shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-01-11 09:18:07 +03:00
Code
26dcc13c2c
systemd/test/units/testsuite-29.sh

300 lines
15 KiB
Bash
Raw Normal View History

treewide: more portable bash shebangs As in 2a5fcfae024ffc370bb780572279f45a1da3f946 and in 3e67e5c9928f8b1e1c5a63def88d53ed1fed12eb using /usr/bin/env allows bash to be looked up in PATH rather than being hard-coded. As with the previous changes the same arguments apply - distributions have scripts to rewrite shebangs on installation and they know what locations to rely on. - For tests/compilation we should rather rely on the user to have setup there PATH correctly. In particular this makes testing from git easier on NixOS where do not provide /bin/bash to improve compose-ability.
2020-03-04 12:35:06 +03:00
#!/usr/bin/env bash
tests: add spdx headers to scripts and Makefiles
2021-10-17 19:13:06 +03:00
# SPDX-License-Identifier: LGPL-2.1-or-later
test: merge udev tests
2021-03-05 12:36:04 +03:00
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
test: use set -eux and set -o pipefail everywhere This should make the scripts more robust.
2021-04-09 20:39:41 +03:00
set -eux
test: add test for ID_RENAMING= udev property handling by pid1
2019-03-07 08:47:43 +03:00
set -o pipefail
test-29-portable: extend timeout for slower environment
2022-08-31 17:10:43 +03:00
# Set longer timeout for slower machines, e.g. non-KVM vm.
mkdir -p /run/systemd/system.conf.d
cat >/run/systemd/system.conf.d/10-timeout.conf <<EOF
test: actually set SYSTEMD_DISSECT_VERITY_TIMEOUT_SEC=30 Without the section header the assignments were effectively ignored. Follow-up to 9fff8e1fdd222f8f05b9ecf170814a9059acfc78.
2022-09-03 19:51:56 +03:00
[Manager]
test-29-portable: extend timeout for slower environment
2022-08-31 17:10:43 +03:00
DefaultEnvironment=SYSTEMD_DISSECT_VERITY_TIMEOUT_SEC=30
ManagerEnvironment=SYSTEMD_DISSECT_VERITY_TIMEOUT_SEC=30
EOF
systemctl daemon-reexec
export SYSTEMD_DISSECT_VERITY_TIMEOUT_SEC=30
test-29-portable: enable debugging logs of udevd
2022-08-31 17:12:26 +03:00
udevadm control --log-level debug
test: use a less restrictive portable profile when running w/ sanitizers Since f833df3 we now actually use the seccomp rules defined in portable profiles. However, the default one is too restrictive for sanitizers, as it blocks certain syscall required by LSan. Mitigate this by using the 'trusted' profile when running TEST-29-PORTABLE under sanitizers.
2021-09-30 15:14:19 +03:00
ARGS=()
test: bump the `reattach` timeout when running w/ plain QEMU As it might sometimes take slightly longer without the acceleration: ``` [ 176.805681] testsuite-29.sh[534]: + cp /usr/share/app1.raw /tmp/app1_2.raw [ 176.885365] testsuite-29.sh[534]: + timeout 30 portablectl reattach --now --runtime --extension /tmp/app1_2.raw /usr/share/minimal_1.raw app1 [ 177.053358] portablectl[993]: (Matching unit files with prefixes 'app1'.) [ 177.138770] kernel: loop0: detected capacity change from 0 to 2965504 [ 177.343137] kernel: loop1: detected capacity change from 0 to 4096 ... [ 201.932062] systemd[1]: app1.service: Deactivated successfully. [ 202.009310] systemd[1]: Stopped app1.service. [ 202.053776] systemd[1]: app1.service: Consumed 2.183s CPU time. [ 202.125061] systemd[1]: Stopping app1.service... [ 202.611760] systemd[1]: Starting modprobe@dm_mod.service... [ 202.851031] systemd[1]: Starting modprobe@dm_verity.service... [ 202.909352] systemd[1]: Starting modprobe@loop.service... [ 203.198918] systemd[1]: Starting app1.service... [ 207.145494] kernel: audit: type=1130 audit(1663770336.105:428): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=testsuite-29 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 207.652545] systemd[1]: testsuite-29.service: Main process exited, code=exited, status=124/n/a [ 207.665088] systemd[1]: testsuite-29.service: Failed with result 'exit-code'. [ 207.830522] systemd[1]: Failed to start testsuite-29.service. ... [ 208.889449] script1.sh[1035]: ID="centos" [ 208.889449] script1.sh[1035]: VERSION_ID="8" [ 208.889449] script1.sh[1035]: SYSEXT_SCOPE=portable [ 208.889449] script1.sh[1035]: PORTABLE_PREFIXES=app1 ... [ 214.155097] systemd[1]: app1.service: Deactivated successfully. ``` Spotted in Ubuntu CI and CentOS CI. Follow-up to 706c9a30ac.
2022-09-29 15:23:11 +03:00
STATE_DIRECTORY=/var/lib/private/
test: use a less restrictive portable profile when running w/ sanitizers Since f833df3 we now actually use the seccomp rules defined in portable profiles. However, the default one is too restrictive for sanitizers, as it blocks certain syscall required by LSan. Mitigate this by using the 'trusted' profile when running TEST-29-PORTABLE under sanitizers.
2021-09-30 15:14:19 +03:00
if [[ -v ASAN_OPTIONS || -v UBSAN_OPTIONS ]]; then
# If we're running under sanitizers, we need to use a less restrictive
# profile, otherwise LSan syscall would get blocked by seccomp
ARGS+=(--profile=trusted)
core: do not attempt to add 'private' symlinks when RootImage/RootDirectory are used A bind mount is added directly from private on the host to the actual destination directory, no need for the symlinks (which cannot be created as the bind mount happens first and creates the target as an actual directory) Fixes https://github.com/systemd/systemd/issues/22264
2022-01-27 17:10:34 +03:00
# With the trusted profile DynamicUser is disabled, so the storage is not in private/
test: bump the `reattach` timeout when running w/ plain QEMU As it might sometimes take slightly longer without the acceleration: ``` [ 176.805681] testsuite-29.sh[534]: + cp /usr/share/app1.raw /tmp/app1_2.raw [ 176.885365] testsuite-29.sh[534]: + timeout 30 portablectl reattach --now --runtime --extension /tmp/app1_2.raw /usr/share/minimal_1.raw app1 [ 177.053358] portablectl[993]: (Matching unit files with prefixes 'app1'.) [ 177.138770] kernel: loop0: detected capacity change from 0 to 2965504 [ 177.343137] kernel: loop1: detected capacity change from 0 to 4096 ... [ 201.932062] systemd[1]: app1.service: Deactivated successfully. [ 202.009310] systemd[1]: Stopped app1.service. [ 202.053776] systemd[1]: app1.service: Consumed 2.183s CPU time. [ 202.125061] systemd[1]: Stopping app1.service... [ 202.611760] systemd[1]: Starting modprobe@dm_mod.service... [ 202.851031] systemd[1]: Starting modprobe@dm_verity.service... [ 202.909352] systemd[1]: Starting modprobe@loop.service... [ 203.198918] systemd[1]: Starting app1.service... [ 207.145494] kernel: audit: type=1130 audit(1663770336.105:428): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=testsuite-29 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 207.652545] systemd[1]: testsuite-29.service: Main process exited, code=exited, status=124/n/a [ 207.665088] systemd[1]: testsuite-29.service: Failed with result 'exit-code'. [ 207.830522] systemd[1]: Failed to start testsuite-29.service. ... [ 208.889449] script1.sh[1035]: ID="centos" [ 208.889449] script1.sh[1035]: VERSION_ID="8" [ 208.889449] script1.sh[1035]: SYSEXT_SCOPE=portable [ 208.889449] script1.sh[1035]: PORTABLE_PREFIXES=app1 ... [ 214.155097] systemd[1]: app1.service: Deactivated successfully. ``` Spotted in Ubuntu CI and CentOS CI. Follow-up to 706c9a30ac.
2022-09-29 15:23:11 +03:00
STATE_DIRECTORY=/var/lib/
test: use a less restrictive portable profile when running w/ sanitizers Since f833df3 we now actually use the seccomp rules defined in portable profiles. However, the default one is too restrictive for sanitizers, as it blocks certain syscall required by LSan. Mitigate this by using the 'trusted' profile when running TEST-29-PORTABLE under sanitizers.
2021-09-30 15:14:19 +03:00
fi
test: test new SYSEXT_SCOPE=/PORTABLE_PREFIXES= fields in TEST-29
2021-11-23 18:34:40 +03:00
systemd-dissect --no-pager /usr/share/minimal_0.raw | grep -q '✓ portable service'
systemd-dissect --no-pager /usr/share/minimal_1.raw | grep -q '✓ portable service'
dissect: allow confext/sysext to be in the same image This reworks the image discovery logic, and conceptually allows DDIs that are both confext and sysext to exist. Previously we'd only extract one type of exension data from a DDI, with this we allow to extract both if both exist. This doesn't add support for true "multi-modal" DDIs, that qualify as various things at once, it just lays some ground work that ensures we at least can dissect such images. This reworks 484d26dac1e8e543fc9e300e3c1fa36be0769f7d quite a bit. This changes systemd-dissect's JSON output, but given the version with the fields it changes/dops has never been released (as the above patch was merged post-v254) this shouldn't be an issue.
2023-10-10 17:04:51 +03:00
systemd-dissect --no-pager /usr/share/app0.raw | grep -q '✓ sysext for portable service'
systemd-dissect --no-pager /usr/share/app1.raw | grep -q '✓ sysext for portable service'
portable: add support for confext Support confexts for portable services
2023-08-16 21:43:06 +03:00
systemd-dissect --no-pager /usr/share/conf0.raw | grep -q '✓ confext for portable service'
test: test new SYSEXT_SCOPE=/PORTABLE_PREFIXES= fields in TEST-29
2021-11-23 18:34:40 +03:00
test: merge udev tests
2021-03-05 12:36:04 +03:00
export SYSTEMD_LOG_LEVEL=debug
extension-release: search for other files if expected name not found In some cases image names are unpredictable - some orchestrators/deployment tools like to mangle names to suit their internal formats. In these cases, the requirement that the extension-release file matches exactly the image name where it's contained cannot work. Allow falling back to loading the first regular file which name starts with 'extension-release' located in /usr/lib/extension-release.d/ and tagged with a user.extension-release.strict extended attribute with a true value, if the one with the expected name cannot be found.
2021-07-22 22:41:34 +03:00
mkdir -p /run/systemd/system/systemd-portabled.service.d/
cat <<EOF >/run/systemd/system/systemd-portabled.service.d/override.conf
[Service]
Environment=SYSTEMD_LOG_LEVEL=debug
EOF
test: add test for ID_RENAMING= udev property handling by pid1
2019-03-07 08:47:43 +03:00
test: rename service used in TEST-29-PORTABLE to avoid conflict There's an app0.service in the extension app0.raw, so don't use the same name for a unit in minimal.raw
2022-01-27 17:07:20 +03:00
portablectl "${ARGS[@]}" attach --now --runtime /usr/share/minimal_0.raw minimal-app0
test: add test for ID_RENAMING= udev property handling by pid1
2019-03-07 08:47:43 +03:00
portablectl: fix regression when using --force without extension parameters c18f4eb9e96836a made it possible to use --force with various verbs, by going through the newer D-Bus methods. Except it didn't, as it regressed during PR review refactorings, and nobody noticed because there were no tests for it. Fix it, and add tests. Follow-up for c18f4eb9e96836a6a8285ec42fd8a34c8909f6d9
2023-08-04 15:34:00 +03:00
portablectl is-attached minimal-app0
portablectl inspect /usr/share/minimal_0.raw minimal-app0.service
test: rename service used in TEST-29-PORTABLE to avoid conflict There's an app0.service in the extension app0.raw, so don't use the same name for a unit in minimal.raw
2022-01-27 17:07:20 +03:00
systemctl is-active minimal-app0.service
systemctl is-active minimal-app0-foo.service
systemctl is-active minimal-app0-bar.service && exit 1
test: merge udev tests
2021-03-05 12:36:04 +03:00
test: drop timeout when running portablectl The deadlock should be resolved by #28123, so let's check if it's indeed the case.
2023-06-24 11:35:12 +03:00
portablectl "${ARGS[@]}" reattach --now --runtime /usr/share/minimal_1.raw minimal-app0
test: merge udev tests
2021-03-05 12:36:04 +03:00
portablectl: fix regression when using --force without extension parameters c18f4eb9e96836a made it possible to use --force with various verbs, by going through the newer D-Bus methods. Except it didn't, as it regressed during PR review refactorings, and nobody noticed because there were no tests for it. Fix it, and add tests. Follow-up for c18f4eb9e96836a6a8285ec42fd8a34c8909f6d9
2023-08-04 15:34:00 +03:00
portablectl is-attached minimal-app0
portablectl inspect /usr/share/minimal_0.raw minimal-app0.service
test: rename service used in TEST-29-PORTABLE to avoid conflict There's an app0.service in the extension app0.raw, so don't use the same name for a unit in minimal.raw
2022-01-27 17:07:20 +03:00
systemctl is-active minimal-app0.service
systemctl is-active minimal-app0-bar.service
systemctl is-active minimal-app0-foo.service && exit 1
test: add test for ID_RENAMING= udev property handling by pid1
2019-03-07 08:47:43 +03:00
test: merge udev tests
2021-03-05 12:36:04 +03:00
portablectl list | grep -q -F "minimal_1"
test: add test for bus introspection of portable1 Follow-up for #23454.
2022-05-20 22:14:03 +03:00
busctl tree org.freedesktop.portable1 --no-pager | grep -q -F '/org/freedesktop/portable1/image/minimal_5f1'
test: add test for ID_RENAMING= udev property handling by pid1
2019-03-07 08:47:43 +03:00
test: rename service used in TEST-29-PORTABLE to avoid conflict There's an app0.service in the extension app0.raw, so don't use the same name for a unit in minimal.raw
2022-01-27 17:07:20 +03:00
portablectl detach --now --runtime /usr/share/minimal_1.raw minimal-app0
test: add test for ID_RENAMING= udev property handling by pid1
2019-03-07 08:47:43 +03:00
test: merge udev tests
2021-03-05 12:36:04 +03:00
portablectl list | grep -q -F "No images."
test: add test for bus introspection of portable1 Follow-up for #23454.
2022-05-20 22:14:03 +03:00
busctl tree org.freedesktop.portable1 --no-pager | grep -q -F '/org/freedesktop/portable1/image/minimal_5f1' && exit 1
portablectl: fix regression when using --force without extension parameters c18f4eb9e96836a made it possible to use --force with various verbs, by going through the newer D-Bus methods. Except it didn't, as it regressed during PR review refactorings, and nobody noticed because there were no tests for it. Fix it, and add tests. Follow-up for c18f4eb9e96836a6a8285ec42fd8a34c8909f6d9
2023-08-04 15:34:00 +03:00
# Ensure we don't regress (again) when using --force
portablectl "${ARGS[@]}" attach --force --now --runtime /usr/share/minimal_0.raw minimal-app0
portablectl is-attached --force minimal-app0
portablectl inspect --force /usr/share/minimal_0.raw minimal-app0.service
systemctl is-active minimal-app0.service
systemctl is-active minimal-app0-foo.service
systemctl is-active minimal-app0-bar.service && exit 1
portablectl "${ARGS[@]}" reattach --force --now --runtime /usr/share/minimal_1.raw minimal-app0
portablectl is-attached --force minimal-app0
portablectl inspect --force /usr/share/minimal_0.raw minimal-app0.service
systemctl is-active minimal-app0.service
systemctl is-active minimal-app0-bar.service
systemctl is-active minimal-app0-foo.service && exit 1
portablectl list | grep -q -F "minimal_1"
busctl tree org.freedesktop.portable1 --no-pager | grep -q -F '/org/freedesktop/portable1/image/minimal_5f1'
portablectl detach --force --now --runtime /usr/share/minimal_1.raw minimal-app0
portablectl list | grep -q -F "No images."
busctl tree org.freedesktop.portable1 --no-pager | grep -q -F '/org/freedesktop/portable1/image/minimal_5f1' && exit 1
test: add test for ID_RENAMING= udev property handling by pid1
2019-03-07 08:47:43 +03:00
test: merge udev tests
2021-03-05 12:36:04 +03:00
# portablectl also works with directory paths rather than images
test: add test for ID_RENAMING= udev property handling by pid1
2019-03-07 08:47:43 +03:00
TEST-29: do not pass -q to mk/unsquashfs, not supported on CentOS 8
2022-03-07 19:20:42 +03:00
unsquashfs -dest /tmp/minimal_0 /usr/share/minimal_0.raw
unsquashfs -dest /tmp/minimal_1 /usr/share/minimal_1.raw
test: add test for ID_RENAMING= udev property handling by pid1
2019-03-07 08:47:43 +03:00
test: rename service used in TEST-29-PORTABLE to avoid conflict There's an app0.service in the extension app0.raw, so don't use the same name for a unit in minimal.raw
2022-01-27 17:07:20 +03:00
portablectl "${ARGS[@]}" attach --copy=symlink --now --runtime /tmp/minimal_0 minimal-app0
test: add test for ID_RENAMING= udev property handling by pid1
2019-03-07 08:47:43 +03:00
test: rename service used in TEST-29-PORTABLE to avoid conflict There's an app0.service in the extension app0.raw, so don't use the same name for a unit in minimal.raw
2022-01-27 17:07:20 +03:00
systemctl is-active minimal-app0.service
systemctl is-active minimal-app0-foo.service
systemctl is-active minimal-app0-bar.service && exit 1
test: merge udev tests
2021-03-05 12:36:04 +03:00
test: drop timeout when running portablectl The deadlock should be resolved by #28123, so let's check if it's indeed the case.
2023-06-24 11:35:12 +03:00
portablectl "${ARGS[@]}" reattach --now --enable --runtime /tmp/minimal_1 minimal-app0
test: merge udev tests
2021-03-05 12:36:04 +03:00
test: rename service used in TEST-29-PORTABLE to avoid conflict There's an app0.service in the extension app0.raw, so don't use the same name for a unit in minimal.raw
2022-01-27 17:07:20 +03:00
systemctl is-active minimal-app0.service
systemctl is-active minimal-app0-bar.service
systemctl is-active minimal-app0-foo.service && exit 1
test: add test for ID_RENAMING= udev property handling by pid1
2019-03-07 08:47:43 +03:00
test: merge udev tests
2021-03-05 12:36:04 +03:00
portablectl list | grep -q -F "minimal_1"
test: add test for bus introspection of portable1 Follow-up for #23454.
2022-05-20 22:14:03 +03:00
busctl tree org.freedesktop.portable1 --no-pager | grep -q -F '/org/freedesktop/portable1/image/minimal_5f1'
test: add test for device renaming issue #16967
2020-09-14 09:44:30 +03:00
test: rename service used in TEST-29-PORTABLE to avoid conflict There's an app0.service in the extension app0.raw, so don't use the same name for a unit in minimal.raw
2022-01-27 17:07:20 +03:00
portablectl detach --now --enable --runtime /tmp/minimal_1 minimal-app0
test: add test for device renaming issue #16967
2020-09-14 09:44:30 +03:00
test: merge udev tests
2021-03-05 12:36:04 +03:00
portablectl list | grep -q -F "No images."
test: add test for bus introspection of portable1 Follow-up for #23454.
2022-05-20 22:14:03 +03:00
busctl tree org.freedesktop.portable1 --no-pager | grep -q -F '/org/freedesktop/portable1/image/minimal_5f1' && exit 1
test: add test for device renaming issue #16967
2020-09-14 09:44:30 +03:00
test: use a less restrictive portable profile when running w/ sanitizers Since f833df3 we now actually use the seccomp rules defined in portable profiles. However, the default one is too restrictive for sanitizers, as it blocks certain syscall required by LSan. Mitigate this by using the 'trusted' profile when running TEST-29-PORTABLE under sanitizers.
2021-09-30 15:14:19 +03:00
portablectl "${ARGS[@]}" attach --now --runtime --extension /usr/share/app0.raw /usr/share/minimal_0.raw app0
portabled: add --extension parameter for layered images support Add an --extension parameter to portablectl, and new DBUS methods to attach/detach/reattach/inspect. Allows to append separate images on top of the root directory (os-release will be searched in there) and mount the images using an overlay-like setup (unit files will be searched in there) using the new ExtensionImages service option.
2020-06-23 15:09:42 +03:00
extension-release: search for other files if expected name not found In some cases image names are unpredictable - some orchestrators/deployment tools like to mangle names to suit their internal formats. In these cases, the requirement that the extension-release file matches exactly the image name where it's contained cannot work. Allow falling back to loading the first regular file which name starts with 'extension-release' located in /usr/lib/extension-release.d/ and tagged with a user.extension-release.strict extended attribute with a true value, if the one with the expected name cannot be found.
2021-07-22 22:41:34 +03:00
systemctl is-active app0.service
portable: add GetImageStateWithExtensions method Allow to correctly query a layered portable service for attached/detached state.
2022-01-24 20:42:32 +03:00
status="$(portablectl is-attached --extension app0 minimal_0)"
[[ "${status}" == "running-runtime" ]]
extension-release: search for other files if expected name not found In some cases image names are unpredictable - some orchestrators/deployment tools like to mangle names to suit their internal formats. In these cases, the requirement that the extension-release file matches exactly the image name where it's contained cannot work. Allow falling back to loading the first regular file which name starts with 'extension-release' located in /usr/lib/extension-release.d/ and tagged with a user.extension-release.strict extended attribute with a true value, if the one with the expected name cannot be found.
2021-07-22 22:41:34 +03:00
portable: add PORTABLE_NAME_AND_VERSION= and other metadata to LogsExtraFields= This is useful to identify log messages with metadata from the images they run on. Look for ID/VERSION_ID/IMAGE_ID/IMAGE_VERSION/BUILD_ID, with a SYSEXT_ prefix if we are looking at an extension, and append via LogExtraFields= as respectively PORTABLE_NAME_AND_VERSION= in case of a single image. In case of extensions, append as PORTABLE_ROOT_NAME_AND_VERSION= for the base and one PORTABLE_EXTENSION_AND_VERSION= for each extension. Example with a base and two extensions, with the unit coming from the first extension: [Service] RootImage=/home/bluca/git/systemd/base.raw Environment=PORTABLE=app0.raw BindReadOnlyPaths=/etc/os-release:/run/host/os-release LogExtraFields=PORTABLE=app0.raw Environment=PORTABLE_ROOT=base.raw LogExtraFields=PORTABLE_ROOT=base.raw LogExtraFields=PORTABLE_ROOT_NAME_AND_VERSION=debian_10 ExtensionImages=/home/bluca/git/systemd/app0.raw LogExtraFields=PORTABLE_EXTENSION=app0.raw LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app_0 ExtensionImages=/home/bluca/git/systemd/app1.raw LogExtraFields=PORTABLE_EXTENSION=app1.raw LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app_1
2023-03-23 04:23:04 +03:00
grep -q -F "LogExtraFields=PORTABLE_ROOT=minimal_0.raw" /run/systemd/system.attached/app0.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_EXTENSION=app0.raw" /run/systemd/system.attached/app0.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app" /run/systemd/system.attached/app0.service.d/20-portable.conf
test: drop timeout when running portablectl The deadlock should be resolved by #28123, so let's check if it's indeed the case.
2023-06-24 11:35:12 +03:00
portablectl "${ARGS[@]}" reattach --now --runtime --extension /usr/share/app0.raw /usr/share/minimal_1.raw app0
extension-release: search for other files if expected name not found In some cases image names are unpredictable - some orchestrators/deployment tools like to mangle names to suit their internal formats. In these cases, the requirement that the extension-release file matches exactly the image name where it's contained cannot work. Allow falling back to loading the first regular file which name starts with 'extension-release' located in /usr/lib/extension-release.d/ and tagged with a user.extension-release.strict extended attribute with a true value, if the one with the expected name cannot be found.
2021-07-22 22:41:34 +03:00
systemctl is-active app0.service
portable: add GetImageStateWithExtensions method Allow to correctly query a layered portable service for attached/detached state.
2022-01-24 20:42:32 +03:00
status="$(portablectl is-attached --extension app0 minimal_1)"
[[ "${status}" == "running-runtime" ]]
extension-release: search for other files if expected name not found In some cases image names are unpredictable - some orchestrators/deployment tools like to mangle names to suit their internal formats. In these cases, the requirement that the extension-release file matches exactly the image name where it's contained cannot work. Allow falling back to loading the first regular file which name starts with 'extension-release' located in /usr/lib/extension-release.d/ and tagged with a user.extension-release.strict extended attribute with a true value, if the one with the expected name cannot be found.
2021-07-22 22:41:34 +03:00
portable: add PORTABLE_NAME_AND_VERSION= and other metadata to LogsExtraFields= This is useful to identify log messages with metadata from the images they run on. Look for ID/VERSION_ID/IMAGE_ID/IMAGE_VERSION/BUILD_ID, with a SYSEXT_ prefix if we are looking at an extension, and append via LogExtraFields= as respectively PORTABLE_NAME_AND_VERSION= in case of a single image. In case of extensions, append as PORTABLE_ROOT_NAME_AND_VERSION= for the base and one PORTABLE_EXTENSION_AND_VERSION= for each extension. Example with a base and two extensions, with the unit coming from the first extension: [Service] RootImage=/home/bluca/git/systemd/base.raw Environment=PORTABLE=app0.raw BindReadOnlyPaths=/etc/os-release:/run/host/os-release LogExtraFields=PORTABLE=app0.raw Environment=PORTABLE_ROOT=base.raw LogExtraFields=PORTABLE_ROOT=base.raw LogExtraFields=PORTABLE_ROOT_NAME_AND_VERSION=debian_10 ExtensionImages=/home/bluca/git/systemd/app0.raw LogExtraFields=PORTABLE_EXTENSION=app0.raw LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app_0 ExtensionImages=/home/bluca/git/systemd/app1.raw LogExtraFields=PORTABLE_EXTENSION=app1.raw LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app_1
2023-03-23 04:23:04 +03:00
grep -q -F "LogExtraFields=PORTABLE_ROOT=minimal_1.raw" /run/systemd/system.attached/app0.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_EXTENSION=app0.raw" /run/systemd/system.attached/app0.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app" /run/systemd/system.attached/app0.service.d/20-portable.conf
extension-release: search for other files if expected name not found In some cases image names are unpredictable - some orchestrators/deployment tools like to mangle names to suit their internal formats. In these cases, the requirement that the extension-release file matches exactly the image name where it's contained cannot work. Allow falling back to loading the first regular file which name starts with 'extension-release' located in /usr/lib/extension-release.d/ and tagged with a user.extension-release.strict extended attribute with a true value, if the one with the expected name cannot be found.
2021-07-22 22:41:34 +03:00
portablectl detach --now --runtime --extension /usr/share/app0.raw /usr/share/minimal_1.raw app0
test: use a less restrictive portable profile when running w/ sanitizers Since f833df3 we now actually use the seccomp rules defined in portable profiles. However, the default one is too restrictive for sanitizers, as it blocks certain syscall required by LSan. Mitigate this by using the 'trusted' profile when running TEST-29-PORTABLE under sanitizers.
2021-09-30 15:14:19 +03:00
portablectl "${ARGS[@]}" attach --now --runtime --extension /usr/share/app1.raw /usr/share/minimal_0.raw app1
portabled: add --extension parameter for layered images support Add an --extension parameter to portablectl, and new DBUS methods to attach/detach/reattach/inspect. Allows to append separate images on top of the root directory (os-release will be searched in there) and mount the images using an overlay-like setup (unit files will be searched in there) using the new ExtensionImages service option.
2020-06-23 15:09:42 +03:00
systemctl is-active app1.service
portable: add GetImageStateWithExtensions method Allow to correctly query a layered portable service for attached/detached state.
2022-01-24 20:42:32 +03:00
status="$(portablectl is-attached --extension app1 minimal_0)"
[[ "${status}" == "running-runtime" ]]
portabled: add --extension parameter for layered images support Add an --extension parameter to portablectl, and new DBUS methods to attach/detach/reattach/inspect. Allows to append separate images on top of the root directory (os-release will be searched in there) and mount the images using an overlay-like setup (unit files will be searched in there) using the new ExtensionImages service option.
2020-06-23 15:09:42 +03:00
portable: allow reattaching when one image has a version and the other does not A reattach might go from img.raw to img_0.1.raw or viceversa, but this is not allowed right now as we try to match the full name. Also take into account that running strcspn(a, '/') on an image name, without leading path, will return the length of the full string, but the versions might be different so they won't match, eg: img_0.1.raw -> 12 img_0.1.1.raw -> 14 So adjust the check to take that into account, and skip it if we are not dealing with directories
2022-03-24 00:29:04 +03:00
# Ensure that adding or removing a version to the image doesn't break reattaching
cp /usr/share/app1.raw /tmp/app1_2.raw
test: drop timeout when running portablectl The deadlock should be resolved by #28123, so let's check if it's indeed the case.
2023-06-24 11:35:12 +03:00
portablectl "${ARGS[@]}" reattach --now --runtime --extension /tmp/app1_2.raw /usr/share/minimal_1.raw app1
portable: allow reattaching when one image has a version and the other does not A reattach might go from img.raw to img_0.1.raw or viceversa, but this is not allowed right now as we try to match the full name. Also take into account that running strcspn(a, '/') on an image name, without leading path, will return the length of the full string, but the versions might be different so they won't match, eg: img_0.1.raw -> 12 img_0.1.1.raw -> 14 So adjust the check to take that into account, and skip it if we are not dealing with directories
2022-03-24 00:29:04 +03:00
systemctl is-active app1.service
status="$(portablectl is-attached --extension app1_2 minimal_1)"
[[ "${status}" == "running-runtime" ]]
test: drop timeout when running portablectl The deadlock should be resolved by #28123, so let's check if it's indeed the case.
2023-06-24 11:35:12 +03:00
portablectl "${ARGS[@]}" reattach --now --runtime --extension /usr/share/app1.raw /usr/share/minimal_1.raw app1
portabled: add --extension parameter for layered images support Add an --extension parameter to portablectl, and new DBUS methods to attach/detach/reattach/inspect. Allows to append separate images on top of the root directory (os-release will be searched in there) and mount the images using an overlay-like setup (unit files will be searched in there) using the new ExtensionImages service option.
2020-06-23 15:09:42 +03:00
systemctl is-active app1.service
portable: add GetImageStateWithExtensions method Allow to correctly query a layered portable service for attached/detached state.
2022-01-24 20:42:32 +03:00
status="$(portablectl is-attached --extension app1 minimal_1)"
[[ "${status}" == "running-runtime" ]]
portabled: add --extension parameter for layered images support Add an --extension parameter to portablectl, and new DBUS methods to attach/detach/reattach/inspect. Allows to append separate images on top of the root directory (os-release will be searched in there) and mount the images using an overlay-like setup (unit files will be searched in there) using the new ExtensionImages service option.
2020-06-23 15:09:42 +03:00
portablectl: add --force attach/detach Allows to skip check that ensures units must not be running. I have a use case that would use reattach, except the orchestrator is using a non-standard versioning scheme, so image matching cannot work. As a workaround, need to be able to detach and then attach manually, without stopping the units to avoid extended downtimes and loss of FD store.
2022-09-30 00:41:55 +03:00
portablectl detach --force --no-reload --runtime --extension /usr/share/app1.raw /usr/share/minimal_1.raw app1
portablectl "${ARGS[@]}" attach --force --no-reload --runtime --extension /usr/share/app1.raw /usr/share/minimal_0.raw app1
systemctl daemon-reload
systemctl restart app1.service
systemctl is-active app1.service
status="$(portablectl is-attached --extension app1 minimal_0)"
[[ "${status}" == "running-runtime" ]]
portablectl detach --now --runtime --extension /usr/share/app1.raw /usr/share/minimal_0.raw app1
portabled: add --extension parameter for layered images support Add an --extension parameter to portablectl, and new DBUS methods to attach/detach/reattach/inspect. Allows to append separate images on top of the root directory (os-release will be searched in there) and mount the images using an overlay-like setup (unit files will be searched in there) using the new ExtensionImages service option.
2020-06-23 15:09:42 +03:00
core: do not attempt to add 'private' symlinks when RootImage/RootDirectory are used A bind mount is added directly from private on the host to the actual destination directory, no need for the symlinks (which cannot be created as the bind mount happens first and creates the target as an actual directory) Fixes https://github.com/systemd/systemd/issues/22264
2022-01-27 17:10:34 +03:00
# Ensure that the combination of read-only images, state directory and dynamic user works, and that
# state is retained. Check after detaching, as on slow systems (eg: sanitizers) it might take a while
# after the service is attached before the file appears.
test: bump the `reattach` timeout when running w/ plain QEMU As it might sometimes take slightly longer without the acceleration: ``` [ 176.805681] testsuite-29.sh[534]: + cp /usr/share/app1.raw /tmp/app1_2.raw [ 176.885365] testsuite-29.sh[534]: + timeout 30 portablectl reattach --now --runtime --extension /tmp/app1_2.raw /usr/share/minimal_1.raw app1 [ 177.053358] portablectl[993]: (Matching unit files with prefixes 'app1'.) [ 177.138770] kernel: loop0: detected capacity change from 0 to 2965504 [ 177.343137] kernel: loop1: detected capacity change from 0 to 4096 ... [ 201.932062] systemd[1]: app1.service: Deactivated successfully. [ 202.009310] systemd[1]: Stopped app1.service. [ 202.053776] systemd[1]: app1.service: Consumed 2.183s CPU time. [ 202.125061] systemd[1]: Stopping app1.service... [ 202.611760] systemd[1]: Starting modprobe@dm_mod.service... [ 202.851031] systemd[1]: Starting modprobe@dm_verity.service... [ 202.909352] systemd[1]: Starting modprobe@loop.service... [ 203.198918] systemd[1]: Starting app1.service... [ 207.145494] kernel: audit: type=1130 audit(1663770336.105:428): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=testsuite-29 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 207.652545] systemd[1]: testsuite-29.service: Main process exited, code=exited, status=124/n/a [ 207.665088] systemd[1]: testsuite-29.service: Failed with result 'exit-code'. [ 207.830522] systemd[1]: Failed to start testsuite-29.service. ... [ 208.889449] script1.sh[1035]: ID="centos" [ 208.889449] script1.sh[1035]: VERSION_ID="8" [ 208.889449] script1.sh[1035]: SYSEXT_SCOPE=portable [ 208.889449] script1.sh[1035]: PORTABLE_PREFIXES=app1 ... [ 214.155097] systemd[1]: app1.service: Deactivated successfully. ``` Spotted in Ubuntu CI and CentOS CI. Follow-up to 706c9a30ac.
2022-09-29 15:23:11 +03:00
grep -q -F bar "${STATE_DIRECTORY}/app0/foo"
grep -q -F baz "${STATE_DIRECTORY}/app1/foo"
core: do not attempt to add 'private' symlinks when RootImage/RootDirectory are used A bind mount is added directly from private on the host to the actual destination directory, no need for the symlinks (which cannot be created as the bind mount happens first and creates the target as an actual directory) Fixes https://github.com/systemd/systemd/issues/22264
2022-01-27 17:10:34 +03:00
portable: allow caller to override extension-release name check When the --force flag is used, do not insist that the extension-release file has to match the extension image name
2022-10-11 20:58:33 +03:00
# Ensure that we can override the check on extension-release.NAME
cp /usr/share/app0.raw /tmp/app10.raw
portablectl "${ARGS[@]}" attach --force --now --runtime --extension /tmp/app10.raw /usr/share/minimal_0.raw app0
systemctl is-active app0.service
status="$(portablectl is-attached --extension /tmp/app10.raw /usr/share/minimal_0.raw)"
[[ "${status}" == "running-runtime" ]]
portablectl inspect --force --cat --extension /tmp/app10.raw /usr/share/minimal_0.raw app0 | grep -q -F "Extension Release: /tmp/app10.raw"
portablectl: fix detaching when an extension image has been deleted
2023-11-09 23:22:26 +03:00
# Ensure that we can detach even when an image has been deleted already (stop the unit manually as
# portablectl won't find it)
rm -f /tmp/app10.raw
systemctl stop app0.service
portablectl detach --force --runtime --extension /tmp/app10.raw /usr/share/minimal_0.raw app0
portable: allow caller to override extension-release name check When the --force flag is used, do not insist that the extension-release file has to match the extension image name
2022-10-11 20:58:33 +03:00
portable: add support for confext Support confexts for portable services
2023-08-16 21:43:06 +03:00
# portablectl also accepts confexts
portablectl "${ARGS[@]}" attach --now --runtime --extension /usr/share/app0.raw --extension /usr/share/conf0.raw /usr/share/minimal_0.raw app0
systemctl is-active app0.service
status="$(portablectl is-attached --extension /usr/share/app0.raw --extension /usr/share/conf0.raw /usr/share/minimal_0.raw)"
[[ "${status}" == "running-runtime" ]]
portablectl inspect --force --cat --extension /usr/share/app0.raw --extension /usr/share/conf0.raw /usr/share/minimal_0.raw app0 | grep -q -F "Extension Release: /usr/share/conf0.raw"
portablectl detach --now --runtime --extension /usr/share/app0.raw --extension /usr/share/conf0.raw /usr/share/minimal_0.raw app0
portable: add --copy=mixed to copy images and link profiles This new mode copies resources provided by the client, so that they remain available for inspect/detach even if the original images are deleted, but symlinks the profile as that is owned by the OS, so that updates are automatically applied.
2024-02-07 03:36:39 +03:00
# Ensure that mixed mode copies the images and units (client-owned) but symlinks the profile (OS owned)
portablectl "${ARGS[@]}" attach --copy=mixed --runtime --extension /usr/share/app0.raw /usr/share/minimal_0.raw app0
test -f /run/portables/app0.raw
test -f /run/portables/minimal_0.raw
test -f /run/systemd/system.attached/app0.service
test -L /run/systemd/system.attached/app0.service.d/10-profile.conf
portablectl detach --runtime --extension /usr/share/app0.raw /usr/share/minimal_0.raw app0
portabled: add --extension parameter for layered images support Add an --extension parameter to portablectl, and new DBUS methods to attach/detach/reattach/inspect. Allows to append separate images on top of the root directory (os-release will be searched in there) and mount the images using an overlay-like setup (unit files will be searched in there) using the new ExtensionImages service option.
2020-06-23 15:09:42 +03:00
# portablectl also works with directory paths rather than images
portable: add support for ExtensionDirectories in --extension Same as for the root os image, support passing a directory, using the new ExtensionDirectories setting.
2022-01-22 04:53:54 +03:00
mkdir /tmp/rootdir /tmp/app0 /tmp/app1 /tmp/overlay /tmp/os-release-fix /tmp/os-release-fix/etc
mount /usr/share/app0.raw /tmp/app0
extension-release: search for other files if expected name not found In some cases image names are unpredictable - some orchestrators/deployment tools like to mangle names to suit their internal formats. In these cases, the requirement that the extension-release file matches exactly the image name where it's contained cannot work. Allow falling back to loading the first regular file which name starts with 'extension-release' located in /usr/lib/extension-release.d/ and tagged with a user.extension-release.strict extended attribute with a true value, if the one with the expected name cannot be found.
2021-07-22 22:41:34 +03:00
mount /usr/share/app1.raw /tmp/app1
mount /usr/share/minimal_0.raw /tmp/rootdir
test: test new SYSEXT_SCOPE=/PORTABLE_PREFIXES= fields in TEST-29
2021-11-23 18:34:40 +03:00
# Fix up os-release to drop the valid PORTABLE_SERVICES field (because we are
# bypassing the sysext logic in portabled here it will otherwise not see the
# extensions additional valid prefix)
test: drop whitespace after shell redirection operators (The one case that is left unchanged is '< <(subcommand)'.) This way, the style with no gap was already dominant. This way, the reader immediately knows that ' < ' is a comparison operator and ' << ' is a shift. In a few cases, replace custom EOF replacement by just EOF. There is no point in using someting like "_EOL" unless "EOF" appears in the text.
2023-02-05 23:41:24 +03:00
grep -v "^PORTABLE_PREFIXES=" /tmp/rootdir/etc/os-release >/tmp/os-release-fix/etc/os-release
test: test new SYSEXT_SCOPE=/PORTABLE_PREFIXES= fields in TEST-29
2021-11-23 18:34:40 +03:00
mount -t overlay overlay -o lowerdir=/tmp/os-release-fix:/tmp/app1:/tmp/rootdir /tmp/overlay
grep . /tmp/overlay/usr/lib/extension-release.d/*
grep . /tmp/overlay/etc/os-release
portabled: add --extension parameter for layered images support Add an --extension parameter to portablectl, and new DBUS methods to attach/detach/reattach/inspect. Allows to append separate images on top of the root directory (os-release will be searched in there) and mount the images using an overlay-like setup (unit files will be searched in there) using the new ExtensionImages service option.
2020-06-23 15:09:42 +03:00
test: use a less restrictive portable profile when running w/ sanitizers Since f833df3 we now actually use the seccomp rules defined in portable profiles. However, the default one is too restrictive for sanitizers, as it blocks certain syscall required by LSan. Mitigate this by using the 'trusted' profile when running TEST-29-PORTABLE under sanitizers.
2021-09-30 15:14:19 +03:00
portablectl "${ARGS[@]}" attach --copy=symlink --now --runtime /tmp/overlay app1
portabled: add --extension parameter for layered images support Add an --extension parameter to portablectl, and new DBUS methods to attach/detach/reattach/inspect. Allows to append separate images on top of the root directory (os-release will be searched in there) and mount the images using an overlay-like setup (unit files will be searched in there) using the new ExtensionImages service option.
2020-06-23 15:09:42 +03:00
systemctl is-active app1.service
portablectl detach --now --runtime overlay app1
umount /tmp/overlay
portable: add support for ExtensionDirectories in --extension Same as for the root os image, support passing a directory, using the new ExtensionDirectories setting.
2022-01-22 04:53:54 +03:00
portablectl "${ARGS[@]}" attach --copy=symlink --now --runtime --extension /tmp/app0 --extension /tmp/app1 /tmp/rootdir app0 app1
systemctl is-active app0.service
systemctl is-active app1.service
portable: add flag to return extension-releases in GetImageMetadataWithExtensions Return the name of each extension and the associated extension-release file, and pretty-print them in 'portablectl inspect', if a new flag is passed. $ portablectl inspect --extension app2 --extension app0 minimal app0 app1 (Matching unit files with prefixes 'app0', 'app1'.) Image: /run/portables/minimal.raw Portable Service: n/a Operating System: Debian GNU/Linux 10 (buster) Extension: /run/portables/app2.raw Extension Scope: n/a Extension Compatibility Level: n/a Portable Service: n/a Portable Prefixes: n/a Operating System: n/a (debian 10) Extension: /run/portables/app0.raw Extension Scope: n/a Extension Compatibility Level: n/a Portable Service: n/a Portable Prefixes: n/a Operating System: n/a (debian 10) Unit files: app0.service
2022-01-25 18:49:22 +03:00
portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -q -f /tmp/rootdir/usr/lib/os-release
portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -q -f /tmp/app0/usr/lib/extension-release.d/extension-release.app0
portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -q -f /tmp/app1/usr/lib/extension-release.d/extension-release.app2
portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -q -f /tmp/app1/usr/lib/systemd/system/app1.service
portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -q -f /tmp/app0/usr/lib/systemd/system/app0.service
portable: add PORTABLE_NAME_AND_VERSION= and other metadata to LogsExtraFields= This is useful to identify log messages with metadata from the images they run on. Look for ID/VERSION_ID/IMAGE_ID/IMAGE_VERSION/BUILD_ID, with a SYSEXT_ prefix if we are looking at an extension, and append via LogExtraFields= as respectively PORTABLE_NAME_AND_VERSION= in case of a single image. In case of extensions, append as PORTABLE_ROOT_NAME_AND_VERSION= for the base and one PORTABLE_EXTENSION_AND_VERSION= for each extension. Example with a base and two extensions, with the unit coming from the first extension: [Service] RootImage=/home/bluca/git/systemd/base.raw Environment=PORTABLE=app0.raw BindReadOnlyPaths=/etc/os-release:/run/host/os-release LogExtraFields=PORTABLE=app0.raw Environment=PORTABLE_ROOT=base.raw LogExtraFields=PORTABLE_ROOT=base.raw LogExtraFields=PORTABLE_ROOT_NAME_AND_VERSION=debian_10 ExtensionImages=/home/bluca/git/systemd/app0.raw LogExtraFields=PORTABLE_EXTENSION=app0.raw LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app_0 ExtensionImages=/home/bluca/git/systemd/app1.raw LogExtraFields=PORTABLE_EXTENSION=app1.raw LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app_1
2023-03-23 04:23:04 +03:00
grep -q -F "LogExtraFields=PORTABLE=app0" /run/systemd/system.attached/app0.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_ROOT=rootdir" /run/systemd/system.attached/app0.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_EXTENSION=app0" /run/systemd/system.attached/app0.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app" /run/systemd/system.attached/app0.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_EXTENSION=app1" /run/systemd/system.attached/app0.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app_1" /run/systemd/system.attached/app0.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE=app1" /run/systemd/system.attached/app1.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_ROOT=rootdir" /run/systemd/system.attached/app1.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_EXTENSION=app0" /run/systemd/system.attached/app1.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app" /run/systemd/system.attached/app1.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_EXTENSION=app1" /run/systemd/system.attached/app1.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app_1" /run/systemd/system.attached/app1.service.d/20-portable.conf
portable: add support for ExtensionDirectories in --extension Same as for the root os image, support passing a directory, using the new ExtensionDirectories setting.
2022-01-22 04:53:54 +03:00
portablectl detach --now --runtime --extension /tmp/app0 --extension /tmp/app1 /tmp/rootdir app0 app1
portable: add --copy=mixed to copy images and link profiles This new mode copies resources provided by the client, so that they remain available for inspect/detach even if the original images are deleted, but symlinks the profile as that is owned by the OS, so that updates are automatically applied.
2024-02-07 03:36:39 +03:00
# Ensure that mixed mode copies the images and units (client-owned) but symlinks the profile (OS owned)
portablectl "${ARGS[@]}" attach --copy=mixed --runtime --extension /tmp/app0 --extension /tmp/app1 /tmp/rootdir app0 app1
test -d /run/portables/app0
test -d /run/portables/app1
test -d /run/portables/rootdir
test -f /run/systemd/system.attached/app0.service
test -f /run/systemd/system.attached/app1.service
test -L /run/systemd/system.attached/app0.service.d/10-profile.conf
test -L /run/systemd/system.attached/app1.service.d/10-profile.conf
portablectl detach --runtime --extension /tmp/app0 --extension /tmp/app1 /tmp/rootdir app0 app1
test: add coverage for #23481 Provide some coverage for systemd/systemd#23481. Without 794da5a: ``` [ 34.730815] testsuite-29.sh[600]: + portablectl detach --now --runtime --enable /tmp/rootdir minimal-app0 Stopping minimal-app0-foo.service... [ OK ] Stopped minimal-app0-foo.service. Stopping minimal-app0.service... [ OK ] Stopped minimal-app0.service. [ 34.878050] testsuite-29.sh[1383]: ================================================================= [ 34.878421] testsuite-29.sh[1383]: ==1383==ERROR: LeakSanitizer: detected memory leaks [ 34.878784] testsuite-29.sh[1383]: Direct leak of 48 byte(s) in 2 object(s) allocated from: [ 34.879174] testsuite-29.sh[1383]: #0 0x7fdf9c8b0f8c in reallocarray (/lib64/libasan.so.6+0xaef8c) [ 34.879554] testsuite-29.sh[1383]: #1 0x7fdf9b4270f5 in unit_file_changes_add ../src/shared/install.c:282 [ 34.879926] testsuite-29.sh[1383]: #2 0x7fdf9b2ad9e5 in bus_deserialize_and_dump_unit_file_changes ../src/shared/bus-unit-util.c:2688 [ 34.880267] testsuite-29.sh[1383]: #3 0x40bc27 in maybe_enable_disable ../src/portable/portablectl.c:582 [ 34.880673] testsuite-29.sh[1383]: #4 0x40ef56 in maybe_stop_disable ../src/portable/portablectl.c:810 [ 34.881064] testsuite-29.sh[1383]: #5 0x410bc2 in detach_image ../src/portable/portablectl.c:924 [ 34.881493] testsuite-29.sh[1383]: #6 0x7fdf9b5df424 in dispatch_verb ../src/shared/verbs.c:103 [ 34.881953] testsuite-29.sh[1383]: #7 0x41604a in run ../src/portable/portablectl.c:1427 [ 34.882459] testsuite-29.sh[1383]: #8 0x416106 in main ../src/portable/portablectl.c:1430 [ 34.882947] testsuite-29.sh[1383]: #9 0x7fdf99d5de8f in __libc_start_call_main (/lib64/libc.so.6+0x44e8f) [ 34.883368] testsuite-29.sh[1383]: Indirect leak of 104 byte(s) in 2 object(s) allocated from: [ 34.883732] testsuite-29.sh[1383]: #0 0x7fdf9c85b8f7 in strdup (/lib64/libasan.so.6+0x598f7) [ 34.884089] testsuite-29.sh[1383]: #1 0x7fdf9b4271aa in unit_file_changes_add ../src/shared/install.c:288 [ 34.884508] testsuite-29.sh[1383]: #2 0x7fdf9b2ad9e5 in bus_deserialize_and_dump_unit_file_changes ../src/shared/bus-unit-util.c:2688 [ 34.884926] testsuite-29.sh[1383]: #3 0x40bc27 in maybe_enable_disable ../src/portable/portablectl.c:582 [ 34.885307] testsuite-29.sh[1383]: #4 0x40ef56 in maybe_stop_disable ../src/portable/portablectl.c:810 [ 34.885647] testsuite-29.sh[1383]: #5 0x410bc2 in detach_image ../src/portable/portablectl.c:924 [ 34.885987] testsuite-29.sh[1383]: #6 0x7fdf9b5df424 in dispatch_verb ../src/shared/verbs.c:103 [ 34.886271] testsuite-29.sh[1383]: #7 0x41604a in run ../src/portable/portablectl.c:1427 [ 34.886557] testsuite-29.sh[1383]: #8 0x416106 in main ../src/portable/portablectl.c:1430 [ 34.886892] testsuite-29.sh[1383]: #9 0x7fdf99d5de8f in __libc_start_call_main (/lib64/libc.so.6+0x44e8f) [ 34.887187] testsuite-29.sh[1383]: Indirect leak of 2 byte(s) in 2 object(s) allocated from: [ 34.887520] testsuite-29.sh[1383]: #0 0x7fdf9c85b8f7 in strdup (/lib64/libasan.so.6+0x598f7) [ 34.887797] testsuite-29.sh[1383]: #1 0x7fdf9b427249 in unit_file_changes_add ../src/shared/install.c:296 [ 34.888117] testsuite-29.sh[1383]: #2 0x7fdf9b2ad9e5 in bus_deserialize_and_dump_unit_file_changes ../src/shared/bus-unit-util.c:2688 [ 34.888434] testsuite-29.sh[1383]: #3 0x40bc27 in maybe_enable_disable ../src/portable/portablectl.c:582 [ 34.888693] testsuite-29.sh[1383]: #4 0x40ef56 in maybe_stop_disable ../src/portable/portablectl.c:810 [ 34.888990] testsuite-29.sh[1383]: #5 0x410bc2 in detach_image ../src/portable/portablectl.c:924 [ 34.889254] testsuite-29.sh[1383]: #6 0x7fdf9b5df424 in dispatch_verb ../src/shared/verbs.c:103 [ 34.889580] testsuite-29.sh[1383]: #7 0x41604a in run ../src/portable/portablectl.c:1427 [ 34.889877] testsuite-29.sh[1383]: #8 0x416106 in main ../src/portable/portablectl.c:1430 [ 34.890193] testsuite-29.sh[1383]: #9 0x7fdf99d5de8f in __libc_start_call_main (/lib64/libc.so.6+0x44e8f) [ 34.890482] testsuite-29.sh[1383]: SUMMARY: AddressSanitizer: 154 byte(s) leaked in 6 allocation(s). ``` With 794da5a: ``` [ OK ] Started minimal-app0.service. [ 36.794367] testsuite-29.sh[600]: + portablectl detach --now --runtime --enable /tmp/rootdir minimal-app0 Stopping minimal-app0-foo.service... [ OK ] Stopped minimal-app0-foo.service. Stopping minimal-app0.service... [ OK ] Stopped minimal-app0.service. [ 36.851251] testsuite-29.sh[600]: + umount /tmp/rootdir ```
2022-05-25 21:30:34 +03:00
# Attempt to disable the app unit during detaching. Requires --copy=symlink to reproduce.
# Provides coverage for https://github.com/systemd/systemd/issues/23481
portablectl "${ARGS[@]}" attach --copy=symlink --now --runtime /tmp/rootdir minimal-app0
portablectl detach --now --runtime --enable /tmp/rootdir minimal-app0
# attach and detach again to check if all drop-in configs are removed even if the main unit files are removed
portablectl "${ARGS[@]}" attach --copy=symlink --now --runtime /tmp/rootdir minimal-app0
portablectl detach --now --runtime --enable /tmp/rootdir minimal-app0
portabled: add --extension parameter for layered images support Add an --extension parameter to portablectl, and new DBUS methods to attach/detach/reattach/inspect. Allows to append separate images on top of the root directory (os-release will be searched in there) and mount the images using an overlay-like setup (unit files will be searched in there) using the new ExtensionImages service option.
2020-06-23 15:09:42 +03:00
umount /tmp/rootdir
portable: add support for ExtensionDirectories in --extension Same as for the root os image, support passing a directory, using the new ExtensionDirectories setting.
2022-01-22 04:53:54 +03:00
umount /tmp/app0
portabled: add --extension parameter for layered images support Add an --extension parameter to portablectl, and new DBUS methods to attach/detach/reattach/inspect. Allows to append separate images on top of the root directory (os-release will be searched in there) and mount the images using an overlay-like setup (unit files will be searched in there) using the new ExtensionImages service option.
2020-06-23 15:09:42 +03:00
umount /tmp/app1
portable: reject root directories without an ID field in os-release We always require at least ID to be set in os-release, reject and propagate error to the caller instead of asserting later
2022-05-20 14:24:45 +03:00
# Lack of ID field in os-release should be rejected, but it caused a crash in the past instead
mkdir -p /tmp/emptyroot/usr/lib
mkdir -p /tmp/emptyext/usr/lib/extension-release.d
touch /tmp/emptyroot/usr/lib/os-release
touch /tmp/emptyext/usr/lib/extension-release.d/extension-release.emptyext
# Remote peer disconnected -> portabled crashed
res="$(! portablectl attach --extension /tmp/emptyext /tmp/emptyroot 2> >(grep "Remote peer disconnected"))"
test -z "${res}"
test: unify /testok & /failed handling And drop it where not necessary.
2023-07-12 16:49:55 +03:00
touch /testok
Copy Permalink