Merge pull request #30284 from YHNdnzj/fstab-wantedby-defaultdeps

[thirdparty/systemd.git] / test / units / testsuite-54.sh

diff --git a/test/units/testsuite-54.sh b/test/units/testsuite-54.sh
index d243d93d8132e5b57cddb31c136e94ab5476865e..c7d11cffe6ecefc41088cf6852f434a5b0dc6f9d 100755 (executable)
--- a/test/units/testsuite-54.sh
+++ b/test/units/testsuite-54.sh
@@ -22,7 +22,7 @@ mount -t tmpfs -o size=1,nr_inodes=1 tmpfs /tmp/full
 
 # verb: setup
 # Run this first, otherwise any encrypted credentials wouldn't be decryptable
-# as we regnerate the host key
+# as we regenerate the host key
 rm -fv /var/lib/systemd/credential.secret
 systemd-creds setup
 test -e /var/lib/systemd/credential.secret
@@ -176,6 +176,7 @@ if systemd-detect-virt -q -c ; then
 elif [ -d /sys/firmware/qemu_fw_cfg/by_name ]; then
     # Verify that passing creds through kernel cmdline works
     [ "$(systemd-creds --system cat kernelcmdlinecred)" = "uff" ]
+    [ "$(systemd-creds --system cat waldi)" = "woooofffwufffwuff" ]
 
     # And that it also works via SMBIOS
     [ "$(systemd-creds --system cat smbioscredential)" = "magicdata" ]
@@ -253,6 +254,22 @@ cmp /tmp/ts54-concat <(echo -n abcd)
 rm /tmp/ts54-concat
 rm -rf /tmp/ts54-creds
 
+# Check that globs work as expected
+mkdir -p /run/credstore
+echo -n a >/run/credstore/test.creds.first
+echo -n b >/run/credstore/test.creds.second
+mkdir -p /etc/credstore
+echo -n c >/etc/credstore/test.creds.third
+systemd-run -p "ImportCredential=test.creds.*" \
+            --unit=test-54-ImportCredential.service \
+            -p DynamicUser=1 \
+            --wait \
+            --pipe \
+            cat '${CREDENTIALS_DIRECTORY}/test.creds.first' \
+                '${CREDENTIALS_DIRECTORY}/test.creds.second' \
+                '${CREDENTIALS_DIRECTORY}/test.creds.third' >/tmp/ts54-concat
+cmp /tmp/ts54-concat <(echo -n abc)
+
 # Now test encrypted credentials (only supported when built with OpenSSL though)
 if systemctl --version | grep -q -- +OPENSSL ; then
     echo -n $RANDOM >/tmp/test-54-plaintext
@@ -285,8 +302,28 @@ systemd-run -p DynamicUser=yes -p 'LoadCredential=os:/etc/os-release' \
             --pipe \
             true | cmp /etc/os-release
 
-systemd-analyze log-level info
+if ! systemd-detect-virt -q -c ; then
+    # Validate that the credential we inserted via the initrd logic arrived
+    test "$(systemd-creds cat --system myinitrdcred)" = "guatemala"
+
+    # Check that the fstab credential logic worked
+    test -d /injected
+    grep -q /injected /proc/self/mountinfo
+
+    # Make sure the getty generator processed the credentials properly
+    systemctl -P Wants show getty.target | grep -q container-getty@idontexist.service
+fi
+
+# Decrypt/encrypt via varlink
+
+echo -n '{"data":"Zm9vYmFyCg=="}' > /tmp/vlcredsdata
 
-echo OK >/testok
+varlinkctl call /run/systemd/io.systemd.Credentials io.systemd.Credentials.Encrypt "$(cat /tmp/vlcredsdata)" | \
+    varlinkctl call /run/systemd/io.systemd.Credentials io.systemd.Credentials.Decrypt > /tmp/vlcredsdata2
+
+cmp /tmp/vlcredsdata /tmp/vlcredsdata2
+rm /tmp/vlcredsdata /tmp/vlcredsdata2
+
+systemd-analyze log-level info
 
-exit 0
+touch /testok