diff options
Diffstat (limited to 'nixos/tests')
-rw-r--r-- | nixos/tests/restic.nix | 1 | ||||
-rw-r--r-- | nixos/tests/systemd-initrd-modprobe.nix | 7 | ||||
-rw-r--r-- | nixos/tests/systemd-initrd-networkd-ssh.nix | 52 | ||||
-rw-r--r-- | nixos/tests/systemd-initrd-networkd.nix | 130 | ||||
-rw-r--r-- | nixos/tests/systemd-initrd-simple.nix | 12 |
5 files changed, 103 insertions, 99 deletions
diff --git a/nixos/tests/restic.nix b/nixos/tests/restic.nix index 868ccb7efd74..4111720cf6be 100644 --- a/nixos/tests/restic.nix +++ b/nixos/tests/restic.nix @@ -55,6 +55,7 @@ import ./make-test-python.nix ( inherit passwordFile paths exclude pruneOpts backupPrepareCommand backupCleanupCommand; repository = remoteRepository; initialize = true; + timerConfig = null; # has no effect here, just checking that it doesn't break the service }; remote-from-file-backup = { inherit passwordFile exclude pruneOpts; diff --git a/nixos/tests/systemd-initrd-modprobe.nix b/nixos/tests/systemd-initrd-modprobe.nix index bf635a10d0e9..0f93492176b4 100644 --- a/nixos/tests/systemd-initrd-modprobe.nix +++ b/nixos/tests/systemd-initrd-modprobe.nix @@ -2,6 +2,7 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { name = "systemd-initrd-modprobe"; nodes.machine = { pkgs, ... }: { + testing.initrdBackdoor = true; boot.initrd.systemd.enable = true; boot.initrd.kernelModules = [ "loop" ]; # Load module in initrd. boot.extraModprobeConfig = '' @@ -10,6 +11,12 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { }; testScript = '' + machine.wait_for_unit("initrd.target") + max_loop = machine.succeed("cat /sys/module/loop/parameters/max_loop") + assert int(max_loop) == 42, "Parameter should be respected for initrd kernel modules" + + # Make sure it sticks in stage 2 + machine.switch_root() machine.wait_for_unit("multi-user.target") max_loop = machine.succeed("cat /sys/module/loop/parameters/max_loop") assert int(max_loop) == 42, "Parameter should be respected for initrd kernel modules" diff --git a/nixos/tests/systemd-initrd-networkd-ssh.nix b/nixos/tests/systemd-initrd-networkd-ssh.nix index 6aaa6c828f7b..d4c168f40e29 100644 --- a/nixos/tests/systemd-initrd-networkd-ssh.nix +++ b/nixos/tests/systemd-initrd-networkd-ssh.nix @@ -4,34 +4,16 @@ import ./make-test-python.nix ({ lib, ... }: { nodes = { server = { config, pkgs, ... }: { - environment.systemPackages = [ pkgs.cryptsetup ]; - boot.loader.systemd-boot.enable = true; - boot.loader.timeout = 0; - virtualisation = { - emptyDiskImages = [ 4096 ]; - useBootLoader = true; - # Booting off the encrypted disk requires an available init script from - # the Nix store - mountHostNixStore = true; - useEFIBoot = true; - }; - - specialisation.encrypted-root.configuration = { - virtualisation.rootDevice = "/dev/mapper/root"; - virtualisation.fileSystems."/".autoFormat = true; - boot.initrd.luks.devices = lib.mkVMOverride { - root.device = "/dev/vdb"; - }; - boot.initrd.systemd.enable = true; - boot.initrd.network = { + testing.initrdBackdoor = true; + boot.initrd.systemd.enable = true; + boot.initrd.systemd.contents."/etc/msg".text = "foo"; + boot.initrd.network = { + enable = true; + ssh = { enable = true; - ssh = { - enable = true; - authorizedKeys = [ (lib.readFile ./initrd-network-ssh/id_ed25519.pub) ]; - port = 22; - # Terrible hack so it works with useBootLoader - hostKeys = [ { outPath = "${./initrd-network-ssh/ssh_host_ed25519_key}"; } ]; - }; + authorizedKeys = [ (lib.readFile ./initrd-network-ssh/id_ed25519.pub) ]; + port = 22; + hostKeys = [ ./initrd-network-ssh/ssh_host_ed25519_key ]; }; }; }; @@ -63,24 +45,16 @@ import ./make-test-python.nix ({ lib, ... }: { status, _ = client.execute("nc -z server 22") return status == 0 - server.wait_for_unit("multi-user.target") - server.succeed( - "echo somepass | cryptsetup luksFormat --type=luks2 /dev/vdb", - "bootctl set-default nixos-generation-1-specialisation-encrypted-root.conf", - "sync", - ) - server.shutdown() - server.start() - client.wait_for_unit("network.target") with client.nested("waiting for SSH server to come up"): retry(ssh_is_up) - client.succeed( - "echo somepass | ssh -i /etc/sshKey -o UserKnownHostsFile=/etc/knownHosts server 'systemd-tty-ask-password-agent' & exit" + msg = client.succeed( + "ssh -i /etc/sshKey -o UserKnownHostsFile=/etc/knownHosts server 'cat /etc/msg'" ) + assert "foo" in msg + server.switch_root() server.wait_for_unit("multi-user.target") - server.succeed("mount | grep '/dev/mapper/root on /'") ''; }) diff --git a/nixos/tests/systemd-initrd-networkd.nix b/nixos/tests/systemd-initrd-networkd.nix index 8376276d8f63..9c4ddb6e4b36 100644 --- a/nixos/tests/systemd-initrd-networkd.nix +++ b/nixos/tests/systemd-initrd-networkd.nix @@ -1,14 +1,36 @@ -import ./make-test-python.nix ({ pkgs, lib, ... }: { - name = "systemd-initrd-network"; - meta.maintainers = [ lib.maintainers.elvishjerricco ]; +{ system ? builtins.currentSystem +, config ? {} +, pkgs ? import ../.. { inherit system config; } +, lib ? pkgs.lib +}: - nodes = let - mkFlushTest = flush: script: { ... }: { - boot.initrd.systemd.enable = true; - boot.initrd.network = { - enable = true; - flushBeforeStage2 = flush; - }; +with import ../lib/testing-python.nix { inherit system pkgs; }; + +let + inherit (lib.maintainers) elvishjerricco; + + common = { + boot.initrd.systemd = { + enable = true; + network.wait-online.timeout = 10; + network.wait-online.anyInterface = true; + targets.network-online.requiredBy = [ "initrd.target" ]; + services.systemd-networkd-wait-online.requiredBy = + [ "network-online.target" ]; + initrdBin = [ pkgs.iproute2 pkgs.iputils pkgs.gnugrep ]; + }; + testing.initrdBackdoor = true; + boot.initrd.network.enable = true; + }; + + mkFlushTest = flush: script: makeTest { + name = "systemd-initrd-network-${lib.optionalString (!flush) "no-"}flush"; + meta.maintainers = [ elvishjerricco ]; + + nodes.machine = { + imports = [ common ]; + + boot.initrd.network.flushBeforeStage2 = flush; systemd.services.check-flush = { requiredBy = ["multi-user.target"]; before = ["network-pre.target" "multi-user.target"]; @@ -19,57 +41,53 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { inherit script; }; }; - in { - basic = { ... }: { - boot.initrd.network.enable = true; - boot.initrd.systemd = { - enable = true; - # Enable network-online to fail the test in case of timeout - network.wait-online.timeout = 10; - network.wait-online.anyInterface = true; - targets.network-online.requiredBy = [ "initrd.target" ]; - services.systemd-networkd-wait-online.requiredBy = - [ "network-online.target" ]; + testScript = '' + machine.wait_for_unit("network-online.target") + machine.succeed( + "ip addr | grep 10.0.2.15", + "ping -c1 10.0.2.2", + ) + machine.switch_root() - initrdBin = [ pkgs.iproute2 pkgs.iputils pkgs.gnugrep ]; - services.check = { - requiredBy = [ "initrd.target" ]; - before = [ "initrd.target" ]; - after = [ "network-online.target" ]; - serviceConfig.Type = "oneshot"; - path = [ pkgs.iproute2 pkgs.iputils pkgs.gnugrep ]; - script = '' - ip addr | grep 10.0.2.15 || exit 1 - ping -c1 10.0.2.2 || exit 1 - ''; - }; - }; - }; - - doFlush = mkFlushTest true '' - if ip addr | grep 10.0.2.15; then - echo "Network configuration survived switch-root; flushBeforeStage2 failed" - exit 1 - fi + machine.wait_for_unit("multi-user.target") ''; + }; + +in { + basic = makeTest { + name = "systemd-initrd-network"; + meta.maintainers = [ elvishjerricco ]; - dontFlush = mkFlushTest false '' - if ! (ip addr | grep 10.0.2.15); then - echo "Network configuration didn't survive switch-root" - exit 1 - fi + nodes.machine = common; + + testScript = '' + machine.wait_for_unit("network-online.target") + machine.succeed( + "ip addr | grep 10.0.2.15", + "ping -c1 10.0.2.2", + ) + machine.switch_root() + + # Make sure the systemd-network user was set correctly in initrd + machine.wait_for_unit("multi-user.target") + machine.succeed("[ $(stat -c '%U,%G' /run/systemd/netif/links) = systemd-network,systemd-network ]") + machine.succeed("ip addr show >&2") + machine.succeed("ip route show >&2") ''; }; - testScript = '' - start_all() - basic.wait_for_unit("multi-user.target") - doFlush.wait_for_unit("multi-user.target") - dontFlush.wait_for_unit("multi-user.target") - # Make sure the systemd-network user was set correctly in initrd - basic.succeed("[ $(stat -c '%U,%G' /run/systemd/netif/links) = systemd-network,systemd-network ]") - basic.succeed("ip addr show >&2") - basic.succeed("ip route show >&2") + doFlush = mkFlushTest true '' + if ip addr | grep 10.0.2.15; then + echo "Network configuration survived switch-root; flushBeforeStage2 failed" + exit 1 + fi + ''; + + dontFlush = mkFlushTest false '' + if ! (ip addr | grep 10.0.2.15); then + echo "Network configuration didn't survive switch-root" + exit 1 + fi ''; -}) +} diff --git a/nixos/tests/systemd-initrd-simple.nix b/nixos/tests/systemd-initrd-simple.nix index a6a22e9d48e0..2b7283a82193 100644 --- a/nixos/tests/systemd-initrd-simple.nix +++ b/nixos/tests/systemd-initrd-simple.nix @@ -2,16 +2,19 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { name = "systemd-initrd-simple"; nodes.machine = { pkgs, ... }: { - boot.initrd.systemd = { - enable = true; - emergencyAccess = true; - }; + testing.initrdBackdoor = true; + boot.initrd.systemd.enable = true; virtualisation.fileSystems."/".autoResize = true; }; testScript = '' import subprocess + with subtest("testing initrd backdoor"): + machine.wait_for_unit("initrd.target") + machine.succeed("systemctl status initrd-fs.target") + machine.switch_root() + with subtest("handover to stage-2 systemd works"): machine.wait_for_unit("multi-user.target") machine.succeed("systemd-analyze | grep -q '(initrd)'") # direct handover @@ -37,6 +40,7 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { subprocess.check_call(["qemu-img", "resize", "vm-state-machine/machine.qcow2", "+1G"]) machine.start() + machine.switch_root() newAvail = machine.succeed("df --output=avail / | sed 1d") assert int(oldAvail) < int(newAvail), "File system did not grow" |