summaryrefslogtreecommitdiffstats
path: root/test (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* | | network: process queued remove requests on stop (#34871)Yu Watanabe2024-10-301-0/+19
|\ \ \ | | | | | | | | | | | | | | | | Fixes a regression caused by 85a6f300c14d75d161cbfdb3eaf5af9594400ecd and its later commits. Fixes #34837.
| * | | test-network: add test for DHCPv4 address removal on stopYu Watanabe2024-10-301-0/+19
| | | | | | | | | | | | | | | | For issue #34837.
* | | | Fix display of qrcodes by bsod and other related cleanups (#34914)Lennart Poettering2024-10-301-1/+1
|\ \ \ \ | |/ / / |/| | |
| * | | bsod: make message for qrcode more usefulZbigniew Jędrzejewski-Szmek2024-10-301-1/+1
| | |/ | |/| | | | | | | | | | | | | | | | People know what a qrcode is. We don't need to tell them to scan it. Instead, we should say what the code contains. While at it, rename "stream" to "f" in line with the usual style.
* | | coredump: AccessContainer= bunch of followups (#34333)Luca Boccassi2024-10-302-1/+33
|\ \ \ | | | | | | | | Fixes #34130
| * | | test: add test coverage for EnterNamespace=Michal Sekletar2024-10-302-1/+33
| | | |
* | | | core/service: support sd_notify() MAINPIDFD=1 and MAINPIDFDID= (#34932)Lennart Poettering2024-10-301-1/+1
|\ \ \ \
| * | | | TEST-80-NOTIFYACCESS: don't specify --pid= if MAINPID= is provided explicitlyMike Yuan2024-10-291-1/+1
| | |_|/ | |/| | | | | | | | | | | | | | Otherwise, with recent additions, the MAINPIDFDID= generated by systemd-notify would mismatch with overridden MAINPID=.
* | | | network: add missing else in dhcp_lease_load (#34927)Lennart Poettering2024-10-301-0/+0
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: 3fd6708cde0f (network: Serialize DNR servers) --- Fixes: #34926
| * | | | network: add missing else in dhcp_lease_loadRonan Pigott2024-10-291-0/+0
| | | | | | | | | | | | | | | | | | | | Fixes: 3fd6708cde0f (network: Serialize DNR servers)
* | | | | sysusers: optionally create fully locked accounts (#34876)Luca Boccassi2024-10-291-0/+11
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Let's ramp up security for system user accounts, at least where possible, by creating them fully locked (instead of just with an invalid password). This matters when taking non-password (i.e. SSH) logins into account. Fixes: #13522
| * | | | | test: test new 'u' sysusers.d linesLennart Poettering2024-10-291-0/+11
| |/ / / /
* | | | | busctl: add a testcase that definitely causes the timeout to triggerLennart Poettering2024-10-291-1/+9
| | | | |
* | | | | busctl: rename --num-matches= → --limit-messages=Lennart Poettering2024-10-291-1/+1
| |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We should avoid unnecessary abbreviations for such messages, and this puts a maximum limit on things, hence it should indicate this in the name. Moreover, matches is a bit confusing, since most people will probably call "busctl monitor" without any match specification, i.e. zero matches, but that's not what was meant here at all. Also, add a brief switch for this (-N) since I figure in particular "-N1" might be a frequent operation people might want to use. Follow-up for: 989e843e7543b21b91de4368da44692d674722a5 See: #34048
* | | | udevadm: automatically anable JSON-SEQ in case JSON is used for "udevadm ↵Lennart Poettering2024-10-291-2/+2
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | info -a" We are going to output a series of JSON objects, hence let's automatically enable JSON-SEQ output mode, as we usually do. "jq --seq" supports this natively, hence this should not really restrict us. Follow-up for: 67ea8a4c0edef33b1775536bc81d5de2c8ac4d88
* / / socket: support setting ownership of message queuesDavid Michael2024-10-281-0/+46
|/ / | | | | | | | | | | | | | | This applies the existing SocketUser=/SocketGroup= options to units defining a POSIX message queue, bringing them in line with UNIX sockets and FIFOs. They are set on the file descriptor rather than a file system path because the /dev/mqueue path interface is an optional mount unit.
* / cgroup: Add support for ProtectControlGroups= private and strictRyan Wilson2024-10-281-0/+107
|/ | | | | | | | | | | | | | | | | | This commit adds two settings private and strict to the ProtectControlGroups= property. Private will unshare the cgroup namespace and mount a read-write private cgroup2 filesystem at /sys/fs/cgroup. Strict does the same except the mount is read-only. Since the unit is running in a cgroup namespace, the new root of /sys/fs/cgroup is the unit's own cgroup. We also add a new dbus property ProtectControlGroupsEx which accepts strings instead of boolean. This will allow users to use private/strict via dbus and systemd-run in addition to service files. Note private and strict fall back to no and yes respectively if the kernel doesn't support cgroup2 or system is not using unified hierarchy. Fixes: #34634
* test: add brief testcase for systemd-run disconnect handlingLennart Poettering2024-10-251-0/+3
|
* ci: add some basic testing of the new --pty and --pipe switchesLennart Poettering2024-10-252-0/+19
|
* Merge pull request #34880 from poettering/change-user-on-pam-alwaysLennart Poettering2024-10-251-1/+4
|\ | | | | core: make sure that if PAMName= is set we always do the full user ch…
| * test: add quick test to verify the PAM stack really ran in all run0 modes of ↵Lennart Poettering2024-10-241-1/+4
| | | | | | | | operation
* | ci: give new userdbctl some CI exposureLennart Poettering2024-10-241-0/+14
|/
* Merge pull request #27916 from yuwata/test-execute-credstoreYu Watanabe2024-10-241-8/+10
|\ | | | | test: update permission of credstore
| * TEST-02-UNITTESTS: reuse $TEST_MATCH_SUBTEST to specify unit tests to be runYu Watanabe2024-10-221-8/+10
| | | | | | | | Then, we can easily test specific unit tests in qemu or container.
* | Revert "TEST-55-OOMD: workaround for kernel regression in 6.12-rcX"Yu Watanabe2024-10-241-18/+3
| | | | | | | | | | | | | | | | | | This reverts commit 88bbf187a9b2ebe0732caa1e886616ae5f8186da. The kernel regression has been hopefully fixed by https://github.com/torvalds/linux/commit/c6508124193d42bbc3224571eb75bfa4c1821fbb which is included in 6.12-rc4. Let's drop the workaround.
* | core/namespace: honor MountEntry.read_only, .options, and so on in static ↵Yu Watanabe2024-10-231-2/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | entries Otherwise, ProtectHome=tmpfs makes /home/ and friends not read-only. Also, mount options for /run/ specified in MountAPIVFS=yes are not applied. The function append_static_mounts() was introduced in 5327c910d2fc1ae91bd0b891be92b30379c7467b, but at that time, there were neither .read_only nor .options in the struct. But, when later the struct is extended, the function was not updated and they were not copied from the static table. The fields has been used in static tables since e4da7d8c796a1fd11ecfa80fb8a48eac9e823f06, and also in 94293d65cd4125347e21b3e423d0e245226b1be2. Fixes #34825.
* | TEST-55-OOMD: fix typoYu Watanabe2024-10-231-1/+1
| | | | | | | | Follow-up for 63d4c4271ca529f8357a84cbc075170fffdb3de8.
* | logind: add CanIdle + CanLock dbus properties to session objectLennart Poettering2024-10-221-0/+2
| | | | | | | | | | | | | | | | | | | | Clients should be able to know if the idle logic is available on a session without secondary knowledge about the session class. Let's hence expose a property for that. Similar for the screen lock concept. Fixes: #34844
* | resolved: validate noerror response for CNAMEsRonan Pigott2024-10-221-0/+2
|/ | | | | | | | | CNAME doesn't exist at the zone apex. When we get an unsigned noerror response to a direct query for a CNAME record, we don't yet know if this name is zone apex. We already request the correct DS record in this case, but previously skipped it at validation time, causing the answer to appear bogus. Make sure to also consider the DS record for the query name for negative replies.
* Merge pull request #34761 from ikruglov/ikruglov/io-systemd-Machine-GetAddressesLennart Poettering2024-10-221-1/+17
|\ | | | | machine: add Addresses, OSRelease, and UIDShift fields in varlink io.systemd.Machine.List output
| * machine: add tests for Addresses/OSRelease/UIDShift fields in ↵Ivan Kruglov2024-10-211-0/+16
| | | | | | | | io.systemd.Machine.List output
| * machine: use AcquireMetadata in io.systemd.MachineImage.List methodIvan Kruglov2024-10-211-1/+1
| |
* | Merge pull request #30952 from rpigott/resolved-dnrLennart Poettering2024-10-224-0/+101
|\ \ | | | | | | RFC9463: Discovery of Network-designated Resolvers
| * | test/fuzz: add dnr packetsRonan Pigott2024-10-213-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The structure of DNR options is considerably more complicated than most DHCP options, and as a result the fuzzer has poor coverage of these code paths. This adds some DNR packets to the fuzzing corpus, not with the intent of capturing some specific edge case, but with the intent to rapidly improve the fuzzers' coverage of these codepaths by giving it a valid example to begin with. Also include an ndisc router advert with a few Encrypted DNS options, for the same purpose.
| * | test-network: add DHCPv6 DNR testRonan Pigott2024-10-211-1/+33
| | | | | | | | | | | | Same as the DHCPv4 test.
| * | test-network: add test for DHCPv4 DNRRonan Pigott2024-10-211-0/+69
| | | | | | | | | | | | | | | This will test that networkd/resolved can understand the V4_DNR DHCP option.
* | | test: CET/EET are deprecated, use Europe/Berlin and KyivLuca Boccassi2024-10-213-6/+3
| | | | | | | | | | | | | | | The links moved to the legacy dataset so they won't be available by default, so stop using them and just use the city ones instead
* | | Merge pull request #34628 from DaanDeMeyer/measureDaan De Meyer2024-10-213-43/+27
|\ \ \ | |_|/ |/| | Rework TEST-86-MULTI-PROFILE-UKI + associated bugfixes
| * | Rework TEST-86-MULTI-PROFILE-UKIDaan De Meyer2024-10-212-41/+25
| | | | | | | | | | | | | | | | | | Now that mkosi supports generating UKI profiles, let's make use of that to generate the UKI profiles required for the test instead of doing it within the test itself.
| * | TEST-70-TPM2: Disable public key enrollment explicitlyDaan De Meyer2024-10-211-2/+2
| | | | | | | | | | | | | | | | | | | | | Otherwise, when the test is executed on a system with signed PCRs, cryptenroll will automatically pick up the public key from the UKI which results in a volume that can't be unlocked because the pcrextend tests appends extra things to pcr 11.
* | | Merge pull request #34787 from yuwata/core-ip-address-allow-denyLennart Poettering2024-10-212-2/+86
|\ \ \ | | | | | | | | core/cgroup: fix IPAddressAllow=/IPAddressDeny= set through DBus
| * | | TEST-19-CGROUP: add test cases for IPAddressAllow=/IPAddressDeny=Yu Watanabe2024-10-162-2/+86
| | | |
* | | | Merge pull request #33398 from AdrianVovk/sysupdate-optionalLennart Poettering2024-10-211-8/+64
|\ \ \ \ | | | | | | | | | | sysupdate: Add support for optional features
| * | | | sysupdate: Add verb to inspect featuresAdrian Vovk2024-10-181-0/+2
| | | | |
| * | | | sysupdate: Add tests for optional featuresAdrian Vovk2024-10-181-8/+62
| | | | | | | | | | | | | | | | | | | | Makes sure we don't regress on #33343 and #33344
* | | | | Merge pull request #34667 from rpigott/resolved-bypassLennart Poettering2024-10-211-1/+10
|\ \ \ \ \ | |_|_|/ / |/| | | | resolve: fixes for sd-resolved bypass
| * | | | test: exercise bypass mode on the sd-resolved stubRonan Pigott2024-10-191-1/+10
| | | | | | | | | | | | | | | | | | | | A basic test will verify that we provide the right flags.
* | | | | TEST-55-OOMD: workaround for kernel regression in 6.12-rcXYu Watanabe2024-10-191-3/+18
| |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This ignore failures when running on kernel-6.12-rcX, which has a regression in the kernel scheduler that breaks PSI. From https://github.com/systemd/systemd/issues/32730#issuecomment-2415312260 > There is a known scheduler bug in 6.12 that breaks psi. It leaks > "running tasks" counts, which matches your symptoms of seeing partial > pressure only. > > Do you see "inconsistent task state" warnings in dmesg | grep psi? > > A fix is queued in the scheduler tree, should be sent to Linus shortly: > https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=c6508124193d42bbc3224571eb75bfa4c1821fbb Workaround for #32730.
* | | | test: customize /etc/os-release instead of /usr/lib/os-releaseLuca Boccassi2024-10-181-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | As per spec image builders can create a local /etc/os-release with per-image IDs, so modify that one instead of the original one in /usr/lib. For example we do this when we build debian unstable images in mkosi.
* | | | Merge pull request #34597 from ryantimwilson/oomd-pressure-durationYu Watanabe2024-10-172-1/+82
|\ \ \ \ | | | | | | | | | | Add ManagedOOMMemoryPressureDurationSec override setting for units
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 03:23:21 +0100