - yes - capability - sys - rawio . service
test - execute / exec - privatedevices - yes . service
test - execute / exec - privatenetwork - yes . service
test - execute / exec - privatetmp - no . service
test - execute / exec - privatetmp - yes . service
2018-12-28 16:30:21 +09:00
test - execute / exec - protecthome - tmpfs - vs - protectsystem - strict . service
2019-11-04 17:20:47 -08:00
test - execute / exec - protectkernellogs - yes - capabilities . service
test - execute / exec - protectkernellogs - no - capabilities . service
2017-04-17 19:25:00 -04:00
test - execute / exec - protectkernelmodules - no - capabilities . service
test - execute / exec - protectkernelmodules - yes - capabilities . service
test - execute / exec - protectkernelmodules - yes - mount - propagation . service
test - execute / exec - readonlypaths - mount - propagation . service
2017-12-06 00:36:55 +09:00
test - execute / exec - readonlypaths - simple . service
2017-10-28 15:35:19 +09:00
test - execute / exec - readonlypaths - with - bindpaths . service
2017-10-11 14:07:51 +02:00
test - execute / exec - readonlypaths . service
2017-04-17 19:25:00 -04:00
test - execute / exec - readwritepaths - mount - propagation . service
2018-04-27 10:48:43 +09:00
test - execute / exec - restrictnamespaces - merge - all . service
test - execute / exec - restrictnamespaces - merge - and . service
test - execute / exec - restrictnamespaces - merge - or . service
2017-12-06 00:36:55 +09:00
test - execute / exec - restrictnamespaces - mnt - blacklist . service
test - execute / exec - restrictnamespaces - mnt . service
test - execute / exec - restrictnamespaces - no . service
test - execute / exec - restrictnamespaces - yes . service
2017-10-11 14:07:51 +02:00
test - execute / exec - runtimedirectory - mode . service
test - execute / exec - runtimedirectory - owner - nfsnobody . service
2018-03-02 15:55:02 +09:00
test - execute / exec - runtimedirectory - owner - nobody . service
2018-03-01 18:31:26 +09:00
test - execute / exec - runtimedirectory - owner - nogroup . service
2017-10-11 14:07:51 +02:00
test - execute / exec - runtimedirectory - owner . service
test - execute / exec - runtimedirectory . service
2017-12-06 00:36:55 +09:00
test - execute / exec - specifier - interpolation . service
2017-10-11 14:07:51 +02:00
test - execute / exec - specifier . service
2017-11-24 18:17:28 +09:00
test - execute / exec - specifier @ . service
2017-12-06 00:36:55 +09:00
test - execute / exec - standardinput - data . service
test - execute / exec - standardinput - file . service
2018-07-03 12:22:29 -07:00
test - execute / exec - standardoutput - file . service
test - execute / exec - standardoutput - append . service
2017-10-11 14:07:51 +02:00
test - execute / exec - supplementarygroups - multiple - groups - default - group - user . service
test - execute / exec - supplementarygroups - multiple - groups - withgid . service
test - execute / exec - supplementarygroups - multiple - groups - withuid . service
test - execute / exec - supplementarygroups - single - group - user . service
test - execute / exec - supplementarygroups - single - group . service
test - execute / exec - supplementarygroups . service
2017-11-11 21:41:05 +09:00
test - execute / exec - systemcallerrornumber - name . service
test - execute / exec - systemcallerrornumber - number . service
2017-04-17 19:25:00 -04:00
test - execute / exec - systemcallfilter - failing . service
2017-10-11 14:07:51 +02:00
test - execute / exec - systemcallfilter - failing2 . service
2017-04-17 19:25:00 -04:00
test - execute / exec - systemcallfilter - not - failing . service
2017-10-11 14:07:51 +02:00
test - execute / exec - systemcallfilter - not - failing2 . service
2017-04-17 19:25:00 -04:00
test - execute / exec - systemcallfilter - system - user - nfsnobody . service
2018-03-02 15:55:02 +09:00
test - execute / exec - systemcallfilter - system - user - nobody . service
2017-10-11 14:07:51 +02:00
test - execute / exec - systemcallfilter - system - user . service
2018-10-05 14:46:30 +09:00
test - execute / exec - systemcallfilter - with - errno - multi . service
2017-11-11 21:39:02 +09:00
test - execute / exec - systemcallfilter - with - errno - name . service
test - execute / exec - systemcallfilter - with - errno - number . service
2018-02-20 16:50:12 +09:00
test - execute / exec - temporaryfilesystem - options . service
test - execute / exec - temporaryfilesystem - ro . service
test - execute / exec - temporaryfilesystem - rw . service
test - execute / exec - temporaryfilesystem - usr . service
2017-10-11 14:07:51 +02:00
test - execute / exec - umask - 0 177 . service
test - execute / exec - umask - default . service
2017-12-06 00:36:55 +09:00
test - execute / exec - unsetenvironment . service
2017-04-17 19:25:00 -04:00
test - execute / exec - user - nfsnobody . service
2018-03-02 15:55:02 +09:00
test - execute / exec - user - nobody . service
2017-10-11 14:07:51 +02:00
test - execute / exec - user . service
2017-04-17 19:25:00 -04:00
test - execute / exec - workingdirectory . service
2018-05-31 23:59:30 +09:00
test - execute / exec - workingdirectory - trailing - dot . service
2017-10-11 14:07:51 +02:00
test - path / basic . target
test - path / path - changed . path
test - path / path - changed . service
test - path / path - directorynotempty . path
test - path / path - directorynotempty . service
test - path / path - exists . path
test - path / path - exists . service
test - path / path - existsglob . path
test - path / path - existsglob . service
test - path / path - makedirectory . path
test - path / path - makedirectory . service
test - path / path - modified . path
test - path / path - modified . service
test - path / path - mycustomunit . service
test - path / path - service . service
test - path / path - unit . path
test - path / paths . target
test - path / sysinit . target
2018-03-14 11:03:36 +01:00
test - umount / empty . mountinfo
2018-03-21 19:55:54 +01:00
test - umount / example . swaps
2018-03-14 11:03:36 +01:00
test - umount / garbled . mountinfo
test - umount / rhbug - 1554943 . mountinfo
2018-03-21 19:55:54 +01:00
testsuite . target
timers . target
unit - with - . service . d / 20 - override . conf
unit - with - multiple - . service . d / 20 - override . conf
unit - with - multiple - . service . d / 30 - override . conf
unit - with - multiple - dashes . service
unit - with - multiple - dashes . service . d / 10 - override . conf
unstoppable . service
2017-04-13 20:47:20 -04:00
'' ' . split ( )
2017-10-03 13:12:29 +02:00
if conf . get ( 'ENABLE_RESOLVE' ) == 1
2017-04-17 19:25:00 -04:00
test_data_files + = '' '
test - resolve / _openpgpkey . fedoraproject . org . pkts
test - resolve / fedoraproject . org . pkts
test - resolve / gandi . net . pkts
test - resolve / google . com . pkts
test - resolve / root . pkts
test - resolve / sw1a1aa - sw1a2aa - sw1a2ab - sw1a2ac . find . me . uk . pkts
test - resolve / teamits . com . pkts
test - resolve / zbyszek @ fedoraproject . org . pkts
test - resolve / _443 . _tcp . fedoraproject . org . pkts
test - resolve / kyhwana . org . pkts
test - resolve / fake - caa . pkts
'' ' . split ( )
2017-04-13 20:47:20 -04:00
endif
if install_tests
2017-04-17 19:25:00 -04:00
foreach file : test_data_files
subdir = file . split ( '/' ) [ 0 ]
if subdir == file
subdir = ''
endif
2017-04-13 20:47:20 -04:00
2017-04-17 19:25:00 -04:00
install_data ( file ,
install_dir : testsdir + '/testdata/' + subdir )
endforeach
2017-04-13 20:47:20 -04:00
endif
2017-07-13 19:21:40 -04:00
############################################################
2017-11-22 12:42:28 +01:00
rule_syntax_check_py = find_program ( 'rule-syntax-check.py' )
2018-09-12 11:08:49 +02:00
if want_tests != 'false'
test ( 'rule-syntax-check' ,
rule_syntax_check_py ,
args : all_rules )
endif
2017-11-22 12:42:28 +01:00
############################################################
2017-10-08 16:14:45 -04:00
if conf . get ( 'HAVE_SYSV_COMPAT' ) == 1
sysv_generator_test_py = find_program ( 'sysv-generator-test.py' )
2018-09-12 11:08:49 +02:00
if want_tests != 'false'
test ( 'sysv-generator-test' ,
sysv_generator_test_py )
endif
2017-10-08 16:14:45 -04:00
endif
2017-09-26 13:39:43 +02:00
############################################################
tests: add a runner for installed tests
We have "installed tests", but don't provide an easy way to run them.
The protocol is very simple: each test must return 0 for success, 77 means
"skipped", anything else is an error. In addition, we want to print test
output only if the test failed.
I wrote this simple script. It is pretty basic, but implements the functions
listed above. Since it is written in python it should be easy to add option
parsing (like running only specific tests, or running unsafe tests, etc.)
I looked at the following alternatives:
- Ubuntu root-unittests: this works, but just dumps all output to the terminal,
has no coloring.
- @ssahani's test runner [2]
It uses the unittest library and the test suite was implented as a class, and
doesn't implement any of the functions listed above.
- cram [3,4]
cram runs our tests, but does not understand the "ignore the output" part,
has not support for our magic skip code (it uses hardcoded 80 instead),
and seems dead upstream.
- meson test
Here the idea would be to provide an almost-empty meson.build file under
/usr/lib/systemd/tests/ that would just define all the tests. This would
allow us to reuse the test runner we use normally. Unfortunately meson requires
a build directory and configuration to be done before running tests. This
would be possible, but seems a lot of effort to just run a few binaries.
[1] https://salsa.debian.org/systemd-team/systemd/blob/242c96addb06480ec9cd75248a5660f37a17b4b9/debian/tests/root-unittests
[2] https://github.com/systemd/systemd-fedora-ci/blob/master/upstream/systemd-upstream-tests.py
[3] https://bitheap.org/cram/
[4] https://pypi.org/project/pytest-cram/
Fixes #10069.
2018-09-20 16:34:14 +02:00
if install_tests
install_data ( 'run-unit-tests.py' ,
install_mode : 'rwxr-xr-x' ,
install_dir : testsdir )
endif
############################################################
2017-09-26 13:39:43 +02:00
# prepare test/sys tree
sys_script_py = find_program ( 'sys-script.py' )
custom_target (
'sys' ,
command : [ sys_script_py , meson . current_build_dir ( ) ] ,
output : 'sys' ,
2018-09-12 21:47:56 +09:00
build_by_default : want_tests != 'false' )
2017-09-26 13:39:43 +02:00
2018-03-22 08:34:21 +01:00
if perl . found ( )
udev_test_pl = find_program ( 'udev-test.pl' )
2018-09-12 11:08:49 +02:00
if want_tests != 'false'
test ( 'udev-test' ,
2019-01-18 22:32:42 +01:00
udev_test_pl ,
timeout : 180 )
2018-09-12 11:08:49 +02:00
endif
2018-03-22 08:34:21 +01:00
else
message ( 'Skipping udev-test because perl is not available' )
endif
2017-09-26 13:44:04 +02:00
2017-10-08 16:14:45 -04:00
if conf . get ( 'ENABLE_HWDB' ) == 1
hwdb_test_sh = find_program ( 'hwdb-test.sh' )
2018-09-12 11:08:49 +02:00
if want_tests != 'false'
test ( 'hwdb-test' ,
hwdb_test_sh ,
timeout : 90 )
endif
2017-10-08 16:14:45 -04:00
endif
2018-01-19 17:54:30 +11:00
2018-07-07 18:09:21 +02:00
subdir ( 'fuzz' )