1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

78 Commits

Author SHA1 Message Date
Lennart Poettering
db256aab13 core: be stricter when handling PID files and MAINPID sd_notify() messages
Let's be more restrictive when validating PID files and MAINPID=
messages: don't accept PIDs that make no sense, and if the configuration
source is not trusted, don't accept out-of-cgroup PIDs. A configuratin
source is considered trusted when the PID file is owned by root, or the
message was received from root.

This should lock things down a bit, in case service authors write out
PID files from unprivileged code or use NotifyAccess=all with
unprivileged code. Note that doing so was always problematic, just now
it's a bit less problematic.

When we open the PID file we'll now use the CHASE_SAFE chase_symlinks()
logic, to ensure that we won't follow an unpriviled-owned symlink to a
privileged-owned file thinking this was a valid privileged PID file,
even though it really isn't.

Fixes: #6632
2018-01-11 15:12:16 +01:00
Evgeny Vereshchagin
71050acb68 tests: install test as part of BASICTOOLS (#7434)
This makes TEST-19-DELEGATE, which is currently failing, work.

Closes https://github.com/systemd/systemd/issues/7425.
2017-11-23 13:28:12 +01:00
Lennart Poettering
0b0c55fafd
Merge pull request #7363 from poettering/success-action
Generalize FailureAction=, and add SuccessAction=
2017-11-21 11:57:42 +01:00
Zbigniew Jędrzejewski-Szmek
7624e721c8 test: fall back to /boot if bootctl -p fails (#7397)
It doesn't really matter why.
2017-11-20 20:08:11 +01:00
Lennart Poettering
24aab7936c test: add testcase for FailureAction=/SuccessAction=
it also ensures that rebooting once gets us back up. Yay!
2017-11-20 16:37:22 +01:00
Lennart Poettering
4ff183d419
Merge pull request #7154 from keszybz/bootspec
List bootspec entries in bootctl and use the default for kexec
2017-11-20 13:06:33 +01:00
Zbigniew Jędrzejewski-Szmek
906bbac474 test: do not hardcode location of EFI partition 2017-11-19 12:36:20 +01:00
Dimitri John Ledkov
4b742c8acd test: switch to using ext4 instead of ext3 as default fallback fs (#7265)
Using ext3 is not representative anymore, and Ubuntu has stopped shipping
fsck.ext3 in the initramfs.
2017-11-07 17:51:30 +03:00
Yu Watanabe
5ed0dcf4d5 test: drop Exec* prefixes to obtain paths of executables 2017-08-30 16:00:07 +09:00
Martin Pitt
818567fce6 test: Run qemu/nspawn tests with "set -e"
This catches errors like "ninja not found", missing programs etc. early,
instead of silently ignoring them and trying to boot a broken VM.

In install_config_files(), allow some distro specific files to be absent
(such as /etc/sysconfig/init).
2017-08-10 08:43:13 +02:00
Martin Pitt
22077c9c91 test: Write state and log files into $BUILD_DIR
This avoids clobbering the source tree with .testdir/test.log files and
makes the tests work in situations where the source tree is read-only.
2017-08-10 08:30:55 +02:00
Evgeny Vereshchagin
ca992ecf07 tests: use ninja-build if ninja is not available (#6544)
This makes the tests work on CentOS, which currently has ninja-build
only.
2017-08-07 11:06:07 +02:00
Martin Pitt
054ee249a2 test: Factorize common integration test functions (#6540)
All test/TEST* but TEST-02-CRYPTSETUP share the same check_result_qemu()
and test_cleanup(), so move them into test_functions and only override
them in TEST-02-CRYPTSETUP.

Also provide a common test_run() which by default assumes that both QEMU
and nspawn tests are run. Particular tests which don't support either
need to explicitly opt out by setting $TEST_NO_{QEMU,NSPAWN}. Do it this
way around to avoid accidentally forgetting to opt in, and to encourage
test authors to at least always support nspawn.
2017-08-04 15:34:14 +03:00
Zbigniew Jędrzejewski-Szmek
209f4b9e33 test: convert test/ to use meson install
Automatic rebuilding is removed: it doesn't play well with ninja, because
ninja always writes logs, and even if nothing needs to be built, it will
make the log file owned by root. So let's just remove this, and say that
the user must always do the build first.

I'm also keeping make for the tests, because ninja doesn't play well with
sudo.

Since the build directory is arbitrary, it needs to be specified, e.g.
  sudo make BUILD_DIR=/home/zbyszek/src/systemd/build1 -C test/TEST-01-BASIC/
2017-07-18 10:05:06 -04:00
tblume
85393d8f31 tests: adapt test-functions to run tests on SUSE (#6270) 2017-07-06 14:30:14 -04:00
Zbigniew Jędrzejewski-Szmek
cf5f9bb840 test-functions: also add qemu define for ppc64 2016-11-19 22:45:23 -05:00
Evgeny Vereshchagin
22f1f8f24c tests: add UNIFIED_CGROUP_HIERARCHY=[default|hybrid] (#4675)
This will simplify testing a bit.
Mainly for https://github.com/systemd/systemd/pull/4670
2016-11-15 17:38:04 +01:00
Evgeny Vereshchagin
e1a2731868 tests: fix kernel/initrd searching (Arch)
We can run
sudo make run

instead of the
sudo make run KERNEL_BIN=/boot/vmlinuz-linux INITRD=/boot/initramfs-linux.img

See https://github.com/systemd/systemd/issues/4607
2016-11-11 13:47:44 +11:00
Evgeny Vereshchagin
23cabb68ac tests: mount proc before exec valgrind (#4044)
Fixes:
$ sudo make run QEMU_BIN=/usr/bin/qemu-system-x86_64  KERNEL_APPEND=systemd.unit=multi-user.target SKIP_INITRD=yes
TEST RUN: Basic systemd setup
+ /usr/bin/qemu-system-x86_64 -smp 1 -net none -m 512M -nographic -kernel /boot/vmlinuz-4.6.7-200.fc23.x86_64 -drive format=raw,cache=unsafe,file=/var/tmp/systemd-test.izx99J/rootdisk.img -append 'root=/dev/sda1 raid=noautodetect loglevel=2 init=/usr/lib/systemd/systemd-under-valgrind rw console=ttyS0 selinux=0 systemd.unified_cgroup_hierarchy=no systemd.unit=multi-user.target '
valgrind: warning (non-fatal): readlink("/proc/self/exe") failed.
valgrind: continuing, however --trace-children=yes will not work.
--1:0: aspacem Valgrind: FATAL: can't open /proc/self/maps
--1:0: aspacem Exiting now.
[    3.152367] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000100
[    3.152367]
[    3.152367] CPU: 0 PID: 1 Comm: memcheck-amd64- Not tainted 4.6.7-200.fc23.x86_64 #1
[    3.152367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.8.2-20150714_191134- 04/01/2014
[    3.152367]  0000000000000086 0000000047ca1666 ffff88001ea43e00 ffffffff813d954e
[    3.152367]  ffffffff81a205a0 ffff88001ea43e98 ffff88001ea43e88 ffffffff811b5557
[    3.152367]  ffffffff00000010 ffff88001ea43e98 ffff88001ea43e30 0000000047ca1666
[    3.152367] Call Trace:
[    3.152367]  [<ffffffff813d954e>] dump_stack+0x63/0x85
[    3.152367]  [<ffffffff811b5557>] panic+0xde/0x220
[    3.152367]  [<ffffffff810ab9c3>] do_exit+0xb43/0xb50
[    3.152367]  [<ffffffff810aba57>] do_group_exit+0x47/0xb0
[    3.152367]  [<ffffffff810abad4>] SyS_exit_group+0x14/0x20
[    3.152367]  [<ffffffff817dae72>] entry_SYSCALL_64_fastpath+0x1a/0xa4
[    3.152367] Kernel Offset: disabled
[    3.152367] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000100
[    3.152367]
QEMU: Terminated
2016-08-26 17:49:56 +02:00
Felipe Sateler
11ea343126 tests: Install missing libraries for things installed in /usr too 2016-07-03 18:56:54 -04:00
Felipe Sateler
d7a4278d29 tests: follow RUNPATH when installing missing libraries
Fixes #3630
2016-07-03 18:33:02 -04:00
Martin Pitt
7cad32bbde test: merge check_nspawn() into run_nspawn()
This makes nspawn tests symmetric with run_qemu() which also exits with 1 if
QEMU is not available.
2016-06-24 16:23:39 +02:00
Martin Pitt
b2ecd099dc tests: track and check for timeouts
If run_qemu() exits with non-zero, this either meant that QEMU was not
available (which should be a SKIP) or that QEMU timed out if $QEMU_TIMEOUT was
set (which then should be a FAIL).

Limit the exit code of run_qemu() to QEMU availability only, and track timeouts
separately through the new $TIMED_OUT variable, which is then checked in
check_result_qemu().

Do the same for $NSPAWN_TIMEOUT and run_nspawn() so that nspawn and QEMU work
similarly.
2016-06-24 16:07:16 +02:00
Evgeny Vereshchagin
856ca72b29 tests: introduce UNIFIED_CGROUP_HIERARCHY (#3419)
There are many cgroups-related changes (thanks, @htejun!)
This commit will simplify testing a bit.

Use:
make run UNIFIED_CGROUP_HIERARCHY=yes to enable cgroup-v2
make run UNIFIED_CGROUP_HIERARCHY=no to enable cgroup-v1
2016-06-03 11:17:00 +02:00
Zbigniew Jędrzejewski-Szmek
61b480b68b tests: enable logging for pid1, disable for other systemd services
systemd-udev generated an insane amount of log output at debug level.
It would break TEST-02-CRYPTSETUP by filling the overflowing the disk
(which seems to be a bug in itself!).
2016-05-08 20:27:34 -04:00
Zbigniew Jędrzejewski-Szmek
e14b866bc1 tests: allow root to login with empty password to test images 2016-05-08 20:27:33 -04:00
Zbigniew Jędrzejewski-Szmek
5b23cef0bb tests: specify format=raw for qemu to avoid warning
WARNING: Image format was not specified for
         '/var/tmp/systemd-test.tGi3od/rootdisk.img' and probing guessed raw.
         Automatically detecting the format is dangerous for raw images, write
         operations on block 0 will be restricted.  Specify the 'raw' format
         explicitly to remove the restrictions.

Also use unsafe caching mode, we don't care about data integrity here.
2016-05-08 20:27:33 -04:00
Evgeny Vereshchagin
43bbb8f005 tests: don't rely on the host's systemd-nspawn, don't register test machine (#3023)
Fixes:
$ cd test/TEST-07-ISSUE-1981/
$ sudo make clean setup run
...
timeout: failed to run command ‘systemd-nspawn’: No such file or directory
...
TEST RUN: https://github.com/systemd/systemd/issues/1981 [FAILED]
Makefile:10: recipe for target 'run' failed
make: *** [run] Error 1
2016-04-13 09:57:06 -04:00
Evgeny Vereshchagin
331fb4ca51 basic: fallback to fstatat if entry->d_type is DT_UNKNOWN
* tests-functions: improve FSTYPE-support

make clean setup FSTYPE=reiserfs is working fine now :)

* basic: fallback to fstatat if entry->d_type is DT_UNKNOWN

Fixes localectl on reiserfs:

-bash-4.3# mkdir -p /usr/lib/locale
-bash-4.3# stat -f /usr/lib/locale/
  File: "/usr/lib/locale/"
    ID: bdb0322715b5366e Namelen: 255     Type: reiserfs
Block size: 4096
Blocks: Total: 99835      Free: 60262      Available: 60262
Inodes: Total: 0          Free: 0
-bash-4.3# mkdir /usr/lib/locale/HeyHo
-bash-4.3# localectl list-locales --no-pager

-bash-4.3# mount -t tmpfs tmpfs /usr/lib/locale
-bash-4.3# mkdir /usr/lib/locale/HeyHo
-bash-4.3# localectl list-locales --no-pager
HeyHo
2016-04-04 13:07:56 +02:00
Zbigniew Jędrzejewski-Szmek
fdbf7b554e Merge pull request #2797 from evverx/selinux-use-raw
selinux: use *_raw API from libselinux
2016-03-16 01:13:29 -04:00
Evgeny Vereshchagin
45dbd7b6cb tests: add create_strace_wrapper
Very handy for early-boot debugging
See https://github.com/systemd/systemd/pull/2781#discussion_r54782628
2016-03-04 01:55:46 +00:00
Evgeny Vereshchagin
91f9f8f1ba tests: add test for https://github.com/systemd/systemd/issues/2730 2016-03-01 03:12:24 +00:00
Evgeny Vereshchagin
09f6f45a29 tests: add test for https://github.com/systemd/systemd/issues/1981 2016-02-10 18:19:08 +00:00
Evgeny Vereshchagin
d5172c7913 tests: fix install_pam
* pam_unix depends on unix_chkpwd
* selinux=1 -> pam_unix runs unix_chkpwd for root too

https://git.fedorahosted.org/cgit/linux-pam.git/tree/modules/pam_unix/passverify.c?id=e89d4c97385ff8180e6e81e84c5aa745daf28a79#n202
2016-01-25 05:30:19 +00:00
Evgeny Vereshchagin
e3ce42e705 tests: add setup_selinux 2016-01-25 05:30:06 +00:00
Evgeny Vereshchagin
5a613464fa tests: add STRIP_BINARIES
We need a beautiful stacktraces sometimes
For example https://github.com/systemd/systemd/pull/2328
2016-01-18 07:27:49 +00:00
Evgeny Vereshchagin
ac289ce3f5 tests: fix TEST-02-CRYPTSETUP on Debian/Ubuntu 2016-01-18 03:56:51 +00:00
Evgeny Vereshchagin
9974ff63b1 tests: install fsck*
systemd-fsck depends on /sbin/fsck*
2016-01-18 03:56:51 +00:00
Evgeny Vereshchagin
24be78d72b tests: remove unnecessary --boot
* Use $ROOTLIBDIR/systemd always
* Don't pass $ROOTLIBDIR/systemd as the first argument:

$ cat /proc/1/cmdline
/lib/systemd/systemd/lib/systemd/systemd...
2016-01-18 03:56:51 +00:00
Evgeny Vereshchagin
cb2f9d3f29 tests: add function for valgrind wrapper creation
I used it for d9814c7 and bffd87b
2016-01-15 02:53:47 +00:00
Evgeny Vereshchagin
a2fbff31c9 tests: add function for valgrind installation
I used it for d9814c76ec
Very handy:)
2016-01-14 08:11:17 +00:00
Evgeny Vereshchagin
75f63f0640 README, tests: remove /etc/mtab
This is a followup for 1d40ddb
2016-01-14 00:11:07 +00:00
Lennart Poettering
d353a16d1f Merge pull request #1937 from evverx/fix-stdout-parsing
Fix stdout stream parsing
2015-11-27 14:03:49 +01:00
Evgeny Vereshchagin
55161d41eb tests: remove unnecessary /sys/fs/cgroup/systemd checking
A unified hierarchy obsoletes this checking
2015-11-25 11:43:58 +00:00
Evgeny Vereshchagin
2c393ed761 tests: don't rely on system's machined
Fixes backward/forward incompatibility errors on spawning.

For example:
$ sudo make run
...
Failed to register machine: Cannot set property TasksMax, or unknown
property.

$ ../../systemd-nspawn --version
systemd 228

$ systemd-nspawn --version
systemd 225
2015-11-24 14:33:16 +00:00
Lennart Poettering
8c191eecd4 Merge pull request #1957 from zonque/qemu-test
test: make QEMU tests work on Semaphore
2015-11-24 15:02:20 +01:00
Evgeny Vereshchagin
61fea35e14 tests: fix initrd searching on Debian/Ubuntu 2015-11-20 12:10:12 +00:00
Daniel Mack
3f5c306d38 test: disable nspawn checks if machine wasn't booted with systemd
Sempaphore containers are not booted with systemd, so machined is not
available, which makes nspawn bail. Just skip nspawn tests in such
environments.

[ -d /run/systemd/system ] is esentially what sd_booted(3) is doing,
but on Ubuntu 15.05, without 'systemd-container' installed, we also
need to check for the presence of the systemd-machined binary.
2015-11-19 17:14:44 +01:00
Daniel Mack
dbf43a42b8 test: make qemu use kvm if available
If we're running in a KVM virtualized environment (such as Semaphore's
Docker enabled platform), pass '-cpu host' to QEMU.
2015-11-19 14:25:32 +01:00
Daniel Mack
1b1eae69ce test: increase loop device size to 400MB
It turns out the full OS tree which is assembled into the loop-dev
mount point is bigger than 300MB. Increase the size.
2015-11-19 14:25:32 +01:00