]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/test/test-condition.c
test-condition: extend tests to all ConditionSecurity= values
[thirdparty/systemd.git] / src / test / test-condition.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <stdio.h>
4 #include <sys/types.h>
5 #include <sys/utsname.h>
6 #include <unistd.h>
7
8 #include "sd-id128.h"
9
10 #include "alloc-util.h"
11 #include "apparmor-util.h"
12 #include "architecture.h"
13 #include "audit-util.h"
14 #include "cgroup-util.h"
15 #include "condition.h"
16 #include "efivars.h"
17 #include "hostname-util.h"
18 #include "id128-util.h"
19 #include "ima-util.h"
20 #include "log.h"
21 #include "macro.h"
22 #include "selinux-util.h"
23 #include "set.h"
24 #include "smack-util.h"
25 #include "string-util.h"
26 #include "strv.h"
27 #include "tomoyo-util.h"
28 #include "user-util.h"
29 #include "util.h"
30 #include "virt.h"
31
32 static void test_condition_test_path(void) {
33 Condition *condition;
34
35 condition = condition_new(CONDITION_PATH_EXISTS, "/bin/sh", false, false);
36 assert_se(condition);
37 assert_se(condition_test(condition));
38 condition_free(condition);
39
40 condition = condition_new(CONDITION_PATH_EXISTS, "/bin/s?", false, false);
41 assert_se(condition);
42 assert_se(!condition_test(condition));
43 condition_free(condition);
44
45 condition = condition_new(CONDITION_PATH_EXISTS_GLOB, "/bin/s?", false, false);
46 assert_se(condition);
47 assert_se(condition_test(condition));
48 condition_free(condition);
49
50 condition = condition_new(CONDITION_PATH_EXISTS_GLOB, "/bin/s?", false, true);
51 assert_se(condition);
52 assert_se(!condition_test(condition));
53 condition_free(condition);
54
55 condition = condition_new(CONDITION_PATH_EXISTS, "/thiscertainlywontexist", false, false);
56 assert_se(condition);
57 assert_se(!condition_test(condition));
58 condition_free(condition);
59
60 condition = condition_new(CONDITION_PATH_EXISTS, "/thiscertainlywontexist", false, true);
61 assert_se(condition);
62 assert_se(condition_test(condition));
63 condition_free(condition);
64
65 condition = condition_new(CONDITION_PATH_IS_DIRECTORY, "/bin", false, false);
66 assert_se(condition);
67 assert_se(condition_test(condition));
68 condition_free(condition);
69
70 condition = condition_new(CONDITION_DIRECTORY_NOT_EMPTY, "/bin", false, false);
71 assert_se(condition);
72 assert_se(condition_test(condition));
73 condition_free(condition);
74
75 condition = condition_new(CONDITION_FILE_NOT_EMPTY, "/bin/sh", false, false);
76 assert_se(condition);
77 assert_se(condition_test(condition));
78 condition_free(condition);
79
80 condition = condition_new(CONDITION_FILE_IS_EXECUTABLE, "/bin/sh", false, false);
81 assert_se(condition);
82 assert_se(condition_test(condition));
83 condition_free(condition);
84
85 condition = condition_new(CONDITION_FILE_IS_EXECUTABLE, "/etc/passwd", false, false);
86 assert_se(condition);
87 assert_se(!condition_test(condition));
88 condition_free(condition);
89
90 condition = condition_new(CONDITION_PATH_IS_MOUNT_POINT, "/proc", false, false);
91 assert_se(condition);
92 assert_se(condition_test(condition));
93 condition_free(condition);
94
95 condition = condition_new(CONDITION_PATH_IS_MOUNT_POINT, "/", false, false);
96 assert_se(condition);
97 assert_se(condition_test(condition));
98 condition_free(condition);
99
100 condition = condition_new(CONDITION_PATH_IS_MOUNT_POINT, "/bin", false, false);
101 assert_se(condition);
102 assert_se(!condition_test(condition));
103 condition_free(condition);
104
105 condition = condition_new(CONDITION_PATH_IS_READ_WRITE, "/tmp", false, false);
106 assert_se(condition);
107 assert_se(condition_test(condition));
108 condition_free(condition);
109
110 condition = condition_new(CONDITION_PATH_IS_SYMBOLIC_LINK, "/dev/stdout", false, false);
111 assert_se(condition);
112 assert_se(condition_test(condition));
113 condition_free(condition);
114 }
115
116 static int test_condition_test_control_group_controller(void) {
117 Condition *condition;
118 CGroupMask system_mask;
119 CGroupController controller;
120 _cleanup_free_ char *controller_name = NULL;
121 int r;
122
123 r = cg_unified_flush();
124 if (r < 0) {
125 log_notice_errno(r, "Skipping ConditionControlGroupController tests: %m");
126 return EXIT_TEST_SKIP;
127 }
128
129 /* Invalid controllers are ignored */
130 condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, "thisisnotarealcontroller", false, false);
131 assert_se(condition);
132 assert_se(condition_test(condition));
133 condition_free(condition);
134
135 condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, "thisisnotarealcontroller", false, true);
136 assert_se(condition);
137 assert_se(!condition_test(condition));
138 condition_free(condition);
139
140 assert_se(cg_mask_supported(&system_mask) >= 0);
141
142 /* Individual valid controllers one by one */
143 for (controller = 0; controller < _CGROUP_CONTROLLER_MAX; controller++) {
144 const char *local_controller_name = cgroup_controller_to_string(controller);
145 log_info("chosen controller is '%s'", local_controller_name);
146 if (system_mask & CGROUP_CONTROLLER_TO_MASK(controller)) {
147 log_info("this controller is available");
148 condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, local_controller_name, false, false);
149 assert_se(condition);
150 assert_se(condition_test(condition));
151 condition_free(condition);
152
153 condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, local_controller_name, false, true);
154 assert_se(condition);
155 assert_se(!condition_test(condition));
156 condition_free(condition);
157 } else {
158 log_info("this controller is unavailable");
159 condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, local_controller_name, false, false);
160 assert_se(condition);
161 assert_se(!condition_test(condition));
162 condition_free(condition);
163
164 condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, local_controller_name, false, true);
165 assert_se(condition);
166 assert_se(condition_test(condition));
167 condition_free(condition);
168 }
169 }
170
171 /* Multiple valid controllers at the same time */
172 assert_se(cg_mask_to_string(system_mask, &controller_name) >= 0);
173
174 condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, strempty(controller_name), false, false);
175 assert_se(condition);
176 assert_se(condition_test(condition));
177 condition_free(condition);
178
179 condition = condition_new(CONDITION_CONTROL_GROUP_CONTROLLER, strempty(controller_name), false, true);
180 assert_se(condition);
181 assert_se(!condition_test(condition));
182 condition_free(condition);
183
184 return EXIT_SUCCESS;
185 }
186
187 static void test_condition_test_ac_power(void) {
188 Condition *condition;
189
190 condition = condition_new(CONDITION_AC_POWER, "true", false, false);
191 assert_se(condition);
192 assert_se(condition_test(condition) == on_ac_power());
193 condition_free(condition);
194
195 condition = condition_new(CONDITION_AC_POWER, "false", false, false);
196 assert_se(condition);
197 assert_se(condition_test(condition) != on_ac_power());
198 condition_free(condition);
199
200 condition = condition_new(CONDITION_AC_POWER, "false", false, true);
201 assert_se(condition);
202 assert_se(condition_test(condition) == on_ac_power());
203 condition_free(condition);
204 }
205
206 static void test_condition_test_host(void) {
207 _cleanup_free_ char *hostname = NULL;
208 char sid[SD_ID128_STRING_MAX];
209 Condition *condition;
210 sd_id128_t id;
211 int r;
212
213 r = sd_id128_get_machine(&id);
214 assert_se(r >= 0);
215 assert_se(sd_id128_to_string(id, sid));
216
217 condition = condition_new(CONDITION_HOST, sid, false, false);
218 assert_se(condition);
219 assert_se(condition_test(condition));
220 condition_free(condition);
221
222 condition = condition_new(CONDITION_HOST, "garbage value jjjjjjjjjjjjjj", false, false);
223 assert_se(condition);
224 assert_se(!condition_test(condition));
225 condition_free(condition);
226
227 condition = condition_new(CONDITION_HOST, sid, false, true);
228 assert_se(condition);
229 assert_se(!condition_test(condition));
230 condition_free(condition);
231
232 hostname = gethostname_malloc();
233 assert_se(hostname);
234
235 /* if hostname looks like an id128 then skip testing it */
236 if (id128_is_valid(hostname))
237 log_notice("hostname is an id128, skipping test");
238 else {
239 condition = condition_new(CONDITION_HOST, hostname, false, false);
240 assert_se(condition);
241 assert_se(condition_test(condition));
242 condition_free(condition);
243 }
244 }
245
246 static void test_condition_test_architecture(void) {
247 Condition *condition;
248 const char *sa;
249 int a;
250
251 a = uname_architecture();
252 assert_se(a >= 0);
253
254 sa = architecture_to_string(a);
255 assert_se(sa);
256
257 condition = condition_new(CONDITION_ARCHITECTURE, sa, false, false);
258 assert_se(condition);
259 assert_se(condition_test(condition) > 0);
260 condition_free(condition);
261
262 condition = condition_new(CONDITION_ARCHITECTURE, "garbage value", false, false);
263 assert_se(condition);
264 assert_se(condition_test(condition) == 0);
265 condition_free(condition);
266
267 condition = condition_new(CONDITION_ARCHITECTURE, sa, false, true);
268 assert_se(condition);
269 assert_se(condition_test(condition) == 0);
270 condition_free(condition);
271 }
272
273 static void test_condition_test_kernel_command_line(void) {
274 Condition *condition;
275
276 condition = condition_new(CONDITION_KERNEL_COMMAND_LINE, "thisreallyshouldntbeonthekernelcommandline", false, false);
277 assert_se(condition);
278 assert_se(!condition_test(condition));
279 condition_free(condition);
280
281 condition = condition_new(CONDITION_KERNEL_COMMAND_LINE, "andthis=neither", false, false);
282 assert_se(condition);
283 assert_se(!condition_test(condition));
284 condition_free(condition);
285 }
286
287 static void test_condition_test_kernel_version(void) {
288 Condition *condition;
289 struct utsname u;
290 const char *v;
291
292 condition = condition_new(CONDITION_KERNEL_VERSION, "*thisreallyshouldntbeinthekernelversion*", false, false);
293 assert_se(condition);
294 assert_se(!condition_test(condition));
295 condition_free(condition);
296
297 condition = condition_new(CONDITION_KERNEL_VERSION, "*", false, false);
298 assert_se(condition);
299 assert_se(condition_test(condition));
300 condition_free(condition);
301
302 condition = condition_new(CONDITION_KERNEL_VERSION, "", false, false);
303 assert_se(condition);
304 assert_se(!condition_test(condition));
305 condition_free(condition);
306
307 assert_se(uname(&u) >= 0);
308
309 condition = condition_new(CONDITION_KERNEL_VERSION, u.release, false, false);
310 assert_se(condition);
311 assert_se(condition_test(condition));
312 condition_free(condition);
313
314 strshorten(u.release, 4);
315 strcpy(strchr(u.release, 0), "*");
316
317 condition = condition_new(CONDITION_KERNEL_VERSION, u.release, false, false);
318 assert_se(condition);
319 assert_se(condition_test(condition));
320 condition_free(condition);
321
322 /* 0.1.2 would be a very very very old kernel */
323 condition = condition_new(CONDITION_KERNEL_VERSION, "> 0.1.2", false, false);
324 assert_se(condition);
325 assert_se(condition_test(condition));
326 condition_free(condition);
327
328 condition = condition_new(CONDITION_KERNEL_VERSION, ">= 0.1.2", false, false);
329 assert_se(condition);
330 assert_se(condition_test(condition));
331 condition_free(condition);
332
333 condition = condition_new(CONDITION_KERNEL_VERSION, "< 0.1.2", false, false);
334 assert_se(condition);
335 assert_se(!condition_test(condition));
336 condition_free(condition);
337
338 condition = condition_new(CONDITION_KERNEL_VERSION, "<= 0.1.2", false, false);
339 assert_se(condition);
340 assert_se(!condition_test(condition));
341 condition_free(condition);
342
343 condition = condition_new(CONDITION_KERNEL_VERSION, "= 0.1.2", false, false);
344 assert_se(condition);
345 assert_se(!condition_test(condition));
346 condition_free(condition);
347
348 /* 4711.8.15 is a very very very future kernel */
349 condition = condition_new(CONDITION_KERNEL_VERSION, "< 4711.8.15", false, false);
350 assert_se(condition);
351 assert_se(condition_test(condition));
352 condition_free(condition);
353
354 condition = condition_new(CONDITION_KERNEL_VERSION, "<= 4711.8.15", false, false);
355 assert_se(condition);
356 assert_se(condition_test(condition));
357 condition_free(condition);
358
359 condition = condition_new(CONDITION_KERNEL_VERSION, "= 4711.8.15", false, false);
360 assert_se(condition);
361 assert_se(!condition_test(condition));
362 condition_free(condition);
363
364 condition = condition_new(CONDITION_KERNEL_VERSION, "> 4711.8.15", false, false);
365 assert_se(condition);
366 assert_se(!condition_test(condition));
367 condition_free(condition);
368
369 condition = condition_new(CONDITION_KERNEL_VERSION, ">= 4711.8.15", false, false);
370 assert_se(condition);
371 assert_se(!condition_test(condition));
372 condition_free(condition);
373
374 assert_se(uname(&u) >= 0);
375
376 v = strjoina(">=", u.release);
377 condition = condition_new(CONDITION_KERNEL_VERSION, v, false, false);
378 assert_se(condition);
379 assert_se(condition_test(condition));
380 condition_free(condition);
381
382 v = strjoina("= ", u.release);
383 condition = condition_new(CONDITION_KERNEL_VERSION, v, false, false);
384 assert_se(condition);
385 assert_se(condition_test(condition));
386 condition_free(condition);
387
388 v = strjoina("<=", u.release);
389 condition = condition_new(CONDITION_KERNEL_VERSION, v, false, false);
390 assert_se(condition);
391 assert_se(condition_test(condition));
392 condition_free(condition);
393
394 v = strjoina("> ", u.release);
395 condition = condition_new(CONDITION_KERNEL_VERSION, v, false, false);
396 assert_se(condition);
397 assert_se(!condition_test(condition));
398 condition_free(condition);
399
400 v = strjoina("< ", u.release);
401 condition = condition_new(CONDITION_KERNEL_VERSION, v, false, false);
402 assert_se(condition);
403 assert_se(!condition_test(condition));
404 condition_free(condition);
405 }
406
407 static void test_condition_test_null(void) {
408 Condition *condition;
409
410 condition = condition_new(CONDITION_NULL, NULL, false, false);
411 assert_se(condition);
412 assert_se(condition_test(condition));
413 condition_free(condition);
414
415 condition = condition_new(CONDITION_NULL, NULL, false, true);
416 assert_se(condition);
417 assert_se(!condition_test(condition));
418 condition_free(condition);
419 }
420
421 static void test_condition_test_security(void) {
422 Condition *condition;
423
424 condition = condition_new(CONDITION_SECURITY, "garbage oifdsjfoidsjoj", false, false);
425 assert_se(condition);
426 assert_se(!condition_test(condition));
427 condition_free(condition);
428
429 condition = condition_new(CONDITION_SECURITY, "selinux", false, true);
430 assert_se(condition);
431 assert_se(condition_test(condition) != mac_selinux_use());
432 condition_free(condition);
433
434 condition = condition_new(CONDITION_SECURITY, "apparmor", false, false);
435 assert_se(condition);
436 assert_se(condition_test(condition) == mac_apparmor_use());
437 condition_free(condition);
438
439 condition = condition_new(CONDITION_SECURITY, "tomoyo", false, false);
440 assert_se(condition);
441 assert_se(condition_test(condition) == mac_tomoyo_use());
442 condition_free(condition);
443
444 condition = condition_new(CONDITION_SECURITY, "ima", false, false);
445 assert_se(condition);
446 assert_se(condition_test(condition) == use_ima());
447 condition_free(condition);
448
449 condition = condition_new(CONDITION_SECURITY, "smack", false, false);
450 assert_se(condition);
451 assert_se(condition_test(condition) == mac_smack_use());
452 condition_free(condition);
453
454 condition = condition_new(CONDITION_SECURITY, "audit", false, false);
455 assert_se(condition);
456 assert_se(condition_test(condition) == use_audit());
457 condition_free(condition);
458
459 condition = condition_new(CONDITION_SECURITY, "uefi-secureboot", false, false);
460 assert_se(condition);
461 assert_se(condition_test(condition) == is_efi_secure_boot());
462 condition_free(condition);
463 }
464
465 static void print_securities(void) {
466 log_info("------ enabled security technologies ------");
467 log_info("SELinux: %s", yes_no(mac_selinux_use()));
468 log_info("AppArmor: %s", yes_no(mac_apparmor_use()));
469 log_info("Tomoyo: %s", yes_no(mac_tomoyo_use()));
470 log_info("IMA: %s", yes_no(use_ima()));
471 log_info("SMACK: %s", yes_no(mac_smack_use()));
472 log_info("Audit: %s", yes_no(use_audit()));
473 log_info("UEFI secure boot: %s", yes_no(is_efi_secure_boot()));
474 log_info("-------------------------------------------");
475 }
476
477 static void test_condition_test_virtualization(void) {
478 Condition *condition;
479 const char *virt;
480 int r;
481
482 condition = condition_new(CONDITION_VIRTUALIZATION, "garbage oifdsjfoidsjoj", false, false);
483 assert_se(condition);
484 r = condition_test(condition);
485 log_info("ConditionVirtualization=garbage → %i", r);
486 assert_se(r == 0);
487 condition_free(condition);
488
489 condition = condition_new(CONDITION_VIRTUALIZATION, "container", false, false);
490 assert_se(condition);
491 r = condition_test(condition);
492 log_info("ConditionVirtualization=container → %i", r);
493 assert_se(r == !!detect_container());
494 condition_free(condition);
495
496 condition = condition_new(CONDITION_VIRTUALIZATION, "vm", false, false);
497 assert_se(condition);
498 r = condition_test(condition);
499 log_info("ConditionVirtualization=vm → %i", r);
500 assert_se(r == (detect_vm() && !detect_container()));
501 condition_free(condition);
502
503 condition = condition_new(CONDITION_VIRTUALIZATION, "private-users", false, false);
504 assert_se(condition);
505 r = condition_test(condition);
506 log_info("ConditionVirtualization=private-users → %i", r);
507 assert_se(r == !!running_in_userns());
508 condition_free(condition);
509
510 NULSTR_FOREACH(virt,
511 "kvm\0"
512 "qemu\0"
513 "bochs\0"
514 "xen\0"
515 "uml\0"
516 "vmware\0"
517 "oracle\0"
518 "microsoft\0"
519 "zvm\0"
520 "parallels\0"
521 "bhyve\0"
522 "vm_other\0") {
523
524 condition = condition_new(CONDITION_VIRTUALIZATION, virt, false, false);
525 assert_se(condition);
526 r = condition_test(condition);
527 log_info("ConditionVirtualization=%s → %i", virt, r);
528 assert_se(r >= 0);
529 condition_free(condition);
530 }
531 }
532
533 static void test_condition_test_user(void) {
534 Condition *condition;
535 char* uid;
536 char* username;
537 int r;
538
539 condition = condition_new(CONDITION_USER, "garbage oifdsjfoidsjoj", false, false);
540 assert_se(condition);
541 r = condition_test(condition);
542 log_info("ConditionUser=garbage → %i", r);
543 assert_se(r == 0);
544 condition_free(condition);
545
546 assert_se(asprintf(&uid, "%"PRIu32, UINT32_C(0xFFFF)) > 0);
547 condition = condition_new(CONDITION_USER, uid, false, false);
548 assert_se(condition);
549 r = condition_test(condition);
550 log_info("ConditionUser=%s → %i", uid, r);
551 assert_se(r == 0);
552 condition_free(condition);
553 free(uid);
554
555 assert_se(asprintf(&uid, "%u", (unsigned)getuid()) > 0);
556 condition = condition_new(CONDITION_USER, uid, false, false);
557 assert_se(condition);
558 r = condition_test(condition);
559 log_info("ConditionUser=%s → %i", uid, r);
560 assert_se(r > 0);
561 condition_free(condition);
562 free(uid);
563
564 assert_se(asprintf(&uid, "%u", (unsigned)getuid()+1) > 0);
565 condition = condition_new(CONDITION_USER, uid, false, false);
566 assert_se(condition);
567 r = condition_test(condition);
568 log_info("ConditionUser=%s → %i", uid, r);
569 assert_se(r == 0);
570 condition_free(condition);
571 free(uid);
572
573 username = getusername_malloc();
574 assert_se(username);
575 condition = condition_new(CONDITION_USER, username, false, false);
576 assert_se(condition);
577 r = condition_test(condition);
578 log_info("ConditionUser=%s → %i", username, r);
579 assert_se(r > 0);
580 condition_free(condition);
581 free(username);
582
583 username = (char*)(geteuid() == 0 ? NOBODY_USER_NAME : "root");
584 condition = condition_new(CONDITION_USER, username, false, false);
585 assert_se(condition);
586 r = condition_test(condition);
587 log_info("ConditionUser=%s → %i", username, r);
588 assert_se(r == 0);
589 condition_free(condition);
590
591 condition = condition_new(CONDITION_USER, "@system", false, false);
592 assert_se(condition);
593 r = condition_test(condition);
594 log_info("ConditionUser=@system → %i", r);
595 if (uid_is_system(getuid()) || uid_is_system(geteuid()))
596 assert_se(r > 0);
597 else
598 assert_se(r == 0);
599 condition_free(condition);
600 }
601
602 static void test_condition_test_group(void) {
603 Condition *condition;
604 char* gid;
605 char* groupname;
606 gid_t *gids, max_gid;
607 int ngroups_max, ngroups, r, i;
608
609 assert_se(0 < asprintf(&gid, "%u", UINT32_C(0xFFFF)));
610 condition = condition_new(CONDITION_GROUP, gid, false, false);
611 assert_se(condition);
612 r = condition_test(condition);
613 log_info("ConditionGroup=%s → %i", gid, r);
614 assert_se(r == 0);
615 condition_free(condition);
616 free(gid);
617
618 assert_se(0 < asprintf(&gid, "%u", getgid()));
619 condition = condition_new(CONDITION_GROUP, gid, false, false);
620 assert_se(condition);
621 r = condition_test(condition);
622 log_info("ConditionGroup=%s → %i", gid, r);
623 assert_se(r > 0);
624 condition_free(condition);
625 free(gid);
626
627 ngroups_max = sysconf(_SC_NGROUPS_MAX);
628 assert(ngroups_max > 0);
629
630 gids = newa(gid_t, ngroups_max);
631
632 ngroups = getgroups(ngroups_max, gids);
633 assert(ngroups >= 0);
634
635 max_gid = getgid();
636 for (i = 0; i < ngroups; i++) {
637 assert_se(0 < asprintf(&gid, "%u", gids[i]));
638 condition = condition_new(CONDITION_GROUP, gid, false, false);
639 assert_se(condition);
640 r = condition_test(condition);
641 log_info("ConditionGroup=%s → %i", gid, r);
642 assert_se(r > 0);
643 condition_free(condition);
644 free(gid);
645 max_gid = gids[i] > max_gid ? gids[i] : max_gid;
646
647 groupname = gid_to_name(gids[i]);
648 assert_se(groupname);
649 condition = condition_new(CONDITION_GROUP, groupname, false, false);
650 assert_se(condition);
651 r = condition_test(condition);
652 log_info("ConditionGroup=%s → %i", groupname, r);
653 assert_se(r > 0);
654 condition_free(condition);
655 free(groupname);
656 max_gid = gids[i] > max_gid ? gids[i] : max_gid;
657 }
658
659 assert_se(0 < asprintf(&gid, "%u", max_gid+1));
660 condition = condition_new(CONDITION_GROUP, gid, false, false);
661 assert_se(condition);
662 r = condition_test(condition);
663 log_info("ConditionGroup=%s → %i", gid, r);
664 assert_se(r == 0);
665 condition_free(condition);
666 free(gid);
667
668 groupname = (char*)(geteuid() == 0 ? NOBODY_GROUP_NAME : "root");
669 condition = condition_new(CONDITION_GROUP, groupname, false, false);
670 assert_se(condition);
671 r = condition_test(condition);
672 log_info("ConditionGroup=%s → %i", groupname, r);
673 assert_se(r == 0);
674 condition_free(condition);
675 }
676
677 int main(int argc, char *argv[]) {
678 log_set_max_level(LOG_DEBUG);
679 log_parse_environment();
680 log_open();
681
682 test_condition_test_path();
683 test_condition_test_ac_power();
684 test_condition_test_host();
685 test_condition_test_architecture();
686 test_condition_test_kernel_command_line();
687 test_condition_test_kernel_version();
688 test_condition_test_null();
689 test_condition_test_security();
690 print_securities();
691 test_condition_test_virtualization();
692 test_condition_test_user();
693 test_condition_test_group();
694 test_condition_test_control_group_controller();
695
696 return 0;
697 }