1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-12 13:18:14 +03:00
Commit Graph

605 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
48449f41b4
Merge pull request #8303 from yuwata/fix-8276
test: use synthesize_nobody() in test-execute
2018-03-02 12:53:11 +01:00
Zbigniew Jędrzejewski-Szmek
47920c4a26
Merge pull request #8316 from yuwata/fix-8315
sysusers: do not create duplicated groups when create users
2018-03-02 11:32:25 +01:00
Yu Watanabe
69b0740785 test-execute: add tests with user/group daemon
The nobody user/group may not synthesized by systemd.
To run tests the functionalities in such situation, this adds tests
by user/group by daemon, as it is expected to exists all environments.
2018-03-02 16:42:53 +09:00
Filipe Brandenburger
67348e791d test: masked unit with drop-ins 2018-03-01 21:14:13 -08:00
Yu Watanabe
d4f0412de4 sysusers: do not implicitly create group by 'm' if 'u' with the same name exists
The commit e2c2060f7b makes 'm' lines
disturb 'u' lines.
This fixes the disturbance.
2018-03-02 07:38:28 +09:00
Yu Watanabe
fb5dfbc2d8 test: add a test for sysusers
The test cases for sysusers did not cover the situation reported in
issue #8315. Let's add one more test case.
2018-03-02 07:12:40 +09:00
Yu Watanabe
d2f95a223f test-execute: add a test for the case that NOBODY_GROUP_NAME is nogroup 2018-03-01 18:31:26 +09:00
Filipe Brandenburger
27e2779bed rule-syntax-check: fix handling of runaway strings in comma splitting (#8298)
A runaway string should still be returned by the code that splits on
commas, so add a '?' to the regex so that the last '"?' in a string
still produces a valid block for the split code.

Tested:

  ACTION=="remove\"GOTO=""

Which then produced:

  $ test/rule-syntax-check.py src/login/70-uaccess.rules
  # looking at src/login/70-uaccess.rules
  Invalid line src/login/70-uaccess.rules:10: ACTION=="remove\"GOTO=""
    clause: ACTION=="remove\"GOTO=""
2018-02-28 03:11:38 +03:00
Zbigniew Jędrzejewski-Szmek
10eeab67aa
Merge pull request #8297 from filbranden/udevrule1
Udev rule syntax checker updates
2018-02-27 22:35:19 +01:00
Filipe Brandenburger
c9715ffce3 rule-syntax-check: allow commas inside quoted strings
Using a regex to match the groups is smarter than the split(',') that
would break in those cases.

Tested:

  SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*,*:070202:*", TAG+="uaccess"

Rule checker doesn't break there after this commit.
2018-02-27 13:11:07 -08:00
Filipe Brandenburger
d498347a01 rule-syntax-check: add support for escaped double quotes
Add support to backslash-escaped double quote inside a string.

Tested by modifying src/login/70-uaccess.rules to include:

  ACTION=="remove" it", GOTO="uaccess_end"

And had the rule checker complain about it:

  $ test/rule-syntax-check.py src/login/70-uaccess.rules
  # looking at src/login/70-uaccess.rules
  Invalid line src/login/70-uaccess.rules:10: ACTION=="remove" it", GOTO="uaccess_end"
    clause: ACTION=="remove" it"
2018-02-27 11:15:42 -08:00
Franck Bui
75a56cb632 rule-syntax-check: values can contain escaped double quotes
This is true since commit 7e760b79ad.

Note that the changes in the regex expressions relies on the fact that the
script assumes that the comma separator is mandatory.

Add a comment in the script to clarify this.
2018-02-27 14:42:09 +01:00
Franck Bui
905ca72a8f rule-syntax-check: PROGRAM is not supposed to get value assigned
In udev man page, "PROGRAM" key is part of the keys which are used for
matching purposes so it should only be used with the compare operator "==".

Actually it doesn't really make sense to assign it a value.

udev code allows both "=" and "==" for PROGRAM and both are handled the same
way but for consistencies it's better to have only the compare operator allowed
by the rule syntax checker.

No rules shipped by systemd use PROGRAM key so nothing need to be changed in
our rule files.
2018-02-27 14:38:23 +01:00
Yu Watanabe
4c40f267c7 test: use "$$" to pass a literal dollar sign
Follow-up for 9323298657.
2018-02-26 12:50:07 +09:00
Yu Watanabe
ac1f08b92b test: use setup_fake_runtime_dir() in test-execute 2018-02-26 12:50:03 +09:00
Lennart Poettering
72a1db0bb2 test: don't complain if bpffs is world-writable
Apparently, world-writable bpffs is intended by the kernel folks, hence
let's make sure we don't choke on it on our tests.
2018-02-21 16:43:36 +01:00
Yu Watanabe
9323298657 test: fix test for TemporaryFileSystem= (#8241)
This makes test-execute work on SELinux enabled systems.

Fixes the issue reported at
https://github.com/systemd/systemd/pull/7908#discussion_r169583540
2018-02-21 16:43:35 +01:00
Alan Jenkins
59e00b2a16
Merge pull request #7908 from yuwata/rfe-7895
core: add TemporaryFileSystem= setting and 'tmpfs' option to ProtectHome=
2018-02-21 08:57:11 +00:00
Evgeny Vereshchagin
24a01950a3 tests: stop using nobody in test-udev.pl (#8239)
`nobody` is a special user, whose credentials should be extracted with
`get_user_creds`. `getpwnam` called in `test-udev.pl` is a bit different,
which causes the test to fail with the following error:
```
device '/devices/pci0000:00/0000:00:1f.2/host0/target0:0:0/0:0:0:0/block/sda' expecting node/link 'node'
  expected permissions are: nobody::0600
  created permissions are : 65534:0:0600
permissions: error
add:         ok
remove:      ok
```
The ideal fix would probably be to implement `get_user_creds` in Perl, but in this
PR the issue is simply got around by using `daemon` instead of `nobody`.

Closes https://github.com/systemd/systemd/issues/8196.
2018-02-21 08:34:42 +01:00
Yu Watanabe
4cac89bd7c test: add tests for TemporaryFileSystem= 2018-02-21 09:18:14 +09:00
Evgeny Vereshchagin
31ce89e7d9 tests: reset _found at the end of each iteration (#8195)
This makes `inst_rules` really print all rules it skips.
2018-02-16 14:26:26 +01:00
Dimitri John Ledkov
9c869ff6bf test/test-functions: Debian/Ubuntu, now ship 95-dm-notify.rules, copy it
This fixes cryptsetup tests on recent Ubuntu/Debian systems (current
development series).

Bug-Launchpad: https://launchpad.net/bugs/1749432
2018-02-15 17:48:31 +01:00
Yu Watanabe
24c2c5689d
Merge pull request #8058 from keszybz/sysusers-inline
Extend sysusers for package installation scripts
2018-02-05 16:50:51 +09:00
Batuhan Osman Taşkaya
278391c2fe test: sort imports and use "new" string formatting
Followed PEP8 and PEP3101 rules (#8079)
Imports re-ordered by Alphabetical Standarts for following PEP8
Old type string formattings (" example %s " % exampleVar ) re-writed as new type string
formattings ( " example {} ".format(exampleVar) ) for following PEP3101
2018-02-05 07:28:53 +01:00
Zbigniew Jędrzejewski-Szmek
4e9fe38dc0 test/TEST-21-SYSUSERS: add tests for new functionality 2018-02-02 10:40:24 +01:00
Michael Vogt
b9ee05c266 sysusers: allow force reusing existing user/group IDs (#8037)
On Debian/Ubuntu systems the default passwd/group files use a
slightly strange mapping. E.g. in passwd:
```
man6:12::/var/cache/man:/sbin/nologin
```
and in group:
```
disk6:
man12:
```

This is not supported in systemd-sysusers right now because
sysusers will not re-use an existing uid/gid in its normal
mode of operation. Unfortunately this reuse is needed to
replicate the default Debian/Ubuntu users/groups.

This commit enforces reuse when the "uid:gid" syntax is used
to fix this.

I also added a test that replicates the Debian base-passwd
passwd/group file to ensure things are ok.
2018-02-01 13:47:50 +09:00
Evgeny Vereshchagin
4c0d481095
Merge pull request #7933 from keszybz/fuzz-regression
test: add fuzzer regression testing
2018-01-27 12:56:42 +03:00
Zbigniew Jędrzejewski-Szmek
b68dfb9e83 Hook up oss-fuzz test cases as tests
This is a bit painful because a separate build of systemd is necessary. The
tests are guarded by tests!=false and slow-tests==true. Running them is not
slow, but compilation certainly is. If this proves unwieldy, we can add a
separate option controlling those builds later.

The build for each sanitizer has its own directory, and we build all fuzzer
tests there, and then pull them out one-by-one by linking into the target
position as necessary. It would be nicer to just build the desired fuzzer, but
we need to build the whole nested build as one unit.

[I also tried making systemd and nested meson subproject. This would work
nicely, but meson does not allow that because the nested target names are the
same as the outer project names. If that is ever fixed, that would be the way
to go.]

v2:
- make sure things still work if memory sanitizer is not available
v3:
- switch to syntax which works with meson 0.42.1 found in Ubuntu
2018-01-27 09:03:46 +01:00
Michael Vogt
28e7fad73f sysusers: ensure GID in uid:gid syntax exists
Ensure that the GID already exists or is created when the new
"uid:gid" syntax is used. This ensures the behaviour is always
predictable.
2018-01-25 17:43:08 +01:00
Michael Vogt
e2c2060f7b sysusers: make ADD_GROUP always create a group
Do not merge group creation with user creation because with the
new uid:gid syntax this can result in confusing (and unwanted)
behavior.
2018-01-25 12:51:06 +01:00
Michael Vogt
1e589ed264 test: add TEST-21-SYSUSERS test
This test tests the systemd-sysuser binary via the --root=$TESTDIR
option and ensures that for the given inputs the expected passwd
and group files will be generated.
2018-01-25 12:51:00 +01:00
Jonathan Rudenberg
2bd37c5be2 fuzz: add DHCP server fuzzer 2018-01-19 21:48:14 -05:00
Jonathan Rudenberg
8137e92dbe test: add regression test for oss-fuzz issue 5465
Fixed in #7923
2018-01-20 09:07:24 +11:00
Jonathan Rudenberg
118452ade6 test: add regression test for #7888 2018-01-20 09:07:14 +11:00
Lennart Poettering
db256aab13 core: be stricter when handling PID files and MAINPID sd_notify() messages
Let's be more restrictive when validating PID files and MAINPID=
messages: don't accept PIDs that make no sense, and if the configuration
source is not trusted, don't accept out-of-cgroup PIDs. A configuratin
source is considered trusted when the PID file is owned by root, or the
message was received from root.

This should lock things down a bit, in case service authors write out
PID files from unprivileged code or use NotifyAccess=all with
unprivileged code. Note that doing so was always problematic, just now
it's a bit less problematic.

When we open the PID file we'll now use the CHASE_SAFE chase_symlinks()
logic, to ensure that we won't follow an unpriviled-owned symlink to a
privileged-owned file thinking this was a valid privileged PID file,
even though it really isn't.

Fixes: #6632
2018-01-11 15:12:16 +01:00
bleep_blop
7629744a3d separate flags from shebang 2017-12-25 19:48:49 +01:00
Jörg Thalheim
2a5fcfae02 more portable perl shebangs (#7701)
same motivation as in #5816:

- distributions have scripts to rewrite shebangs on installation and
  they know what locations to rely on.
- For tests/compilation we should rather rely on the user to have setup
  there PATH correctly.
2017-12-19 11:13:34 +01:00
Lennart Poettering
c4b0c4599d test: fix TEST-13-NSPAWN-SMOKE
We need to specify a full path to the "ip" binary and busybox "ip" has a
slightly different output than the normal ip, and won't show "DOWN".
hence instead ensure that at lest not "UP" is in there.
2017-12-15 20:51:55 +01:00
Lennart Poettering
3d710b0440 test: make sure "make" in the test directories works again
Fixes: #7648
2017-12-15 19:48:08 +01:00
Zbigniew Jędrzejewski-Szmek
bdd2bbc445
Merge pull request #7469 from kinvolk/dongsu/nspawn-netns
nspawn: introduce an option for specifying network namespace path
2017-12-14 22:47:57 +01:00
Iago López Galeiras
f3d33947ea test: add smoke tests for --network-namespace-path
We create net ns with `ip netns`, pass the created ns to nspawn and
check the loopback interface is DOWN.
2017-12-14 17:34:26 +01:00
Daniel Black
a327431bd1 core: add EXTEND_TIMEOUT_USEC={usec} - prevent timeouts in startup/runtime/shutdown (#7214)
With Type=notify services, EXTEND_TIMEOUT_USEC= messages will delay any startup/
runtime/shutdown timeouts.

A service that hasn't timed out, i.e, start time < TimeStartSec,
runtime < RuntimeMaxSec and stop time < TimeoutStopSec, may by sending
EXTEND_TIMEOUT_USEC=, allow the service to continue beyond the limit for
the execution phase (i.e TimeStartSec, RunTimeMaxSec and TimeoutStopSec).

EXTEND_TIMEOUT_USEC= must continue to be sent (in the same way as
WATCHDOG=1) within the time interval specified to continue to reprevent
the timeout from occuring.

Watchdog timeouts are also extended if a EXTEND_TIMEOUT_USEC is greater
than the remaining time on the watchdog counter.

Fixes #5868.
2017-12-14 12:17:43 +01:00
Dongsu Park
25fd814316 test: add CLI smoke tests for --network-namespace-path of nspawn
Since the new option `--network-namespace-path=` of systemd-nspawn
cannot be used together with other network-related options, we need
to add more smoke tests for checking these conditions of options.
2017-12-13 10:21:06 +00:00
Lennart Poettering
ea781d0dd8
Merge pull request #7554 from keszybz/autodetect-build
Autodetect build directory ignoring mkosi artefacts
2017-12-07 09:07:40 +01:00
Zbigniew Jędrzejewski-Szmek
2535f23dd8 run-integration-test: allow argument to be overriden
This is useful for "sudo test/run-integration-tests.sh clean".
2017-12-06 15:16:55 +01:00
Zbigniew Jędrzejewski-Szmek
ded65775a2 tests: try to autodetect directory better
Ignore mkosi.builddir. In the future we can also add other patterns
if necessary.

run-intergration-tests.sh is updated to use the new script, and modified
to work from arbitrary directory.

Follow-up for #7494.
2017-12-06 15:16:35 +01:00
Lennart Poettering
66d73cc728 test-execute: use the "nogroup" group if it exists for testing
We currently look for "nobody" and "nfsnobody" when testing groups, both
of which do not exist on Ubuntu, our main testing environment. Let's
extend the tests slightly to also use "nogroup" if it exists.
2017-12-06 13:40:50 +01:00
Yu Watanabe
4e79aeaa65 test-execute: add tests for CPUAffinity= 2017-12-06 10:44:20 +09:00
Zbigniew Jędrzejewski-Szmek
11d0f6cb67
Merge pull request #7532 from yuwata/test-execute
test-execute: add test for that DynamicUser= migrates StateDirectory=
2017-12-05 21:43:14 +01:00
Yu Watanabe
028f3a7f9c test-execute: add test for that DynamicUser= migrate StateDirectory=
Test for 949befd3f0.
2017-12-06 00:37:09 +09:00
Yu Watanabe
f0e018e748 test-execute: cleanup
This makes rename the test units by a consistent naming scheme,
add several logs, and sort internal functions.
No functional change.
2017-12-06 00:36:55 +09:00
Lennart Poettering
8fe9c8d920 test: add a simple script that runs all our integration tests one after the other 2017-12-05 13:49:13 +01:00
Lennart Poettering
9b45c2bf02 tests: don't use "netcat" for testing TEST-10-ISSUE-2467
Apparently there are a myriad of netcat implementations around, and they
all behave slightly differently. The one I have on my Fedora 27
installation will cause a failure when invoked as "nc -U" on an AF_UNIX
socket whose connections are immediately disconnected, thus causing the
test to fail.

Let's avoid all ambiguities in this regard, and drop usage of netcat
altoegther. Instead let's use a FIFO in the file system, which we can
connect to with only shell commands, and is hence much simpler and
more reliable to test with.

The actual test is supposed to validate that PID 1 doesn't hang when
activation of a socket-activated service fails, hence which transport
mechanism is used ultimately doesn't matter, as long as we activate the
service, and we do here...
2017-12-05 13:49:13 +01:00
Lennart Poettering
f2d566b728 tests: make TEST-10-ISSUE-2467 also run in nspawn
No reason not to run it in nspawn, and it's easier to debug than the
qemu version.
2017-12-05 13:49:13 +01:00
Lennart Poettering
7ae8162f29 tests: fix description of TEST-14-MACHINE-ID
It used the same description as TEST-01, and that's hardly helpful.
2017-11-29 12:34:12 +01:00
Zbigniew Jędrzejewski-Szmek
3113b5aca0 test: increase the timeout for hwdb-test
This test does a lot of mmap/madvise/unmmap, which is slow under address sanitizer.
Just increase the timeout to avoid spurious failure.
2017-11-26 15:07:53 +01:00
Yu Watanabe
07b3a02643 test: set log_level to info in test-hwdb and check-help-*
These tests check the stderr. So, if the systemd.log_level=debug
is set in the kernel command line, then these tests fail.
This set log_level to info in hwdb-test.sh and meson-check-help.sh,
the kernel command line not to change the output of the target
programs.

Fixes #7362.
2017-11-26 00:01:55 +09:00
Lennart Poettering
dd202b8859 test: skip DELEGATE test if the kernel can't do cgroupv2 (#7445)
Fixes: #7440
2017-11-24 15:29:06 +01:00
Yu Watanabe
8b3c4b5757 test-execute: test more % specifiers (#7450) 2017-11-24 10:17:28 +01:00
Evgeny Vereshchagin
71050acb68 tests: install test as part of BASICTOOLS (#7434)
This makes TEST-19-DELEGATE, which is currently failing, work.

Closes https://github.com/systemd/systemd/issues/7425.
2017-11-23 13:28:12 +01:00
Zbigniew Jędrzejewski-Szmek
6b97bf2287 meson: re-attach rule-syntax-check.py test
39/248 rule-syntax-check                       OK     0.07 s

--- command ---
/home/zbyszek/src/systemd-work/test/rule-syntax-check.py \
    /home/zbyszek/src/systemd-work/build/../rules/60-block.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-cdrom_id.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-drm.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-evdev.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-input-id.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-persistent-alsa.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-persistent-input.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-persistent-storage.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-persistent-storage-tape.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-persistent-v4l.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-sensor.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-serial.rules \
    /home/zbyszek/src/systemd-work/build/../rules/70-joystick.rules \
    /home/zbyszek/src/systemd-work/build/../rules/70-mouse.rules \
    /home/zbyszek/src/systemd-work/build/../rules/70-touchpad.rules \
    /home/zbyszek/src/systemd-work/build/../rules/75-net-description.rules \
    /home/zbyszek/src/systemd-work/build/../rules/75-probe_mtd.rules \
    /home/zbyszek/src/systemd-work/build/../rules/78-sound-card.rules \
    /home/zbyszek/src/systemd-work/build/../rules/80-drivers.rules \
    /home/zbyszek/src/systemd-work/build/../rules/80-net-setup-link.rules \
    /home/zbyszek/src/systemd-work/build/rules/50-udev-default.rules \
    /home/zbyszek/src/systemd-work/build/rules/64-btrfs.rules \
    /home/zbyszek/src/systemd-work/build/rules/99-systemd.rules
--- stdout ---
...
-------

It got dropped by mistake in 72cdb3e783.
2017-11-22 12:46:08 +01:00
Zbigniew Jędrzejewski-Szmek
2956395c83 rule-test-syntax: modernize syntax and add debug message 2017-11-22 12:29:58 +01:00
Zbigniew Jędrzejewski-Szmek
ffb70e4424
Merge pull request #7381 from poettering/cgroup-unified-delegate-rework
Fix delegation in the unified hierarchy + more cgroup work
2017-11-22 07:42:08 +01:00
Lennart Poettering
23209bcd37 test: fix UDEV-WANTS testcase for non-bash shells (#7407)
testsuite.sh uses "set -o pipefile", which is a bashism, hence use bash
to invoke the script.
2017-11-21 17:38:43 +01:00
Lennart Poettering
0b0c55fafd
Merge pull request #7363 from poettering/success-action
Generalize FailureAction=, and add SuccessAction=
2017-11-21 11:57:42 +01:00
Lennart Poettering
e7266e98f9 test: fix UDEV-WANTS testcase for non-bash shells
testsuite.sh uses "set -o pipefile", which is a bashism, hence use bash
to invoke the script.
2017-11-21 11:54:08 +01:00
Lennart Poettering
b961baf1ce test: add a test case that validates cgroup delegation
This test runs on the unified hierarchy, and ensures that cgroup
delegation works properly, i.e. writ access is granted and the requested
controllers are enabled.
2017-11-21 11:54:08 +01:00
Zbigniew Jędrzejewski-Szmek
7624e721c8 test: fall back to /boot if bootctl -p fails (#7397)
It doesn't really matter why.
2017-11-20 20:08:11 +01:00
Lennart Poettering
24aab7936c test: add testcase for FailureAction=/SuccessAction=
it also ensures that rebooting once gets us back up. Yay!
2017-11-20 16:37:22 +01:00
Lennart Poettering
4ff183d419
Merge pull request #7154 from keszybz/bootspec
List bootspec entries in bootctl and use the default for kexec
2017-11-20 13:06:33 +01:00
Lennart Poettering
0133d5553a
Merge pull request #7198 from poettering/stdin-stdout
Add StandardInput=data, StandardInput=file:... and more
2017-11-19 19:49:11 +01:00
Zbigniew Jędrzejewski-Szmek
3a726fcd08 Add license headers and SPDX identifiers to meson.build files
So far I avoided adding license headers to meson files, but they are pretty
big and important and should carry license headers like everything else.
I added my own copyright, even though other people modified those files too.
But this is mostly symbolic, so I hope that's OK.
2017-11-19 19:08:15 +01:00
Zbigniew Jędrzejewski-Szmek
d9215cd838 Add SPDX license headers to various assorted files 2017-11-19 19:08:15 +01:00
Zbigniew Jędrzejewski-Szmek
35df744355 Add SPDX license headers to python scripts 2017-11-19 19:08:15 +01:00
Zbigniew Jędrzejewski-Szmek
906bbac474 test: do not hardcode location of EFI partition 2017-11-19 12:36:20 +01:00
Lennart Poettering
666d787787 test: add basic test for StandardInput=file: 2017-11-17 11:13:44 +01:00
Lennart Poettering
da543f6a77 test: add tests for StandardInputText= and StandardInputData= 2017-11-17 11:13:44 +01:00
Zbigniew Jędrzejewski-Szmek
f886559e55
Merge pull request #7186 from poettering/track-deps
rework unit dependency data structure to track why deps get created
2017-11-12 16:14:41 +01:00
Yu Watanabe
7f749487c5 test-execute: change path to python3 (#7306)
Change python3 path from /bin/python3 to /usr/bin/python3 to make
the test work on Ubuntu Xenial.

Follow-up for #7178.
2017-11-12 16:09:00 +01:00
Yu Watanabe
7a18854fe7 test-execute: update test for SystemCallErrorNumber= 2017-11-11 21:54:29 +09:00
Yu Watanabe
b4891260b9 test: add tests for syscall:errno style in SystemCallFilter= 2017-11-11 21:54:20 +09:00
Lennart Poettering
3ac62a0ee4 test: add test case for adding/removing dependencies via udev rules 2017-11-10 19:52:41 +01:00
Yu Watanabe
23fd04e92d test: add test for ReadOnlyPaths= with RuntimeDirectory= 2017-11-08 15:48:32 +09:00
Dimitri John Ledkov
4b742c8acd test: switch to using ext4 instead of ext3 as default fallback fs (#7265)
Using ext3 is not representative anymore, and Ubuntu has stopped shipping
fsck.ext3 in the initramfs.
2017-11-07 17:51:30 +03:00
Lars Karlitski
cc25a67e2a journalctl: add --output-fields= (#7181)
This option allows restricting the shown fields in the output modes that
would normally show all fields. It allows clients that are only
interested in a subset of the fields to access those more efficiently.
Also, it makes the resulting size of the output more predictable.

It has no effect on the various `short` output modes, because those
already only show a subset of the fields.
2017-10-27 12:10:47 +09:00
Lennart Poettering
9672b58398 test: add simple test for validating some of the unit specifiers we support
(Also, sort list of test unit files in meson.build alphabetically, to
make future additions more systematic)
2017-10-26 18:01:04 +02:00
Yu Watanabe
038a373651 test-execute: always use /bin/sh 2017-10-12 13:26:39 +09:00
Yu Watanabe
d053b72bdd test: add test for BindPaths= and BindReadOnlyPaths=
Follow-up for a8cabc612b.
2017-10-12 13:25:06 +09:00
Mike Gilbert
1e99c1ee82 test: skip hwdb and sysv-generator if the features are disabled (#7026) 2017-10-08 22:14:45 +02:00
Zbigniew Jędrzejewski-Szmek
1ec57f3394 build-sys: s/ENABLE_RESOLVED/ENABLE_RESOLVE/
The configuration option was called -Dresolve, but the internal define
was …RESOLVED. This options governs more than just resolved itself, so
let's settle on the version without "d".
2017-10-04 12:09:51 +02:00
Zbigniew Jędrzejewski-Szmek
349cc4a507 build-sys: use #if Y instead of #ifdef Y everywhere
The advantage is that is the name is mispellt, cpp will warn us.

$ git grep -Ee "conf.set\('(HAVE|ENABLE)_" -l|xargs sed -r -i "s/conf.set\('(HAVE|ENABLE)_/conf.set10('\1_/"
$ git grep -Ee '#ifn?def (HAVE|ENABLE)' -l|xargs sed -r -i 's/#ifdef (HAVE|ENABLE)/#if \1/; s/#ifndef (HAVE|ENABLE)/#if ! \1/;'
$ git grep -Ee 'if.*defined\(HAVE' -l|xargs sed -i -r 's/defined\((HAVE_[A-Z0-9_]*)\)/\1/g'
$ git grep -Ee 'if.*defined\(ENABLE' -l|xargs sed -i -r 's/defined\((ENABLE_[A-Z0-9_]*)\)/\1/g'
+ manual changes to meson.build

squash! build-sys: use #if Y instead of #ifdef Y everywhere

v2:
- fix incorrect setting of HAVE_LIBIDN2
2017-10-04 12:09:29 +02:00
Lennart Poettering
8adb3d63e6 test: add test for DynamicUser= + StateDirectory=
Also, tests for DynamicUser= should really run for system mode, as we
allocate from a system resource.

(This also increases the test timeout to 2min. If one of our tests
really hangs then waiting for 2min longer doesn't hurt either. The old
2s is really short, given that we run in potentially slow VM
environments for this test. This becomes noticable when the slow "find"
command this adds is triggered)
2017-10-02 17:41:44 +02:00
Zbigniew Jędrzejewski-Szmek
0bca795456 sys-script: remove output directory if it exists
meson will occasionally call us even though the output directory
exists. Let's just nuke and recreate in that case.
2017-09-29 12:28:25 +02:00
Zbigniew Jędrzejewski-Szmek
227ef9bc38 create-sys-script: adapt to separate build dir, modernize, add more checks
The script wasn't apparently used since the switch to meson, because
it required the sys subdirectory to be present in the same subdirectory
where the output script is located.

Let's use f-strings to make the whole thing more readable. Add some
extra checks.
2017-09-29 12:27:21 +02:00
Franck Bui
7e760b79ad udev-rules: all values can contain escaped double quotes now (#6890)
This is primarly useful to support escaped double quotes in PROGRAM or
IMPORT{program} directives.

The only possibilty before this patch was to use an external shell script but
this seems too cumbersome for trivial logics such as

 PROGRAM=="/bin/sh -c 'FOO=\"%s{model}\"; echo ${FOO:0:4}'"

or any similar shell constructs that needs to deals with patterns including
whitespaces.

As it's the case for single quote and for directives running a program, words
within escaped double quotes will be considered as a single argument.

Fixes: #6835
2017-09-28 08:53:46 +02:00
Zbigniew Jędrzejewski-Szmek
fdf666bc76 meson: hook up hwdb-test.sh again
The motivation for the ./systemd-hwdb is the same as in the grandparent
for systemd-sysv-generator.
2017-09-26 13:44:38 +02:00
Zbigniew Jędrzejewski-Szmek
b7191b2a9b meson: hook up udev-test.pl again
Seems it was dropped along with the automake rules in
72cdb3e783.
2017-09-26 13:44:38 +02:00
Zbigniew Jędrzejewski-Szmek
73e406e140 sysv-generator-test: do not query $builddir
This variable is not set by meson, so let's not try to use it.

We could use some more elaborate scheme (e.g. based on $MESON_BUILD_ROOT and
$MESON_SUBDIR) to find the path to systemd-sysv-generator, but it seems
that plain ./systemd-sysv-generator works just as well and has the advantage
that it's easy to invoke the test by hand (as long as one cd's to the
meson build dir).
2017-09-26 13:44:38 +02:00
Zbigniew Jędrzejewski-Szmek
a4b57b322e sysv-generator-test: drop python2 work-around
We require python3 for meson anyway, so support python2 doesn't seem
useful anymore.
2017-09-26 13:44:38 +02:00
Lennart Poettering
42cc99d5ec test: add test case for UnsetEnvironment= 2017-09-14 15:17:40 +02:00
Yu Watanabe
5ed0dcf4d5 test: drop Exec* prefixes to obtain paths of executables 2017-08-30 16:00:07 +09:00
Michal Sekletar
b58aeb70db service: attempt to execute next main command only for oneshot services (#6619)
This commit fixes crash described in
https://github.com/systemd/systemd/issues/6533

Multiple ExecStart lines are allowed only for oneshot services
anyway so it doesn't make sense to call service_run_next_main() with
services of type other than SERVICE_ONESHOT.

Referring back to reproducer from the issue, previously we didn't observe
this problem because s->main_command was reset after daemon-reload hence
we never reached the assert statement in service_run_next_main().

Fixes #6533
2017-08-25 16:36:10 +03:00
Martin Pitt
818567fce6 test: Run qemu/nspawn tests with "set -e"
This catches errors like "ninja not found", missing programs etc. early,
instead of silently ignoring them and trying to boot a broken VM.

In install_config_files(), allow some distro specific files to be absent
(such as /etc/sysconfig/init).
2017-08-10 08:43:13 +02:00
Martin Pitt
22077c9c91 test: Write state and log files into $BUILD_DIR
This avoids clobbering the source tree with .testdir/test.log files and
makes the tests work in situations where the source tree is read-only.
2017-08-10 08:30:55 +02:00
Evgeny Vereshchagin
ca992ecf07 tests: use ninja-build if ninja is not available (#6544)
This makes the tests work on CentOS, which currently has ninja-build
only.
2017-08-07 11:06:07 +02:00
Martin Pitt
054ee249a2 test: Factorize common integration test functions (#6540)
All test/TEST* but TEST-02-CRYPTSETUP share the same check_result_qemu()
and test_cleanup(), so move them into test_functions and only override
them in TEST-02-CRYPTSETUP.

Also provide a common test_run() which by default assumes that both QEMU
and nspawn tests are run. Particular tests which don't support either
need to explicitly opt out by setting $TEST_NO_{QEMU,NSPAWN}. Do it this
way around to avoid accidentally forgetting to opt in, and to encourage
test authors to at least always support nspawn.
2017-08-04 15:34:14 +03:00
Zbigniew Jędrzejewski-Szmek
a6c97fc460 Drop bus-policy bits 2017-07-23 09:29:02 -04:00
Zbigniew Jędrzejewski-Szmek
26116187dd test: try to guess the build directory
This will work if $(TOP_SRC_DIR) has exactly one subdirectory with
.ninja_deps. Otherwise, BUILD_DIR has to be specified.
2017-07-18 10:05:06 -04:00
Zbigniew Jędrzejewski-Szmek
209f4b9e33 test: convert test/ to use meson install
Automatic rebuilding is removed: it doesn't play well with ninja, because
ninja always writes logs, and even if nothing needs to be built, it will
make the log file owned by root. So let's just remove this, and say that
the user must always do the build first.

I'm also keeping make for the tests, because ninja doesn't play well with
sudo.

Since the build directory is arbitrary, it needs to be specified, e.g.
  sudo make BUILD_DIR=/home/zbyszek/src/systemd/build1 -C test/TEST-01-BASIC/
2017-07-18 10:05:06 -04:00
Zbigniew Jędrzejewski-Szmek
72cdb3e783 build-sys: drop automake support
v2:
- also mention m4
2017-07-18 10:04:44 -04:00
Martin Pitt
23fa427d66 tests: ignore router state in networkd test (#6390)
In networkd-test.py, don't assert that the router state is "routable".
While it should eventually become that, we don't wait for it, and thus
at that point it often is "carrier" or "degrated" still. It is also not
really relevant as this only tests the "client" side interface.
2017-07-18 00:06:35 +02:00
Zbigniew Jędrzejewski-Szmek
1256c4814f meson: hook up sysv-generator-test 2017-07-13 19:21:40 -04:00
Zbigniew Jędrzejewski-Szmek
7f0cc63771 sysv-generator: use generator_add_symlink()
generator_add_symlink() is extended to ignore EEXIST. This should be fine
for all existing callers.

There's a small difference in behaviour when adding symlinks in sysv-generator:
the message is more generic and does not include ", ignored". But creation of
symlinks shouldn't ever fail except if things are very wrong, so in practice
this shouldn't matter.

Test needed updating: os.path.exists(os.readlink(link)) only works if the link
is absolute (or if we are in the right directory). Let's just use
os.path.exists(link), which properly tests that the symlink target exists.
2017-07-13 18:56:36 -04:00
tblume
85393d8f31 tests: adapt test-functions to run tests on SUSE (#6270) 2017-07-06 14:30:14 -04:00
Timothée Ravier
c090d74dd9 test: ensure 'InaccessiblePaths=/proc' option works (#6017)
Test case for PR #5985.
2017-05-25 07:47:08 +03:00
Evgeny Vereshchagin
b8d79b4b68 tests: stop creating /TEST (#5943)
Closes #5856.
2017-05-11 18:56:39 -04:00
Michael Biebl
8251ee109c Merge pull request #5842 from keszybz/meson-status-and-conditionals
Meson status and conditional simplification
2017-05-03 16:45:31 +02:00
Zbigniew Jędrzejewski-Szmek
2c201c2140 meson: use booleans for conf.set and drop unecessary conditionals
Using conf.set() with a boolean argument does the right thing:
either #ifdef or #undef. This means that conf.set can be used unconditionally.

Previously I used '1' as the placeholder value, and that needs to be changed to
'true' for consistency (under meson 1 cannot be used in boolean context). All
checks need to be adjusted.
2017-05-02 16:29:11 -04:00
Jörg Thalheim
3e67e5c992 more portable python shebangs (#5816)
This is useful on systems like NixOS, where python3 is not in
/usr/bin/python3 as well as for people using alternative ways to
install python such as virtualenv/pyenv.
2017-04-30 20:26:56 -04:00
Chris Lamb
04e599b1ce test: explain why we explicitly make all despite test/Makefile's check target calling it (#5830) 2017-04-29 08:23:13 +02:00
Evgeny Vereshchagin
d5d5e06086 Merge pull request #5704 from keszybz/meson
meson: build systemd using meson
2017-04-25 16:10:15 +03:00
Zbigniew Jędrzejewski-Szmek
b884196cc1 meson: also indent scripts with 8 spaces 2017-04-25 08:49:16 -04:00
Lennart Poettering
8ea9aa9e88 Merge pull request #5354 from msekletar/issue-518
service: serialize information about currently executing command
2017-04-24 19:51:34 +02:00
Zbigniew Jędrzejewski-Szmek
37efbbd821 meson: reindent all files with 8 spaces
The indentation for emacs'es meson-mode is added .dir-locals.

All files are reindented automatically, using the lasest meson-mode from git.
Indentation should now be fairly consistent.
2017-04-23 21:47:29 -04:00
Zbigniew Jędrzejewski-Szmek
d83f4f506d test-efi-create-disk.sh: allow running from separate build dir, hook up to meson
This allow test-efi-disk.img to be created under meson.
The invocation of qemu is not converted yet, in particular because the
command-line used in Makefile.am is outdated.
2017-04-23 21:47:29 -04:00
Zbigniew Jędrzejewski-Szmek
4ff3f251b9 meson: install test data
v2:
- do not install test-data if instal-tests=no
2017-04-23 21:47:28 -04:00
Dimitri John Ledkov
b56be2966a networkd: Add bridge port priority setting (#5545)
Allow setting bridge port priority in the Bridge section of the network file,
similar to e.g. port path cost setting.

Set the default to an invalid value of 128, and only set the port priority when
it's not 128. Unlike e.g. path cost, zero is a valid priority value.

Add a networkd-test.py to check that bridge port priority is correctly set.

Incidently, fix bridge port cost type and document valid ranges.
2017-04-11 23:17:31 +02:00
Dimitri John Ledkov
c618423a5a test/TEST-12-ISSUE-3171: specify -w1 option to netcat due to default change. (#5722)
On Ubuntu 17.04 (zesty zapus) netcat-openbsd was upgraded from 1.105-7ubuntu1
to 1.130-3, at the same time the defaults got changed from -q0 to -q-1
(infinity) the net result is that `echo A | nc -U' call now hangs, preventing
the testcase to complete. One could use the old default of -q0, but that option
is not available in some netcat implementations. Thus settle to specify -w1
instead to mitigate the testcase hang.
2017-04-11 22:34:29 +03:00
Michal Sekletar
123d672e85 tests: add new test for issue #518 2017-04-11 09:22:29 +02:00
Zbigniew Jędrzejewski-Szmek
f06a6bcd76 test-journal-importer: add a test case with broken input 2017-02-15 00:31:55 -05:00
Zbigniew Jędrzejewski-Szmek
48ccb60d45 test-journal-importer: new test file to check the newly exported importer code
Only one test case is added, but it is enough to check basic sanity of the
code (single-line and binary fields and trusted fields, allocation and freeing).
2017-02-15 00:29:57 -05:00
Martin Pitt
ee3c7ff7c3 test: move resolved test data into test/
Moe test-resolve's test data from src/resolve/test-data to
test/test-resolve/ to be consistent with test/test-{execute,path}/. This
will make it easier to make the tests relocatable.
2017-02-13 22:23:48 +01:00
Lennart Poettering
6818c54ca6 core: skip ReadOnlyPaths= and other permission-related mounts on PermissionsStartOnly= (#5309)
ReadOnlyPaths=, ProtectHome=, InaccessiblePaths= and ProtectSystem= are
about restricting access and little more, hence they should be disabled
if PermissionsStartOnly= is used or ExecStart= lines are prefixed with a
"+". Do that.

(Note that we will still create namespaces and stuff, since that's about
a lot more than just permissions. We'll simply disable the effect of
the four options mentioned above, but nothing else mount related.)

This also adds a test for this, to ensure this works as intended.

No documentation updates, as the documentation are already vague enough
to support the new behaviour ("If true, the permission-related execution
options…"). We could clarify this further, but I think we might want to
extend the switches' behaviour a bit more in future, hence leave it at
this for now.

Fixes: #5308
2017-02-12 00:44:46 -05:00
Dan Streetman
2a478ebfa1 test: remove sys.tar.xz
The tarball is no longer needed, as the sys-script.py script creates
all the sys/ contents.
2017-02-10 15:29:52 -05:00
Dan Streetman
d95b329d70 test: create sys-script.py script
The script contains the contents of all sys/ test files, and creates
all dirs/links/files when run.  This replaces the sys.tar.xz tarball
that contained sys/, so changes to sys files only require a simple
commit in git, instead of checking in an entire new tarball for each
sys/ change.
2017-02-10 15:29:23 -05:00
Dan Streetman
d001ac2c01 test: add script to convert sys/ into sys-script.py
Instead of keeping all sys/ nodes in a tarball, use a script
"sys-script.py" to create all the sys/ entries.

This adds a script to create that initial "sys-script.py" script, using
an existing sys/ directory, created from the sys.tar.xz contents.
The "sys-script.py" can then be edited or recreated later, when any sys/
files are added or modified; the change will be only a patch to the
"sys-script.py" script in git, instead of forcing git to store a new
binary tarball.
2017-02-10 15:27:18 -05:00
Martin Pitt
d26fdaa236 tests: show journal on systemd-resolved.service failures (#5297)
In networkd-test.py, show resolved's journal on failure, to debug issues
like https://github.com/systemd/systemd/pull/5283.
2017-02-09 21:30:44 -05:00
Franck Bui
fbc42f1332 tests: add dropin dependency tests
[zj: tests assertions adjusted to the different logic in which masking
     of a dependency through one name, does not forbid the dependency
     being added through another name.]
2017-02-07 21:32:10 -05:00
Dan Streetman
9cd7b1287b tests: add tests for SYMLINK containing whitespace in variable (#5158)
add udev-test.pl tests for whitespace in a substituted variable,
to verify the variable whitespace is replaced with underscores.

Tests for the change made by commit 0a10235ed4 ("udev-rules:
perform whitespace replacement for symlink subst values")
2017-01-25 20:24:52 -05:00
Evgeny Vereshchagin
9bcef20646 tests: check that we can write to /run/systemd/nspawn/notify
See https://github.com/systemd/systemd/issues/4944
2017-01-17 08:40:19 +00:00
Michal Sekletar
01349f5d01 tests: fix failure of test-execute if /dev/mem is not available (#5028)
/dev/mem isn't necessarily available. Recently, I've encountered arm64
systems that didn't provide raw memory access via /dev/mem. Instead,
let's use /dev/kmsg since we don't support systems w/o it anyway.
2017-01-06 10:27:35 +01:00
Martin Pitt
27e2e3231f tests: more precise negative check for dnsmasq log (#4982)
In test_resolved_domain_restricted_dns(), add dot domain separator to
negative .lab/.company tests, so that we don't catch these as part of
the host name (like "lxc-labjfr").

Caught in PR #4962
2016-12-26 12:19:25 +01:00
Martin Pitt
4050e04b2c resolved: correctly handle non-address RR types with /etc/hosts lookups (#4808)
Fix wrong condition test in manager_etc_hosts_lookup(), which caused it to
return an IPv4 answer when an IPv6 question was asked, and vice versa.
Also only return success if we actually found any A or AAAA record.

In systemd-resolved.service(8), point out that /etc/hosts mappings only
affect address-type lookups, not other types.

The test case currently disables DNSSEC in resolved, as there is a bug
where "-t MX" fails due to "DNSSEC validation failed" even after
"downgrading to non-DNSSEC mode". This should be dropped once that bug
gets fixed.

Fixes #4801
2016-12-22 07:58:02 +01:00
Evgeny Vereshchagin
069a254f9b test: check that we can boot with broken machine-id 2016-12-13 13:03:14 +00:00
Evgeny Vereshchagin
da2d142114 sd-id128: id128_write overwrites target file 2016-12-13 13:03:14 +00:00
Evgeny Vereshchagin
a6f72863ad machine-id-setup: --print --commit respects the --root option 2016-12-13 13:03:13 +00:00
Evgeny Vereshchagin
fcb2427055 core: machine_id_setup overwrites broken machine-id 2016-12-13 12:58:42 +00:00
Martin Pitt
142a1afbb9 Merge pull request #4771 from keszybz/udev-property-ordering
Udev property ordering
2016-12-12 16:03:52 +01:00
David Michael
618b196e9d network: support negation in matching patterns (#4809) 2016-12-07 19:12:10 +01:00
Evgeny Vereshchagin
c9fd987279 nspawn: don't hide --bind=/tmp/* mounts (#4824)
Fixes #4789
2016-12-05 18:14:05 +01:00
Zbigniew Jędrzejewski-Szmek
169f11d5da Merge pull request #4228 from dm0-/coreos-1554
networkd: support marking links unmanaged
2016-12-02 09:14:27 -05:00
Zbigniew Jędrzejewski-Szmek
cda39975dc python: use raw strings for regexp patterns
Behaviour is not changed, because "unknown" escapes like \s or \d were not
substituted, but it's much nicer to use raw strings to avoid ambiguity.
2016-12-01 19:11:10 -05:00
Zbigniew Jędrzejewski-Szmek
00d5eaafd1 python: adjust imports, indentation, unused variables following pylint advice 2016-12-01 18:55:23 -05:00
David Michael
a09dc5467a networkd: support marking links unmanaged 2016-12-01 14:41:51 -08:00
David Michael
ec89276c2a networkd-test: define a utility class to simplify tests 2016-12-01 14:25:58 -08:00
Zbigniew Jędrzejewski-Szmek
49141e0cd1 hwdb: improve and test syntax error messages
Since syntax error are non-fatal, downgrade them to warnings.
Use log_syntax to have uniform formatting including the line number.
State machine states like DATA and MATCH are internal, user-facing
messages should use the names from hwdb(7): match, property, record.
Also change "key/value" to "key-value", since there's no alternative
here, both parts must be present.

[/tmp/tmp.KFwEhm74n4/etc/udev/hwdb.d/10-bad.hwdb:2] Property expected, ignoring record with no properties
[/tmp/tmp.KFwEhm74n4/etc/udev/hwdb.d/10-bad.hwdb:5] Property expected, ignoring record with no properties
[/tmp/tmp.KFwEhm74n4/etc/udev/hwdb.d/10-bad.hwdb:9] Property expected, ignoring record with no properties
[/tmp/tmp.KFwEhm74n4/etc/udev/hwdb.d/10-bad.hwdb:11] Key/value pair expected but got " NO_VALUE", ignoring
[/tmp/tmp.KFwEhm74n4/etc/udev/hwdb.d/10-bad.hwdb:18] Property or empty line expected, got "BAD:7:match at wrong place", ignoring record
[/tmp/tmp.KFwEhm74n4/etc/udev/hwdb.d/10-bad.hwdb:22] Property or empty line expected, got "BAD:8:match at wrong place", ignoring record
[/tmp/tmp.KFwEhm74n4/etc/udev/hwdb.d/10-bad.hwdb:23] Match expected but got indented property " Z=z", ignoring line

squash! hwdb: improve syntax error messages
2016-12-01 11:56:50 -05:00
Zbigniew Jędrzejewski-Szmek
8ce2069263 hwdb-test: properly print error output from systemd-hwdb update
Because -e was set, we'd exit immediately when systemd-hwdb failed and the
captured error output was never printed. We want to test two things:
that 0 is returned, and that nothing is printed to stderr (to catch
syntax errors in the hwdb).

v2: stop capturing stderr to a variable
v3: capture stderr to a variable and test both error types separately
2016-12-01 11:50:17 -05:00
Martin Pitt
2926b130b6 test: retry checking for transient hostname in hostnamectl (#4769)
Sometimes setting the transient hostname does not happen synchronously, so
retry up to five times. It is not yet clear whether this is legitimate
behaviour or an underlying bug, but this will at least show whether the wrong
transient hostname is just a race condition or permanently wrong.

Fixes #4753
2016-11-30 08:02:49 +01:00
Felipe Sateler
b95f5528cc Use python3 explicitly in all python scripts 2016-11-28 15:00:20 -03:00
Martin Pitt
fd0cec0366 test: make transient hostname tests fail verbosely (#4754)
This test fails sometimes but it is hard to reproduce, so we need more
information what happens. Set journal log level to "debug" for the entirety of
networkd-test.py, and show networkd's and hostnamed's journals and the DHCP
server log on failure of the two test_transient_hostname* tests. Also sync the
journal before querying it to get more precise output.

This should help with tracking down issue #4753.
2016-11-28 14:35:49 +03:00
Martin Pitt
30dc7898d5 tests: add hwdb parsing test
This calls the built "systemd-hwdb update" on the source tree's hwdb/ in a
temporary directory and verifies that there are no error messages.
2016-11-24 11:46:03 +01:00
Martin Pitt
2c99aba726 networkd: allow networkd to set the timezone in timedated
systemd-networkd runs as user "systemd-network" and thus is not privileged to
set the timezone acquired from DHCP:

  systemd-networkd[4167]: test_eth42: Could not set timezone: Interactive authentication required.

Similarly to commit e8c0de912, add a polkit rule to grant
org.freedesktop.timedate1.set-timezone to the "systemd-network" system user.
Move the polkit rules from src/hostname/ to src/network/ to avoid too many
small distributed policy snippets (there might be more in the future), as it's
easier to specify the privileges for a particular subject in this case.

Add NetworkdClientTest.test_dhcp_timezone() test case to verify this (for
all people except those in Pacific/Honolulu, there the test doesn't prove
anything -- sorry ☺ ).
2016-11-23 16:32:06 +01:00
Lennart Poettering
c5066640a1 Merge pull request #4701 from martinpitt/networkd-polkit
hostnamed: allow networkd to set the transient hostname
2016-11-21 18:24:51 +01:00
Martin Pitt
89748b0af1 tests: check transient hostname with and without static hostname
We expect a static hostname to win over a transient one, so test both cases.
2016-11-21 12:57:16 +01:00
Evgeny Vereshchagin
270f419316 Merge pull request #4691 from keszybz/test-suite-fixes
Test suite fixes
2016-11-20 19:38:58 +03:00
Martin Pitt
e8c0de9127 hostnamed: allow networkd to set the transient hostname
systemd-networkd runs as user "systemd-network" and thus is not privileged to
set the transient hostname:

  systemd-networkd[516]: ens3: Could not set hostname: Interactive authentication required.

Standard polkit *.policy files do not have a syntax for granting privileges to
a user, so ship a pklocalauthority (for polkit < 106) and a JavaScript rules
file (for polkit >= 106) that grants the "systemd-network" system user that
privilege.

Add DnsmasqClientTest.test_transient_hostname() test to networkd-test.py to
cover this. Make do_test() a bit more flexible by interpreting "coldplug==None"
as "test sets up the interface by itself". Change DnsmasqClientTest to set up
test_eth42 with a fixed MAC address so that we can configure dnsmasq to send a
special host name for that.

Fixes #4646
2016-11-20 12:19:21 +01:00
Martin Pitt
9e0c296a16 test: clean up "dummy0" interface after each test case in networkd-test.py 2016-11-20 12:19:21 +01:00
Zbigniew Jędrzejewski-Szmek
cf5f9bb840 test-functions: also add qemu define for ppc64 2016-11-19 22:45:23 -05:00
Lennart Poettering
f4ff4aa800 Merge pull request #4395 from s-urbaniak/rw-support
nspawn: R/W support for /sysfs, /proc, and /proc/sys/net
2016-11-18 12:36:46 +01:00
Evgeny Vereshchagin
8e391ada6b
tests/TEST-13-NSPAWN-SMOKE: add SYSTEMD_NSPAWN_API_VFS_WRITABLE
https://github.com/systemd/systemd/pull/4395
2016-11-18 09:51:03 +01:00
Djalal Harouni
afc402b76a Merge pull request #4658 from endocode/djalal/sandbox-various-fixes-v1
core: improve the logic that implies no new privileges and documentation fixes
2016-11-15 20:45:27 +01:00
Evgeny Vereshchagin
22f1f8f24c tests: add UNIFIED_CGROUP_HIERARCHY=[default|hybrid] (#4675)
This will simplify testing a bit.
Mainly for https://github.com/systemd/systemd/pull/4670
2016-11-15 17:38:04 +01:00
Djalal Harouni
97e60383c0 test: add tests for RestrictNamespaces= 2016-11-15 15:50:19 +01:00
Evgeny Vereshchagin
e1a2731868 tests: fix kernel/initrd searching (Arch)
We can run
sudo make run

instead of the
sudo make run KERNEL_BIN=/boot/vmlinuz-linux INITRD=/boot/initramfs-linux.img

See https://github.com/systemd/systemd/issues/4607
2016-11-11 13:47:44 +11:00
Martin Pitt
5209e9afd2 tests: use less aggressive systemctl --wait timeout in TEST-03-JOBS (#4606)
If the "systemctl start" happens at an "unlucky" time such as 1000.9 seconds
and then e. g.  runs for 2.6 s (sleep 2 plus the overhead of starting the unit
and waiting for it) the END_SEC would be 1003.5s which would round to 1004,
making the difference 4. On busier testbeds the overhead apparently can take a
bit more than 0.5s. The main point is really that it doesn't wait that much
longer, so "-le 4" seems perfectly fine. We allow up to 1.5s in the subsequent
"wait5fail" test below too.

Fixes #4582
2016-11-07 21:51:20 +03:00
Djalal Harouni
5c67067f0e test: test DynamicUser= with SupplementaryGroups= 2016-11-03 08:38:28 +01:00
Djalal Harouni
2b9ac11ed9 test: test DynamicUser= with a fixed user 2016-11-03 08:37:15 +01:00
Evgeny Vereshchagin
bff653e397 tests: add test that journald keeps fds over termination by signal
This test fails before previous commit, and passes with it.
2016-11-01 21:20:26 -04:00
Djalal Harouni
50ca7a35a1 test: lets add more tests to cover SupplementaryGroups= cases. 2016-10-24 12:38:53 +02:00
Zbigniew Jędrzejewski-Szmek
60f17f75d1 Merge pull request #4372 from evverx/fix-synced-cgroup-hierarchy-perms 2016-10-23 23:25:57 -04:00
Evgeny Vereshchagin
844da987ef tests/TEST-13-NSPAWN-SMOKE: remove an expected failure check
https://github.com/systemd/systemd/issues/4352 has been fixed
So, we don't need this workaround anymore
2016-10-23 23:23:43 -04:00
Djalal Harouni
bf9ace96fc test: add more tests for SupplementaryGroups= 2016-10-23 23:27:16 +02:00
Djalal Harouni
86b838eaa3 test: Add simple test for supplementary groups 2016-10-23 23:27:14 +02:00
Evgeny Vereshchagin
c7934185fe tests: add smoke test for systemd-nspawn
Basically, this test runs:
```
    systemd-nspawn --register=no -D "$_root" -b
    systemd-nspawn --register=no -D "$_root" --private-network -b
    systemd-nspawn --register=no -D "$_root" -U -b
    systemd-nspawn --register=no -D "$_root" --private-network -U -b
```
and exports the `UNIFIED_CGROUP_HIERARCHY=[yes|no]`, `SYSTEMD_NSPAWN_USE_CGNS=[yes|no]`

Inspired by
* systemd#3589 (comment)
* systemd#4372 (comment)
* systemd#4223 (comment)
* systemd#1555

and so on :-)
2016-10-17 16:50:09 +00:00
Djalal Harouni
4982dbcc30 test: add test to make sure that ProtectKernelModules=yes disconnect mount propagation 2016-10-12 14:12:36 +02:00
Djalal Harouni
625d8769fa test: add test to make sure that CAP_SYS_RAWIO was removed on PrivateDevices=yes 2016-10-12 13:47:59 +02:00
Djalal Harouni
3ae33295f0 test: add capability tests for ProtectKernelModules=
This just adds capabilities test.
2016-10-12 13:36:27 +02:00
Martin Pitt
93a0884126 systemctl: Add --wait option to wait until started units terminate again
Fixes #3830
2016-10-01 17:58:59 +02:00
Martin Pitt
b9fe94cad9 resolved: don't query domain-limited DNS servers for other domains (#3621)
DNS servers which have route-only domains should only be used for
the specified domains. Routing queries about other domains there is a privacy
violation, prone to fail (as that DNS server was not meant to be used for other
domains), and puts unnecessary load onto that server.

Introduce a new helper function dns_server_limited_domains() that checks if the
DNS server should only be used for some selected domains, i. e. has some
route-only domains without "~.". Use that when determining whether to query it
in the scope, and when writing resolv.conf.

Extend the test_route_only_dns() case to ensure that the DNS server limited to
~company does not appear in resolv.conf. Add test_route_only_dns_all_domains()
to ensure that a server that also has ~. does appear in resolv.conf as global
name server. These reproduce #3420.

Add a new test_resolved_domain_restricted_dns() test case that verifies that
domain-limited DNS servers are only being used for those domains. This
reproduces #3421.

Clarify what a "routing domain" is in the manpage.

Fixes #3420
Fixes #3421
2016-09-30 09:30:08 +02:00
Djalal Harouni
cdfbd1fb26 test: make sure that {readonly|inaccessible|readwrite}paths disconnect mount propagation
Better safe.
2016-09-27 09:24:46 +02:00
Djalal Harouni
f78b36f016 test: add tests for simple ReadOnlyPaths= case 2016-09-27 09:24:43 +02:00
Djalal Harouni
615a1f4b26 test: add CAP_MKNOD tests for PrivateDevices= 2016-09-25 13:04:30 +02:00
Jean-Sébastien Bour
047a0dacde networkd: support drop-in directories for .network files
Fixes #3655.

[zj: Fix the tests.]
2016-09-16 10:31:58 -04:00
Zbigniew Jędrzejewski-Szmek
38d78d1ee9 networkd-test: add a helper function to always clean up temporary config files 2016-09-16 10:30:34 -04:00
Evgeny Vereshchagin
23cabb68ac tests: mount proc before exec valgrind (#4044)
Fixes:
$ sudo make run QEMU_BIN=/usr/bin/qemu-system-x86_64  KERNEL_APPEND=systemd.unit=multi-user.target SKIP_INITRD=yes
TEST RUN: Basic systemd setup
+ /usr/bin/qemu-system-x86_64 -smp 1 -net none -m 512M -nographic -kernel /boot/vmlinuz-4.6.7-200.fc23.x86_64 -drive format=raw,cache=unsafe,file=/var/tmp/systemd-test.izx99J/rootdisk.img -append 'root=/dev/sda1 raid=noautodetect loglevel=2 init=/usr/lib/systemd/systemd-under-valgrind rw console=ttyS0 selinux=0 systemd.unified_cgroup_hierarchy=no systemd.unit=multi-user.target '
valgrind: warning (non-fatal): readlink("/proc/self/exe") failed.
valgrind: continuing, however --trace-children=yes will not work.
--1:0: aspacem Valgrind: FATAL: can't open /proc/self/maps
--1:0: aspacem Exiting now.
[    3.152367] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000100
[    3.152367]
[    3.152367] CPU: 0 PID: 1 Comm: memcheck-amd64- Not tainted 4.6.7-200.fc23.x86_64 #1
[    3.152367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.8.2-20150714_191134- 04/01/2014
[    3.152367]  0000000000000086 0000000047ca1666 ffff88001ea43e00 ffffffff813d954e
[    3.152367]  ffffffff81a205a0 ffff88001ea43e98 ffff88001ea43e88 ffffffff811b5557
[    3.152367]  ffffffff00000010 ffff88001ea43e98 ffff88001ea43e30 0000000047ca1666
[    3.152367] Call Trace:
[    3.152367]  [<ffffffff813d954e>] dump_stack+0x63/0x85
[    3.152367]  [<ffffffff811b5557>] panic+0xde/0x220
[    3.152367]  [<ffffffff810ab9c3>] do_exit+0xb43/0xb50
[    3.152367]  [<ffffffff810aba57>] do_group_exit+0x47/0xb0
[    3.152367]  [<ffffffff810abad4>] SyS_exit_group+0x14/0x20
[    3.152367]  [<ffffffff817dae72>] entry_SYSCALL_64_fastpath+0x1a/0xa4
[    3.152367] Kernel Offset: disabled
[    3.152367] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000100
[    3.152367]
QEMU: Terminated
2016-08-26 17:49:56 +02:00
Lennart Poettering
d3fc8bf43f tests: let's stick to 8ch indenting, in perl code too 2016-08-19 16:01:17 +02:00
Jan Synacek
1259186355 test: fix test-execute personality tests on ppc64 and aarch64 (#3825) 2016-08-02 16:22:56 +02:00
Zbigniew Jędrzejewski-Szmek
ce5fcc695e Merge pull request 3821 from davide125/fix-tests 2016-07-31 22:06:09 -04:00
Davide Cavalca
e4d214efc2 tests: skip udev-test if running inside a chroot 2016-07-29 09:20:11 -07:00
Alexander Kurtz
00f69504a2 bootctl: Always use upper case for "/EFI/BOOT" and "/EFI/BOOT/BOOT*.EFI".
If the ESP is not mounted with "iocharset=ascii", but with "iocharset=utf8"
(which is for example the default in Debian), the file system becomes case
sensitive. This means that a file created as "FooBarBaz" cannot be accessed as
"foobarbaz" since those are then considered different files.

Moreover, a file created as "FooBar" can then also not be accessed as "foobar",
and it also prevents such a file from being created, as both would use the same
8.3 short name "FOOBAR".

Even though the UEFI specification [0] does give the canonical spelling for
the files mentioned above, not all implementations completely conform to that,
so it's possible that those files would already exist, but with a different
spelling, causing subtle bugs when scanning or modifying the ESP.

While the proper fix would of course be that everybody conformed to the
standard, we can work around this problem by just referencing the files by
their 8.3 short names, i.e. using upper case.

Fixes: #3740

[0] <http://www.uefi.org/specifications>, version 2.6, section 3.5.1.1
2016-07-21 03:02:15 +02:00
Felipe Sateler
11ea343126 tests: Install missing libraries for things installed in /usr too 2016-07-03 18:56:54 -04:00
Felipe Sateler
d7a4278d29 tests: follow RUNPATH when installing missing libraries
Fixes #3630
2016-07-03 18:33:02 -04:00
Martin Pitt
30b42a9a36 test: check resolved generated resolv.conf in networkd-test (#3628)
* test: check resolved generated resolv.conf in networkd-test

Directly verify the contents of /run/systemd/resolve/resolv.conf instead of
/etc/resolv.conf. The latter might be a plain file or a symlink to something
else (like Debian's resolvconf output), and in these cases we cannot make
strong assumptions about the contents.

Drop the "/etc/resolv.conf is a symlink" conditions and the "resolv.conf can
have at most three nameservers" alternatives, as we know that resolved always
adds all nameservers.

Explicitly start resolved at the start of a test to ensure that it is running.

* test: get along with existing system search domains in resolv.conf

The previous change has uncovered a bug in the tests: Existing search domains
can exist in resolv.conf which test_search_domains{,_too_long} didn't take into account.

As existing domains take some of the "max 6 domains" and "max 255 chars" limit,
don't expect that the last items from our test data actually appears in the
output, just the first few.
2016-06-30 16:44:22 +03:00
Martin Pitt
94363cbbf3 resolved: add test for route-only domain filtering (#3609)
With commit 6f7da49d00 route-only domains do not get put into resolv.conf's
"search" list any more. Add a comment about the tri-state, to clarify its
semantics and why we are passing a bool parameter into an int type. Also add a
test case for it.
2016-06-28 18:18:27 +02:00
Martin Pitt
7cad32bbde test: merge check_nspawn() into run_nspawn()
This makes nspawn tests symmetric with run_qemu() which also exits with 1 if
QEMU is not available.
2016-06-24 16:23:39 +02:00
Martin Pitt
b2ecd099dc tests: track and check for timeouts
If run_qemu() exits with non-zero, this either meant that QEMU was not
available (which should be a SKIP) or that QEMU timed out if $QEMU_TIMEOUT was
set (which then should be a FAIL).

Limit the exit code of run_qemu() to QEMU availability only, and track timeouts
separately through the new $TIMED_OUT variable, which is then checked in
check_result_qemu().

Do the same for $NSPAWN_TIMEOUT and run_nspawn() so that nspawn and QEMU work
similarly.
2016-06-24 16:07:16 +02:00
Martin Pitt
633736bbf4 tests: make TEST-12-ISSUE-3171 nspawn invocation consistent with other tests
The result of check_nspawn does not mean much, and this forgot to ask
check_nspawn() whether nspawn can be used at all. This brings
TEST-12-ISSUE-3171 in line with other nspawn tests.
2016-06-24 12:07:18 +02:00
Martin Pitt
eaa03c05f7 tests: don't fail if QEMU is not available
Fix TEST-{08,09,10,11} to properly skip the test if QEMU is not available
instead of failing, like in the other tests.
2016-06-24 11:28:35 +02:00
Martin Pitt
a415d43655 tests: force booting the kernel with SELinux
selinux=1 is not sufficient when running on a kernel which also has another LSM
(such as AppArmor) enabled and defaults to that.
2016-06-24 11:28:35 +02:00
Lennart Poettering
f921f5739e networkd: rename IPv6AcceptRouterAdvertisements to IPv6AcceptRA
The long name is just too hard to type. We generally should avoid using
acronyms too liberally, if they aren't established enough, but it appears that
"RA" is known well enough. Internally we call the option "ipv6_accept_ra"
anyway, and the kernel also exposes it under this name. Hence, let's rename the
IPv6AcceptRouterAdvertisements= setting and the
[IPv6AcceptRouterAdvertisements] section to IPv6AcceptRA= and [IPv6AcceptRA].

The old setting IPv6AcceptRouterAdvertisements= is kept for compatibility with
older configuration. (However the section [IPv6AcceptRouterAdvertisements] is
not, as it was never available in a published version of systemd.
2016-06-07 11:24:30 +02:00
Evgeny Vereshchagin
856ca72b29 tests: introduce UNIFIED_CGROUP_HIERARCHY (#3419)
There are many cgroups-related changes (thanks, @htejun!)
This commit will simplify testing a bit.

Use:
make run UNIFIED_CGROUP_HIERARCHY=yes to enable cgroup-v2
make run UNIFIED_CGROUP_HIERARCHY=no to enable cgroup-v1
2016-06-03 11:17:00 +02:00
Martin Pitt
d2bc125132 resolved: fix comments in resolve.conf for search domain overflows (#3422)
Write comments about "too many search domains" and "Total length of all search
domains is too long" just once. Also put it on a separate line, as
resolv.conf(5) only specifies comments in a line by themselves.

This is ugly to do if write_resolv_conf_search() gets called once for every
search domain. So change it to receive the complete OrderedSet instead and do
the iteration by itself.

Add test cases to networkd-test.py.

https://launchpad.net/bugs/1588229
2016-06-03 11:15:44 +02:00
Tejun Heo
538b48524c core: translate between IO and BlockIO settings to ease transition
Due to the substantial interface changes in cgroup unified hierarchy, new IO
settings are introduced.  Currently, IO settings apply only to unified
hierarchy and BlockIO to legacy.  While the transition is necessary, it's
painful for users to have to provide configs for both.  This patch implements
translation from one config set to another for configs which make sense.

* The translation takes place during application of the configs.  Users won't
  see IO or BlockIO settings appearing without being explicitly created.

* The translation takes place only if there is no config for the matching
  cgroup hierarchy type at all.

While this doesn't provide comprehensive compatibility, it should considerably
ease transition to the new IO settings which are a superset of BlockIO
settings.

v2:

- Update test-cgroup-mask.c so that it accounts for the fact that
  CGROUP_MASK_IO and CGROUP_MASK_BLKIO move together.  Also, test/parent.slice
  now sets IOWeight instead of BlockIOWeight.
2016-05-18 17:35:12 -07:00
Zbigniew Jędrzejewski-Szmek
62a992bed9 TEST-08: make sure / is remounted rw
In this test /etc/fstab is replaced by -.mount unit. This causes
systemd-remount-fs.service to not remount / rw, which in turn causes various
failures becuase /var is not writable. In particular
systemd-tmpfiles-setup.service reports many failures. This is something
to possibly fix on its own (see https://github.com/systemd/systemd/issues/791);
in the meanwhile let's fix this test so that it doesn't fail, since the
point of the test is to check aliases on mount units, and not a ro root.
2016-05-08 22:00:23 -04:00
Zbigniew Jędrzejewski-Szmek
61b480b68b tests: enable logging for pid1, disable for other systemd services
systemd-udev generated an insane amount of log output at debug level.
It would break TEST-02-CRYPTSETUP by filling the overflowing the disk
(which seems to be a bug in itself!).
2016-05-08 20:27:34 -04:00
Zbigniew Jędrzejewski-Szmek
e14b866bc1 tests: allow root to login with empty password to test images 2016-05-08 20:27:33 -04:00
Zbigniew Jędrzejewski-Szmek
ed1190498f tree-wide: remove uses of --failed
It has been replaced by --state=failed.
2016-05-08 20:27:33 -04:00
Zbigniew Jędrzejewski-Szmek
5b23cef0bb tests: specify format=raw for qemu to avoid warning
WARNING: Image format was not specified for
         '/var/tmp/systemd-test.tGi3od/rootdisk.img' and probing guessed raw.
         Automatically detecting the format is dangerous for raw images, write
         operations on block 0 will be restricted.  Specify the 'raw' format
         explicitly to remove the restrictions.

Also use unsafe caching mode, we don't care about data integrity here.
2016-05-08 20:27:33 -04:00
Evgeny Vereshchagin
03ae6f7dee tests: add test for #3171 (#3206) 2016-05-06 23:05:59 +02:00
Evgeny Vereshchagin
0b2abe0f03 tests: add test for #3166 (#3180) 2016-05-03 11:43:22 +02:00
Evgeny Vereshchagin
33e40442c6 tests: add test for https://github.com/systemd/systemd/issues/2467 (#3168) 2016-05-02 10:57:19 +02:00
Evgeny Vereshchagin
cd4c260323 tests: use symlink to Makefile 2016-05-01 16:40:21 +00:00
Zbigniew Jędrzejewski-Szmek
94a0ef6e57 path-util: also support ".old" and ".new" suffixes and recommend them
~ suffix works fine, but looks to much like it the file is supposed to be
automatically cleaned up. For new versions of configuration files installers
might want to using something that looks more permanent like foobar.new.
So let's add treat ".old" and ".new" as special.

Update test to match.
2016-04-29 10:21:07 -04:00
Zbigniew Jędrzejewski-Szmek
1f7be300e9 test: chmod +x sysv-generator-test
Just for convenience.
2016-04-28 08:25:17 -04:00
Martin Pitt
daad34dfa3 tests: document requirements of networkd integration tests (#3125)
Document the necessary dependencies and nspawn/lxd options to run
test/networkd-test.py.
2016-04-26 12:16:43 +02:00
Evgeny Vereshchagin
4f4d6ee4be tests: add test for coredump handler hanging at shutdown (#3101)
Test for #2691.
2016-04-24 20:24:41 -04:00
Evgeny Vereshchagin
43bbb8f005 tests: don't rely on the host's systemd-nspawn, don't register test machine (#3023)
Fixes:
$ cd test/TEST-07-ISSUE-1981/
$ sudo make clean setup run
...
timeout: failed to run command ‘systemd-nspawn’: No such file or directory
...
TEST RUN: https://github.com/systemd/systemd/issues/1981 [FAILED]
Makefile:10: recipe for target 'run' failed
make: *** [run] Error 1
2016-04-13 09:57:06 -04:00
Martin Pitt
bf8f7583ee test: udev: Check tags
Add two more tests:

 - Add a single tag, match on it, don't match on another.
 - Add 10.000 tags to a device, ensure that udev survives this.
   (Reproduces crash fixed by commit 1d88a271a)
2016-04-06 23:30:10 +02:00
Martin Pitt
efc9f70325 test: udev: check exit code of test-udev
We expect test-udev to succeed. Verify that its exit code is zero, particularly
to spot crashes (e. g. a segfault would be error code 139).
2016-04-06 23:30:10 +02:00
Evgeny Vereshchagin
21d9e3f339 tests: don't rely on the underlying fs in test-udev (v2)
* This reverts commit 646048b40a.
Let's test really big numbers again

* Don't be so brutal: use rmdir instead of rm -rf
As suggested https://github.com/systemd/systemd/pull/2966#issuecomment-205751680
2016-04-06 04:08:39 +00:00
Evgeny Vereshchagin
2ce8d27b1f tests: don't rely on underlying fs in udev-test, use tmpfs instead
Fixes: #457
2016-04-05 10:38:09 +00:00
Evgeny Vereshchagin
331fb4ca51 basic: fallback to fstatat if entry->d_type is DT_UNKNOWN
* tests-functions: improve FSTYPE-support

make clean setup FSTYPE=reiserfs is working fine now :)

* basic: fallback to fstatat if entry->d_type is DT_UNKNOWN

Fixes localectl on reiserfs:

-bash-4.3# mkdir -p /usr/lib/locale
-bash-4.3# stat -f /usr/lib/locale/
  File: "/usr/lib/locale/"
    ID: bdb0322715b5366e Namelen: 255     Type: reiserfs
Block size: 4096
Blocks: Total: 99835      Free: 60262      Available: 60262
Inodes: Total: 0          Free: 0
-bash-4.3# mkdir /usr/lib/locale/HeyHo
-bash-4.3# localectl list-locales --no-pager

-bash-4.3# mount -t tmpfs tmpfs /usr/lib/locale
-bash-4.3# mkdir /usr/lib/locale/HeyHo
-bash-4.3# localectl list-locales --no-pager
HeyHo
2016-04-04 13:07:56 +02:00
Daniel Mack
68de79d6a4 Merge pull request #2760 from ronnychevalier/rc/core_no_new_privileges_seccompv3
core: set NoNewPrivileges for seccomp if we don't have CAP_SYS_ADMIN
2016-03-21 12:57:43 +01:00
Zbigniew Jędrzejewski-Szmek
fdbf7b554e Merge pull request #2797 from evverx/selinux-use-raw
selinux: use *_raw API from libselinux
2016-03-16 01:13:29 -04:00
Evgeny Vereshchagin
45dbd7b6cb tests: add create_strace_wrapper
Very handy for early-boot debugging
See https://github.com/systemd/systemd/pull/2781#discussion_r54782628
2016-03-04 01:55:46 +00:00
Evgeny Vereshchagin
91f9f8f1ba tests: add test for https://github.com/systemd/systemd/issues/2730 2016-03-01 03:12:24 +00:00
Ronny Chevalier
50f130c286 test-execute: add nfsnobody alternative as a nobody user 2016-02-28 15:00:18 +01:00
Ronny Chevalier
19c0b0b9a5 core: set NoNewPrivileges for seccomp if we don't have CAP_SYS_ADMIN
The manpage of seccomp specify that using seccomp with
SECCOMP_SET_MODE_FILTER will return EACCES if the caller do not have
CAP_SYS_ADMIN set, or if the no_new_privileges bit is not set. Hence,
without NoNewPrivilege set, it is impossible to use a SystemCall*
directive with a User directive set in system mode.

Now, NoNewPrivileges is set if we are in user mode, or if we are in
system mode and we don't have CAP_SYS_ADMIN, and SystemCall*
directives are used.
2016-02-28 14:44:26 +01:00
Zbigniew Jędrzejewski-Szmek
587751eb66 udev-test.pl: add --strace option
It's useful when trying to see what the tests are doing.
I hardcoded '-efile' as the option to strace, but in the future
it might be useful to make this configurable.
2016-02-22 13:21:32 -05:00
Evgeny Vereshchagin
252549990f tests: add test for https://github.com/systemd/systemd/issues/2637
+ perl -e 'exit(!(qq{0} eq qq{\x25U}))'
exec-spec-interpolation.service: Main process exited, code=exited, status=1/FAILURE
exec-spec-interpolation.service: Unit entered failed state.
exec-spec-interpolation.service: Failed with result 'exit-code'.
        PID: 11270
        Start Timestamp: Wed 2016-02-17 22:21:31 UTC
        Exit Timestamp: Wed 2016-02-17 22:21:31 UTC
        Exit Code: exited
        Exit Status: 1
Assertion 'service->main_exec_status.status == status_expected' failed at src/test/test-execute.c:65, function check(). Aborting.
2016-02-17 22:40:26 +00:00
Evgeny Vereshchagin
09f6f45a29 tests: add test for https://github.com/systemd/systemd/issues/1981 2016-02-10 18:19:08 +00:00
Lennart Poettering
9e7454e0e2 Merge pull request #2535 from PhillipSz/remove-exit-0
test: remove exit 0 at the end
2016-02-08 17:27:18 +01:00
Evgeny Vereshchagin
646048b40a tests: fix #457
There are some limits on XFS:
major_max=511
minor_max=262143
see https://github.com/torvalds/linux/blob/master/fs/xfs/xfs_iops.c

if (S_ISCHR(mode) || S_ISBLK(mode)) {
    if (unlikely(!sysv_valid_dev(rdev) || MAJOR(rdev) & ~0x1ff))
        return -EINVAL;
2016-02-08 11:23:18 +00:00
Phillip Sz
e3ceb75be3 test: remove exit 0 at the end
We don't need that at the end, as it will always exit with 0 if
everything is okey.
2016-02-05 11:38:58 +01:00
Evgeny Vereshchagin
5c7290b195 tests: add test-selinux-checks 2016-01-31 09:02:51 +00:00
Evgeny Vereshchagin
d5172c7913 tests: fix install_pam
* pam_unix depends on unix_chkpwd
* selinux=1 -> pam_unix runs unix_chkpwd for root too

https://git.fedorahosted.org/cgit/linux-pam.git/tree/modules/pam_unix/passverify.c?id=e89d4c97385ff8180e6e81e84c5aa745daf28a79#n202
2016-01-25 05:30:19 +00:00
Evgeny Vereshchagin
e3ce42e705 tests: add setup_selinux 2016-01-25 05:30:06 +00:00
Lukas Nykryn
c584ffc0b7 sysv-generator: do not join dependencies on one line, split them
If there is a lot of initscripts and dependencies between them we might
end generating After= (and similar) lines which are longer then LINE_MAX
and thus rejected by parser in systemd.

Fixes #2099
2016-01-21 12:53:14 +01:00
Evgeny Vereshchagin
5a613464fa tests: add STRIP_BINARIES
We need a beautiful stacktraces sometimes
For example https://github.com/systemd/systemd/pull/2328
2016-01-18 07:27:49 +00:00
Evgeny Vereshchagin
b46f4ef107 tests: fix TEST-03-JOBS
We have

JOB UNIT                     TYPE  STATE
  1 testsuite.target         start waiting
 81 end.service              start waiting
187 sleep.service            start waiting
136 hello.service            start waiting
 82 testsuite.service        start running
135 hello-after-sleep.target start waiting

sometimes
2016-01-18 03:56:51 +00:00