summaryrefslogtreecommitdiffstats
path: root/test/TEST-50-DISSECT (follow)
Commit message (Collapse)AuthorAgeFilesLines
* core: deduplicate identical dm-verity ExtensionImages=Luca Boccassi2024-06-281-0/+1
| | | | | | | | | | | | | | | | | It turns out OverlayFS doesn't handle gracefully when the same source is specified multiple times in lowerdir= and it fails with ELOOP: Failed to mount overlay (type overlay) on /run/systemd/mount-rootfs/opt (MS_RDONLY "lowerdir=/run/systemd/unit-extensions/1/opt:/run/systemd/unit-extensions/0/opt:/run/systemd/mount-rootfs/opt"): Too many levels of symbolic links This happens even if we mount each image in a different internal mount path, as OverlayFS will resolve it and look for the backing device, which will be the same device mapper entity, and return a hard error. This error does not appear if dm-verity is not used, so it is very confusing for users, and unnecessary. When mounting ExtensionImages, check if an image is dm-veritied, and drop duplicates if the root hashes match, to avoid this user-unfriendly hard error.
* test: Run tests that don't need a vm in systemd-nspawnDaan De Meyer2024-05-291-0/+1
| | | | | If we're not running the test as root, stick to using a virtual machine, as mkosi can't do rootless nspawn yet.
* test: Rework integration test definitionsDaan De Meyer2024-05-141-0/+7
| | | | | | | Let's make this behave more like all the rest of the meson stuff. This also is the first step to making it a bit more flexible so we can define integration tests in different ways as will be seen in the next commits.
* test: skip testsuite-50.mountnfsd if kernel/polkit are too oldLuca Boccassi2024-04-251-0/+1
| | | | | Need full support of pidfd to work, so skip the test if it's not available
* test: add integration test for unpriv mountfsd/nsresourcedLennart Poettering2024-04-061-0/+9
|
* dissect: add --make-archive option to convert DDI to tarballLennart Poettering2024-01-251-0/+1
|
* confext: test image wide systemd support for confextMaanya Goenka2023-07-141-0/+1
|
* test: Add RootEphemeral= integration testDaan De Meyer2023-06-211-0/+1
|
* test: introduce test_require_bin() and use itFrantisek Sumsal2023-06-051-3/+1
| | | | No functional change.
* test: install the overlayfs/loop modules unconditionallyFrantisek Sumsal2023-05-141-15/+10
|
* test: extend TEST-50-DISSECT for systemd-dissect --list and --withLennart Poettering2022-11-091-1/+1
|
* test: respect the global $QEMU_TIMEOUTFrantisek Sumsal2022-08-261-1/+0
| | | | | | | | CIs set QEMU and nspawn timeouts by themselves which reflect their needs and possibilities, so let's respect that value, instead of using one pre-set value which might or might not work for all of them. Both Ubuntu CI and CentOS CI set these values themselves.
* test: double timeout of TEST-50-DISSECTLuca Boccassi2022-05-191-1/+1
| | | | | | | | | It times out on slow CIs near the end of the test, eg: [ 553.539368] kernel: loop_reread_partitions: partition scan of loop3 () failed (rc=-5) TEST-50-DISSECT: (timeout) https://autopkgtest.ubuntu.com/results/autopkgtest-focal-upstream-systemd-ci-systemd-ci/focal/ppc64el/s/systemd-upstream/20220518_172659_bf20f@/log.gz
* test: install losetup by defaultYu Watanabe2021-12-201-1/+0
| | | | Preparation for the next commit.
* test: bump timeout for TEST-50-DISSECT and TEST-67-INTEGRITYLuca Boccassi2021-12-131-1/+1
| | | | | | | | | TEST-67-INTEGRITY times out quite often, and when it passes it does so a few seconds short of the timeout. It's a slow qemu test, so bump the timeout. TEST-50-DISSECT has been reported to fail in the same way on Debian's infrastructure, again narrowly failing or passing just short of the timeout.
* tests: add spdx headers to scripts and MakefilesZbigniew Jędrzejewski-Szmek2021-10-181-0/+1
|
* test: set 5 minute timeout on TEST-11-ISSUE-3166 and TEST-50-DISSECTDimitri John Ledkov2021-10-091-0/+2
| | | | | | | When they work they finish quickly in under two minutes on slow machines, when soft lock ups happen in the nested virt machine each test can run for like 5 hours clogging up CI infrastructure. It's best to fail quicker than that when qemu or kernel are broken.
* test: make OpenSSL checks optional in TEST-50-DISSECTLuca Boccassi2021-10-071-2/+3
| | | | | | | | | | | If the packages are built without libssl simply skip the signature checks. Oct 06 21:21:32 H systemd[1]: systemd 249.1249.gcc4df1f787.0 running in system mode (+PAM +AUDIT +SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT +GNUTLS -OPENSSL ... Oct 06 21:22:21 H systemd[459]: Activation of signed Verity volume worked neither via the kernel nor in userspace, can't activate. Follow-up for #20691
* tests: extend TEST-50-DISSECT to look for verity signaturesLennart Poettering2021-09-281-0/+2
|
* test: "detect" the test number automagicallyFrantisek Sumsal2021-04-261-1/+1
| | | | | | Specifying the test number manually is tedious and prone to errors (as recently proven). Since we have all the necessary data to work out the test number, let's do it automagically.
* ci: drop test/TEST-50-DISSECT/deny-list-ubuntu-ciLennart Poettering2021-04-201-2/+0
| | | | Let's see if this makes the test stable on the CI.
* test: make the test entrypoint scripts shellcheck-compliantFrantisek Sumsal2021-04-201-1/+3
|
* test: use quotes where necessaryFrantisek Sumsal2021-04-131-0/+1
| | | | to avoid possible word splitting.
* Skip TEST-50 on ubuntu ciDan Streetman2021-03-011-0/+2
| | | | | | | This test is flaky, and requires updates to the kernel to fix, so disable it for now. https://github.com/systemd/systemd/issues/17469
* Add ExtensionImages directive to form overlaysLuca Boccassi2021-02-231-0/+3
| | | | | Add support for overlaying images for services on top of their root fs, using a read-only overlay.
* test-50-dissect: move minimal image setup to common setup functionLuca Boccassi2021-02-101-19/+2
| | | | | | So that it can be re-used for other tests by simply setting TEST_INSTALL_VERITY_MINIMAL=1 in test.sh, without having to replicate the setup commands.
* tests: build the image once and then copy/extend itLuca Boccassi2021-01-241-9/+1
| | | | | | Building custom images for each test takes a lot of time. Build the default one, and if the test needs incompatible changes just copy it and extend it instead.
* test: fix TEST-50-DISSECT build on Ubuntu CILuca Boccassi2020-10-171-1/+1
| | | | | | | | Ubuntu CI's just got the dependencies require dto run this test added, and it seems the build is different enough from other platforms that it fails to create the required directories: cp: cannot create regular file '/var/tmp/systemd-test.JJMOBY/minimal/usr/lib/os-release': No such file or directory
* Revert "Block TEST-50-DISSECT on Ubuntu CI temporarily"Luca Boccassi2020-10-171-0/+0
| | | | This reverts commit 329315b29f63adb05054c26f739f68780fadfa0a.
* Block TEST-50-DISSECT on Ubuntu CI temporarilyLuca Boccassi2020-10-171-0/+0
| | | | | | It looks like we need to do some whack-a-mole before it will fully pass, so disable for now. It was skipped until today anyway due to missing dependencies.
* tests/TEST-50: support the case when /etc/os-release is presentZbigniew Jędrzejewski-Szmek2020-08-271-1/+1
| | | | | | | | | | | | | | | | We have four legal cases: 1. /usr/lib/os-release exists and /etc/os-release is a symlink to it 2. both exist but /etc/os-release is not a symlink to /usr/lib/os-release 3. only /usr/lib/os-release exists 4. only /etc/os-release exists The generic setup code in test-functions and create-busybox-image didn't handle case 3. The test-specific code in TEST-50 didn't handle 2 (because the general setup code would only install /etc/os-release in the image and grep -f /usr/lib/os-release would not work) and 4 (same reason) and would fail in case 3 in generic setup.
* TEST-50: sfdisk is already installed by setup_basic_environmentZbigniew Jędrzejewski-Szmek2020-08-271-1/+0
|
* service: add new RootImageOptions featureLuca Boccassi2020-07-291-0/+1
| | | | | | | | | | Allows to specify mount options for RootImage. In case of multi-partition images, the partition number can be prefixed followed by colon. Eg: RootImageOptions=1:ro,dev 2:nosuid nodev In absence of a partition number, 0 is assumed.
* test: pre-assemble minimal image for TEST-50-DISSECT at build timeLuca Boccassi2020-07-151-3/+16
| | | | Easier than in the limited VM environment
* test: exercise systemd-dissect with GPT and verity in TEST-50-DISSECTLuca Boccassi2020-07-151-0/+3
|
* test: exercise systemd-dissect --mount in TEST-50-DISSECTLuca Boccassi2020-07-151-0/+2
|
* dissect: support single-filesystem verity images with external verity hashLuca Boccassi2020-06-092-0/+35
dm-verity support in dissect-image at the moment is restricted to GPT volumes. If the image a single-filesystem type without a partition table (eg: squashfs) and a roothash/verity file are passed, set the verity flag and mark as read-only.