mirror of
https://github.com/systemd/systemd.git
synced 2025-03-23 10:50:16 +03:00
Merge pull request #30843 from keszybz/test-relative-paths
Use relative paths in test units
This commit is contained in:
Luca Boccassi
GitHub
commit
b4a85f75b0
@ -3,7 +3,7 @@
|
||||
Description=Test for AmbientCapabilities (dynamic user)
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002081"'
|
||||
ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002081"'
|
||||
Type=oneshot
|
||||
AmbientCapabilities=CAP_CHOWN CAP_SETUID CAP_NET_RAW
|
||||
DynamicUser=yes
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for AmbientCapabilities
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
|
||||
ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
|
||||
Type=oneshot
|
||||
User=nfsnobody
|
||||
AmbientCapabilities=CAP_CHOWN
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for AmbientCapabilities
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
|
||||
ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
|
||||
Type=oneshot
|
||||
User=nobody
|
||||
AmbientCapabilities=CAP_CHOWN
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for AmbientCapabilities (daemon)
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
|
||||
ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
|
||||
Type=oneshot
|
||||
User=daemon
|
||||
AmbientCapabilities=CAP_CHOWN
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for AmbientCapabilities
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
|
||||
ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
|
||||
Type=oneshot
|
||||
User=nfsnobody
|
||||
AmbientCapabilities=CAP_CHOWN CAP_NET_RAW
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for AmbientCapabilities
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
|
||||
ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
|
||||
Type=oneshot
|
||||
User=nobody
|
||||
AmbientCapabilities=CAP_CHOWN CAP_NET_RAW
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for AmbientCapabilities (daemon)
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
|
||||
ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
|
||||
Type=oneshot
|
||||
User=daemon
|
||||
AmbientCapabilities=CAP_CHOWN CAP_NET_RAW
|
||||
|
||||
@ -11,7 +11,7 @@ ExecStart=test -f /tmp/thisisasimpletest
|
||||
# Also, through /tmp/test-exec-bindreadonlypaths
|
||||
ExecStart=test -f /tmp/test-exec-bindreadonlypaths/thisisasimpletest
|
||||
# The file cannot modify through /tmp/test-exec-bindreadonlypaths
|
||||
ExecStart=/bin/sh -x -c '! touch /tmp/test-exec-bindreadonlypaths/thisisasimpletest'
|
||||
ExecStart=sh -x -c '! touch /tmp/test-exec-bindreadonlypaths/thisisasimpletest'
|
||||
# Cleanup
|
||||
ExecStart=rm /tmp/thisisasimpletest
|
||||
BindPaths=/tmp:/tmp/test-exec-bindpaths
|
||||
|
||||
@ -4,6 +4,6 @@ Description=Test for CapabilityBoundingSet
|
||||
|
||||
[Service]
|
||||
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
|
||||
ExecStart=/bin/sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep "^Bounding set .*cap_chown"'
|
||||
ExecStart=sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep "^Bounding set .*cap_chown"'
|
||||
Type=oneshot
|
||||
CapabilityBoundingSet=~CAP_CHOWN
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for CapabilityBoundingSet
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set =cap_chown,cap_fowner,cap_kill"'
|
||||
ExecStart=sh -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set =cap_chown,cap_fowner,cap_kill"'
|
||||
Type=oneshot
|
||||
CapabilityBoundingSet=CAP_FOWNER
|
||||
CapabilityBoundingSet=CAP_KILL CAP_CHOWN
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for CapabilityBoundingSet
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set ="'
|
||||
ExecStart=sh -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set ="'
|
||||
Type=oneshot
|
||||
CapabilityBoundingSet=CAP_FOWNER CAP_KILL
|
||||
CapabilityBoundingSet=
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for CapabilityBoundingSet
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set =cap_fowner,cap_kill"'
|
||||
ExecStart=sh -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set =cap_fowner,cap_kill"'
|
||||
Type=oneshot
|
||||
CapabilityBoundingSet=CAP_FOWNER CAP_KILL
|
||||
|
||||
@ -9,4 +9,4 @@ Type=oneshot
|
||||
ExecCondition=/bin/sh -c 'exit 255'
|
||||
|
||||
# This should not get run
|
||||
ExecStart=/bin/sh -c 'true'
|
||||
ExecStart=sh -c 'true'
|
||||
|
||||
@ -13,4 +13,4 @@ ExecCondition=/bin/sh -c 'exit 254'
|
||||
ExecCondition=/bin/sh -c 'exit 255'
|
||||
|
||||
# This should not get run
|
||||
ExecStart=/bin/sh -c 'true'
|
||||
ExecStart=sh -c 'true'
|
||||
|
||||
@ -3,5 +3,5 @@
|
||||
Description=Test for CPUAffinity (simple)
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -c 'test $$(cat /proc/self/status | grep Cpus_allowed: | rev | cut -c 1) = 1'
|
||||
ExecStart=sh -c 'test $$(cat /proc/self/status | grep Cpus_allowed: | rev | cut -c 1) = 1'
|
||||
CPUAffinity=0
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for CPUAffinity (reset)
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -c 'test $$(cat /proc/self/status | grep Cpus_allowed: | rev | cut -c 1) = 1'
|
||||
ExecStart=sh -c 'test $$(cat /proc/self/status | grep Cpus_allowed: | rev | cut -c 1) = 1'
|
||||
CPUAffinity=0-1 3
|
||||
CPUAffinity=
|
||||
CPUAffinity=0
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for CPUAffinity (merge)
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -c 'test $$(cat /proc/self/status | grep Cpus_allowed: | rev | cut -c 1) = 7'
|
||||
ExecStart=sh -c 'test $$(cat /proc/self/status | grep Cpus_allowed: | rev | cut -c 1) = 7'
|
||||
CPUAffinity=0,1
|
||||
CPUAffinity=1-2
|
||||
|
||||
@ -5,8 +5,8 @@ Description=Test DynamicUser with static User= whose uid and gid are different
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -nG)" = "adm" && test "$$(id -ng)" = "adm" && test "$$(id -nu)" = "adm"'
|
||||
ExecStart=sh -x -c 'test "$$(id -nG)" = "adm" && test "$$(id -ng)" = "adm" && test "$$(id -nu)" = "adm"'
|
||||
# Multiple ExecStart= lines causes the issue #9702.
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -nG)" = "adm" && test "$$(id -ng)" = "adm" && test "$$(id -nu)" = "adm"'
|
||||
ExecStart=sh -x -c 'test "$$(id -nG)" = "adm" && test "$$(id -ng)" = "adm" && test "$$(id -nu)" = "adm"'
|
||||
DynamicUser=yes
|
||||
User=adm
|
||||
|
||||
@ -5,8 +5,8 @@ Description=Test DynamicUser with static User= whose uid and gid are different
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -nG)" = "games" && test "$$(id -ng)" = "games" && test "$$(id -nu)" = "games"'
|
||||
ExecStart=sh -x -c 'test "$$(id -nG)" = "games" && test "$$(id -ng)" = "games" && test "$$(id -nu)" = "games"'
|
||||
# Multiple ExecStart= lines causes the issue #9702.
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -nG)" = "games" && test "$$(id -ng)" = "games" && test "$$(id -nu)" = "games"'
|
||||
ExecStart=sh -x -c 'test "$$(id -nG)" = "games" && test "$$(id -ng)" = "games" && test "$$(id -nu)" = "games"'
|
||||
DynamicUser=yes
|
||||
User=games
|
||||
|
||||
@ -3,8 +3,8 @@
|
||||
Description=Test DynamicUser with User= and SupplementaryGroups=
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "1"'
|
||||
ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
ExecStart=sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "1"'
|
||||
Type=oneshot
|
||||
User=1
|
||||
DynamicUser=yes
|
||||
|
||||
@ -3,8 +3,8 @@
|
||||
Description=Test DynamicUser with User=
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "1"'
|
||||
ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
ExecStart=sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "1"'
|
||||
Type=oneshot
|
||||
User=1
|
||||
DynamicUser=yes
|
||||
|
||||
@ -3,9 +3,9 @@
|
||||
Description=Test for RuntimeDirectory with RuntimeDirectoryPreserve=yes and DynamicUser=yes
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test -d %t/test-exec_runtimedirectorypreserve'
|
||||
ExecStart=/bin/sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectorypreserve"'
|
||||
ExecStart=/bin/sh -x -c 'touch $$RUNTIME_DIRECTORY/test'
|
||||
ExecStart=sh -x -c 'test -d %t/test-exec_runtimedirectorypreserve'
|
||||
ExecStart=sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectorypreserve"'
|
||||
ExecStart=sh -x -c 'touch $$RUNTIME_DIRECTORY/test'
|
||||
Type=oneshot
|
||||
RuntimeDirectory=test-exec_runtimedirectorypreserve
|
||||
RuntimeDirectoryPreserve=yes
|
||||
|
||||
@ -3,10 +3,10 @@
|
||||
Description=Test for RuntimeDirectory with RuntimeDirectoryPreserve=yes and DynamicUser=yes 2nd trial
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test -d %t/test-exec_runtimedirectorypreserve'
|
||||
ExecStart=/bin/sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectorypreserve"'
|
||||
ExecStart=/bin/sh -x -c 'test -f $$RUNTIME_DIRECTORY/test'
|
||||
ExecStart=/bin/sh -x -c 'touch $$RUNTIME_DIRECTORY/test'
|
||||
ExecStart=sh -x -c 'test -d %t/test-exec_runtimedirectorypreserve'
|
||||
ExecStart=sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectorypreserve"'
|
||||
ExecStart=sh -x -c 'test -f $$RUNTIME_DIRECTORY/test'
|
||||
ExecStart=sh -x -c 'touch $$RUNTIME_DIRECTORY/test'
|
||||
Type=oneshot
|
||||
RuntimeDirectory=test-exec_runtimedirectorypreserve
|
||||
RuntimeDirectoryPreserve=yes
|
||||
|
||||
@ -3,10 +3,10 @@
|
||||
Description=Test for RuntimeDirectory with DynamicUser=yes migrated from RuntimeDirectoryPreserve=yes
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test -d %t/test-exec_runtimedirectorypreserve'
|
||||
ExecStart=/bin/sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectorypreserve"'
|
||||
ExecStart=/bin/sh -x -c 'test -f $$RUNTIME_DIRECTORY/test'
|
||||
ExecStart=/bin/sh -x -c 'touch $$RUNTIME_DIRECTORY/test'
|
||||
ExecStart=sh -x -c 'test -d %t/test-exec_runtimedirectorypreserve'
|
||||
ExecStart=sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectorypreserve"'
|
||||
ExecStart=sh -x -c 'test -f $$RUNTIME_DIRECTORY/test'
|
||||
ExecStart=sh -x -c 'touch $$RUNTIME_DIRECTORY/test'
|
||||
Type=oneshot
|
||||
RuntimeDirectory=test-exec_runtimedirectorypreserve
|
||||
DynamicUser=yes
|
||||
|
||||
@ -11,7 +11,7 @@ ExecStart=test -d %S/test-dynamicuser-migrate
|
||||
ExecStart=test -d %S/test-dynamicuser-migrate2/hoge
|
||||
ExecStart=touch %S/test-dynamicuser-migrate/yay
|
||||
ExecStart=touch %S/test-dynamicuser-migrate2/hoge/yayyay
|
||||
ExecStart=/bin/sh -x -c 'test "$$STATE_DIRECTORY" = "%S/test-dynamicuser-migrate:%S/test-dynamicuser-migrate2/hoge"'
|
||||
ExecStart=sh -x -c 'test "$$STATE_DIRECTORY" = "%S/test-dynamicuser-migrate:%S/test-dynamicuser-migrate2/hoge"'
|
||||
|
||||
Type=oneshot
|
||||
DynamicUser=no
|
||||
|
||||
@ -19,7 +19,7 @@ ExecStart=touch %S/test-dynamicuser-migrate/yay
|
||||
ExecStart=touch %S/test-dynamicuser-migrate2/hoge/yayyay
|
||||
ExecStart=touch %S/private/test-dynamicuser-migrate/yay
|
||||
ExecStart=touch %S/private/test-dynamicuser-migrate2/hoge/yayyay
|
||||
ExecStart=/bin/sh -x -c 'test "$$STATE_DIRECTORY" = "%S/test-dynamicuser-migrate:%S/test-dynamicuser-migrate2/hoge"'
|
||||
ExecStart=sh -x -c 'test "$$STATE_DIRECTORY" = "%S/test-dynamicuser-migrate:%S/test-dynamicuser-migrate2/hoge"'
|
||||
|
||||
Type=oneshot
|
||||
DynamicUser=yes
|
||||
|
||||
@ -3,8 +3,8 @@
|
||||
Description=Test DynamicUser with SupplementaryGroups=
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
|
||||
ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
|
||||
Type=oneshot
|
||||
DynamicUser=yes
|
||||
SupplementaryGroups=1 2
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for Environment
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2-unset}" = "unset" && test "$${VAR3-unset}" = "unset"'
|
||||
ExecStart=sh -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2-unset}" = "unset" && test "$${VAR3-unset}" = "unset"'
|
||||
Type=oneshot
|
||||
Environment="VAR1=word1 word2" VAR2=word3 "VAR3=$word 5 6"
|
||||
Environment=
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for Environment
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = foobar'
|
||||
ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = foobar'
|
||||
Type=oneshot
|
||||
Environment="VAR1=word1 word2" VAR2=word3 "VAR3=$word 5 6"
|
||||
Environment="VAR3=foobar"
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for No Environment Variable Substitution
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2}" = "word3" && test "$${VAR3-unset}" = \'$word 5 6\''
|
||||
ExecStart=sh -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2}" = "word3" && test "$${VAR3-unset}" = \'$word 5 6\''
|
||||
ExecStart=:/bin/sh -x -c 'test "$${VAR1-unset}" != "unset" && test "$${VAR2}" != "word3" && test "$${VAR3-unset}" != \'$word 5 6\''
|
||||
Type=oneshot
|
||||
Environment="VAR2=word3" "VAR3=$word 5 6"
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for Environment
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6"'
|
||||
ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6"'
|
||||
Type=oneshot
|
||||
Environment="VAR1=word1 word2" VAR2=word3 "VAR3=$word 5 6"
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for EnvironmentFile
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes'
|
||||
ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes'
|
||||
Type=oneshot
|
||||
EnvironmentFile=/tmp/test-exec_environmentfile.conf
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$PATH" = "/usr" && test "$$VAR1" = word3 && test "$$VAR2" = "\\$$word 5 6"'
|
||||
ExecStart=sh -x -c 'test "$$PATH" = "/usr" && test "$$VAR1" = word3 && test "$$VAR2" = "\\$$word 5 6"'
|
||||
Type=oneshot
|
||||
ExecSearchPath=/tmp:/bin
|
||||
Environment="PATH=/usr" VAR1=word3 "VAR2=$word 5 6"
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$PATH" = "/tmp:/bin"'
|
||||
ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$PATH" = "/tmp:/bin"'
|
||||
Type=oneshot
|
||||
ExecSearchPath=/tmp:/bin
|
||||
Environment="VAR1=word1 word2" VAR2=word3 "VAR3=$word 5 6"
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for ExecSearchPath with EnvironmentFile where EnvironmentFile sets PATH
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = /usr'
|
||||
ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = /usr'
|
||||
Type=oneshot
|
||||
EnvironmentFile=/tmp/test-exec_execsearchpath_environmentfile-set.conf
|
||||
ExecSearchPath=/tmp:/bin
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for ExecSearchPath with EnvironmentFile where EnvironmentFile does not set PATH
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = "/tmp:/bin"'
|
||||
ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = "/tmp:/bin"'
|
||||
Type=oneshot
|
||||
ExecSearchPath=/tmp:/bin
|
||||
EnvironmentFile=/tmp/test-exec_execsearchpath_environmentfile.conf
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for PassEnvironment with ExecSearchPath with PATH set by user
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = "/usr"'
|
||||
ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = "/usr"'
|
||||
Type=oneshot
|
||||
PassEnvironment=VAR1 VAR2 VAR3 VAR4 VAR5 PATH
|
||||
ExecSearchPath=/tmp:/bin
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for PassEnvironment with ExecSearchPath with PATH not set by user
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = "/tmp:/bin"'
|
||||
ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = "/tmp:/bin"'
|
||||
Type=oneshot
|
||||
PassEnvironment=VAR1 VAR2 VAR3 VAR4 VAR5
|
||||
ExecSearchPath=/tmp:/bin
|
||||
|
||||
@ -5,4 +5,4 @@ Description=Test for specifiers with exec search path
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecSearchPath=/tmp:/bin:/usr/bin:%V
|
||||
ExecStart=/bin/sh -x -c 'test %V = /var/tmp && test "$$PATH" = "/tmp:/bin:/usr/bin:/var/tmp"'
|
||||
ExecStart=sh -x -c 'test %V = /var/tmp && test "$$PATH" = "/tmp:/bin:/usr/bin:/var/tmp"'
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for Group
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -n -g)" = "nfsnobody"'
|
||||
ExecStart=sh -x -c 'test "$$(id -n -g)" = "nfsnobody"'
|
||||
Type=oneshot
|
||||
Group=nfsnobody
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for Group
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -n -g)" = "nobody"'
|
||||
ExecStart=sh -x -c 'test "$$(id -n -g)" = "nobody"'
|
||||
Type=oneshot
|
||||
Group=nobody
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for Group
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -n -g)" = "nogroup"'
|
||||
ExecStart=sh -x -c 'test "$$(id -n -g)" = "nogroup"'
|
||||
Type=oneshot
|
||||
Group=nogroup
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for Group (daemon)
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -n -g)" = "daemon"'
|
||||
ExecStart=sh -x -c 'test "$$(id -n -g)" = "daemon"'
|
||||
Type=oneshot
|
||||
Group=daemon
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for IgnoreSIGPIPE=no
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'kill -PIPE 0'
|
||||
ExecStart=sh -x -c 'kill -PIPE 0'
|
||||
Type=oneshot
|
||||
IgnoreSIGPIPE=no
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for IgnoreSIGPIPE=yes
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'kill -PIPE 0'
|
||||
ExecStart=sh -x -c 'kill -PIPE 0'
|
||||
Type=oneshot
|
||||
IgnoreSIGPIPE=yes
|
||||
|
||||
@ -4,5 +4,5 @@ Description=Test to make sure that InaccessiblePaths= disconnect mount propagati
|
||||
|
||||
[Service]
|
||||
InaccessiblePaths=-/i-dont-exist
|
||||
ExecStart=/bin/sh -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
|
||||
ExecStart=sh -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
|
||||
Type=oneshot
|
||||
|
||||
@ -4,5 +4,5 @@ Description=Test to make sure that mount namespace setup works properly with the
|
||||
|
||||
[Service]
|
||||
InaccessiblePaths=/sys
|
||||
ExecStart=/bin/sh -x -c 'test "$$(stat -c %%a /sys)" = "0"'
|
||||
ExecStart=sh -x -c 'test "$$(stat -c %%a /sys)" = "0"'
|
||||
Type=oneshot
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for IOSchedulingClass=best-effort
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "best-effort"'
|
||||
ExecStart=sh -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "best-effort"'
|
||||
Type=oneshot
|
||||
IOSchedulingClass=best-effort
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for IOSchedulingClass=idle
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "idle"'
|
||||
ExecStart=sh -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "idle"'
|
||||
Type=oneshot
|
||||
IOSchedulingClass=idle
|
||||
|
||||
@ -4,6 +4,6 @@ Description=Test for IOSchedulingClass=none
|
||||
|
||||
[Service]
|
||||
# Old kernels might report "none" here, new kernels "best-effort".
|
||||
ExecStart=/bin/sh -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "none" -o "$${c%%:*}" = "best-effort"'
|
||||
ExecStart=sh -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "none" -o "$${c%%:*}" = "best-effort"'
|
||||
Type=oneshot
|
||||
IOSchedulingClass=none
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for IOSchedulingClass=realtime
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "realtime"'
|
||||
ExecStart=sh -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "realtime"'
|
||||
Type=oneshot
|
||||
IOSchedulingClass=realtime
|
||||
|
||||
@ -3,9 +3,9 @@
|
||||
Description=Test for LoadCredential=
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
|
||||
ExecStartPost=/bin/sh -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
|
||||
ExecStop=/bin/sh -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
|
||||
ExecStopPost=/bin/sh -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
|
||||
ExecStart=sh -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
|
||||
ExecStartPost=sh -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
|
||||
ExecStop=sh -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
|
||||
ExecStopPost=sh -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
|
||||
Type=oneshot
|
||||
LoadCredential=test-execute.load-credential
|
||||
|
||||
@ -3,14 +3,14 @@
|
||||
Description=Test for NetworkNamespacePath= without mount namespacing
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c '! ip link show dummy-test-exec'
|
||||
ExecStart=/bin/sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
|
||||
ExecStart=sh -x -c '! ip link show dummy-test-exec'
|
||||
ExecStart=sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
|
||||
# Without mount namespacing, we can access the dummy-test-exec interface through sysfs.
|
||||
ExecStart=/bin/sh -x -c 'test -e /sys/class/net/dummy-test-exec'
|
||||
ExecStart=/bin/sh -x -c 'ip link show dummy-test-ns'
|
||||
ExecStart=/bin/sh -x -c 'test -e /proc/sys/net/ipv4/conf/dummy-test-ns'
|
||||
ExecStart=sh -x -c 'test -e /sys/class/net/dummy-test-exec'
|
||||
ExecStart=sh -x -c 'ip link show dummy-test-ns'
|
||||
ExecStart=sh -x -c 'test -e /proc/sys/net/ipv4/conf/dummy-test-ns'
|
||||
# Without mount namespacing, we cannot access the dummy-test-ns interface through sysfs.
|
||||
ExecStart=/bin/sh -x -c 'test ! -e /sys/class/net/dummy-test-ns'
|
||||
ExecStart=sh -x -c 'test ! -e /sys/class/net/dummy-test-ns'
|
||||
Type=oneshot
|
||||
NetworkNamespacePath=/run/netns/test-execute-netns
|
||||
PrivateMounts=no
|
||||
|
||||
@ -3,14 +3,14 @@
|
||||
Description=Test for NetworkNamespacePath= with mount namespacing
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c '! ip link show dummy-test-exec'
|
||||
ExecStart=/bin/sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
|
||||
ExecStart=sh -x -c '! ip link show dummy-test-exec'
|
||||
ExecStart=sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
|
||||
# With mount namespacing, we cannot access the dummy-test-exec interface through sysfs.
|
||||
ExecStart=/bin/sh -x -c 'test ! -e /sys/class/net/dummy-test-exec'
|
||||
ExecStart=/bin/sh -x -c 'ip link show dummy-test-ns'
|
||||
ExecStart=/bin/sh -x -c 'test -e /proc/sys/net/ipv4/conf/dummy-test-ns'
|
||||
ExecStart=sh -x -c 'test ! -e /sys/class/net/dummy-test-exec'
|
||||
ExecStart=sh -x -c 'ip link show dummy-test-ns'
|
||||
ExecStart=sh -x -c 'test -e /proc/sys/net/ipv4/conf/dummy-test-ns'
|
||||
# With mount namespacing, we can access the dummy-test-ns interface through sysfs.
|
||||
ExecStart=/bin/sh -x -c 'test -e /sys/class/net/dummy-test-ns'
|
||||
ExecStart=sh -x -c 'test -e /sys/class/net/dummy-test-ns'
|
||||
Type=oneshot
|
||||
NetworkNamespacePath=/run/netns/test-execute-netns
|
||||
# NetworkNamespacePath= implies PrivateMounts=yes
|
||||
|
||||
@ -7,5 +7,5 @@ Type=oneshot
|
||||
# This should work, as we explicitly disable the effect of NoExecPaths=
|
||||
ExecStart=+/bin/sh -c '/bin/cat /dev/null'
|
||||
# This should also work, as we do not disable the effect of NoExecPaths= but invert the exit code
|
||||
ExecStart=/bin/sh -x -c '! /bin/cat /dev/null'
|
||||
ExecStart=sh -x -c '! /bin/cat /dev/null'
|
||||
NoExecPaths=/bin/cat
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for OOMScoreAdjust
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(cat /proc/self/oom_score_adj); test "$$c" -eq -100'
|
||||
ExecStart=sh -x -c 'c=$$(cat /proc/self/oom_score_adj); test "$$c" -eq -100'
|
||||
Type=oneshot
|
||||
OOMScoreAdjust=-100
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for OOMScoreAdjust
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(cat /proc/self/oom_score_adj); test "$$c" -eq 100'
|
||||
ExecStart=sh -x -c 'c=$$(cat /proc/self/oom_score_adj); test "$$c" -eq 100'
|
||||
Type=oneshot
|
||||
OOMScoreAdjust=100
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for PassEnvironment with variables absent from the execution environment
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2-unset}" = "unset" && test "$${VAR3-unset}" = "unset" && test "$${VAR4-unset}" = "unset" && test "$${VAR5-unset}" = "unset"'
|
||||
ExecStart=sh -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2-unset}" = "unset" && test "$${VAR3-unset}" = "unset" && test "$${VAR4-unset}" = "unset" && test "$${VAR5-unset}" = "unset"'
|
||||
Type=oneshot
|
||||
PassEnvironment=VAR1 VAR2 VAR3 VAR4 VAR5
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for PassEnvironment and erasing the variable list
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2-unset}" = "unset" && test "$${VAR3-unset}" = "unset" && test "$${VAR4-unset}" = "unset" && test "$${VAR5-unset}" = "unset"'
|
||||
ExecStart=sh -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2-unset}" = "unset" && test "$${VAR3-unset}" = "unset" && test "$${VAR4-unset}" = "unset" && test "$${VAR5-unset}" = "unset"'
|
||||
Type=oneshot
|
||||
PassEnvironment=VAR1 VAR2 VAR3 VAR4 VAR5
|
||||
PassEnvironment=
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for PassEnvironment with a variable name repeated
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes'
|
||||
ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes'
|
||||
Type=oneshot
|
||||
PassEnvironment=VAR1 VAR2
|
||||
PassEnvironment=VAR1 VAR3
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for PassEnvironment
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes'
|
||||
ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes'
|
||||
Type=oneshot
|
||||
PassEnvironment=VAR1 VAR2 VAR3 VAR4 VAR5
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for Personality=aarch64
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -c 'echo $(uname -m); exit $(test $(uname -m) = "aarch64")'
|
||||
ExecStart=sh -c 'echo $(uname -m); exit $(test $(uname -m) = "aarch64")'
|
||||
Type=oneshot
|
||||
Personality=aarch64
|
||||
|
||||
@ -2,6 +2,6 @@
|
||||
Description=Test for Personality=loongarch64
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -c 'echo $(uname -m); exit $(test $(uname -m) = "loongarch64")'
|
||||
ExecStart=sh -c 'echo $(uname -m); exit $(test $(uname -m) = "loongarch64")'
|
||||
Type=oneshot
|
||||
Personality=loongarch64
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for Personality=ppc64
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -c 'echo $(uname -m); exit $(test $(uname -m) = "ppc64")'
|
||||
ExecStart=sh -c 'echo $(uname -m); exit $(test $(uname -m) = "ppc64")'
|
||||
Type=oneshot
|
||||
Personality=ppc64
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for Personality=ppc64le
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -c 'echo $(uname -m); exit $(test $(uname -m) = "ppc64le")'
|
||||
ExecStart=sh -c 'echo $(uname -m); exit $(test $(uname -m) = "ppc64le")'
|
||||
Type=oneshot
|
||||
Personality=ppc64le
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for Personality=s390
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(uname -m); test "$$c" = "s390"'
|
||||
ExecStart=sh -x -c 'c=$$(uname -m); test "$$c" = "s390"'
|
||||
Type=oneshot
|
||||
Personality=s390
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for Personality=x86-64
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(uname -m); test "$$c" = "x86_64"'
|
||||
ExecStart=sh -x -c 'c=$$(uname -m); test "$$c" = "x86_64"'
|
||||
Type=oneshot
|
||||
Personality=x86-64
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for Personality=x86
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'c=$$(uname -m); test "$$c" = "i686" -o "$$c" = "x86_64"'
|
||||
ExecStart=sh -x -c 'c=$$(uname -m); test "$$c" = "i686" -o "$$c" = "x86_64"'
|
||||
Type=oneshot
|
||||
Personality=x86
|
||||
|
||||
@ -3,8 +3,8 @@
|
||||
Description=Test for PrivateDevices=yes with a bind mounted device
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -c 'test -c /dev/kmsg'
|
||||
ExecStart=/bin/sh -c 'test ! -w /dev/'
|
||||
ExecStart=sh -c 'test -c /dev/kmsg'
|
||||
ExecStart=sh -c 'test ! -w /dev/'
|
||||
Type=oneshot
|
||||
PrivateDevices=yes
|
||||
BindPaths=/dev/kmsg
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for PrivateDevices=yes with prefix
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c '! test -c /dev/kmsg'
|
||||
ExecStart=sh -x -c '! test -c /dev/kmsg'
|
||||
ExecStart=+/bin/sh -x -c 'test -c /dev/kmsg'
|
||||
Type=oneshot
|
||||
PrivateDevices=yes
|
||||
|
||||
@ -5,5 +5,5 @@ Description=Test CAP_MKNOD capability for PrivateDevices=no
|
||||
[Service]
|
||||
PrivateDevices=no
|
||||
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
|
||||
ExecStart=/bin/sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_mknod'
|
||||
ExecStart=sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_mknod'
|
||||
Type=oneshot
|
||||
|
||||
@ -5,5 +5,5 @@ Description=Test CAP_SYS_RAWIO capability for PrivateDevices=no
|
||||
[Service]
|
||||
PrivateDevices=no
|
||||
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
|
||||
ExecStart=/bin/sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_rawio'
|
||||
ExecStart=sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_rawio'
|
||||
Type=oneshot
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for PrivateDevices=no
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test -c /dev/kmsg'
|
||||
ExecStart=sh -x -c 'test -c /dev/kmsg'
|
||||
Type=oneshot
|
||||
PrivateDevices=no
|
||||
|
||||
@ -5,5 +5,5 @@ Description=Test CAP_MKNOD capability for PrivateDevices=yes
|
||||
[Service]
|
||||
PrivateDevices=yes
|
||||
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
|
||||
ExecStart=/bin/sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_mknod'
|
||||
ExecStart=sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_mknod'
|
||||
Type=oneshot
|
||||
|
||||
@ -5,5 +5,5 @@ Description=Test CAP_SYS_RAWIO capability for PrivateDevices=yes
|
||||
[Service]
|
||||
PrivateDevices=yes
|
||||
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
|
||||
ExecStart=/bin/sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_rawio'
|
||||
ExecStart=sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_rawio'
|
||||
Type=oneshot
|
||||
|
||||
@ -8,10 +8,10 @@ Group=daemon
|
||||
Type=oneshot
|
||||
|
||||
# Check the group applied
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -n -g)" = "daemon"'
|
||||
ExecStart=sh -x -c 'test "$$(id -n -g)" = "daemon"'
|
||||
|
||||
# Check that the namespace applied
|
||||
ExecStart=/bin/sh -c 'test ! -c /dev/kmsg'
|
||||
ExecStart=sh -c 'test ! -c /dev/kmsg'
|
||||
|
||||
# Check that the owning group of a node is not daemon (should be the host root)
|
||||
ExecStart=/bin/sh -x -c 'test ! "$$(stat -c %%G /dev/stderr)" = "daemon"'
|
||||
ExecStart=sh -x -c 'test ! "$$(stat -c %%G /dev/stderr)" = "daemon"'
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for PrivateDevices=yes
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -c 'test ! -c /dev/kmsg'
|
||||
ExecStart=sh -c 'test ! -c /dev/kmsg'
|
||||
Type=oneshot
|
||||
PrivateDevices=yes
|
||||
|
||||
@ -3,10 +3,10 @@
|
||||
Description=Test for PrivateNetwork= without mount namespacing
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c '! ip link show dummy-test-exec'
|
||||
ExecStart=/bin/sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
|
||||
ExecStart=sh -x -c '! ip link show dummy-test-exec'
|
||||
ExecStart=sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
|
||||
# Without mount namespacing, we can access the dummy-test-exec interface through sysfs
|
||||
ExecStart=/bin/sh -x -c 'test -d /sys/class/net/dummy-test-exec'
|
||||
ExecStart=sh -x -c 'test -d /sys/class/net/dummy-test-exec'
|
||||
Type=oneshot
|
||||
PrivateNetwork=yes
|
||||
PrivateMounts=no
|
||||
|
||||
@ -3,10 +3,10 @@
|
||||
Description=Test for PrivateNetwork= with mount namespacing
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c '! ip link show dummy-test-exec'
|
||||
ExecStart=/bin/sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
|
||||
ExecStart=sh -x -c '! ip link show dummy-test-exec'
|
||||
ExecStart=sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
|
||||
# With mount namespacing, we cannot access the dummy-test-exec interface through sysfs.
|
||||
ExecStart=/bin/sh -x -c 'test ! -e /sys/class/net/dummy-test-exec'
|
||||
ExecStart=sh -x -c 'test ! -e /sys/class/net/dummy-test-exec'
|
||||
Type=oneshot
|
||||
PrivateNetwork=yes
|
||||
# PrivateNetwork=yes implies PrivateMounts=yes
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for PrivateTmp=yes with prefix
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
|
||||
ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
|
||||
ExecStart=+/bin/sh -x -c 'test -f /tmp/test-exec_privatetmp'
|
||||
Type=oneshot
|
||||
PrivateTmp=yes
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for PrivateTmp=no
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test -f /tmp/test-exec_privatetmp'
|
||||
ExecStart=sh -x -c 'test -f /tmp/test-exec_privatetmp'
|
||||
Type=oneshot
|
||||
PrivateTmp=no
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
Description=Test for PrivateTmp=yes
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
|
||||
ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
|
||||
Type=oneshot
|
||||
PrivateTmp=yes
|
||||
|
||||
@ -7,4 +7,4 @@ Description=Test ProtectHome=tmpfs vs ProtectSystem=strict
|
||||
ProtectHome=tmpfs
|
||||
ProtectSystem=strict
|
||||
Type=oneshot
|
||||
ExecStart=/bin/sh -x -c 'test "$$(stat -fc %%T /home)" = "tmpfs"'
|
||||
ExecStart=sh -x -c 'test "$$(stat -fc %%T /home)" = "tmpfs"'
|
||||
|
||||
@ -5,5 +5,5 @@ Description=Test CAP_SYSLOG for ProtectKernelLogs=no
|
||||
[Service]
|
||||
ProtectKernelLogs=no
|
||||
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
|
||||
ExecStart=/bin/sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_syslog'
|
||||
ExecStart=sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_syslog'
|
||||
Type=oneshot
|
||||
|
||||
@ -5,5 +5,5 @@ Description=Test CAP_SYSLOG for ProtectKernelLogs=yes
|
||||
[Service]
|
||||
ProtectKernelLogs=yes
|
||||
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
|
||||
ExecStart=/bin/sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_syslog'
|
||||
ExecStart=sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_syslog'
|
||||
Type=oneshot
|
||||
|
||||
@ -5,5 +5,5 @@ Description=Test CAP_SYS_MODULE ProtectKernelModules=no
|
||||
[Service]
|
||||
ProtectKernelModules=no
|
||||
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
|
||||
ExecStart=/bin/sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_module'
|
||||
ExecStart=sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_module'
|
||||
Type=oneshot
|
||||
|
||||
@ -5,5 +5,5 @@ Description=Test CAP_SYS_MODULE for ProtectKernelModules=yes
|
||||
[Service]
|
||||
ProtectKernelModules=yes
|
||||
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
|
||||
ExecStart=/bin/sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_module'
|
||||
ExecStart=sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_module'
|
||||
Type=oneshot
|
||||
|
||||
@ -4,5 +4,5 @@ Description=Test to make sure that passing ProtectKernelModules=yes disconnect m
|
||||
|
||||
[Service]
|
||||
ProtectKernelModules=yes
|
||||
ExecStart=/bin/sh -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
|
||||
ExecStart=sh -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
|
||||
Type=oneshot
|
||||
|
||||
@ -4,5 +4,5 @@ Description=Test to make sure that passing ReadOnlyPaths= disconnect mount propa
|
||||
|
||||
[Service]
|
||||
ReadOnlyPaths=-/i-dont-exist
|
||||
ExecStart=/bin/sh -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
|
||||
ExecStart=sh -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
|
||||
Type=oneshot
|
||||
|
||||
@ -7,6 +7,6 @@ Type=oneshot
|
||||
# This should work, as we explicitly disable the effect of ReadOnlyPaths=
|
||||
ExecStart=+/bin/sh -c 'touch /tmp/thisisasimpletest'
|
||||
# This should also work, as we do not disable the effect of ReadOnlyPaths= but invert the exit code
|
||||
ExecStart=/bin/sh -x -c '! touch /tmp/thisisasimpletest'
|
||||
ExecStart=sh -x -c '! touch /tmp/thisisasimpletest'
|
||||
ExecStart=+/bin/sh -c 'rm /tmp/thisisasimpletest'
|
||||
ReadOnlyPaths=/tmp
|
||||
|
||||
@ -5,5 +5,5 @@ Description=Test for ReadOnlyPaths=
|
||||
[Service]
|
||||
ReadOnlyPaths=/etc -/i-dont-exist /usr
|
||||
BindPaths=/etc:/tmp/etc2
|
||||
ExecStart=/bin/sh -x -c 'test ! -w /etc && test ! -w /usr && test ! -e /i-dont-exist && test -w /var'
|
||||
ExecStart=sh -x -c 'test ! -w /etc && test ! -w /usr && test ! -e /i-dont-exist && test -w /var'
|
||||
Type=oneshot
|
||||
|
||||
@ -5,6 +5,6 @@ Description=Test for ReadOnlyPaths=
|
||||
[Service]
|
||||
ReadOnlyPaths=/usr /etc /sys /dev -/i-dont-exist
|
||||
PrivateDevices=yes
|
||||
ExecStart=/bin/sh -x -c 'test ! -w /usr && test ! -w /etc && test ! -w /sys && test ! -w /sys/fs/cgroup'
|
||||
ExecStart=/bin/sh -x -c 'test ! -w /dev && test ! -w /dev/shm && test ! -e /i-dont-exist && test -w /var'
|
||||
ExecStart=sh -x -c 'test ! -w /usr && test ! -w /etc && test ! -w /sys && test ! -w /sys/fs/cgroup'
|
||||
ExecStart=sh -x -c 'test ! -w /dev && test ! -w /dev/shm && test ! -e /i-dont-exist && test -w /var'
|
||||
Type=oneshot
|
||||
|
||||
@ -4,5 +4,5 @@ Description=Test to make sure that passing ReadWritePaths= disconnect mount prop
|
||||
|
||||
[Service]
|
||||
ReadWritePaths=-/i-dont-exist
|
||||
ExecStart=/bin/sh -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
|
||||
ExecStart=sh -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
|
||||
Type=oneshot
|
||||
|
||||
@ -3,8 +3,8 @@
|
||||
Description=Test for RuntimeDirectoryMode
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'mode=$$(stat -c %%a %t/test-exec_runtimedirectory-mode); test "$$mode" = "750"'
|
||||
ExecStart=/bin/sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectory-mode"'
|
||||
ExecStart=sh -x -c 'mode=$$(stat -c %%a %t/test-exec_runtimedirectory-mode); test "$$mode" = "750"'
|
||||
ExecStart=sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectory-mode"'
|
||||
Type=oneshot
|
||||
RuntimeDirectory=test-exec_runtimedirectory-mode
|
||||
RuntimeDirectoryMode=0750
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for RuntimeDirectory owner (must not be the default group of the user if Group is set)
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nfsnobody"'
|
||||
ExecStart=sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nfsnobody"'
|
||||
Type=oneshot
|
||||
Group=nfsnobody
|
||||
User=root
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for RuntimeDirectory owner (must not be the default group of the user if Group is set)
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nobody"'
|
||||
ExecStart=sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nobody"'
|
||||
Type=oneshot
|
||||
Group=nobody
|
||||
User=root
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for RuntimeDirectory owner (must not be the default group of the user if Group is set)
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nogroup"'
|
||||
ExecStart=sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nogroup"'
|
||||
Type=oneshot
|
||||
Group=nogroup
|
||||
User=root
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Description=Test for RuntimeDirectory owner (must not be the default group of the user if Group is set)
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner-daemon); test "$$group" = "daemon"'
|
||||
ExecStart=sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner-daemon); test "$$group" = "daemon"'
|
||||
Type=oneshot
|
||||
Group=daemon
|
||||
User=root
|
||||
|
||||
@ -3,9 +3,9 @@
|
||||
Description=Test for RuntimeDirectory
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test -d %t/test-exec_runtimedirectory'
|
||||
ExecStart=/bin/sh -x -c 'test -d %t/test-exec_runtimedirectory2/hogehoge'
|
||||
ExecStart=/bin/sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectory:%t/test-exec_runtimedirectory2/hogehoge"'
|
||||
ExecStart=sh -x -c 'test -d %t/test-exec_runtimedirectory'
|
||||
ExecStart=sh -x -c 'test -d %t/test-exec_runtimedirectory2/hogehoge'
|
||||
ExecStart=sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectory:%t/test-exec_runtimedirectory2/hogehoge"'
|
||||
Type=oneshot
|
||||
RuntimeDirectory=test-exec_runtimedirectory
|
||||
RuntimeDirectory=./test-exec_runtimedirectory2///./hogehoge/.
|
||||
|
||||
@ -3,9 +3,9 @@
|
||||
Description=Test for SetCredential=
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'test "$$(cat %d/test-execute.set-credential)" = "hoge"'
|
||||
ExecStartPost=/bin/sh -x -c 'test "$$(cat %d/test-execute.set-credential)" = "hoge"'
|
||||
ExecStop=/bin/sh -x -c 'test "$$(cat %d/test-execute.set-credential)" = "hoge"'
|
||||
ExecStopPost=/bin/sh -x -c 'test "$$(cat %d/test-execute.set-credential)" = "hoge"'
|
||||
ExecStart=sh -x -c 'test "$$(cat %d/test-execute.set-credential)" = "hoge"'
|
||||
ExecStartPost=sh -x -c 'test "$$(cat %d/test-execute.set-credential)" = "hoge"'
|
||||
ExecStop=sh -x -c 'test "$$(cat %d/test-execute.set-credential)" = "hoge"'
|
||||
ExecStopPost=sh -x -c 'test "$$(cat %d/test-execute.set-credential)" = "hoge"'
|
||||
Type=oneshot
|
||||
SetCredential=test-execute.set-credential:hoge
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user