pyrox.dev
1import ./make-test-python.nix (
2 { pkgs, ... }:
3
4 {
5 name = "systemd-journal";
6 meta = with pkgs.lib.maintainers; {
7 maintainers = [ lewo ];
8 };
9
10 nodes.machine = {
11 environment.systemPackages = [ pkgs.audit ];
12 };
13 nodes.auditd = {
14 security.auditd.enable = true;
15 environment.systemPackages = [ pkgs.audit ];
16 };
17 nodes.journaldAudit = {
18 services.journald.audit = true;
19 environment.systemPackages = [ pkgs.audit ];
20 };
21
22 testScript = ''
23 machine.wait_for_unit("multi-user.target")
24 machine.succeed("journalctl --grep=systemd")
25
26 with subtest("no audit messages"):
27 machine.fail("journalctl _TRANSPORT=audit --grep 'unit=systemd-journald'")
28 machine.fail("journalctl _TRANSPORT=kernel --grep 'unit=systemd-journald'")
29
30 with subtest("auditd enabled"):
31 auditd.wait_for_unit("multi-user.target")
32
33 # logs should end up in the journald
34 auditd.succeed("journalctl _TRANSPORT=audit --grep 'unit=systemd-journald'")
35 # logs should end up in the auditd audit log
36 auditd.succeed("grep 'unit=systemd-journald' /var/log/audit/audit.log")
37 # logs should not end up in kmesg
38 machine.fail("journalctl _TRANSPORT=kernel --grep 'unit=systemd-journald'")
39
40
41 with subtest("journald audit"):
42 journaldAudit.wait_for_unit("multi-user.target")
43
44 # logs should end up in the journald
45 journaldAudit.succeed("journalctl _TRANSPORT=audit --grep 'unit=systemd-journald'")
46 # logs should NOT end up in audit log
47 journaldAudit.fail("grep 'unit=systemd-journald' /var/log/audit/audit.log")
48 # FIXME: If systemd fixes #15324 this test will start failing.
49 # You can fix this text by removing the below line.
50 # logs ideally should NOT end up in kmesg, but they do due to
51 # https://github.com/systemd/systemd/issues/15324
52 journaldAudit.succeed("journalctl _TRANSPORT=kernel --grep 'unit=systemd-journald'")
53 '';
54 }
55)