| blob | 4b087d403f37d98052d39ead061574a0617ac732 |
1 import ./make-test-python.nix ({ pkgs, ... }: {
2 name = "systemd";
4 nodes.machine = { config, lib, ... }: {
5 imports = [ common/user-account.nix common/x11.nix ];
7 virtualisation.emptyDiskImages = [ 512 512 ];
9 environment.systemPackages = [ pkgs.cryptsetup ];
11 virtualisation.fileSystems = {
12 "/test-x-initrd-mount" = {
13 device = "/dev/vdb";
14 fsType = "ext2";
15 autoFormat = true;
16 noCheck = true;
17 options = [ "x-initrd.mount" ];
18 };
19 };
21 systemd.extraConfig = "DefaultEnvironment=\"XXX_SYSTEM=foo\"";
22 systemd.user.extraConfig = "DefaultEnvironment=\"XXX_USER=bar\"";
23 services.journald.extraConfig = "Storage=volatile";
24 test-support.displayManager.auto.user = "alice";
26 systemd.shutdown.test = pkgs.writeScript "test.shutdown" ''
27 #!${pkgs.runtimeShell}
28 PATH=${lib.makeBinPath (with pkgs; [ util-linux coreutils ])}
29 mount -t 9p shared -o trans=virtio,version=9p2000.L /tmp/shared
30 touch /tmp/shared/shutdown-test
31 umount /tmp/shared
32 '';
34 systemd.services.oncalendar-test = {
35 description = "calendar test";
36 # Japan does not have DST which makes the test a little bit simpler
37 startAt = "Wed 10:00 Asia/Tokyo";
38 script = "true";
39 };
41 systemd.services.testDependency1 = {
42 description = "Test Dependency 1";
43 wantedBy = [ config.systemd.services."testservice1".name ];
44 serviceConfig.Type = "oneshot";
45 script = ''
46 true
47 '';
48 };
50 systemd.services.testservice1 = {
51 description = "Test Service 1";
52 wantedBy = [ config.systemd.targets.multi-user.name ];
53 serviceConfig.Type = "oneshot";
54 script = ''
55 if [ "$XXX_SYSTEM" = foo ]; then
56 touch /system_conf_read
57 fi
58 '';
59 };
61 systemd.user.services.testservice2 = {
62 description = "Test Service 2";
63 wantedBy = [ "default.target" ];
64 serviceConfig.Type = "oneshot";
65 script = ''
66 if [ "$XXX_USER" = bar ]; then
67 touch "$HOME/user_conf_read"
68 fi
69 '';
70 };
72 systemd.watchdog = {
73 device = "/dev/watchdog";
74 runtimeTime = "30s";
75 rebootTime = "10min";
76 kexecTime = "5min";
77 };
78 };
80 testScript = ''
81 import re
82 import subprocess
84 machine.wait_for_x()
85 # wait for user services
86 machine.wait_for_unit("default.target", "alice")
88 with subtest("systemctl edit suggests --runtime"):
89 # --runtime is suggested when using `systemctl edit`
90 ret, out = machine.execute("systemctl edit testservice1.service 2>&1")
91 assert ret == 1
92 assert out.rstrip("\n") == "The unit-directory '/etc/systemd/system' is read-only on NixOS, so it's not possible to edit system-units directly. Use 'systemctl edit --runtime' instead."
93 # editing w/o `--runtime` is possible for user-services, however
94 # it's not possible because we're not in a tty when grepping
95 # (i.e. hacky way to ensure that the error from above doesn't appear here).
96 _, out = machine.execute("systemctl --user edit testservice2.service 2>&1")
97 assert out.rstrip("\n") == "Cannot edit units if not on a tty."
99 # Regression test for https://github.com/NixOS/nixpkgs/issues/105049
100 with subtest("systemd reads timezone database in /etc/zoneinfo"):
101 timer = machine.succeed("TZ=UTC systemctl show --property=TimersCalendar oncalendar-test.timer")
102 assert re.search("next_elapse=Wed ....-..-.. 01:00:00 UTC", timer), f"got {timer.strip()}"
104 # Regression test for https://github.com/NixOS/nixpkgs/issues/35415
105 with subtest("configuration files are recognized by systemd"):
106 machine.succeed("test -e /system_conf_read")
107 machine.succeed("test -e /home/alice/user_conf_read")
108 machine.succeed("test -z $(ls -1 /var/log/journal)")
110 with subtest("regression test for https://bugs.freedesktop.org/show_bug.cgi?id=77507"):
111 retcode, output = machine.execute("systemctl status testservice1.service")
112 assert retcode in [0, 3] # https://bugs.freedesktop.org/show_bug.cgi?id=77507
114 # Regression test for https://github.com/NixOS/nixpkgs/issues/35268
115 with subtest("file system with x-initrd.mount is not unmounted"):
116 machine.succeed("mountpoint -q /test-x-initrd-mount")
117 machine.shutdown()
119 subprocess.check_call(
120 [
121 "qemu-img",
122 "convert",
123 "-O",
124 "raw",
125 "vm-state-machine/empty0.qcow2",
126 "x-initrd-mount.raw",
127 ]
128 )
129 extinfo = subprocess.check_output(
130 [
131 "${pkgs.e2fsprogs}/bin/dumpe2fs",
132 "x-initrd-mount.raw",
133 ]
134 ).decode("utf-8")
135 assert (
136 re.search(r"^Filesystem state: *clean$", extinfo, re.MULTILINE) is not None
137 ), ("File system was not cleanly unmounted: " + extinfo)
139 # Regression test for https://github.com/NixOS/nixpkgs/pull/91232
140 with subtest("setting transient hostnames works"):
141 machine.succeed("hostnamectl set-hostname --transient machine-transient")
142 machine.fail("hostnamectl set-hostname machine-all")
144 with subtest("systemd-shutdown works"):
145 machine.shutdown()
146 machine.wait_for_unit("multi-user.target")
147 machine.succeed("test -e /tmp/shared/shutdown-test")
149 # Test settings from /etc/sysctl.d/50-default.conf are applied
150 with subtest("systemd sysctl settings are applied"):
151 machine.wait_for_unit("multi-user.target")
152 assert "fq_codel" in machine.succeed("sysctl net.core.default_qdisc")
154 # Test systemd is configured to manage a watchdog
155 with subtest("systemd manages hardware watchdog"):
156 machine.wait_for_unit("multi-user.target")
158 # It seems that the device's path doesn't appear in 'systemctl show' so
159 # check it separately.
160 assert "WatchdogDevice=/dev/watchdog" in machine.succeed(
161 "cat /etc/systemd/system.conf"
162 )
164 output = machine.succeed("systemctl show | grep Watchdog")
165 # assert "RuntimeWatchdogUSec=30s" in output
166 # for some reason RuntimeWatchdogUSec, doesn't seem to be updated in here.
167 assert "RebootWatchdogUSec=10min" in output
168 assert "KExecWatchdogUSec=5min" in output
170 # Test systemd cryptsetup support
171 with subtest("systemd successfully reads /etc/crypttab and unlocks volumes"):
172 # create a luks volume and put a filesystem on it
173 machine.succeed(
174 "echo -n supersecret | cryptsetup luksFormat -q /dev/vdc -",
175 "echo -n supersecret | cryptsetup luksOpen --key-file - /dev/vdc foo",
176 "mkfs.ext3 /dev/mapper/foo",
177 )
179 # create a keyfile and /etc/crypttab
180 machine.succeed("echo -n supersecret > /var/lib/luks-keyfile")
181 machine.succeed("chmod 600 /var/lib/luks-keyfile")
182 machine.succeed("echo 'luks1 /dev/vdc /var/lib/luks-keyfile luks' > /etc/crypttab")
184 # after a reboot, systemd should unlock the volume and we should be able to mount it
185 machine.shutdown()
186 machine.succeed("systemctl status systemd-cryptsetup@luks1.service")
187 machine.succeed("mkdir -p /tmp/luks1")
188 machine.succeed("mount /dev/mapper/luks1 /tmp/luks1")
190 # Do some IP traffic
191 output_ping = machine.succeed(
192 "systemd-run --wait -- ping -c 1 127.0.0.1 2>&1"
193 )
195 with subtest("systemd reports accounting data on system.slice"):
196 output = machine.succeed("systemctl status system.slice")
197 assert "CPU:" in output
198 assert "Memory:" in output
200 assert "IP:" in output
201 assert "0B in, 0B out" not in output
203 assert "IO:" in output
204 assert "0B read, 0B written" not in output
206 with subtest("systemd per-unit accounting works"):
207 assert "IP traffic received: 84B" in output_ping
208 assert "IP traffic sent: 84B" in output_ping
210 with subtest("systemd environment is properly set"):
211 machine.systemctl("daemon-reexec") # Rewrites /proc/1/environ
212 machine.succeed("grep -q TZDIR=/etc/zoneinfo /proc/1/environ")
213 '';
214 })