nixos/tests/mutable-users.nix at 21.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / mutable-users.nix
at 21.11-pre 1.5 kB view raw
 1# Mutable users tests.
 2
 3import ./make-test-python.nix ({ pkgs, ...} : {
 4  name = "mutable-users";
 5  meta = with pkgs.lib.maintainers; {
 6    maintainers = [ gleber ];
 7  };
 8
 9  nodes = {
10    machine = { ... }: {
11      users.mutableUsers = false;
12    };
13    mutable = { ... }: {
14      users.mutableUsers = true;
15    };
16  };
17
18  testScript = {nodes, ...}: let
19    immutableSystem = nodes.machine.config.system.build.toplevel;
20    mutableSystem = nodes.mutable.config.system.build.toplevel;
21  in ''
22    machine.start()
23    machine.wait_for_unit("default.target")
24
25    # Machine starts in immutable mode. Add a user and test if reactivating
26    # configuration removes the user.
27    with subtest("Machine in immutable mode"):
28        assert "foobar" not in machine.succeed("cat /etc/passwd")
29        machine.succeed("sudo useradd foobar")
30        assert "foobar" in machine.succeed("cat /etc/passwd")
31        machine.succeed(
32            "${immutableSystem}/bin/switch-to-configuration test"
33        )
34        assert "foobar" not in machine.succeed("cat /etc/passwd")
35
36    # In immutable mode passwd is not wrapped, while in mutable mode it is
37    # wrapped.
38    with subtest("Password is wrapped in mutable mode"):
39        assert "/run/current-system/" in machine.succeed("which passwd")
40        machine.succeed(
41            "${mutableSystem}/bin/switch-to-configuration test"
42        )
43        assert "/run/wrappers/" in machine.succeed("which passwd")
44  '';
45})