pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / systemd.nix
at 25.11-pre 10 kB view raw
1import ./make-test-python.nix ( 2 { pkgs, ... }: 3 { 4 name = "systemd"; 5 6 nodes.machine = 7 { config, lib, ... }: 8 { 9 imports = [ 10 common/user-account.nix 11 common/x11.nix 12 ]; 13 14 virtualisation.emptyDiskImages = [ 15 512 16 512 17 ]; 18 19 environment.systemPackages = [ pkgs.cryptsetup ]; 20 21 virtualisation.fileSystems = { 22 "/test-x-initrd-mount" = { 23 device = "/dev/vdb"; 24 fsType = "ext2"; 25 autoFormat = true; 26 noCheck = true; 27 options = [ "x-initrd.mount" ]; 28 }; 29 }; 30 31 systemd.extraConfig = "DefaultEnvironment=\"XXX_SYSTEM=foo\""; 32 systemd.user.extraConfig = "DefaultEnvironment=\"XXX_USER=bar\""; 33 services.journald.extraConfig = "Storage=volatile"; 34 test-support.displayManager.auto.user = "alice"; 35 36 systemd.shutdown.test = pkgs.writeScript "test.shutdown" '' 37 #!${pkgs.runtimeShell} 38 PATH=${ 39 lib.makeBinPath ( 40 with pkgs; 41 [ 42 util-linux 43 coreutils 44 ] 45 ) 46 } 47 mount -t 9p shared -o trans=virtio,version=9p2000.L /tmp/shared 48 touch /tmp/shared/shutdown-test 49 umount /tmp/shared 50 ''; 51 52 systemd.services.oncalendar-test = { 53 description = "calendar test"; 54 # Japan does not have DST which makes the test a little bit simpler 55 startAt = "Wed 10:00 Asia/Tokyo"; 56 script = "true"; 57 }; 58 59 systemd.services.testDependency1 = { 60 description = "Test Dependency 1"; 61 wantedBy = [ config.systemd.services."testservice1".name ]; 62 serviceConfig.Type = "oneshot"; 63 script = '' 64 true 65 ''; 66 }; 67 68 systemd.services.testservice1 = { 69 description = "Test Service 1"; 70 wantedBy = [ config.systemd.targets.multi-user.name ]; 71 serviceConfig.Type = "oneshot"; 72 script = '' 73 if [ "$XXX_SYSTEM" = foo ]; then 74 touch /system_conf_read 75 fi 76 ''; 77 }; 78 79 systemd.user.services.testservice2 = { 80 description = "Test Service 2"; 81 wantedBy = [ "default.target" ]; 82 serviceConfig.Type = "oneshot"; 83 script = '' 84 if [ "$XXX_USER" = bar ]; then 85 touch "$HOME/user_conf_read" 86 fi 87 ''; 88 }; 89 90 systemd.watchdog = { 91 device = "/dev/watchdog"; 92 runtimeTime = "30s"; 93 rebootTime = "10min"; 94 kexecTime = "5min"; 95 }; 96 97 environment.etc."systemd/system-preset/10-testservice.preset".text = '' 98 disable ${config.systemd.services.testservice1.name} 99 ''; 100 }; 101 102 testScript = 103 { nodes, ... }: 104 '' 105 import re 106 import subprocess 107 108 machine.start(allow_reboot=True) 109 110 # Will not succeed unless ConditionFirstBoot=yes 111 machine.wait_for_unit("first-boot-complete.target") 112 113 # Make sure, a subsequent boot isn't a ConditionFirstBoot=yes. 114 machine.reboot() 115 machine.wait_for_x() 116 state = machine.get_unit_info("first-boot-complete.target")['ActiveState'] 117 assert state == 'inactive', "Detected first boot despite first-boot-completed.target was already reached on a previous boot." 118 119 # wait for user services 120 machine.wait_for_unit("default.target", "alice") 121 122 with subtest("systemctl edit suggests --runtime"): 123 # --runtime is suggested when using `systemctl edit` 124 ret, out = machine.execute("systemctl edit testservice1.service 2>&1") 125 assert ret == 1 126 assert out.rstrip("\n") == "The unit-directory '/etc/systemd/system' is read-only on NixOS, so it's not possible to edit system-units directly. Use 'systemctl edit --runtime' instead." 127 # editing w/o `--runtime` is possible for user-services, however 128 # it's not possible because we're not in a tty when grepping 129 # (i.e. hacky way to ensure that the error from above doesn't appear here). 130 _, out = machine.execute("systemctl --user edit testservice2.service 2>&1") 131 assert out.rstrip("\n") == "Cannot edit units interactively if not on a tty." 132 133 # Regression test for https://github.com/NixOS/nixpkgs/issues/105049 134 with subtest("systemd reads timezone database in /etc/zoneinfo"): 135 timer = machine.succeed("TZ=UTC systemctl show --property=TimersCalendar oncalendar-test.timer") 136 assert re.search("next_elapse=Wed ....-..-.. 01:00:00 UTC", timer), f"got {timer.strip()}" 137 138 # Regression test for https://github.com/NixOS/nixpkgs/issues/35415 139 with subtest("configuration files are recognized by systemd"): 140 machine.succeed("test -e /system_conf_read") 141 machine.succeed("test -e /home/alice/user_conf_read") 142 machine.succeed("test -z $(ls -1 /var/log/journal)") 143 144 with subtest("regression test for https://bugs.freedesktop.org/show_bug.cgi?id=77507"): 145 retcode, output = machine.execute("systemctl status testservice1.service") 146 assert retcode in [0, 3] # https://bugs.freedesktop.org/show_bug.cgi?id=77507 147 148 # Regression test for https://github.com/NixOS/nixpkgs/issues/35268 149 with subtest("file system with x-initrd.mount is not unmounted"): 150 machine.succeed("mountpoint -q /test-x-initrd-mount") 151 machine.shutdown() 152 153 subprocess.check_call( 154 [ 155 "qemu-img", 156 "convert", 157 "-O", 158 "raw", 159 "vm-state-machine/empty0.qcow2", 160 "x-initrd-mount.raw", 161 ] 162 ) 163 extinfo = subprocess.check_output( 164 [ 165 "${pkgs.e2fsprogs}/bin/dumpe2fs", 166 "x-initrd-mount.raw", 167 ] 168 ).decode("utf-8") 169 assert ( 170 re.search(r"^Filesystem state: *clean$", extinfo, re.MULTILINE) is not None 171 ), ("File system was not cleanly unmounted: " + extinfo) 172 173 # Regression test for https://github.com/NixOS/nixpkgs/pull/91232 174 with subtest("setting transient hostnames works"): 175 machine.succeed("hostnamectl set-hostname --transient machine-transient") 176 machine.fail("hostnamectl set-hostname machine-all") 177 178 with subtest("systemd-shutdown works"): 179 machine.shutdown() 180 machine.wait_for_unit("multi-user.target") 181 machine.succeed("test -e /tmp/shared/shutdown-test") 182 183 # Test settings from /etc/sysctl.d/50-default.conf are applied 184 with subtest("systemd sysctl settings are applied"): 185 machine.wait_for_unit("multi-user.target") 186 assert "fq_codel" in machine.succeed("sysctl net.core.default_qdisc") 187 188 # Test systemd is configured to manage a watchdog 189 with subtest("systemd manages hardware watchdog"): 190 machine.wait_for_unit("multi-user.target") 191 192 # It seems that the device's path doesn't appear in 'systemctl show' so 193 # check it separately. 194 assert "WatchdogDevice=/dev/watchdog" in machine.succeed( 195 "cat /etc/systemd/system.conf" 196 ) 197 198 output = machine.succeed("systemctl show | grep Watchdog") 199 # assert "RuntimeWatchdogUSec=30s" in output 200 # for some reason RuntimeWatchdogUSec, doesn't seem to be updated in here. 201 assert "RebootWatchdogUSec=10min" in output 202 assert "KExecWatchdogUSec=5min" in output 203 204 # Test systemd cryptsetup support 205 with subtest("systemd successfully reads /etc/crypttab and unlocks volumes"): 206 # create a luks volume and put a filesystem on it 207 machine.succeed( 208 "echo -n supersecret | cryptsetup luksFormat -q /dev/vdc -", 209 "echo -n supersecret | cryptsetup luksOpen --key-file - /dev/vdc foo", 210 "mkfs.ext3 /dev/mapper/foo", 211 ) 212 213 # create a keyfile and /etc/crypttab 214 machine.succeed("echo -n supersecret > /var/lib/luks-keyfile") 215 machine.succeed("chmod 600 /var/lib/luks-keyfile") 216 machine.succeed("echo 'luks1 /dev/vdc /var/lib/luks-keyfile luks' > /etc/crypttab") 217 218 # after a reboot, systemd should unlock the volume and we should be able to mount it 219 machine.shutdown() 220 machine.succeed("systemctl status systemd-cryptsetup@luks1.service") 221 machine.succeed("mkdir -p /tmp/luks1") 222 machine.succeed("mount /dev/mapper/luks1 /tmp/luks1") 223 224 # Do some IP traffic 225 output_ping = machine.succeed( 226 "systemd-run --wait -- ping -c 1 127.0.0.1 2>&1" 227 ) 228 229 with subtest("systemd reports accounting data on system.slice"): 230 output = machine.succeed("systemctl status system.slice") 231 assert "CPU:" in output 232 assert "Memory:" in output 233 234 assert "IP:" in output 235 assert "0B in, 0B out" not in output 236 237 assert "IO:" in output 238 assert "0B read, 0B written" not in output 239 240 with subtest("systemd per-unit accounting works"): 241 assert "IP traffic received: 84B sent: 84B" in output_ping 242 243 with subtest("systemd environment is properly set"): 244 machine.systemctl("daemon-reexec") # Rewrites /proc/1/environ 245 machine.succeed("grep -q TZDIR=/etc/zoneinfo /proc/1/environ") 246 247 with subtest("systemd presets are ignored"): 248 machine.succeed("systemctl preset ${nodes.machine.systemd.services.testservice1.name}") 249 machine.succeed("test -e /etc/systemd/system/${nodes.machine.systemd.services.testservice1.name}") 250 ''; 251 } 252)