test: add test suite for new credentials logic

2020-08-11 17:08:41 +02:00 · 2020-08-11 17:08:41 +02:00 · 30dd9f7391
parent b0d29bfdfd
commit 30dd9f7391
4 changed files with 46 additions and 0 deletions
--- a/test/TEST-54-CREDS/Makefile
+++ b/test/TEST-54-CREDS/Makefile
@ -0,0 +1 @@
+../TEST-01-BASIC/Makefile
--- a/test/TEST-54-CREDS/test.sh
+++ b/test/TEST-54-CREDS/test.sh
@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+set -e
+TEST_DESCRIPTION="test credentials"
+
+. $TEST_BASE_DIR/test-functions
+
+do_test "$@" 54
--- a/test/units/testsuite-54.service
+++ b/test/units/testsuite-54.service
@ -0,0 +1,7 @@
+[Unit]
+Description=TESTSUITE-54-CREDS
+
+[Service]
+ExecStartPre=rm -f /failed /testok
+ExecStart=/usr/lib/systemd/tests/testdata/units/%N.sh
+Type=oneshot
--- a/test/units/testsuite-54.sh
+++ b/test/units/testsuite-54.sh
@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+set -ex
+
+systemd-analyze log-level debug
+
+# Verify that the creds are properly loaded and we can read them from the service's unpriv user
+systemd-run -p LoadCredential=passwd:/etc/passwd \
+            -p LoadCredential=shadow:/etc/shadow \
+            -p SetCredential=dog:wuff \
+            -p DynamicUser=1 \
+            --wait \
+            --pipe \
+            cat '${CREDENTIALS_DIRECTORY}/passwd' '${CREDENTIALS_DIRECTORY}/shadow' '${CREDENTIALS_DIRECTORY}/dog' > /tmp/ts54-concat
+( cat /etc/passwd /etc/shadow && echo -n wuff ) | cmp /tmp/ts54-concat
+rm /tmp/ts54-concat
+
+# Verify that the creds are immutable
+! systemd-run -p LoadCredential=passwd:/etc/passwd \
+            -p DynamicUser=1 \
+            --wait \
+            touch '${CREDENTIALS_DIRECTORY}/passwd'
+! systemd-run -p LoadCredential=passwd:/etc/passwd \
+            -p DynamicUser=1 \
+            --wait \
+            rm '${CREDENTIALS_DIRECTORY}/passwd'
+
+systemd-analyze log-level info
+
+echo OK > /testok
+
+exit 0