pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / systemd.nix
at master 9.9 kB view raw
1{ lib, pkgs, ... }: 2{ 3 name = "systemd"; 4 5 nodes.machine = 6 { config, lib, ... }: 7 { 8 imports = [ 9 common/user-account.nix 10 common/x11.nix 11 ]; 12 13 virtualisation.emptyDiskImages = [ 14 512 15 512 16 ]; 17 18 environment.systemPackages = [ pkgs.cryptsetup ]; 19 20 virtualisation.fileSystems = { 21 "/test-x-initrd-mount" = { 22 device = "/dev/vdb"; 23 fsType = "ext2"; 24 autoFormat = true; 25 noCheck = true; 26 options = [ "x-initrd.mount" ]; 27 }; 28 }; 29 30 systemd.settings.Manager = { 31 DefaultEnvironment = "XXX_SYSTEM=foo"; 32 WatchdogDevice = "/dev/watchdog"; 33 RuntimeWatchdogSec = "30s"; 34 RebootWatchdogSec = "10min"; 35 KExecWatchdogSec = "5min"; 36 }; 37 systemd.user.extraConfig = "DefaultEnvironment=\"XXX_USER=bar\""; 38 services.journald.extraConfig = "Storage=volatile"; 39 test-support.displayManager.auto.user = "alice"; 40 41 systemd.shutdown.test = pkgs.writeScript "test.shutdown" '' 42 #!${pkgs.runtimeShell} 43 PATH=${ 44 lib.makeBinPath ( 45 with pkgs; 46 [ 47 util-linux 48 coreutils 49 ] 50 ) 51 } 52 mount -t 9p shared -o trans=virtio,version=9p2000.L /tmp/shared 53 touch /tmp/shared/shutdown-test 54 umount /tmp/shared 55 ''; 56 57 systemd.services.oncalendar-test = { 58 description = "calendar test"; 59 # Japan does not have DST which makes the test a little bit simpler 60 startAt = "Wed 10:00 Asia/Tokyo"; 61 script = "true"; 62 }; 63 64 systemd.services.testDependency1 = { 65 description = "Test Dependency 1"; 66 wantedBy = [ config.systemd.services."testservice1".name ]; 67 serviceConfig.Type = "oneshot"; 68 script = '' 69 true 70 ''; 71 }; 72 73 systemd.services.testservice1 = { 74 description = "Test Service 1"; 75 wantedBy = [ config.systemd.targets.multi-user.name ]; 76 serviceConfig.Type = "oneshot"; 77 script = '' 78 if [ "$XXX_SYSTEM" = foo ]; then 79 touch /system_conf_read 80 fi 81 ''; 82 }; 83 84 systemd.user.services.testservice2 = { 85 description = "Test Service 2"; 86 wantedBy = [ "default.target" ]; 87 serviceConfig.Type = "oneshot"; 88 script = '' 89 if [ "$XXX_USER" = bar ]; then 90 touch "$HOME/user_conf_read" 91 fi 92 ''; 93 }; 94 95 environment.etc."systemd/system-preset/10-testservice.preset".text = '' 96 disable ${config.systemd.services.testservice1.name} 97 ''; 98 }; 99 100 testScript = 101 { nodes, ... }: 102 '' 103 import re 104 import subprocess 105 106 machine.start(allow_reboot=True) 107 108 # Will not succeed unless ConditionFirstBoot=yes 109 machine.wait_for_unit("first-boot-complete.target") 110 111 machine.succeed( 112 "journalctl --system -o cat --grep 'systemd ${lib.escapeRegex pkgs.systemd.version} running'" 113 ) 114 115 assert "systemd ${lib.versions.major pkgs.systemd.version} (${pkgs.systemd.version})" in machine.succeed( 116 "systemctl --version" 117 ) 118 119 # Make sure, a subsequent boot isn't a ConditionFirstBoot=yes. 120 machine.reboot() 121 machine.wait_for_x() 122 state = machine.get_unit_info("first-boot-complete.target")['ActiveState'] 123 assert state == 'inactive', "Detected first boot despite first-boot-completed.target was already reached on a previous boot." 124 125 # wait for user services 126 machine.wait_for_unit("default.target", "alice") 127 128 with subtest("systemctl edit suggests --runtime"): 129 # --runtime is suggested when using `systemctl edit` 130 ret, out = machine.execute("systemctl edit testservice1.service 2>&1") 131 assert ret == 1 132 assert out.rstrip("\n") == "The unit-directory '/etc/systemd/system' is read-only on NixOS, so it's not possible to edit system-units directly. Use 'systemctl edit --runtime' instead." 133 # editing w/o `--runtime` is possible for user-services, however 134 # it's not possible because we're not in a tty when grepping 135 # (i.e. hacky way to ensure that the error from above doesn't appear here). 136 _, out = machine.execute("systemctl --user edit testservice2.service 2>&1") 137 assert out.rstrip("\n") == "Cannot edit units interactively if not on a tty." 138 139 # Regression test for https://github.com/NixOS/nixpkgs/issues/105049 140 with subtest("systemd reads timezone database in /etc/zoneinfo"): 141 timer = machine.succeed("TZ=UTC systemctl show --property=TimersCalendar oncalendar-test.timer") 142 assert re.search("next_elapse=Wed ....-..-.. 01:00:00 UTC", timer), f"got {timer.strip()}" 143 144 # Regression test for https://github.com/NixOS/nixpkgs/issues/35415 145 with subtest("configuration files are recognized by systemd"): 146 machine.succeed("test -e /system_conf_read") 147 machine.succeed("test -e /home/alice/user_conf_read") 148 machine.succeed("test -z $(ls -1 /var/log/journal)") 149 150 with subtest("regression test for https://bugs.freedesktop.org/show_bug.cgi?id=77507"): 151 retcode, output = machine.execute("systemctl status testservice1.service") 152 assert retcode in [0, 3] # https://bugs.freedesktop.org/show_bug.cgi?id=77507 153 154 # Regression test for https://github.com/NixOS/nixpkgs/issues/35268 155 with subtest("file system with x-initrd.mount is not unmounted"): 156 machine.succeed("mountpoint -q /test-x-initrd-mount") 157 machine.shutdown() 158 159 subprocess.check_call( 160 [ 161 "qemu-img", 162 "convert", 163 "-O", 164 "raw", 165 "vm-state-machine/empty0.qcow2", 166 "x-initrd-mount.raw", 167 ] 168 ) 169 extinfo = subprocess.check_output( 170 [ 171 "${pkgs.e2fsprogs}/bin/dumpe2fs", 172 "x-initrd-mount.raw", 173 ] 174 ).decode("utf-8") 175 assert ( 176 re.search(r"^Filesystem state: *clean$", extinfo, re.MULTILINE) is not None 177 ), ("File system was not cleanly unmounted: " + extinfo) 178 179 # Regression test for https://github.com/NixOS/nixpkgs/pull/91232 180 with subtest("setting transient hostnames works"): 181 machine.succeed("hostnamectl set-hostname --transient machine-transient") 182 machine.fail("hostnamectl set-hostname machine-all") 183 184 with subtest("systemd-shutdown works"): 185 machine.shutdown() 186 machine.wait_for_unit("multi-user.target") 187 machine.succeed("test -e /tmp/shared/shutdown-test") 188 189 # Test settings from /etc/sysctl.d/50-default.conf are applied 190 with subtest("systemd sysctl settings are applied"): 191 machine.wait_for_unit("multi-user.target") 192 assert "fq_codel" in machine.succeed("sysctl net.core.default_qdisc") 193 194 # Test systemd is configured to manage a watchdog 195 with subtest("systemd manages hardware watchdog"): 196 machine.wait_for_unit("multi-user.target") 197 198 # It seems that the device's path doesn't appear in 'systemctl show' so 199 # check it separately. 200 assert "WatchdogDevice=/dev/watchdog" in machine.succeed( 201 "cat /etc/systemd/system.conf" 202 ) 203 204 output = machine.succeed("systemctl show | grep Watchdog") 205 # assert "RuntimeWatchdogUSec=30s" in output 206 # for some reason RuntimeWatchdogUSec, doesn't seem to be updated in here. 207 assert "RebootWatchdogUSec=10min" in output 208 assert "KExecWatchdogUSec=5min" in output 209 210 # Test systemd cryptsetup support 211 with subtest("systemd successfully reads /etc/crypttab and unlocks volumes"): 212 # create a luks volume and put a filesystem on it 213 machine.succeed( 214 "echo -n supersecret | cryptsetup luksFormat -q /dev/vdc -", 215 "echo -n supersecret | cryptsetup luksOpen --key-file - /dev/vdc foo", 216 "mkfs.ext3 /dev/mapper/foo", 217 ) 218 219 # create a keyfile and /etc/crypttab 220 machine.succeed("echo -n supersecret > /var/lib/luks-keyfile") 221 machine.succeed("chmod 600 /var/lib/luks-keyfile") 222 machine.succeed("echo 'luks1 /dev/vdc /var/lib/luks-keyfile luks' > /etc/crypttab") 223 224 # after a reboot, systemd should unlock the volume and we should be able to mount it 225 machine.shutdown() 226 machine.succeed("systemctl status systemd-cryptsetup@luks1.service") 227 machine.succeed("mkdir -p /tmp/luks1") 228 machine.succeed("mount /dev/mapper/luks1 /tmp/luks1") 229 230 # Do some IP traffic 231 output_ping = machine.succeed( 232 "systemd-run --wait -- ping -c 1 127.0.0.1 2>&1" 233 ) 234 235 with subtest("systemd reports accounting data on system.slice"): 236 output = machine.succeed("systemctl status system.slice") 237 assert "CPU:" in output 238 assert "Memory:" in output 239 240 assert "IP:" in output 241 assert "0B in, 0B out" not in output 242 243 assert "IO:" in output 244 assert "0B read, 0B written" not in output 245 246 with subtest("systemd per-unit accounting works"): 247 assert "IP traffic received: 84B sent: 84B" in output_ping 248 249 with subtest("systemd environment is properly set"): 250 machine.systemctl("daemon-reexec") # Rewrites /proc/1/environ 251 machine.succeed("grep -q TZDIR=/etc/zoneinfo /proc/1/environ") 252 253 with subtest("systemd presets are ignored"): 254 machine.succeed("systemctl preset ${nodes.machine.systemd.services.testservice1.name}") 255 machine.succeed("test -e /etc/systemd/system/${nodes.machine.systemd.services.testservice1.name}") 256 ''; 257}