2017-11-18 17:09:20 +01:00
|
|
|
/* SPDX-License-Identifier: LGPL-2.1+ */
|
2014-08-16 14:19:10 +02:00
|
|
|
/***
|
|
|
|
This file is part of systemd
|
|
|
|
|
|
|
|
Copyright 2014 Ronny Chevalier
|
|
|
|
***/
|
|
|
|
|
2017-04-09 01:32:13 +02:00
|
|
|
#include <stdio.h>
|
|
|
|
#include <sys/types.h>
|
core,udev,networkd: add ConditionKernelVersion=
This adds a simple condition/assert/match to the service manager, to
udev's .link handling and to networkd, for matching the kernel version
string.
In this version we only do fnmatch() based globbing, but we might want
to extend that to version comparisons later on, if we like, by slightly
extending the syntax with ">=", "<=", ">", "<" and "==" expressions.
2017-12-13 20:34:13 +01:00
|
|
|
#include <sys/utsname.h>
|
2017-04-09 01:32:13 +02:00
|
|
|
#include <unistd.h>
|
|
|
|
|
2014-11-06 01:40:37 +01:00
|
|
|
#include "sd-id128.h"
|
2015-10-24 22:58:24 +02:00
|
|
|
|
2015-10-27 03:01:06 +01:00
|
|
|
#include "alloc-util.h"
|
2015-10-24 22:58:24 +02:00
|
|
|
#include "apparmor-util.h"
|
|
|
|
#include "architecture.h"
|
2015-10-26 23:32:16 +01:00
|
|
|
#include "audit-util.h"
|
2017-12-18 08:53:29 +01:00
|
|
|
#include "cgroup-util.h"
|
2017-12-20 18:13:23 +01:00
|
|
|
#include "condition.h"
|
2015-10-24 22:58:24 +02:00
|
|
|
#include "hostname-util.h"
|
2016-07-27 23:19:37 +02:00
|
|
|
#include "id128-util.h"
|
2014-12-11 18:30:37 +01:00
|
|
|
#include "ima-util.h"
|
2015-10-24 22:58:24 +02:00
|
|
|
#include "log.h"
|
|
|
|
#include "macro.h"
|
|
|
|
#include "selinux-util.h"
|
2017-12-18 08:53:29 +01:00
|
|
|
#include "set.h"
|
2014-12-11 18:30:37 +01:00
|
|
|
#include "smack-util.h"
|
core,udev,networkd: add ConditionKernelVersion=
This adds a simple condition/assert/match to the service manager, to
udev's .link handling and to networkd, for matching the kernel version
string.
In this version we only do fnmatch() based globbing, but we might want
to extend that to version comparisons later on, if we like, by slightly
extending the syntax with ">=", "<=", ">", "<" and "==" expressions.
2017-12-13 20:34:13 +01:00
|
|
|
#include "string-util.h"
|
2016-10-22 04:56:58 +02:00
|
|
|
#include "strv.h"
|
2017-04-09 01:32:13 +02:00
|
|
|
#include "user-util.h"
|
core,udev,networkd: add ConditionKernelVersion=
This adds a simple condition/assert/match to the service manager, to
udev's .link handling and to networkd, for matching the kernel version
string.
In this version we only do fnmatch() based globbing, but we might want
to extend that to version comparisons later on, if we like, by slightly
extending the syntax with ">=", "<=", ">", "<" and "==" expressions.
2017-12-13 20:34:13 +01:00
|
|
|
#include "util.h"
|
|
|
|
#include "virt.h"
|
2014-11-06 01:40:37 +01:00
|
|
|
|
2014-12-11 18:30:37 +01:00
|
|
|
static void test_condition_test_path(void) {
|
2014-11-06 01:40:37 +01:00
|
|
|
Condition *condition;
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_PATH_EXISTS, "/bin/sh", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 01:40:37 +01:00
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
2014-11-06 02:11:08 +01:00
|
|
|
condition = condition_new(CONDITION_PATH_EXISTS, "/bin/s?", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_PATH_EXISTS_GLOB, "/bin/s?", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_PATH_EXISTS_GLOB, "/bin/s?", false, true);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
2014-11-06 01:40:37 +01:00
|
|
|
condition = condition_new(CONDITION_PATH_EXISTS, "/thiscertainlywontexist", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 01:40:37 +01:00
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_PATH_EXISTS, "/thiscertainlywontexist", false, true);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 01:40:37 +01:00
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
|
|
|
|
condition = condition_new(CONDITION_PATH_IS_DIRECTORY, "/bin", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_DIRECTORY_NOT_EMPTY, "/bin", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_FILE_NOT_EMPTY, "/bin/sh", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_FILE_IS_EXECUTABLE, "/bin/sh", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_FILE_IS_EXECUTABLE, "/etc/passwd", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_PATH_IS_MOUNT_POINT, "/proc", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_PATH_IS_MOUNT_POINT, "/", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_PATH_IS_MOUNT_POINT, "/bin", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
2014-12-11 18:30:37 +01:00
|
|
|
|
|
|
|
condition = condition_new(CONDITION_PATH_IS_READ_WRITE, "/tmp", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-12-11 18:30:37 +01:00
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_PATH_IS_SYMBOLIC_LINK, "/dev/stdout", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-12-11 18:30:37 +01:00
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
2014-11-06 01:40:37 +01:00
|
|
|
}
|
2014-08-16 14:19:10 +02:00
|
|
|
|
2017-12-18 08:53:29 +01:00
|
|
|
static int test_condition_test_control_group_controller(void) {
|
|
|
|
Condition *condition;
|
|
|
|
CGroupMask system_mask;
|
|
|
|
CGroupController controller;
|
|
|
|
_cleanup_free_ char *controller_name = NULL;
|
|
|
|
int r;
|
|
|
|
|
|
|
|
r = cg_unified_flush();
|
|
|
|
if (r < 0) {
|
|
|
|
log_notice_errno(r, "Skipping ConditionControlGroupController tests: %m");
|
|
|
|
return EXIT_TEST_SKIP;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Invalid controllers are ignored */
|
|
|
|
condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, "thisisnotarealcontroller", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, "thisisnotarealcontroller", false, true);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
assert_se(cg_mask_supported(&system_mask) >= 0);
|
|
|
|
|
|
|
|
/* Individual valid controllers one by one */
|
|
|
|
for (controller = 0; controller < _CGROUP_CONTROLLER_MAX; controller++) {
|
|
|
|
const char *local_controller_name = cgroup_controller_to_string(controller);
|
|
|
|
log_info("chosen controller is '%s'", local_controller_name);
|
|
|
|
if (system_mask & CGROUP_CONTROLLER_TO_MASK(controller)) {
|
|
|
|
log_info("this controller is available");
|
|
|
|
condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, local_controller_name, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, local_controller_name, false, true);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
} else {
|
|
|
|
log_info("this controller is unavailable");
|
|
|
|
condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, local_controller_name, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, local_controller_name, false, true);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Multiple valid controllers at the same time */
|
|
|
|
assert_se(cg_mask_to_string(system_mask, &controller_name) >= 0);
|
|
|
|
|
2017-12-20 18:13:23 +01:00
|
|
|
condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, strempty(controller_name), false, false);
|
2017-12-18 08:53:29 +01:00
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
2017-12-20 18:13:23 +01:00
|
|
|
condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, strempty(controller_name), false, true);
|
2017-12-18 08:53:29 +01:00
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
return EXIT_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2014-08-16 14:19:10 +02:00
|
|
|
static void test_condition_test_ac_power(void) {
|
|
|
|
Condition *condition;
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_AC_POWER, "true", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 01:40:37 +01:00
|
|
|
assert_se(condition_test(condition) == on_ac_power());
|
2014-08-16 14:19:10 +02:00
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_AC_POWER, "false", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 01:40:37 +01:00
|
|
|
assert_se(condition_test(condition) != on_ac_power());
|
2014-08-16 14:19:10 +02:00
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_AC_POWER, "false", false, true);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 01:40:37 +01:00
|
|
|
assert_se(condition_test(condition) == on_ac_power());
|
2014-08-16 14:19:10 +02:00
|
|
|
condition_free(condition);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void test_condition_test_host(void) {
|
2016-08-19 16:00:51 +02:00
|
|
|
_cleanup_free_ char *hostname = NULL;
|
|
|
|
char sid[SD_ID128_STRING_MAX];
|
2014-08-16 14:19:10 +02:00
|
|
|
Condition *condition;
|
|
|
|
sd_id128_t id;
|
|
|
|
int r;
|
|
|
|
|
|
|
|
r = sd_id128_get_machine(&id);
|
|
|
|
assert_se(r >= 0);
|
|
|
|
assert_se(sd_id128_to_string(id, sid));
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_HOST, sid, false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 01:40:37 +01:00
|
|
|
assert_se(condition_test(condition));
|
2014-08-16 14:19:10 +02:00
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_HOST, "garbage value jjjjjjjjjjjjjj", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 01:40:37 +01:00
|
|
|
assert_se(!condition_test(condition));
|
2014-08-16 14:19:10 +02:00
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_HOST, sid, false, true);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 01:40:37 +01:00
|
|
|
assert_se(!condition_test(condition));
|
2014-08-16 14:19:10 +02:00
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
hostname = gethostname_malloc();
|
|
|
|
assert_se(hostname);
|
|
|
|
|
2016-07-27 23:19:37 +02:00
|
|
|
/* if hostname looks like an id128 then skip testing it */
|
2016-08-01 04:01:43 +02:00
|
|
|
if (id128_is_valid(hostname))
|
2016-07-27 23:19:37 +02:00
|
|
|
log_notice("hostname is an id128, skipping test");
|
2016-08-01 04:01:43 +02:00
|
|
|
else {
|
2016-07-27 23:19:37 +02:00
|
|
|
condition = condition_new(CONDITION_HOST, hostname, false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2016-07-27 23:19:37 +02:00
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
}
|
2014-08-16 14:19:10 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
static void test_condition_test_architecture(void) {
|
|
|
|
Condition *condition;
|
|
|
|
const char *sa;
|
2014-11-06 00:49:44 +01:00
|
|
|
int a;
|
2014-08-16 14:19:10 +02:00
|
|
|
|
|
|
|
a = uname_architecture();
|
|
|
|
assert_se(a >= 0);
|
|
|
|
|
|
|
|
sa = architecture_to_string(a);
|
|
|
|
assert_se(sa);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_ARCHITECTURE, sa, false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2016-07-01 00:56:23 +02:00
|
|
|
assert_se(condition_test(condition) > 0);
|
2014-08-16 14:19:10 +02:00
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_ARCHITECTURE, "garbage value", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2016-07-01 00:56:23 +02:00
|
|
|
assert_se(condition_test(condition) == 0);
|
2014-08-16 14:19:10 +02:00
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_ARCHITECTURE, sa, false, true);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2016-07-01 00:56:23 +02:00
|
|
|
assert_se(condition_test(condition) == 0);
|
2014-08-16 14:19:10 +02:00
|
|
|
condition_free(condition);
|
|
|
|
}
|
|
|
|
|
2014-11-05 19:43:55 +01:00
|
|
|
static void test_condition_test_kernel_command_line(void) {
|
|
|
|
Condition *condition;
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_COMMAND_LINE, "thisreallyshouldntbeonthekernelcommandline", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 01:40:37 +01:00
|
|
|
assert_se(!condition_test(condition));
|
2014-11-05 19:43:55 +01:00
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_COMMAND_LINE, "andthis=neither", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 01:40:37 +01:00
|
|
|
assert_se(!condition_test(condition));
|
2014-11-05 19:43:55 +01:00
|
|
|
condition_free(condition);
|
|
|
|
}
|
|
|
|
|
core,udev,networkd: add ConditionKernelVersion=
This adds a simple condition/assert/match to the service manager, to
udev's .link handling and to networkd, for matching the kernel version
string.
In this version we only do fnmatch() based globbing, but we might want
to extend that to version comparisons later on, if we like, by slightly
extending the syntax with ">=", "<=", ">", "<" and "==" expressions.
2017-12-13 20:34:13 +01:00
|
|
|
static void test_condition_test_kernel_version(void) {
|
|
|
|
Condition *condition;
|
|
|
|
struct utsname u;
|
2017-12-23 15:02:58 +01:00
|
|
|
const char *v;
|
core,udev,networkd: add ConditionKernelVersion=
This adds a simple condition/assert/match to the service manager, to
udev's .link handling and to networkd, for matching the kernel version
string.
In this version we only do fnmatch() based globbing, but we might want
to extend that to version comparisons later on, if we like, by slightly
extending the syntax with ">=", "<=", ">", "<" and "==" expressions.
2017-12-13 20:34:13 +01:00
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, "*thisreallyshouldntbeinthekernelversion*", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, "*", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, "", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
assert_se(uname(&u) >= 0);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, u.release, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
strshorten(u.release, 4);
|
|
|
|
strcpy(strchr(u.release, 0), "*");
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, u.release, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
2017-12-23 15:02:58 +01:00
|
|
|
|
|
|
|
/* 0.1.2 would be a very very very old kernel */
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, "> 0.1.2", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, ">= 0.1.2", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, "< 0.1.2", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, "<= 0.1.2", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, "= 0.1.2", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
/* 4711.8.15 is a very very very future kernel */
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, "< 4711.8.15", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, "<= 4711.8.15", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, "= 4711.8.15", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, "> 4711.8.15", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, ">= 4711.8.15", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
assert_se(uname(&u) >= 0);
|
|
|
|
|
|
|
|
v = strjoina(">=", u.release);
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, v, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
v = strjoina("= ", u.release);
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, v, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
v = strjoina("<=", u.release);
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, v, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
v = strjoina("> ", u.release);
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, v, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
v = strjoina("< ", u.release);
|
|
|
|
condition = condition_new(CONDITION_KERNEL_VERSION, v, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
core,udev,networkd: add ConditionKernelVersion=
This adds a simple condition/assert/match to the service manager, to
udev's .link handling and to networkd, for matching the kernel version
string.
In this version we only do fnmatch() based globbing, but we might want
to extend that to version comparisons later on, if we like, by slightly
extending the syntax with ">=", "<=", ">", "<" and "==" expressions.
2017-12-13 20:34:13 +01:00
|
|
|
}
|
|
|
|
|
2014-11-06 02:11:08 +01:00
|
|
|
static void test_condition_test_null(void) {
|
|
|
|
Condition *condition;
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_NULL, NULL, false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
assert_se(condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_NULL, NULL, false, true);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-11-06 02:11:08 +01:00
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
}
|
|
|
|
|
2014-12-11 18:30:37 +01:00
|
|
|
static void test_condition_test_security(void) {
|
|
|
|
Condition *condition;
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_SECURITY, "garbage oifdsjfoidsjoj", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-12-11 18:30:37 +01:00
|
|
|
assert_se(!condition_test(condition));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_SECURITY, "selinux", false, true);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2017-05-02 18:42:19 +02:00
|
|
|
assert_se(condition_test(condition) != mac_selinux_use());
|
2014-12-11 18:30:37 +01:00
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_SECURITY, "ima", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-12-11 18:30:37 +01:00
|
|
|
assert_se(condition_test(condition) == use_ima());
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_SECURITY, "apparmor", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-12-11 18:30:37 +01:00
|
|
|
assert_se(condition_test(condition) == mac_apparmor_use());
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_SECURITY, "smack", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-12-11 18:30:37 +01:00
|
|
|
assert_se(condition_test(condition) == mac_smack_use());
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_SECURITY, "audit", false, false);
|
2016-08-19 16:00:51 +02:00
|
|
|
assert_se(condition);
|
2014-12-11 18:30:37 +01:00
|
|
|
assert_se(condition_test(condition) == use_audit());
|
|
|
|
condition_free(condition);
|
|
|
|
}
|
|
|
|
|
2016-10-22 04:56:58 +02:00
|
|
|
static void test_condition_test_virtualization(void) {
|
|
|
|
Condition *condition;
|
|
|
|
const char *virt;
|
|
|
|
int r;
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_VIRTUALIZATION, "garbage oifdsjfoidsjoj", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionVirtualization=garbage → %i", r);
|
|
|
|
assert_se(r == 0);
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_VIRTUALIZATION, "container", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionVirtualization=container → %i", r);
|
|
|
|
assert_se(r == !!detect_container());
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_VIRTUALIZATION, "vm", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionVirtualization=vm → %i", r);
|
|
|
|
assert_se(r == (detect_vm() && !detect_container()));
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_VIRTUALIZATION, "private-users", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionVirtualization=private-users → %i", r);
|
|
|
|
assert_se(r == !!running_in_userns());
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
NULSTR_FOREACH(virt,
|
|
|
|
"kvm\0"
|
|
|
|
"qemu\0"
|
|
|
|
"bochs\0"
|
|
|
|
"xen\0"
|
|
|
|
"uml\0"
|
|
|
|
"vmware\0"
|
|
|
|
"oracle\0"
|
|
|
|
"microsoft\0"
|
|
|
|
"zvm\0"
|
|
|
|
"parallels\0"
|
|
|
|
"bhyve\0"
|
|
|
|
"vm_other\0") {
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_VIRTUALIZATION, virt, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionVirtualization=%s → %i", virt, r);
|
|
|
|
assert_se(r >= 0);
|
|
|
|
condition_free(condition);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-04-09 01:32:13 +02:00
|
|
|
static void test_condition_test_user(void) {
|
|
|
|
Condition *condition;
|
|
|
|
char* uid;
|
|
|
|
char* username;
|
|
|
|
int r;
|
|
|
|
|
|
|
|
condition = condition_new(CONDITION_USER, "garbage oifdsjfoidsjoj", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionUser=garbage → %i", r);
|
|
|
|
assert_se(r == 0);
|
|
|
|
condition_free(condition);
|
|
|
|
|
|
|
|
assert_se(asprintf(&uid, "%"PRIu32, UINT32_C(0xFFFF)) > 0);
|
|
|
|
condition = condition_new(CONDITION_USER, uid, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionUser=%s → %i", uid, r);
|
|
|
|
assert_se(r == 0);
|
|
|
|
condition_free(condition);
|
|
|
|
free(uid);
|
|
|
|
|
|
|
|
assert_se(asprintf(&uid, "%u", (unsigned)getuid()) > 0);
|
|
|
|
condition = condition_new(CONDITION_USER, uid, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionUser=%s → %i", uid, r);
|
|
|
|
assert_se(r > 0);
|
|
|
|
condition_free(condition);
|
|
|
|
free(uid);
|
|
|
|
|
|
|
|
assert_se(asprintf(&uid, "%u", (unsigned)getuid()+1) > 0);
|
|
|
|
condition = condition_new(CONDITION_USER, uid, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionUser=%s → %i", uid, r);
|
|
|
|
assert_se(r == 0);
|
|
|
|
condition_free(condition);
|
|
|
|
free(uid);
|
|
|
|
|
|
|
|
username = getusername_malloc();
|
|
|
|
assert_se(username);
|
|
|
|
condition = condition_new(CONDITION_USER, username, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionUser=%s → %i", username, r);
|
|
|
|
assert_se(r > 0);
|
|
|
|
condition_free(condition);
|
|
|
|
free(username);
|
|
|
|
|
|
|
|
username = (char*)(geteuid() == 0 ? NOBODY_USER_NAME : "root");
|
|
|
|
condition = condition_new(CONDITION_USER, username, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionUser=%s → %i", username, r);
|
|
|
|
assert_se(r == 0);
|
|
|
|
condition_free(condition);
|
2017-05-19 04:12:14 +02:00
|
|
|
|
|
|
|
condition = condition_new(CONDITION_USER, "@system", false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionUser=@system → %i", r);
|
2017-12-02 12:59:21 +01:00
|
|
|
if (uid_is_system(getuid()) || uid_is_system(geteuid()))
|
2017-05-19 04:12:14 +02:00
|
|
|
assert_se(r > 0);
|
|
|
|
else
|
|
|
|
assert_se(r == 0);
|
|
|
|
condition_free(condition);
|
2017-04-09 01:32:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
static void test_condition_test_group(void) {
|
|
|
|
Condition *condition;
|
|
|
|
char* gid;
|
|
|
|
char* groupname;
|
|
|
|
gid_t *gids, max_gid;
|
2017-08-06 01:25:19 +02:00
|
|
|
int ngroups_max, ngroups, r, i;
|
2017-04-09 01:32:13 +02:00
|
|
|
|
|
|
|
assert_se(0 < asprintf(&gid, "%u", UINT32_C(0xFFFF)));
|
|
|
|
condition = condition_new(CONDITION_GROUP, gid, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionGroup=%s → %i", gid, r);
|
|
|
|
assert_se(r == 0);
|
|
|
|
condition_free(condition);
|
|
|
|
free(gid);
|
|
|
|
|
|
|
|
assert_se(0 < asprintf(&gid, "%u", getgid()));
|
|
|
|
condition = condition_new(CONDITION_GROUP, gid, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionGroup=%s → %i", gid, r);
|
|
|
|
assert_se(r > 0);
|
|
|
|
condition_free(condition);
|
|
|
|
free(gid);
|
|
|
|
|
|
|
|
ngroups_max = sysconf(_SC_NGROUPS_MAX);
|
|
|
|
assert(ngroups_max > 0);
|
|
|
|
|
|
|
|
gids = alloca(sizeof(gid_t) * ngroups_max);
|
|
|
|
|
2017-08-06 01:25:19 +02:00
|
|
|
ngroups = getgroups(ngroups_max, gids);
|
|
|
|
assert(ngroups >= 0);
|
2017-04-09 01:32:13 +02:00
|
|
|
|
|
|
|
max_gid = getgid();
|
2017-08-06 01:25:19 +02:00
|
|
|
for (i = 0; i < ngroups; i++) {
|
2017-04-09 01:32:13 +02:00
|
|
|
assert_se(0 < asprintf(&gid, "%u", gids[i]));
|
|
|
|
condition = condition_new(CONDITION_GROUP, gid, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionGroup=%s → %i", gid, r);
|
|
|
|
assert_se(r > 0);
|
|
|
|
condition_free(condition);
|
|
|
|
free(gid);
|
|
|
|
max_gid = gids[i] > max_gid ? gids[i] : max_gid;
|
|
|
|
|
|
|
|
groupname = gid_to_name(gids[i]);
|
|
|
|
assert_se(groupname);
|
|
|
|
condition = condition_new(CONDITION_GROUP, groupname, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionGroup=%s → %i", groupname, r);
|
|
|
|
assert_se(r > 0);
|
|
|
|
condition_free(condition);
|
|
|
|
free(groupname);
|
|
|
|
max_gid = gids[i] > max_gid ? gids[i] : max_gid;
|
|
|
|
}
|
|
|
|
|
|
|
|
assert_se(0 < asprintf(&gid, "%u", max_gid+1));
|
|
|
|
condition = condition_new(CONDITION_GROUP, gid, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionGroup=%s → %i", gid, r);
|
|
|
|
assert_se(r == 0);
|
|
|
|
condition_free(condition);
|
|
|
|
free(gid);
|
|
|
|
|
|
|
|
groupname = (char*)(geteuid() == 0 ? NOBODY_GROUP_NAME : "root");
|
|
|
|
condition = condition_new(CONDITION_GROUP, groupname, false, false);
|
|
|
|
assert_se(condition);
|
|
|
|
r = condition_test(condition);
|
|
|
|
log_info("ConditionGroup=%s → %i", groupname, r);
|
|
|
|
assert_se(r == 0);
|
|
|
|
condition_free(condition);
|
|
|
|
}
|
|
|
|
|
2014-08-16 14:19:10 +02:00
|
|
|
int main(int argc, char *argv[]) {
|
2016-10-22 04:56:58 +02:00
|
|
|
log_set_max_level(LOG_DEBUG);
|
2014-08-16 14:19:10 +02:00
|
|
|
log_parse_environment();
|
|
|
|
log_open();
|
|
|
|
|
2014-12-11 18:30:37 +01:00
|
|
|
test_condition_test_path();
|
2014-08-16 14:19:10 +02:00
|
|
|
test_condition_test_ac_power();
|
|
|
|
test_condition_test_host();
|
|
|
|
test_condition_test_architecture();
|
2014-11-05 19:43:55 +01:00
|
|
|
test_condition_test_kernel_command_line();
|
core,udev,networkd: add ConditionKernelVersion=
This adds a simple condition/assert/match to the service manager, to
udev's .link handling and to networkd, for matching the kernel version
string.
In this version we only do fnmatch() based globbing, but we might want
to extend that to version comparisons later on, if we like, by slightly
extending the syntax with ">=", "<=", ">", "<" and "==" expressions.
2017-12-13 20:34:13 +01:00
|
|
|
test_condition_test_kernel_version();
|
2014-11-06 02:11:08 +01:00
|
|
|
test_condition_test_null();
|
2014-12-11 18:30:37 +01:00
|
|
|
test_condition_test_security();
|
2016-10-22 04:56:58 +02:00
|
|
|
test_condition_test_virtualization();
|
2017-04-09 01:32:13 +02:00
|
|
|
test_condition_test_user();
|
|
|
|
test_condition_test_group();
|
2017-12-18 08:53:29 +01:00
|
|
|
test_condition_test_control_group_controller();
|
2014-08-16 14:19:10 +02:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|