···
1
-
{ debug ? false, ... } @ args:
1
+
{ system ? builtins.currentSystem, debug ? false }:
3
-
import ./make-test.nix ({ pkgs, ... }: with pkgs.lib; let
3
+
with import ../lib/testing.nix { inherit system; };
testVMConfig = vmName: attrs: { config, pkgs, ... }: let
guestAdditions = pkgs.linuxPackages.virtualboxGuestAdditions;
···
test2.vmScript = dhcpScript;
318
-
name = "virtualbox";
319
-
meta = with pkgs.stdenv.lib.maintainers; {
320
-
maintainers = [ aszlig wkennington ];
319
+
mkVBoxTest = name: testScript: makeTest {
320
+
name = "virtualbox-${name}";
323
-
machine = { pkgs, lib, config, ... }: {
325
-
mkVMConf = name: val: val.machine // { key = "${name}-config"; };
326
-
vmConfigs = mapAttrsToList mkVMConf vboxVMs;
327
-
in [ ./common/user-account.nix ./common/x11.nix ] ++ vmConfigs;
328
-
virtualisation.memorySize = 2048;
329
-
virtualisation.virtualbox.host.enable = true;
330
-
users.extraUsers.alice.extraGroups = let
331
-
inherit (config.virtualisation.virtualbox.host) enableHardening;
332
-
in lib.mkIf enableHardening (lib.singleton "vboxusers");
322
+
machine = { lib, config, ... }: {
324
+
mkVMConf = name: val: val.machine // { key = "${name}-config"; };
325
+
vmConfigs = mapAttrsToList mkVMConf vboxVMs;
326
+
in [ ./common/user-account.nix ./common/x11.nix ] ++ vmConfigs;
327
+
virtualisation.memorySize = 2048;
328
+
virtualisation.virtualbox.host.enable = true;
329
+
users.extraUsers.alice.extraGroups = let
330
+
inherit (config.virtualisation.virtualbox.host) enableHardening;
331
+
in lib.mkIf enableHardening (lib.singleton "vboxusers");
337
-
my $esc = $_[0] =~ s/'/'\\${"'"}'/gr;
338
-
return "su - alice -c '$esc'";
336
+
my $esc = $_[0] =~ s/'/'\\${"'"}'/gr;
337
+
return "su - alice -c '$esc'";
341
+
$machine->succeed(ru("VBoxManage ".$_[0]));
342
-
$machine->succeed(ru("VBoxManage ".$_[0]));
345
+
return join("\n", grep { $_ !~ /^UUID:/ } split(/\n/, $_[0]))."\n";
345
-
${concatStrings (mapAttrsToList (_: getAttr "testSubs") vboxVMs)}
348
+
${concatStrings (mapAttrsToList (_: getAttr "testSubs") vboxVMs)}
347
-
$machine->waitForX;
350
+
$machine->waitForX;
349
-
${mkLog "$HOME/.config/VirtualBox/VBoxSVC.log" "HOST-SVC"}
352
+
${mkLog "$HOME/.config/VirtualBox/VBoxSVC.log" "HOST-SVC"}
353
-
subtest "simple-gui", sub {
354
-
$machine->succeed(ru "VirtualBox &");
355
-
$machine->waitForWindow(qr/Oracle VM VirtualBox Manager/);
356
-
$machine->sleep(5);
357
-
$machine->screenshot("gui_manager_started");
358
-
$machine->sendKeys("ret");
359
-
$machine->screenshot("gui_manager_sent_startup");
360
-
waitForStartup_simple (sub {
361
-
$machine->sendKeys("ret");
363
-
$machine->screenshot("gui_started");
364
-
waitForVMBoot_simple;
365
-
$machine->screenshot("gui_booted");
367
-
$machine->sleep(5);
368
-
$machine->screenshot("gui_stopped");
369
-
$machine->sendKeys("ctrl-q");
370
-
$machine->sleep(5);
371
-
$machine->screenshot("gui_manager_stopped");
357
+
meta = with pkgs.stdenv.lib.maintainers; {
358
+
maintainers = [ aszlig wkennington ];
362
+
in mapAttrs mkVBoxTest {
365
+
$machine->succeed(ru "VirtualBox &");
366
+
$machine->waitForWindow(qr/Oracle VM VirtualBox Manager/);
367
+
$machine->sleep(5);
368
+
$machine->screenshot("gui_manager_started");
369
+
$machine->sendKeys("ret");
370
+
$machine->screenshot("gui_manager_sent_startup");
371
+
waitForStartup_simple (sub {
372
+
$machine->sendKeys("ret");
374
+
$machine->screenshot("gui_started");
375
+
waitForVMBoot_simple;
376
+
$machine->screenshot("gui_booted");
378
+
$machine->sleep(5);
379
+
$machine->screenshot("gui_stopped");
380
+
$machine->sendKeys("ctrl-q");
381
+
$machine->sleep(5);
382
+
$machine->screenshot("gui_manager_stopped");
376
-
subtest "simple-cli", sub {
377
-
vbm("startvm simple");
378
-
waitForStartup_simple;
379
-
$machine->screenshot("cli_started");
380
-
waitForVMBoot_simple;
381
-
$machine->screenshot("cli_booted");
387
+
vbm("startvm simple");
388
+
waitForStartup_simple;
389
+
$machine->screenshot("cli_started");
390
+
waitForVMBoot_simple;
391
+
$machine->screenshot("cli_booted");
385
-
subtest "privilege-escalation", sub {
393
+
$machine->nest("Checking for privilege escalation", sub {
$machine->fail("test -e '/root/VirtualBox VMs'");
$machine->fail("test -e '/root/.config/VirtualBox'");
$machine->succeed("test -e '/home/alice/VirtualBox VMs'");
394
-
return join("\n", grep { $_ !~ /^UUID:/ } split(/\n/, $_[0]))."\n";
402
+
host-usb-permissions = ''
403
+
my $userUSB = removeUUIDs vbm("list usbhost");
404
+
print STDERR $userUSB;
405
+
my $rootUSB = removeUUIDs $machine->succeed("VBoxManage list usbhost");
406
+
print STDERR $rootUSB;
397
-
subtest "host-usb-permissions", sub {
398
-
my $userUSB = removeUUIDs vbm("list usbhost");
399
-
print STDERR $userUSB;
400
-
my $rootUSB = removeUUIDs $machine->succeed("VBoxManage list usbhost");
401
-
print STDERR $rootUSB;
408
+
die "USB host devices differ for root and normal user"
409
+
if $userUSB ne $rootUSB;
410
+
die "No USB host devices found" if $userUSB =~ /<none>/;
403
-
die "USB host devices differ for root and normal user"
404
-
if $userUSB ne $rootUSB;
405
-
die "No USB host devices found" if $userUSB =~ /<none>/;
413
+
systemd-detect-virt = ''
414
+
createVM_detectvirt;
415
+
vbm("startvm detectvirt");
416
+
waitForStartup_detectvirt;
417
+
waitForVMBoot_detectvirt;
418
+
shutdownVM_detectvirt;
419
+
my $result = $machine->succeed("cat '$detectvirt_sharepath/result'");
421
+
destroyVM_detectvirt;
422
+
die "systemd-detect-virt returned \"$result\" instead of \"oracle\""
423
+
if $result ne "oracle";
408
-
subtest "systemd-detect-virt", sub {
409
-
createVM_detectvirt;
410
-
vbm("startvm detectvirt");
411
-
waitForStartup_detectvirt;
412
-
waitForVMBoot_detectvirt;
413
-
shutdownVM_detectvirt;
414
-
my $result = $machine->succeed("cat '$detectvirt_sharepath/result'");
416
-
destroyVM_detectvirt;
417
-
die "systemd-detect-virt returned \"$result\" instead of \"oracle\""
418
-
if $result ne "oracle";
426
+
net-hostonlyif = ''
421
-
subtest "net-hostonlyif", sub {
430
+
vbm("startvm test1");
431
+
waitForStartup_test1;
432
+
waitForVMBoot_test1;
425
-
vbm("startvm test1");
426
-
waitForStartup_test1;
427
-
waitForVMBoot_test1;
434
+
vbm("startvm test2");
435
+
waitForStartup_test2;
436
+
waitForVMBoot_test2;
429
-
vbm("startvm test2");
430
-
waitForStartup_test2;
431
-
waitForVMBoot_test2;
438
+
$machine->screenshot("net_booted");
433
-
$machine->screenshot("net_booted");
440
+
my $test1IP = waitForIP_test1 1;
441
+
my $test2IP = waitForIP_test2 1;
435
-
my $test1IP = waitForIP_test1 1;
436
-
my $test2IP = waitForIP_test2 1;
443
+
$machine->succeed("echo '$test2IP' | netcat -c '$test1IP' 1234");
444
+
$machine->succeed("echo '$test1IP' | netcat -c '$test2IP' 1234");
438
-
$machine->succeed("echo '$test2IP' | netcat -c '$test1IP' 1234");
439
-
$machine->succeed("echo '$test1IP' | netcat -c '$test2IP' 1234");
441
-
$machine->waitUntilSucceeds("netcat -c '$test1IP' 5678 >&2");
442
-
$machine->waitUntilSucceeds("netcat -c '$test2IP' 5678 >&2");
446
+
$machine->waitUntilSucceeds("netcat -c '$test1IP' 5678 >&2");
447
+
$machine->waitUntilSucceeds("netcat -c '$test2IP' 5678 >&2");
pyrox.dev