vuls: init at 0.27.0
[NixPkgs.git] / nixos / tests / locate.nix
blobe8ba41812a8f56a184c9c3d75b927a599222f3df
1 import ./make-test-python.nix ({ lib, pkgs, ... }:
2   let inherit (import ./ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey;
3   in {
4     name = "locate";
5     meta.maintainers = with pkgs.lib.maintainers; [ chkno ];
7     nodes = rec {
8       a = {
9         environment.systemPackages = with pkgs; [ sshfs ];
10         virtualisation.fileSystems = {
11           "/ssh" = {
12             device = "alice@b:/";
13             fsType = "fuse.sshfs";
14             options = [
15               "allow_other"
16               "IdentityFile=/privkey"
17               "noauto"
18               "StrictHostKeyChecking=no"
19               "UserKnownHostsFile=/dev/null"
20             ];
21           };
22         };
23         services.locate = {
24           enable = true;
25           interval = "*:*:0/5";
26         };
27       };
28       b = {
29         services.openssh.enable = true;
30         users.users.alice = {
31           isNormalUser = true;
32           openssh.authorizedKeys.keys = [ snakeOilPublicKey ];
33         };
34       };
35     };
37     testScript = ''
38       start_all()
40       # Set up sshfs mount
41       a.succeed(
42           "(umask 077; cat ${snakeOilPrivateKey} > /privkey)"
43       )
44       b.succeed("touch /file-on-b-machine")
45       b.wait_for_open_port(22)
46       a.succeed("mkdir /ssh")
47       a.succeed("mount /ssh")
49       # Core locatedb functionality
50       a.succeed("touch /file-on-a-machine-1")
51       a.wait_for_file("/var/cache/locatedb")
52       a.wait_until_succeeds("locate file-on-a-machine-1")
54       # Wait for a second update to make sure we're using a locatedb from a run
55       # that began after the sshfs mount
56       a.succeed("touch /file-on-a-machine-2")
57       a.wait_until_succeeds("locate file-on-a-machine-2")
59       # We shouldn't be able to see files on the other machine
60       a.fail("locate file-on-b-machine")
61     '';
62   })