mirror of
https://github.com/systemd/systemd.git
synced 2025-01-11 09:18:07 +03:00
test: extend some existing tests with varlinkctl lines, to test varlinkctl + new PCRExtend service
This commit is contained in:
parent
4e16d5c69e
commit
8525de1365
@ -10,8 +10,12 @@ for ((i = 0; i < ITERATIONS; i++)); do
|
||||
dd if=/dev/urandom bs=1M count=1 | base64 | systemd-cat
|
||||
done
|
||||
journalctl --rotate
|
||||
# Let's test varlinkctl a bit, i.e. implement the equivalent of 'journalctl --rotate' via varlinkctl
|
||||
varlinkctl call /run/systemd/journal/io.systemd.journal io.systemd.Journal.Rotate '{}'
|
||||
journalctl --flush
|
||||
varlinkctl call /run/systemd/journal/io.systemd.journal io.systemd.Journal.FlushToVar '{}'
|
||||
journalctl --sync
|
||||
varlinkctl call /run/systemd/journal/io.systemd.journal io.systemd.Journal.Synchronize '{}'
|
||||
journalctl --rotate --vacuum-size=8M
|
||||
|
||||
# Reset the ratelimit buckets for the subsequent tests below.
|
||||
@ -42,7 +46,8 @@ write_and_match "<5> \t Leading spaces\n" " \t Leading spaces\n" --level-prefix
|
||||
# --output-fields restricts output
|
||||
ID="$(systemd-id128 new)"
|
||||
echo -ne "foo" | systemd-cat -t "$ID" --level-prefix false
|
||||
journalctl --sync
|
||||
# Let's test varlinkctl a bit, i.e. implement the equivalent of 'journalctl --sync' via varlinkctl
|
||||
varlinkctl call /run/systemd/journal/io.systemd.journal io.systemd.Journal.Synchronize '{}'
|
||||
journalctl -b -o export --output-fields=MESSAGE,FOO --output-fields=PRIORITY,MESSAGE -t "$ID" >/tmp/output
|
||||
[[ $(wc -l </tmp/output) -eq 9 ]]
|
||||
grep -q '^__CURSOR=' /tmp/output
|
||||
|
@ -285,6 +285,14 @@ userdbctl groups-of-user 🐱
|
||||
userdbctl services
|
||||
userdbctl services -j | jq
|
||||
|
||||
varlinkctl call /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetUserRecord '{"userName":"testuser","service":"io.systemd.Multiplexer"}'
|
||||
varlinkctl call /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetUserRecord '{"userName":"root","service":"io.systemd.Multiplexer"}'
|
||||
varlinkctl call /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetUserRecord '{"userName":"dropinuser","service":"io.systemd.Multiplexer"}'
|
||||
varlinkctl call /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetUserRecord '{"uid":2000000,"service":"io.systemd.Multiplexer"}'
|
||||
(! varlinkctl call /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetUserRecord '{"userName":"","service":"io.systemd.Multiplexer"}')
|
||||
(! varlinkctl call /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetUserRecord '{"userName":"🐱","service":"io.systemd.Multiplexer"}')
|
||||
(! varlinkctl call /run/systemd/userdb/io.systemd.Multiplexer io.systemd.UserDatabase.GetUserRecord '{"userName":"i-do-not-exist","service":"io.systemd.Multiplexer"}')
|
||||
|
||||
userdbctl ssh-authorized-keys dropinuser | tee /tmp/authorized-keys
|
||||
grep "ssh-ed25519" /tmp/authorized-keys
|
||||
grep "ecdsa-sha2-nistp256" /tmp/authorized-keys
|
||||
|
@ -270,7 +270,16 @@ if [[ -x "$SD_PCREXTEND" ]] && tpm_has_pcr sha256 11 && tpm_has_pcr sha256 15; t
|
||||
|
||||
# And similar for the boot phase measurement into PCR 11
|
||||
tpm2_pcrread sha256:11 -Q -o /tmp/oldpcr11
|
||||
SYSTEMD_FORCE_MEASURE=1 "$SD_PCREXTEND" foobar
|
||||
# Do the equivalent of 'SYSTEMD_FORCE_MEASURE=1 "$SD_PCREXTEND" foobar' via Varlink, just to test the Varlink logic (but first we need to patch out the conditionalization...)
|
||||
mkdir -p /run/systemd/system/systemd-pcrextend.socket.d
|
||||
cat > /run/systemd/system/systemd-pcrextend.socket.d/50-no-condition.conf <<EOF
|
||||
[Unit]
|
||||
# Turn off all conditions */
|
||||
ConditionSecurity=
|
||||
EOF
|
||||
systemctl daemon-reload
|
||||
systemctl restart systemd-pcrextend.socket
|
||||
varlinkctl call /run/systemd/io.systemd.PCRExtend io.systemd.PCRExtend.Extend '{"pcr":11,"text":"foobar"}'
|
||||
tpm2_pcrread sha256:11 -Q -o /tmp/newpcr11
|
||||
|
||||
diff /tmp/newpcr11 \
|
||||
|
Loading…
Reference in New Issue
Block a user