nixos/tests/logrotate.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / logrotate.nix
at master 5.1 kB view raw
  1# Test logrotate service works and is enabled by default
  2
  3let
  4  importTest =
  5    { ... }:
  6    {
  7      services.logrotate.settings.import = {
  8        olddir = false;
  9      };
 10    };
 11
 12in
 13{ pkgs, ... }:
 14{
 15  name = "logrotate";
 16  meta = with pkgs.lib.maintainers; {
 17    maintainers = [ martinetd ];
 18  };
 19
 20  nodes = {
 21    defaultMachine =
 22      { ... }:
 23      {
 24        services.logrotate.enable = true;
 25      };
 26    failingMachine =
 27      { ... }:
 28      {
 29        services.logrotate = {
 30          enable = true;
 31          configFile = pkgs.writeText "logrotate.conf" ''
 32            # self-written config file
 33            su notarealuser notagroupeither
 34          '';
 35        };
 36      };
 37    machine =
 38      { config, ... }:
 39      {
 40        imports = [ importTest ];
 41
 42        services.logrotate = {
 43          enable = true;
 44          settings = {
 45            # remove default frequency header and add another
 46            header = {
 47              frequency = null;
 48              delaycompress = true;
 49            };
 50            # extra global setting... affecting nothing
 51            last_line = {
 52              global = true;
 53              priority = 2000;
 54              shred = true;
 55            };
 56            # using mail somewhere should add --mail to logrotate invocation
 57            sendmail = {
 58              mail = "user@domain.tld";
 59            };
 60            # postrotate should be suffixed by 'endscript'
 61            postrotate = {
 62              postrotate = "touch /dev/null";
 63            };
 64            # check checkConfig works as expected: there is nothing to check here
 65            # except that the file build passes
 66            checkConf = {
 67              su = "root utmp";
 68              createolddir = "0750 root utmp";
 69              create = "root utmp";
 70              "create " = "0750 root utmp";
 71            };
 72            # multiple paths should be aggregated
 73            multipath = {
 74              files = [
 75                "file1"
 76                "file2"
 77              ];
 78            };
 79            # overriding imported path should keep existing attributes
 80            # (e.g. olddir is still set)
 81            import = {
 82              notifempty = true;
 83            };
 84          };
 85        };
 86      };
 87  };
 88
 89  testScript = ''
 90    with subtest("whether logrotate works"):
 91        # we must rotate once first to create logrotate stamp
 92        defaultMachine.succeed("systemctl start logrotate.service")
 93        # we need to wait for console text once here to
 94        # clear console buffer up to this point for next wait
 95        defaultMachine.wait_for_console_text('logrotate.service: Deactivated successfully')
 96
 97        defaultMachine.succeed(
 98            # wtmp is present in default config.
 99            "rm -f /var/log/wtmp*",
100            # we need to give it at least 1MB
101            "dd if=/dev/zero of=/var/log/wtmp bs=2M count=1",
102
103            # move into the future and check rotation.
104            "date -s 'now + 1 month + 1 day'")
105        defaultMachine.wait_for_console_text('logrotate.service: Deactivated successfully')
106        defaultMachine.succeed(
107            # check rotate worked
108            "[ -e /var/log/wtmp.1 ]",
109        )
110    with subtest("default config does not have mail"):
111        defaultMachine.fail("systemctl cat logrotate.service | grep -- --mail")
112    with subtest("using mails adds mail option"):
113        machine.succeed("systemctl cat logrotate.service | grep -- --mail")
114    with subtest("check generated config matches expectation"):
115        machine.succeed(
116            # copy conf to /tmp/logrotate.conf for easy grep
117            "conf=$(systemctl cat logrotate | grep -oE '/nix/store[^ ]*logrotate.conf'); cp $conf /tmp/logrotate.conf",
118            "! grep weekly /tmp/logrotate.conf",
119            "grep -E '^delaycompress' /tmp/logrotate.conf",
120            "tail -n 1 /tmp/logrotate.conf | grep shred",
121            "sed -ne '/\"sendmail\" {/,/}/p' /tmp/logrotate.conf | grep 'mail user@domain.tld'",
122            "sed -ne '/\"postrotate\" {/,/}/p' /tmp/logrotate.conf | grep endscript",
123            "grep '\"file1\"\n\"file2\" {' /tmp/logrotate.conf",
124            "sed -ne '/\"import\" {/,/}/p' /tmp/logrotate.conf | grep noolddir",
125        )
126        # also check configFile option
127        failingMachine.succeed(
128            "conf=$(systemctl cat logrotate | grep -oE '/nix/store[^ ]*logrotate.conf'); cp $conf /tmp/logrotate.conf",
129            "grep 'self-written config' /tmp/logrotate.conf",
130        )
131    with subtest("Check logrotate-checkconf service"):
132        machine.wait_for_unit("logrotate-checkconf.service")
133        # wait_for_unit also asserts for success, so wait for
134        # parent target instead and check manually.
135        failingMachine.wait_for_unit("multi-user.target")
136        info = failingMachine.get_unit_info("logrotate-checkconf.service")
137        if info["ActiveState"] != "failed":
138            raise Exception('logrotate-checkconf.service was not failed')
139
140    machine.log(machine.execute("systemd-analyze security logrotate.service | grep -v ✓")[1])
141
142  '';
143}