1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-22 13:33:56 +03:00
Commit Graph

2509 Commits

Author SHA1 Message Date
Yu Watanabe
3e3b0d2a40 test-network: make udevd also generate debugging logs 2021-11-17 08:32:45 +09:00
Lennart Poettering
a89b67509f test: add grow/shrink/minimize test for homed
Let's add testing for the stuff we just added.
2021-11-16 17:28:26 +01:00
Franck Bui
0c98f381e7 TEST-08: don't force ext4 for /
Forcing a specific fs for the image is usually a bad idea because the initrd
(borrowed from the host) is likely to include only support for the filesystem
used by the host's rootfs.

Since the point of this test is to check aliases on mount units, there's no
specific need for ext4, hence drop any parts that request or rely on ext4.
2021-11-16 16:58:49 +01:00
Lennart Poettering
3054863345 test: make homed test run in qemu 2021-11-16 12:33:44 +01:00
Yu Watanabe
d068f3a243
Merge pull request #21235 from bacher09/slava/supress_ifgroup
Add suppress_ifgroup option in routing policy
2021-11-16 10:25:33 +09:00
Slava Bacherikov
af493fb742 network: Add SuppressInterfaceGroup= into routing policy
This adds SuppressInterfaceGroup= option in the [RoutingPolicyRule] section
which has the same semantics as suppress_ifgroup in `ip rule` command.
2021-11-16 01:54:07 +09:00
Yu Watanabe
7a2e124b08 test-network: add testcases for Token=prefixstable with UUID 2021-11-14 13:29:44 +09:00
Lennart Poettering
875afa02fa tests: add test case for UMask=+BindPaths= combination
Inspired by the test case described in #19899
2021-11-12 16:02:26 +01:00
Jonas Witschel
6401279fee test: add regression test for systemd-run --scope [--user]
systemd-run --scope --user failed to run in system 249.6, cf. #21297. Add tests
for systemd-run --scope and systemd-run --scope --user to make sure this does
not regress again.
2021-11-12 13:31:46 +09:00
Lennart Poettering
15c5977644 test: extend repart test suite to test for unaligned partitions 2021-11-09 16:53:11 +01:00
Yu Watanabe
e5a7570188
Merge pull request #21226 from yuwata/network-tc-cake
network: add several CAKE settings
2021-11-09 14:18:41 +09:00
Yu Watanabe
0b251e8bf9 test-network: add testcases for CAKE settings 2021-11-09 10:58:44 +09:00
Yu Watanabe
1c7a81e626 network: tc/cake: introduce UseRawPacketSize= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
35896db489 network: tc/cake: introduce SplitGSO= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
d05dce95d8 network: tc/cake: introduce Wash= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
049b66ccdd network: tc/cake: introduce FirewallMark= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
fe8e156e7a network: tc/cake: introduce PriorityQueueingProfile= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
863542e1ce network: tc/cake: introduce MPUBytes= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
4bff808648 network: tc/cake: introduce NAT= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
a049cf166c network: tc/cake: introduce FlowIsolationMode= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
b6eccfda1a network: tc/cake: introduce CompensationMode= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
025cd94e1c network: tc/cake: introduce AutoRateIngress= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
610c0db126 network: ndisc: introduce UseGateway= and UseRoutePrefix= settings
Closes #21263.
2021-11-09 08:12:36 +09:00
Zbigniew Jędrzejewski-Szmek
e2de2d28f4
Merge pull request #20813 from unusual-thoughts/exittype_v2
Reintroduce ExitType
2021-11-08 15:06:37 +01:00
Albert Brox
da845dabf5 implement aliasing for systemd-analyze verify 2021-11-08 12:08:23 +00:00
Henri Chain
596e447076 Reintroduce ExitType
This introduces `ExitType=main|cgroup` for services.
Similar to how `Type` specifies the launch of a service, `ExitType` is
concerned with how systemd determines that a service exited.

- If set to `main` (the current behavior), the service manager will consider
  the unit stopped when the main process exits.

- The `cgroup` exit type is meant for applications whose forking model is not
  known ahead of time and which might not have a specific main process.
  The service will stay running as long as at least one process in the cgroup
  is running. This is intended for transient or automatically generated
  services, such as graphical applications inside of a desktop environment.

Motivation for this is #16805. The original PR (#18782) was reverted (#20073)
after realizing that the exit status of "the last process in the cgroup" can't
reliably be known (#19385)

This version instead uses the main process exit status if there is one and just
listens to the cgroup empty event otherwise.

The advantages of a service with `ExitType=cgroup` over scopes are:
- Integrated logging / stdout redirection
- Avoids the race / synchronisation issue between launch and scope creation
- More extensive use of drop-ins and thus distro-level configuration:
  by moving from scopes to services we can have drop ins that will affect
  properties that can only be set during service creation,
  like `OOMPolicy` and security-related properties
- It makes systemd-xdg-autostart-generator usable by fixing [1], as obviously
  only services can be used in the generator, not scopes.

[1] https://bugs.kde.org/show_bug.cgi?id=433299
2021-11-08 10:15:23 +01:00
Luca Boccassi
5df64f148d
Merge pull request #21237 from bluca/analyze_skip
analyze: allow a custom policy to skip a check
2021-11-06 11:19:40 +00:00
Lennart Poettering
0cdb32ef52
Merge pull request #21171 from DaanDeMeyer/tty-dimensions
exec: Add TTYRows and TTYColumns properties to set TTY dimensions
2021-11-06 10:16:45 +01:00
Frantisek Sumsal
a0ac3652fc test: wait until lvm-activate-$vgroup.service finishes
The new lvm autoactivation method runs `vgchange` via
`systemd-run --no-block`[0], which means that checking if the unit
is in the `active` state is not enough, since the main binary might
still be running. Let's fix this by waiting until the unit reaches
the `exited` sub state.

Follow-up to:
  * 29f8bef05e
  * e50d743f99

[0] https://sourceware.org/git/?p=lvm2.git;a=blob;f=udev/69-dm-lvm.rules.in;h=39e5b98074010745f78a7a86a05929700c9cd690;hb=67722b312390cdab29c076c912e14bd739c5c0f6#l83

Example:
```
[   17.102002] systemd-udevd[282]: sdf: '/usr/bin/systemd-run -r --no-block --property DefaultDependencies=no --unit lvm-activate-iscsi_lvm2212 /usr/bin/lvm vgchange -aay --nohints iscsi_lvm2212'(err) 'Running as unit: lvm-activate-iscsi_>
[   17.102522] systemd-udevd[282]: sdf: Process '/usr/bin/systemd-run -r --no-block --property DefaultDependencies=no --unit lvm-activate-iscsi_lvm2212 /usr/bin/lvm vgchange -aay --nohints iscsi_lvm2212' succeeded.
[   17.102697] systemd-udevd[282]: sdf: Adding watch on '/dev/sdf'
[   17.104944] systemd[1]: lvm-activate-iscsi_lvm2212.service: Changed dead -> running
...
[   17.105434] systemd[1]: Started /usr/bin/lvm vgchange -aay --nohints iscsi_lvm2212.
[   17.105601] systemd[931]: lvm-activate-iscsi_lvm2212.service: Executing: /usr/bin/lvm vgchange -aay --nohints iscsi_lvm2212
...
[   17.420228] testsuite-64.sh[268]: + systemctl -q is-active lvm-activate-iscsi_lvm2212.service
[   17.420228] testsuite-64.sh[268]: + return 0
[   17.420228] testsuite-64.sh[268]: + test -e /dev/disk/by-path/ip-127.0.0.1:3260-iscsi-iqn.2021-09.com.example:iscsi.lvm.test-lun-4
[   17.420228] testsuite-64.sh[268]: + udevadm settle
[   17.420228] testsuite-64.sh[268]: + test -e /dev/iscsi_lvm2212/mypart1
...
[   17.451313] systemd[1]: testsuite-64.service: Main process exited, code=exited, status=1/FAILURE
[   17.451475] systemd[1]: testsuite-64.service: Failed with result 'exit-code'.
...
[   17.555759] systemd[1]: Starting End the test...
[   17.556972] sh[941]: + systemctl poweroff --no-block
...
[   17.688923] lvm[931]:   2 logical volume(s) in volume group "iscsi_lvm2212" now active
...
[   17.838484] systemd[1]: lvm-activate-iscsi_lvm2212.service: Child 931 belongs to lvm-activate-iscsi_lvm2212.service.
[   17.838718] systemd[1]: lvm-activate-iscsi_lvm2212.service: Main process exited, code=exited, status=0/SUCCESS (success)

```
2021-11-05 22:48:38 +00:00
Luca Boccassi
82100ef486 analyze: allow a custom policy to skip a check with weight=0
In some cases an offline analysis should ignore some fields, for example
a portable service in an image will never list RootImage/RootDirectory, as
they are added at runtime, and thus can be skipped.
2021-11-05 22:37:34 +00:00
Daan De Meyer
51462135fb exec: Add TTYRows and TTYColumns properties to set TTY dimensions 2021-11-05 21:32:14 +00:00
Tony Asleson
788a0ef179 test: exercise sytemd-integritysetup & generator
Ensures we can open a dm-integrity volume formated with
integritysetup.
2021-11-05 21:17:17 +00:00
Luca Boccassi
d54017e8f7 analyze: fix typos in test policy 2021-11-04 19:22:28 +00:00
Lennart Poettering
71bb9594e9
Merge pull request #21030 from DaanDeMeyer/path-skipped
core: Propagate condition failed state from service to path unit.
2021-11-04 15:20:00 +01:00
Daan De Meyer
12ab94a1e4 core: Propagate condition failed state to triggering units.
Alternative to https://github.com/systemd/systemd/pull/20531.

Whenever a service triggered by another unit fails condition checks,
stop the triggering unit to prevent systemd busy looping trying to
start the triggered unit.
2021-11-03 20:25:14 +00:00
Yu Watanabe
ab7b261663
Merge pull request #21210 from yuwata/network-dhcp-server-introduce-router-setting
network: dhcp-server: introduce Router= setting to specify router address
2021-11-03 12:41:34 +09:00
Yu Watanabe
32d97330df test-network: add a testcase for Router= setting 2021-11-03 03:15:05 +09:00
Yu Watanabe
59aa622013 network: dhcp-server: introduce Router= setting to specify router address
Closes #21202.
2021-11-03 03:15:00 +09:00
Franck Bui
be0cc2ce6c test-keymap-util: always use kbd-model-map we ship
This test makes assumptions on the availability of some mappings contained in
kbd-model-map and therefore strongly relies on the version shipped by
upstream. IOW the test is likely to fail if it's installed on a system with a
more comprehensive kbd-model-map.

This patch makes the upstream kbd-model-map file available via a symlink in
test/testdata/test-keymap-util dir and makes sure that this specific version is
always used by test-keymap-util regardless of whether the test is installed and
run on a different system or directly run (optionally via meson) from the
project working dir.
2021-11-02 16:48:55 +01:00
Frantisek Sumsal
c7448e741a
Merge pull request #21207 from mrc0mmand/test-tweak-lvm-installation
test: support the new lvm udev autoactivation
2021-11-02 14:09:57 +00:00
Frantisek Sumsal
29f8bef05e test: support both lvm vgroup activation methods 2021-11-02 12:32:48 +01:00
Yu Watanabe
0874be35c3 test-network: add test case for MTUBytes= for veth 2021-11-02 12:35:07 +09:00
Frantisek Sumsal
e50d743f99 test: support the new lvm udev autoactivation
Introduced in lvm 2.03.14.
See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=67722b312390cdab29c076c912e14bd739c5c0f6
2021-11-01 20:55:38 +01:00
Lennart Poettering
ff8b7bd6a0
Merge pull request #20321 from bluca/state_dir_symlink
core: add [State|Runtime|Cache|Logs]DirectorySymlink
2021-10-28 20:52:56 +02:00
Luca Boccassi
211a3d87fb core: add [State|Runtime|Cache|Logs]Directory symlink as second parameter
When combined with a tmpfs on /run or /var/lib, allows to create
arbitrary and ephemeral symlinks for StateDirectory or RuntimeDirectory.
This is especially useful when sharing these directories between
different services, to make the same state/runtime directory 'backend'
appear as different names to each service, so that they can be added/removed
to a sharing agreement transparently, without code changes.

An example (simplified, but real) use case:

foo.service:
StateDirectory=foo

bar.service:
StateDirectory=bar

foo.service.d/shared.conf:
StateDirectory=
StateDirectory=shared:foo

bar.service.d/shared.conf:
StateDirectory=
StateDirectory=shared:bar

foo and bar use respectively /var/lib/foo and /var/lib/bar. Then
the orchestration layer decides to stop this sharing, the drop-in
can be removed. The services won't need any update and will keep
working and being able to store state, transparently.

To keep backward compatibility, new DBUS messages are added.
2021-10-28 10:47:46 +01:00
Luca Boccassi
df61e79a5d core: make DynamicUser=1 and StateDirectory= work with TemporaryFileSystem=/var/lib
The /var/lib/private/foo -> /var/lib/foo symlink for StateDirectory and
DynamicUser is set up on the host filesystem, before the mount namespacing
is brought up. If an empty /var/lib is used, to ensure the service does not
see other services data, the symlink is then not available despite
/var/lib/private being set up as expected.

Make a list of symlinks that need to be set up, and create them after all
the namespaced filesystems have been created, but before any eventual
read-only switch is flipped.
2021-10-27 22:45:26 +01:00
Yu Watanabe
1ac845ffbe test-network: add more tests for [Address] section 2021-10-28 02:12:34 +09:00
Yu Watanabe
8edcd775e8 test-network: add tests for invalid [IPv6AddressLabel] section 2021-10-28 01:40:19 +09:00
Yu Watanabe
3dfa7311e2 test-network: add tests for invalid IPv6 token 2021-10-28 01:17:14 +09:00
Frantisek Sumsal
cd37793d28 test: add a missing udevadm settle to the multipath test case
8a088877ab uncovered a missing `udevadm
settle` in the multipath test case, causing the test to occasionally
fail with:

```
[   41.718617] testsuite-64.sh[806]: + for i in {0..63}
[   41.727917] systemd-udevd[1120]: sdhf: /usr/lib/udev/rules.d/60-persistent-storage.rules:66 Importing properties from results of 'scsi_id --export --whitelisted -d /dev/sdhf'
[   41.728668] testsuite-64.sh[2341]: ++ printf %.4d 1
[   41.733851] systemd-udevd[1415]: sdhc: Adding watch on '/dev/sdhc'
[   41.734477] testsuite-64.sh[806]: + wwid=deaddeadbeef0001
[   41.734477] testsuite-64.sh[806]: + path=/dev/disk/by-id/wwn-0xdeaddeadbeef0001
[   41.746174] systemd-udevd[1409]: sdhb: 'scsi_id --export --whitelisted -d /dev/sdhb'(out) 'ID_MODEL_ENC=QEMU\x20HARDDISK\x20\x20\x20'
[   41.747058] testsuite-64.sh[2342]: ++ readlink -f /dev/disk/by-id/wwn-0xdeaddeadbeef0001
[   41.755512] testsuite-64.sh[806]: + dmpath=/dev/sdi
[   41.755512] testsuite-64.sh[806]: + lsblk /dev/disk/by-id/wwn-0xdeaddeadbeef0001
[   41.766884] systemd-udevd[1402]: sdhd: 'scsi_id --export --whitelisted -d /dev/sdhd'(out) 'ID_VENDOR=QEMU'
[   41.767532] testsuite-64.sh[2343]: NAME MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
[   41.767532] testsuite-64.sh[2343]: sdi    8:128  0  512B  0 disk
[   41.779219] systemd-udevd[1400]: dm-33: 'kpartx_id 254 33 mpath-3deaddeadbeef0051'(out) 'DM_WWN=0xdeaddeadbeef0051'
[   41.779902] testsuite-64.sh[806]: + multipath -C /dev/sdi
[   41.785296] systemd-udevd[1414]: dm-31: Device processed (SEQNUM=4839, ACTION=change)
[   41.785925] testsuite-64.sh[2344]: 37.658168 | /dev/sdi is not a dm device
```
2021-10-27 02:23:55 +09:00
Yu Watanabe
caad88a22b test-network: add test cases for DHCPv6 prefix delegation 2021-10-26 20:43:10 +09:00
Yu Watanabe
dc5cae6c9d network: dhcp6: introduce UplinkInterface= for DHCP6 prefix delegation 2021-10-26 20:43:10 +09:00
Yu Watanabe
0f5ef9b62a network: dhcp6: introduce UseDelegatedPrefix= setting and enable by default
Previously, the prefix delegation is enabled when at least one
downstream interfaces request it. But, when the DHCPv6 client on the
upstream interface is configured, some downstream interfaces may not
exist yet, nor have .network file assigned.

Also, if a system has thousands of interfaces, then the previous logic
introduce O(n^2) search.

This makes the prefix delegation is always enabled, except when it is
explicitly disabled. Hopefully, that should not break anything, as the
DHCPv6 server should ignore the prefix delegation request if the server
do not have any prefix to delegate.
2021-10-26 20:29:08 +09:00
Yu Watanabe
adef6d089b
Merge pull request #21122 from yuwata/network-optimize-reload
network: slightly optimize "networkctl reload"
2021-10-26 15:55:01 +09:00
Yu Watanabe
5b47f35d0e test-network: reconfigure interface instead of restarting networkd 2021-10-26 08:20:29 +09:00
Yu Watanabe
8a088877ab test: enable debug logging of systemd-udevd
Otherwise, it is hard to debug when the test fails.
2021-10-26 08:12:10 +09:00
Frantisek Sumsal
35382a9da3 test: merge coverage reports from previous test runs
Relevant mainly for tests which utilize both QEMU and nspawn.
2021-10-25 11:35:47 +02:00
Frantisek Sumsal
e70103e2d4 test: tweak TriggerLimitIntervalSec= when built with coverage
Collecting coverage causes a significant slowdown in general, but since
this test requires certain timing, we need to tweak the defaults to make
it reliably pass.
2021-10-25 11:02:22 +02:00
Frantisek Sumsal
d2a39812fd test: rename the global service override file for coverage runs
Otherwise we break TEST-15-DROPIN, since it uses
/usr/lib/systemd/system/service.d/override.conf in some of its
sub-tests.
2021-10-23 22:10:24 +02:00
Frantisek Sumsal
035af7adfe test: disable ProtectHome= when collecting coverage as well
Depending on the location of the original build dir, either ProtectHome=
or ProtectSystem= may get in the way when creating the gcov metadata
files.

Follow-up to:
    * 02d7e73013
    * 6c9efba677
2021-10-23 21:27:20 +02:00
Frantisek Sumsal
7a6c5b6ab5 test: make the coverage check safer for non-compiled builds 2021-10-21 18:34:21 +02:00
Frantisek Sumsal
9bc10d3109 test: collect the coverage _before_ unmounting the rootfs
d'oh!
2021-10-21 18:12:06 +02:00
Frantisek Sumsal
02d7e73013 test: loosen sandbox restrictions for integration tests as well
Otherwise we miss quite a lot of coverage (mainly from logind,
hostnamed, networkd, and possibly others), since they can't write their
reports with `ProtectSystem=strict`.
2021-10-21 18:06:36 +02:00
Frantisek Sumsal
6c9efba677 test: loosen certain sandbox restrictions when collecting coverage
With `ProtectSystem=strict` gcov is unable to write the *.gcda files
with collected coverage. Let's add a yet another switch to make such
restriction less strict to make gcov happy.

This addresses following errors:
```
...
systemd-networkd[272469]: profiling:/systemd-meson-build/src/shared/libsystemd-shared-249.a.p/binfmt-util.c.gcda:Cannot open
systemd-networkd[272469]: profiling:/systemd-meson-build/src/shared/libsystemd-shared-249.a.p/base-filesystem.c.gcda:Cannot open
systemd-networkd[272469]: profiling:/systemd-meson-build/src/shared/libsystemd-shared-249.a.p/barrier.c.gcda:Cannot open
systemd-networkd[272469]: profiling:/systemd-meson-build/src/shared/libsystemd-shared-249.a.p/ask-password-api.c.gcda:Cannot open
systemd-networkd[272469]: profiling:/systemd-meson-build/src/shared/libsystemd-shared-249.a.p/apparmor-util.c.gcda:Cannot open
systemd-networkd[272469]: profiling:/systemd-meson-build/src/shared/libsystemd-shared-249.a.p/acpi-fpdt.c.gcda:Cannot open
...
```
2021-10-21 17:36:45 +02:00
Frantisek Sumsal
dded88acb9 test: wait a bit for the given PID to die if it's still alive
When playing around with the coverage-enabled build I kept hitting
an issue where dnsmasq failed to start because the previous instance was
still shutting down. This should, hopefully, help to mitigate that.
2021-10-21 15:59:57 +02:00
Frantisek Sumsal
140557021a test: don't install test-network-generator-conversion.sh w/o networkd
otherwise TEST-02 will fail:

```
=== Failed test log ===
--- test-network-generator-conversion.sh begin ---
+ [[ -n '' ]]
+ [[ -x /usr/lib/systemd/systemd-network-generator ]]
+ [[ -x /lib/systemd/systemd-network-generator ]]
+ exit 1
--- test-network-generator-conversion.sh end ---
```

Before:
```
$ meson build -Dnetworkd=false -Dinstall-tests=true
$ ninja -C build
$ DESTDIR=$PWD/test-install ninja -C build install
$ find test-install/ -name test-network-generator-conversion.sh
test-install/usr/lib/systemd/tests/test-network-generator-conversion.sh
```

After:
```
$ find test-install/ -name test-network-generator-conversion.sh
<no output>
```
2021-10-20 22:04:45 +01:00
Frantisek Sumsal
0b5fe54ff5 test: collect coverage in a couple more codepaths
Otherwise we'd miss coverage from TEST-{02,24,61}, since they don't go
through the "standard" `check_result_common` hook.

Follow-up to 7bf20e48bd.
2021-10-20 16:46:58 +01:00
Dimitri Papadopoulos
ba669952b2 Typos found by codespell 2021-10-20 22:20:18 +09:00
Yu Watanabe
a4a1385e07 test-network: cleanup dnsmasq related file on setup
Just for safety.
2021-10-20 03:49:05 +09:00
Yu Watanabe
888f57c11c test-network: drop pid_file argument from stop_dnsmasq() 2021-10-20 03:49:05 +09:00
Yu Watanabe
ed08ed4a45 test-network: use constant variables in dnsmasq command 2021-10-20 03:49:05 +09:00
Zbigniew Jędrzejewski-Szmek
721700df3c TEST-06-SELINUX: add the usual spdx license header to policy files 2021-10-18 09:43:18 +02:00
Zbigniew Jędrzejewski-Szmek
1d9a1215e8 gitattributes: introduce and use "generated" attribute
I want to mark some files to be ignored for licensing purposes,
e.g. output from fuzzers and other samples. By using the gitattribute
machinery for this we don't need to design a custom protocol:

$ git check-attr generated test/test-sysusers/unhappy-*
test/test-sysusers/unhappy-1.expected-err: generated: set
test/test-sysusers/unhappy-1.input: generated: unspecified
test/test-sysusers/unhappy-2.expected-err: generated: set
test/test-sysusers/unhappy-2.input: generated: unspecified
test/test-sysusers/unhappy-3.expected-err: generated: set
test/test-sysusers/unhappy-3.input: generated: unspecified
2021-10-18 09:42:55 +02:00
Zbigniew Jędrzejewski-Szmek
546e57f51b gitattributes: mark more files as "binary"
This way we know that we shouldn't look for a spdx header in them.
2021-10-18 09:40:35 +02:00
Zbigniew Jędrzejewski-Szmek
d632e6fe3b tests: use !/usr/bin/env bash consistently
This adjustment was last done in f96bc66901,
but it seems some files were missed and some were added later.
2021-10-18 09:04:45 +02:00
Zbigniew Jędrzejewski-Szmek
7b3cec95db tests: add spdx headers to scripts and Makefiles 2021-10-18 09:04:45 +02:00
Zbigniew Jędrzejewski-Szmek
22d3cfe54c tests: add spdx license header to test unit/link/network/conf files
Those are all consumed by our parser, so they all support comments.
I was considering whether they should have a license header at all,
but in the end I decided to add it because those files are often created
by copying parts of real unit files. And if the real ones have a license,
then those might as well. It's easier to add it than to make an exception.
2021-10-18 09:04:45 +02:00
Zbigniew Jędrzejewski-Szmek
7b84e701a8 gitattributes: mark fuzz inputs that are pure binary as such
We also have a bunch of files that have some bytes and a lot
of text, like the journal export format. For those, it is still quite
useful when the tools try to diff them, so let's not mark those.
2021-10-18 09:04:45 +02:00
Zbigniew Jędrzejewski-Szmek
6b292fa17b
Merge pull request #20996 from yuwata/udevadm-trigger-debug
test: show debug and verbose message
2021-10-15 09:44:59 +02:00
Zbigniew Jędrzejewski-Szmek
df618f259a
Merge pull request #20987 from yuwata/sd-dhcp6-enum-cleanups
sd-dhcp6-client: enum cleanups
2021-10-13 08:25:37 +02:00
Yu Watanabe
6870cf0729 test: show debug and verbose message 2021-10-13 12:58:24 +09:00
Anita Zhang
0b4f8d9498 core: serialize device cgroup bpf progs across daemon-reload/reexec
Follows what was done in b57d752326 and
adds a test that verifies the device BPF program is not detached during
reload/reexec.
2021-10-13 11:13:56 +09:00
Yu Watanabe
308d01f3c4 network: do not request RAPID_COMMIT option
The option must not be included in OPTION_REQUEST option.
See the "Client ORO" field in
https://www.iana.org/assignments/dhcpv6-parameters/dhcpv6-parameters.xhtml#dhcpv6-parameters-2

This deprecates RapidCommit= setting. Note that sd-dhcp6-client always
sets the RAPID_COMMIT option in the solicit message.
2021-10-13 02:46:24 +09:00
Dimitri John Ledkov
af7fb6831f test: set 5 minute timeout on TEST-11-ISSUE-3166 and TEST-50-DISSECT
When they work they finish quickly in under two minutes on slow machines, when
soft lock ups happen in the nested virt machine each test can run for like 5
hours clogging up CI infrastructure. It's best to fail quicker than that when
qemu or kernel are broken.
2021-10-09 18:31:27 +01:00
Yu Watanabe
6830c3a553
Merge pull request #20778 from yuwata/network-ipv6-token
network: rework IPv6 address generation mode
2021-10-07 23:24:00 +09:00
Luca Boccassi
c9d1c37c93 test: make OpenSSL checks optional in TEST-50-DISSECT
If the packages are built without libssl simply skip the signature
checks.

Oct 06 21:21:32 H systemd[1]: systemd 249.1249.gcc4df1f787.0 running in system mode (+PAM +AUDIT +SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT +GNUTLS -OPENSSL
...
Oct 06 21:22:21 H systemd[459]: Activation of signed Verity volume worked neither via the kernel nor in userspace, can't activate.

Follow-up for #20691
2021-10-07 08:41:33 +02:00
Luca Boccassi
0cf250022c
Merge pull request #20926 from yuwata/udev-net-wol-sopass
udev/net: introduce WakeOnLanPassword=
2021-10-06 23:36:05 +01:00
Frantisek Sumsal
f415cdb372 test: test udev with a _very_ long device name
Let's attempt to provide some coverage for #16161, #6867, and similar.
2021-10-07 03:17:44 +09:00
Yu Watanabe
d489317f59
Merge pull request #20935 from unusual-thoughts/fix-empty-argv
Fix #20933
2021-10-07 01:53:51 +09:00
Yu Watanabe
d3867133f0 udev/net: introduce WakeOnLanPassword=
Closes #20913.
2021-10-07 01:50:37 +09:00
Yu Watanabe
fe2a8b3d3f test-network: add tests for Token= in [IPv6Prefix] 2021-10-07 01:24:50 +09:00
Yu Watanabe
b48b6bd3b9 test-network: replace deprecated settings 2021-10-07 01:24:50 +09:00
Yu Watanabe
e609cd0694 network: introduce Token= setting in [IPv6Prefix]
Closes #20149.
2021-10-07 01:24:50 +09:00
Yu Watanabe
a73628e647 network: rename IPv6Token= in [Network] -> Token= in [IPv6AcceptRA]
The token is only used by received prefixes through RA.
2021-10-07 01:16:36 +09:00
Iago López Galeiras
e59ccd035c core: add RestrictFileSystems= fragment parser
It takes an allow or deny list of filesystems services should have
access to.
2021-10-06 10:52:14 +02:00
Henri Chain
29500cf8c4 core: fix SIGABRT on empty exec command argv
This verifies that the argv part of any exec_command parameters that
are sent through dbus is not empty at deserialization time.

There is an additional check in service.c service_verify() that again
checks if all exec_commands are correctly populated, after the service
has been loaded, whether through dbus or otherwise.

Fixes #20933.
2021-10-06 00:16:47 +09:00
Anita Zhang
a2ae2ba2ff
Merge pull request #20892 from yuwata/test-network-preferred-lifetime-zero
network: drop and warn duplicated address settings
2021-10-04 18:40:59 -07:00
Luca Boccassi
c82dc15b9f test: create and merge code coverage reports in integration tests
If -Db_coverage=true is used at build time, then ARTIFACT_DIRECTORY/TEST-XX-FOO.coverage-info
files are created with code coverage data, and run-integration-test.sh also
merges them into ARTIFACT_DIRECTORY/merged.coverage-info since the coveralls.io
helpers accept only a single file.
2021-10-04 16:40:49 +01:00
Yu Watanabe
40971657ce test-network: add tests for duplicated address setting
Also, add more tests for PreferredLifetime=0

C.f. #20891.
2021-10-04 18:26:35 +09:00
Zbigniew Jędrzejewski-Szmek
8f5bcd615b licensing: add forgotten spdx headers
Those are all "our" files, but we forgot to add the headers,
most likely because of non-standard file extensions.
2021-10-01 14:45:00 +02:00
Yu Watanabe
1924f26d2a
Merge pull request #20777 from benzea/benzea/fix-seccomp-filter
seccomp: Always install filters for native architecture
2021-10-01 15:12:55 +09:00
Michael Biebl
528dd6a423 networkd-test: fix resolved_domain_restricted_dns
megasearch.net was meant to be a non-existing bogus domain, and had been
for a long time. But it seems some domain grabber recently registered
it, and it's an actual thing now:

  $ host megasearch.net
  megasearch.net has address 207.148.248.143

This causes the test to fail randomly.

Use search.example.com instead which yields

  $ host search.example.com
  Host search.example.com not found: 3(NXDOMAIN)

Fixes: #18357
2021-10-01 14:34:00 +09:00
Frantisek Sumsal
e72be068b1 test: use a less restrictive portable profile when running w/ sanitizers
Since f833df3 we now actually use the seccomp rules defined in portable
profiles. However, the default one is too restrictive for sanitizers, as
it blocks certain syscall required by LSan. Mitigate this by using the
'trusted' profile when running TEST-29-PORTABLE under sanitizers.
2021-09-30 14:23:27 +02:00
Frantisek Sumsal
1c3f490f23 test: shellcheck-ify test scripts 2021-09-30 12:12:00 +02:00
Frantisek Sumsal
91c64ad620 test: drop an unused file 2021-09-30 12:11:27 +02:00
Benjamin Berg
e975a94559 test: Add failing/non-failing syscall filter test setting architecture
This adds a high level test verifying that syscall filtering in
combination with a simple architecture filter for the "native"
architecture works fine.
2021-09-30 08:06:25 +09:00
Yu Watanabe
78fac35811
Merge pull request #20823 from mrc0mmand/test-storage-iscsi
test: iSCSI-related udev tests
2021-09-29 23:17:43 +09:00
Anita Zhang
14bb729534 basic/unit-file: don't filter out names starting with dot
Fixes #20859
Reverts 3796bdc55d
2021-09-29 14:42:13 +02:00
Frantisek Sumsal
9cb41c3326 test: iSCSI-related udev tests 2021-09-29 10:05:21 +02:00
Frantisek Sumsal
aedb60043a test: save journals of only failing test cases in TEST-64 2021-09-29 10:05:21 +02:00
Frantisek Sumsal
7074c047c1 test: explicitly report if we fail to install a file into the image 2021-09-29 10:05:21 +02:00
Frantisek Sumsal
f4e64b6e34 test: add an iSCSI helper 2021-09-29 10:05:21 +02:00
Frantisek Sumsal
5f25c30ee8 test: sort the features alphabetically 2021-09-29 10:05:21 +02:00
Lennart Poettering
2c424ee0aa tests: extend TEST-50-DISSECT to look for verity signatures 2021-09-28 17:06:45 +02:00
Albert Brox
5918a93355 core: implement RuntimeMaxDeltaSec directive 2021-09-28 16:46:20 +02:00
alexlzhu
8c35c10d20 core: Add ExecSearchPath parameter to specify the directory relative to which binaries executed by Exec*= should be found
Currently there does not exist a way to specify a path relative to which
all binaries executed by Exec should be found. The only way is to
specify the absolute path.

This change implements the functionality to specify a path relative to which
binaries executed by Exec*= can be found.

Closes #6308
2021-09-28 14:52:27 +01:00
Yu Watanabe
94832e6e55 test: also rename {test,fuzz}-lldp.c 2021-09-27 23:55:11 +09:00
Lennart Poettering
49e9218ae3
Merge pull request #20768 from pdmorrow/shutdown_cgroup_ctrl
cgroups: apply StartupAllowedCPUs= and StartupAllowedMemoryNodes= during shutdown
2021-09-27 13:44:54 +02:00
Peter Morrow
1b75e5f343 fuzz: list directives in alphabetical order 2021-09-24 14:43:01 +01:00
Anita Zhang
2b33e41aaf link: connect 5 more properties to ethtool features
Sets up the follow properties and their corresponding ethtool feature:
- ReceiveVLANCTAGHardwareAcceleration == rx-vlan-hw-parse (or rxvlan)
- TransmitVLANCTAGHardwareAcceleration == tx-vlan-hw-insert (or txvlan)
- ReceiveVLANCTAGFilter == rx-vlan-filter
- TransmitVLANSTAGHardwareAcceleration == tx-vlan-stag-hw-insert
- NTupleFilter == rx-ntuple-filter (or ntuple)
2021-09-24 20:40:23 +09:00
Luca Boccassi
3a18c0e5f2
Merge pull request #20806 from fbuihuu/test-make-debug-tools-optional
test: make the installation of the debug tools optional in the image
2021-09-22 12:01:59 +01:00
Franck Bui
9fbb13acbc test: wc is needed by test/units/testsuite-50.sh 2021-09-22 09:04:52 +02:00
Franck Bui
f7d47cc862 test: make the installation of the debug tools optional in the image 2021-09-22 08:37:34 +02:00
Luca Boccassi
71a80dcc0b
Merge pull request #20690 from DaanDeMeyer/oomd-user-services
oom: Support for user services
2021-09-21 15:39:48 +01:00
Daan De Meyer
064a5c1438 oom: Add support for user unit ManagedOOM property updates
Compared to PID1 where systemd-oomd has to be the client to PID1
because PID1 is a more privileged process than systemd-oomd, systemd-oomd
is the more privileged process compared to a user manager so we have
user managers be the client whereas systemd-oomd is now the server.

The same varlink protocol is used between user managers and systemd-oomd
to deliver ManagedOOM property updates. systemd-oomd now sets up a varlink
server that user managers connect to to send ManagedOOM property updates.

We also add extra validation to make sure that non-root senders don't
send updates for cgroups they don't own.

The integration test was extended to repeat the chill/bloat test using
a user manager instead of PID1.
2021-09-20 13:53:11 +01:00
Frantisek Sumsal
26a5ae8e95 test: dump the test output to console as well for easier debugging 2021-09-19 13:46:55 +02:00
Frantisek Sumsal
41187e716d test: regenerate module dependencies after installing all modules 2021-09-19 13:46:55 +02:00
Frantisek Sumsal
abfa9a0e7d test: fix error handling with set -e
Unfortunately, when checking the return/exit code using &&, ||, if,
while, etc., `set -e` is disabled for all nested functions as well,
which leads to incorrectly ignored errors, *sigh*.

Example:

```
set -eu
set -o pipefail

task() {
    echo "task init"
    echo "this should fail"
    false
    nonexistentcommand
    echo "task end (we shouldn't be here)"
}

if ! task; then
    echo >&2 "The task failed"
    exit 1
else
    echo "The task passed"
fi
```

```
$ bash test.sh
task init
this should fail
test.sh: line 10: nonexistentcommand: command not found
task end (we shouldn't be here)
The task passed
$ echo $?
0
```

But without the `if`, everything works "as expected":

```
set -eu
set -o pipefail

task() {
    echo "task init"
    echo "this should fail"
    false
    nonexistentcommand
    echo "task end (we shouldn't be here)"
}

task
```

```
$ bash test.sh
task init
this should fail
$ echo $?
1
```

Wonderful.
2021-09-19 13:46:55 +02:00
Frantisek Sumsal
b1471e559e test: btrfs-related udev tests 2021-09-19 13:46:49 +02:00
Frantisek Sumsal
677acd2101 test: check symlinks under /dev/mapper by default as well 2021-09-18 20:44:34 +02:00
Frantisek Sumsal
de11005c1a test: use subshells a bit more
to tweak shell flags in specific functions without affecting the rest of
the script.
2021-09-18 20:44:34 +02:00
Frantisek Sumsal
b216501a8e test: cleanup the intermediate disk images 2021-09-18 20:44:34 +02:00
Frantisek Sumsal
70ec7736f8 test: tidy up the feature handling 2021-09-18 20:44:34 +02:00
Frantisek Sumsal
babe935563 test: add a btrfs helper 2021-09-18 20:44:34 +02:00
Frantisek Sumsal
dbc04797c1 test: lower the number of iterations in LVM tests
as some of the operations take a really long time.
2021-09-18 20:44:34 +02:00
Frantisek Sumsal
776fc8c385 test: unify handling of supported "features" 2021-09-17 17:45:39 +02:00
Luca Boccassi
1dcd91ad11
Merge pull request #20758 from yuwata/test-17-udev-cleanups
test: several cleanups for TEST-17-UDEV
2021-09-16 09:45:10 +01:00
Yu Watanabe
2d253d7206
Merge pull request #20721 from mrc0mmand/test-storage-lvm
test: udev/LVM storage tests
2021-09-16 12:39:24 +09:00
Yu Watanabe
a871f3bb54 test: drop unnecessary sleep and 'udevadm settle'
After the triggered events are processed, all symlinks which store
watch handles should be valid.
2021-09-16 06:55:11 +09:00
Yu Watanabe
a9d8bebacd test: use --settle option for udevadm trigger 2021-09-16 06:55:11 +09:00
Yu Watanabe
e70f57796d test: use --settle option for udevadm trigger
Then, we can drop the loops.
This also drops unnecessary `udevadm control --reload`.
2021-09-16 06:55:04 +09:00
Yu Watanabe
9228ecaf8c test: use /dev/null instead of the loop back network interface
It should faster to be processed. So, we can shorten the timeout.
Also, this makes the test use `udevadm trigger`.
2021-09-16 06:46:19 +09:00
Yu Watanabe
26146d82db test: use --settle option for udevadm trigger 2021-09-16 06:39:48 +09:00
Frantisek Sumsal
0203b2e4be test: basic LVM tests 2021-09-15 20:17:50 +02:00
Luca Boccassi
e236711fd7 test: document autopkgtest CI infrastructure 2021-09-15 14:58:38 +02:00
Peter Morrow
88a56dc8d6 fuzz: add StartupAllowedCPUs and StartupAllowedMemoryNodes to directives
Signed-off-by: Peter Morrow <pemorrow@linux.microsoft.com>
2021-09-15 09:52:12 +01:00
Frantisek Sumsal
6df0259732 test: check if all paths passed to helper_check_device_symlinks() are valid 2021-09-14 19:15:13 +02:00
Frantisek Sumsal
a0560b93ea test: make helper_check_device_symlinks() less verbose 2021-09-14 19:15:13 +02:00
Frantisek Sumsal
df72bd45f3 test: handle arbitrary paths in helper_check_device_symlinks() 2021-09-14 19:15:13 +02:00
Frantisek Sumsal
4999f3688f test: add an LVM helper 2021-09-14 19:15:13 +02:00