pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / chrony.nix
at 23.11-beta 883 B view raw
1import ./make-test-python.nix ({ lib, ... }: 2{ 3 name = "chrony"; 4 5 meta = { 6 maintainers = with lib.maintainers; [ fpletz ]; 7 }; 8 9 nodes = { 10 default = { 11 services.chrony.enable = true; 12 }; 13 graphene-hardened = { 14 services.chrony.enable = true; 15 services.chrony.enableMemoryLocking = true; 16 environment.memoryAllocator.provider = "graphene-hardened"; 17 # dhcpcd privsep is incompatible with graphene-hardened 18 networking.useNetworkd = true; 19 }; 20 }; 21 22 testScript = {nodes, ...} : let 23 graphene-hardened = nodes.graphene-hardened.system.build.toplevel; 24 in '' 25 default.start() 26 default.wait_for_unit('multi-user.target') 27 default.succeed('systemctl is-active chronyd.service') 28 default.succeed('${graphene-hardened}/bin/switch-to-configuration test') 29 default.succeed('systemctl is-active chronyd.service') 30 ''; 31})