]>
Commit | Line | Data |
---|---|---|
30dd9f73 | 1 | #!/usr/bin/env bash |
7b3cec95 | 2 | # SPDX-License-Identifier: LGPL-2.1-or-later |
30dd9f73 | 3 | set -e |
3f161ba9 | 4 | |
30dd9f73 | 5 | TEST_DESCRIPTION="test credentials" |
a0f4426d LP |
6 | |
7 | NSPAWN_CREDS=( | |
8 | "--set-credential=mynspawncredential:strangevalue" | |
9 | ) | |
10 | NSPAWN_ARGUMENTS="${NSPAWN_ARGUMENTS:-} ${NSPAWN_CREDS[*]}" | |
11 | ||
8595f578 DDM |
12 | UNIT_CRED=$(base64 -w 0 <<EOF |
13 | [Service] | |
14 | Type=oneshot | |
15 | ExecStart=touch /tmp/unit-cred | |
16 | EOF | |
17 | ) | |
18 | DROPIN_CRED=$(base64 -w 0 <<EOF | |
19 | [Service] | |
20 | ExecStart= | |
21 | ExecStart=touch /tmp/unit-dropin | |
22 | EOF | |
23 | ) | |
24 | ||
a0f4426d LP |
25 | QEMU_CREDS=( |
26 | "-fw_cfg name=opt/io.systemd.credentials/myqemucredential,string=othervalue" | |
27 | "-smbios type=11,value=io.systemd.credential:smbioscredential=magicdata" | |
28 | "-smbios type=11,value=io.systemd.credential.binary:binarysmbioscredential=bWFnaWNiaW5hcnlkYXRh" | |
29 | "-smbios type=11,value=io.systemd.credential.binary:sysusers.extra=dSBjcmVkdGVzdHVzZXIK" | |
30 | "-smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=ZiAvdG1wL3NvdXJjZWRmcm9tY3JlZGVudGlhbCAtIC0gLSAtIHRtcGZpbGVzc2VjcmV0Cg==" | |
51235f2f | 31 | "-smbios type=11,value=io.systemd.credential.binary:fstab.extra=aW5qZWN0ZWQgL2luamVjdGVkIHRtcGZzIFgtbW91bnQubWtkaXIgMCAwCg==" |
53888c33 | 32 | "-smbios type=11,value=io.systemd.credential:getty.ttys.container=idontexist" |
8595f578 DDM |
33 | "-smbios type=11,value=io.systemd.credential.binary:systemd.extra-unit.my-service.service=$UNIT_CRED" |
34 | "-smbios type=11,value=io.systemd.credential.binary:systemd.unit-dropin.my-service.service=$DROPIN_CRED" | |
a0f4426d LP |
35 | ) |
36 | QEMU_OPTIONS="${QEMU_OPTIONS:-} ${QEMU_CREDS[*]}" | |
37 | ||
38 | KERNEL_CREDS=( | |
39 | "systemd.set_credential=kernelcmdlinecred:uff" | |
40 | "systemd.set_credential=sysctl.extra:kernel.domainname=sysctltest" | |
41 | "systemd.set_credential=login.motd:hello" | |
42 | "systemd.set_credential=login.issue:welcome" | |
de70ecb3 | 43 | "systemd.set_credential_binary=waldi:d29vb29mZmZ3dWZmZnd1ZmYK" |
a0f4426d LP |
44 | "rd.systemd.import_credentials=no" |
45 | ) | |
46 | KERNEL_APPEND="${KERNEL_APPEND:-} ${KERNEL_CREDS[*]}" | |
30dd9f73 | 47 | |
3f161ba9 FS |
48 | # shellcheck source=test/test-functions |
49 | . "${TEST_BASE_DIR:?}/test-functions" | |
30dd9f73 | 50 | |
93a1f57d LP |
51 | test_append_files() { |
52 | instmods qemu_fw_cfg | |
23ff8a77 YW |
53 | if get_bool "$LOOKS_LIKE_SUSE"; then |
54 | instmods dmi-sysfs | |
55 | fi | |
93a1f57d LP |
56 | generate_module_dependencies |
57 | } | |
58 | ||
4a262d56 LP |
59 | run_qemu_hook() { |
60 | local td="$WORKDIR"/initrd.extra."$RANDOM" | |
61 | mkdir -m 755 "$td" | |
62 | add_at_exit_handler "rm -rf $td" | |
63 | mkdir -m 755 "$td/etc" "$td"/etc/systemd "$td"/etc/systemd/system "$td"/etc/systemd/system/initrd.target.wants | |
64 | ||
65 | cat > "$td"/etc/systemd/system/initrdcred.service <<EOF | |
66 | [Unit] | |
67 | Description=populate initrd credential dir | |
68 | ||
69 | [Service] | |
70 | Type=oneshot | |
71 | RemainAfterExit=yes | |
72 | ExecStart=sh -c "mkdir -m 0755 -p /run/credentials && mkdir -m 0700 /run/credentials/@initrd && umask 0077 && echo guatemala > /run/credentials/@initrd/myinitrdcred" | |
73 | EOF | |
74 | ln -s ../initrdcred.service "$td"/etc/systemd/system/initrd.target.wants/initrdcred.service | |
75 | ||
76 | ( cd "$td" && find . | cpio -o -H newc -R root:root > "$td".cpio ) | |
77 | add_at_exit_handler "rm $td.cpio" | |
78 | ||
79 | INITRD_EXTRA="$td.cpio" | |
80 | } | |
81 | ||
c4cd6205 | 82 | do_test "$@" |