2020-08-11 18:08:41 +03:00
#!/usr/bin/env bash
2021-10-17 19:13:06 +03:00
# SPDX-License-Identifier: LGPL-2.1-or-later
2020-08-11 18:08:41 +03:00
set -e
2021-04-19 14:01:59 +03:00
2020-08-11 18:08:41 +03:00
TEST_DESCRIPTION = "test credentials"
2022-07-15 17:33:20 +03:00
NSPAWN_CREDS = (
"--set-credential=mynspawncredential:strangevalue"
)
NSPAWN_ARGUMENTS = " ${ NSPAWN_ARGUMENTS :- } ${ NSPAWN_CREDS [*] } "
2024-03-31 23:18:19 +03:00
UNIT_CRED = $( base64 -w 0 <<EOF
[ Service]
Type = oneshot
ExecStart = touch /tmp/unit-cred
EOF
)
DROPIN_CRED = $( base64 -w 0 <<EOF
[ Service]
ExecStart = touch /tmp/unit-dropin
EOF
)
2024-05-11 17:42:24 +03:00
NAMED_DROPIN_CRED = $( base64 -w 0 <<EOF
[ Service]
ExecStart = touch /tmp/unit-named-dropin
EOF
)
2024-03-31 23:18:19 +03:00
2022-07-15 17:33:20 +03:00
QEMU_CREDS = (
"-fw_cfg name=opt/io.systemd.credentials/myqemucredential,string=othervalue"
"-smbios type=11,value=io.systemd.credential:smbioscredential=magicdata"
"-smbios type=11,value=io.systemd.credential.binary:binarysmbioscredential=bWFnaWNiaW5hcnlkYXRh"
"-smbios type=11,value=io.systemd.credential.binary:sysusers.extra=dSBjcmVkdGVzdHVzZXIK"
"-smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=ZiAvdG1wL3NvdXJjZWRmcm9tY3JlZGVudGlhbCAtIC0gLSAtIHRtcGZpbGVzc2VjcmV0Cg=="
2023-06-29 22:52:57 +03:00
"-smbios type=11,value=io.systemd.credential.binary:fstab.extra=aW5qZWN0ZWQgL2luamVjdGVkIHRtcGZzIFgtbW91bnQubWtkaXIgMCAwCg=="
2023-06-29 23:53:26 +03:00
"-smbios type=11,value=io.systemd.credential:getty.ttys.container=idontexist"
2024-03-31 23:18:19 +03:00
" -smbios type=11,value=io.systemd.credential.binary:systemd.extra-unit.my-service.service= $UNIT_CRED "
" -smbios type=11,value=io.systemd.credential.binary:systemd.unit-dropin.my-service.service= $DROPIN_CRED "
2024-05-11 17:42:24 +03:00
" -smbios type=11,value=io.systemd.credential.binary:systemd.unit-dropin.my-service.service~30-named= $NAMED_DROPIN_CRED "
2022-07-15 17:33:20 +03:00
)
QEMU_OPTIONS = " ${ QEMU_OPTIONS :- } ${ QEMU_CREDS [*] } "
KERNEL_CREDS = (
"systemd.set_credential=kernelcmdlinecred:uff"
"systemd.set_credential=sysctl.extra:kernel.domainname=sysctltest"
"systemd.set_credential=login.motd:hello"
"systemd.set_credential=login.issue:welcome"
2023-07-04 12:46:37 +03:00
"systemd.set_credential_binary=waldi:d29vb29mZmZ3dWZmZnd1ZmYK"
2022-07-15 17:33:20 +03:00
"rd.systemd.import_credentials=no"
)
KERNEL_APPEND = " ${ KERNEL_APPEND :- } ${ KERNEL_CREDS [*] } "
2020-08-11 18:08:41 +03:00
2021-04-19 14:01:59 +03:00
# shellcheck source=test/test-functions
. " ${ TEST_BASE_DIR : ? } /test-functions "
2020-08-11 18:08:41 +03:00
2022-04-22 22:44:26 +03:00
test_append_files( ) {
instmods qemu_fw_cfg
2023-05-19 23:01:05 +03:00
if get_bool " $LOOKS_LIKE_SUSE " ; then
instmods dmi-sysfs
fi
2022-04-22 22:44:26 +03:00
generate_module_dependencies
}
2023-06-29 20:03:08 +03:00
run_qemu_hook( ) {
local td = " $WORKDIR " /initrd.extra." $RANDOM "
mkdir -m 755 " $td "
add_at_exit_handler " rm -rf $td "
mkdir -m 755 " $td /etc " " $td " /etc/systemd " $td " /etc/systemd/system " $td " /etc/systemd/system/initrd.target.wants
cat > " $td " /etc/systemd/system/initrdcred.service <<EOF
[ Unit]
Description = populate initrd credential dir
[ Service]
Type = oneshot
RemainAfterExit = yes
ExecStart = sh -c "mkdir -m 0755 -p /run/credentials && mkdir -m 0700 /run/credentials/@initrd && umask 0077 && echo guatemala > /run/credentials/@initrd/myinitrdcred"
EOF
ln -s ../initrdcred.service " $td " /etc/systemd/system/initrd.target.wants/initrdcred.service
( cd " $td " && find . | cpio -o -H newc -R root:root > " $td " .cpio )
add_at_exit_handler " rm $td .cpio "
INITRD_EXTRA = " $td .cpio "
}
2021-04-26 20:20:18 +03:00
do_test " $@ "