nixos/tests/userborn-mutable-etc.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / userborn-mutable-etc.nix
at master 1.7 kB view raw
 1{ lib, ... }:
 2
 3let
 4  normaloHashedPassword = "$y$j9T$IEWqhKtWg.r.8fVkSEF56.$iKNxdMC6hOAQRp6eBtYvBk4c7BGpONXeZMqc8I/LM46";
 5
 6  common = {
 7    services.userborn.enable = true;
 8    boot.initrd.systemd.enable = true;
 9    system.etc.overlay = {
10      enable = true;
11      mutable = true;
12    };
13  };
14in
15
16{
17
18  name = "userborn-mutable-etc";
19
20  meta.maintainers = with lib.maintainers; [ nikstur ];
21
22  nodes.machine =
23    { config, ... }:
24    {
25      imports = [ common ];
26
27      users = {
28        users = {
29          normalo = {
30            isNormalUser = true;
31            hashedPassword = normaloHashedPassword;
32          };
33        };
34      };
35
36      specialisation.new-generation = {
37        inheritParentConfig = false;
38        configuration = {
39          nixpkgs = {
40            inherit (config.nixpkgs) hostPlatform;
41          };
42          imports = [ common ];
43
44          users.users = {
45            new-normalo = {
46              isNormalUser = true;
47            };
48          };
49        };
50      };
51    };
52
53  testScript = ''
54    machine.wait_for_unit("userborn.service")
55
56    with subtest("normalo user is created"):
57      assert "${normaloHashedPassword}" in machine.succeed("getent shadow normalo"), "normalo user password is not correct"
58
59
60    machine.succeed("/run/current-system/specialisation/new-generation/bin/switch-to-configuration switch")
61
62
63    with subtest("normalo user is disabled"):
64      print(machine.succeed("getent shadow normalo"))
65      assert "!*" in machine.succeed("getent shadow normalo"), "normalo user is not disabled"
66
67    with subtest("new-normalo user is created after switching to new generation"):
68      print(machine.succeed("getent passwd new-normalo"))
69  '';
70}