pyrox.dev
1import ./make-test-python.nix ({ lib, pkgs, ... }:
2 let inherit (import ./ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey;
3 in {
4 name = "locate";
5 meta.maintainers = with pkgs.lib.maintainers; [ chkno ];
6
7 nodes = rec {
8 a = {
9 environment.systemPackages = with pkgs; [ sshfs ];
10 virtualisation.fileSystems = {
11 "/ssh" = {
12 device = "alice@b:/";
13 fsType = "fuse.sshfs";
14 options = [
15 "allow_other"
16 "IdentityFile=/privkey"
17 "noauto"
18 "StrictHostKeyChecking=no"
19 "UserKnownHostsFile=/dev/null"
20 ];
21 };
22 };
23 services.locate = {
24 enable = true;
25 interval = "*:*:0/5";
26 };
27 };
28 b = {
29 services.openssh.enable = true;
30 users.users.alice = {
31 isNormalUser = true;
32 openssh.authorizedKeys.keys = [ snakeOilPublicKey ];
33 };
34 };
35 };
36
37 testScript = ''
38 start_all()
39
40 # Set up sshfs mount
41 a.succeed(
42 "(umask 077; cat ${snakeOilPrivateKey} > /privkey)"
43 )
44 b.succeed("touch /file-on-b-machine")
45 b.wait_for_open_port(22)
46 a.succeed("mkdir /ssh")
47 a.succeed("mount /ssh")
48
49 # Core locatedb functionality
50 a.succeed("touch /file-on-a-machine-1")
51 a.wait_for_file("/var/cache/locatedb")
52 a.wait_until_succeeds("locate file-on-a-machine-1")
53
54 # Wait for a second update to make sure we're using a locatedb from a run
55 # that began after the sshfs mount
56 a.succeed("touch /file-on-a-machine-2")
57 a.wait_until_succeeds("locate file-on-a-machine-2")
58
59 # We shouldn't be able to see files on the other machine
60 a.fail("locate file-on-b-machine")
61 '';
62 })