mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-22 13:33:56 +03:00
tmpfiles: automatically provision /etc/issue.d/ + /etc/motd.d/ + /etc/hosts from credentials
This commit is contained in:
parent
67ff6b3031
commit
a0f4426d0f
@ -3,9 +3,29 @@
|
||||
set -e
|
||||
|
||||
TEST_DESCRIPTION="test credentials"
|
||||
NSPAWN_ARGUMENTS="${NSPAWN_ARGUMENTS:-} --set-credential=mynspawncredential:strangevalue"
|
||||
QEMU_OPTIONS="${QEMU_OPTIONS:-} -fw_cfg name=opt/io.systemd.credentials/myqemucredential,string=othervalue -smbios type=11,value=io.systemd.credential:smbioscredential=magicdata -smbios type=11,value=io.systemd.credential.binary:binarysmbioscredential=bWFnaWNiaW5hcnlkYXRh -smbios type=11,value=io.systemd.credential.binary:sysusers.extra=dSBjcmVkdGVzdHVzZXIK -smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=ZiAvdG1wL3NvdXJjZWRmcm9tY3JlZGVudGlhbCAtIC0gLSAtIHRtcGZpbGVzc2VjcmV0Cg=="
|
||||
KERNEL_APPEND="${KERNEL_APPEND:-} systemd.set_credential=kernelcmdlinecred:uff systemd.set_credential=sysctl.extra:kernel.domainname=sysctltest rd.systemd.import_credentials=no"
|
||||
|
||||
NSPAWN_CREDS=(
|
||||
"--set-credential=mynspawncredential:strangevalue"
|
||||
)
|
||||
NSPAWN_ARGUMENTS="${NSPAWN_ARGUMENTS:-} ${NSPAWN_CREDS[*]}"
|
||||
|
||||
QEMU_CREDS=(
|
||||
"-fw_cfg name=opt/io.systemd.credentials/myqemucredential,string=othervalue"
|
||||
"-smbios type=11,value=io.systemd.credential:smbioscredential=magicdata"
|
||||
"-smbios type=11,value=io.systemd.credential.binary:binarysmbioscredential=bWFnaWNiaW5hcnlkYXRh"
|
||||
"-smbios type=11,value=io.systemd.credential.binary:sysusers.extra=dSBjcmVkdGVzdHVzZXIK"
|
||||
"-smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=ZiAvdG1wL3NvdXJjZWRmcm9tY3JlZGVudGlhbCAtIC0gLSAtIHRtcGZpbGVzc2VjcmV0Cg=="
|
||||
)
|
||||
QEMU_OPTIONS="${QEMU_OPTIONS:-} ${QEMU_CREDS[*]}"
|
||||
|
||||
KERNEL_CREDS=(
|
||||
"systemd.set_credential=kernelcmdlinecred:uff"
|
||||
"systemd.set_credential=sysctl.extra:kernel.domainname=sysctltest"
|
||||
"systemd.set_credential=login.motd:hello"
|
||||
"systemd.set_credential=login.issue:welcome"
|
||||
"rd.systemd.import_credentials=no"
|
||||
)
|
||||
KERNEL_APPEND="${KERNEL_APPEND:-} ${KERNEL_CREDS[*]}"
|
||||
|
||||
# shellcheck source=test/test-functions
|
||||
. "${TEST_BASE_DIR:?}/test-functions"
|
||||
|
@ -46,6 +46,8 @@ elif [ -d /sys/firmware/qemu_fw_cfg/by_name ]; then
|
||||
|
||||
# Verify that writing a file via tmpfiles worked
|
||||
[ "$(cat /tmp/sourcedfromcredential)" = "tmpfilessecret" ]
|
||||
[ "$(cat /etc/motd.d/50-provision.conf)" = "hello" ]
|
||||
[ "$(cat /etc/issue.d/50-provision.conf)" = "welcome" ]
|
||||
else
|
||||
echo "qemu_fw_cfg support missing in kernel. Sniff!"
|
||||
expected_credential=""
|
||||
|
@ -14,6 +14,7 @@ files = [['README', ''],
|
||||
['systemd-tmp.conf', ''],
|
||||
['tmp.conf', ''],
|
||||
['x11.conf', ''],
|
||||
['provision.conf', ''],
|
||||
]
|
||||
|
||||
foreach pair : files
|
||||
|
17
tmpfiles.d/provision.conf
Normal file
17
tmpfiles.d/provision.conf
Normal file
@ -0,0 +1,17 @@
|
||||
# This file is part of systemd.
|
||||
#
|
||||
# systemd is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU Lesser General Public License as published by
|
||||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
# See tmpfiles.d(5) for details
|
||||
|
||||
# Provision additional loging messages from credentials, if they are set. Note
|
||||
# that these lines are NOPs if the credentials are not set or if the files
|
||||
# already exist.
|
||||
f^ /etc/motd.d/50-provision.conf - - - - login.motd
|
||||
f^ /etc/issue.d/50-provision.conf - - - - login.issue
|
||||
|
||||
# Provision a /etc/hosts file from credentials.
|
||||
f^ /etc/hosts - - - - network.hosts
|
@ -22,3 +22,6 @@ RemainAfterExit=yes
|
||||
ExecStart=systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev
|
||||
SuccessExitStatus=DATAERR CANTCREAT
|
||||
LoadCredential=tmpfiles.extra
|
||||
LoadCredential=login.motd
|
||||
LoadCredential=login.issue
|
||||
LoadCredential=network.hosts
|
||||
|
Loading…
Reference in New Issue
Block a user