core: Skip private /tmp for generators in manager test runs

For manager test runs, the generator output paths are located in
/tmp, which means that if we mount a private /tmp for generators,
we lose all the generated units (actually the generators will just
fail because the directories don't exist, but if they did exist,
we'd still lose all the units).

Let's avoid the problem by skipping the private /tmp for manager
test runs. This also avoids any possible privilege issues with
mounting a private /tmp that might happen in this scenario.

diff --git a/src/core/manager.c b/src/core/manager.c
index 43fbd0e1e4e1503211ea242b179227463a83b5db..90e72b0c025141981c6cbd3f18c7b35623f4e6e4 100644 (file)
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -4161,7 +4161,7 @@ static int manager_run_generators(Manager *m) {
 
         /* On some systems /tmp/ doesn't exist, and on some other systems we cannot create it at all. Avoid
          * trying to mount a private tmpfs on it as there's no one size fits all. */
-        if (is_dir("/tmp", /* follow= */ false) > 0)
+        if (is_dir("/tmp", /* follow= */ false) > 0 && !MANAGER_IS_TEST_RUN(m))
                 flags |= FORK_PRIVATE_TMP;
 
         r = safe_fork("(sd-gens)", flags, NULL);

diff --git a/test/units/TEST-65-ANALYZE.sh b/test/units/TEST-65-ANALYZE.sh
index 59dfd4fb5763d0ab76a397a076e93ef5f6067e46..5f650ade05ad64e7e3779580db3fe72fca48927c 100755 (executable)
--- a/test/units/TEST-65-ANALYZE.sh
+++ b/test/units/TEST-65-ANALYZE.sh
@@ -302,6 +302,9 @@ systemd-analyze security --offline=true /tmp/testfile.service
 # Ensure we print the list of ACLs, see https://github.com/systemd/systemd/issues/23185
 systemd-analyze security --offline=true /tmp/testfile.service | grep -q -F "/dev/sda"
 
+# Make sure that running generators under systemd-analyze verify works.
+systemd-analyze verify --generators /tmp/testfile.service
+
 rm /tmp/testfile.service
 
 cat <<EOF >/tmp/img/usr/lib/systemd/system/testfile.service