From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Mon, 28 Apr 2025 06:29:13 +0000 (+0900)
Subject: test-execute: add test case for PrivateTmp=disconnected
X-Git-Tag: v258-rc1~645^2~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3e320dc608d3ff0325a217274cc34cae06e73452;p=thirdparty%2Fsystemd.git

test-execute: add test case for PrivateTmp=disconnected
---

diff --git a/src/test/test-execute.c b/src/test/test-execute.c
index 5ba680d571e..1eddf11dd19 100644
--- a/src/test/test-execute.c
+++ b/src/test/test-execute.c
@@ -491,6 +491,20 @@ static void test_exec_privatetmp(Manager *m) {
         if (MANAGER_IS_SYSTEM(m) || have_userns_privileges()) {
                 test(m, "exec-privatetmp-yes.service", can_unshare ? 0 : MANAGER_IS_SYSTEM(m) ? EXIT_FAILURE : EXIT_NAMESPACE, CLD_EXITED);
                 test(m, "exec-privatetmp-disabled-by-prefix.service", can_unshare ? 0 : MANAGER_IS_SYSTEM(m) ? EXIT_FAILURE : EXIT_NAMESPACE, CLD_EXITED);
+
+                FOREACH_STRING(s,
+                               "exec-privatetmp-disconnected.service",
+                               "exec-privatetmp-disconnected-defaultdependencies-no.service",
+                               "exec-privatetmp-disconnected-requires-mounts-for-var.service",
+                               "exec-privatetmp-disconnected-wants-mounts-for-var.service",
+                               "exec-privatetmp-disconnected-after-and-requires-for-var.service",
+                               "exec-privatetmp-disconnected-after-and-wants-for-var.service") {
+                        (void) unlink("/tmp/test-exec_privatetmp_disconnected");
+                        (void) unlink("/var/tmp/test-exec_privatetmp_disconnected");
+                        test(m, s, can_unshare ? 0 : MANAGER_IS_SYSTEM(m) ? EXIT_FAILURE : EXIT_NAMESPACE, CLD_EXITED);
+                        ASSERT_FAIL(access("/tmp/test-exec_privatetmp_disconnected", F_OK));
+                        ASSERT_FAIL(access("/var/tmp/test-exec_privatetmp_disconnected", F_OK));
+                }
         }
 
         test(m, "exec-privatetmp-no.service", 0, CLD_EXITED);
diff --git a/test/test-execute/exec-privatetmp-disconnected-after-and-requires-for-var.service b/test/test-execute/exec-privatetmp-disconnected-after-and-requires-for-var.service
new file mode 100644
index 00000000000..39e49c698a2
--- /dev/null
+++ b/test/test-execute/exec-privatetmp-disconnected-after-and-requires-for-var.service
@@ -0,0 +1,15 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for PrivateTmp=disconnected with After=/Requires=var.mount
+DefaultDependencies=no
+After=var.mount
+Requires=var.mount
+
+[Service]
+ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=touch /tmp/test-exec_privatetmp_disconnected
+ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
+ExecStart=sh -x -c 'test x$$TMPDIR = x'
+Type=oneshot
+ProtectSystem=strict
+PrivateTmp=disconnected
diff --git a/test/test-execute/exec-privatetmp-disconnected-after-and-wants-for-var.service b/test/test-execute/exec-privatetmp-disconnected-after-and-wants-for-var.service
new file mode 100644
index 00000000000..b11302f5f2c
--- /dev/null
+++ b/test/test-execute/exec-privatetmp-disconnected-after-and-wants-for-var.service
@@ -0,0 +1,15 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for PrivateTmp=disconnected with After=/Wants=var.mount
+DefaultDependencies=no
+After=var.mount
+Wants=var.mount
+
+[Service]
+ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=touch /tmp/test-exec_privatetmp_disconnected
+ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
+ExecStart=sh -x -c 'test x$$TMPDIR = x'
+Type=oneshot
+ProtectSystem=strict
+PrivateTmp=disconnected
diff --git a/test/test-execute/exec-privatetmp-disconnected-defaultdependencies-no.service b/test/test-execute/exec-privatetmp-disconnected-defaultdependencies-no.service
new file mode 100644
index 00000000000..2208b8e1b57
--- /dev/null
+++ b/test/test-execute/exec-privatetmp-disconnected-defaultdependencies-no.service
@@ -0,0 +1,13 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for PrivateTmp=disconnected with DefaultDependencies=no
+DefaultDependencies=no
+
+[Service]
+ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=touch /tmp/test-exec_privatetmp_disconnected
+ExecStart=sh -x -c '(! touch /var/tmp/test-exec_privatetmp_disconnected)'
+ExecStart=sh -x -c 'test $$TMPDIR = /tmp'
+Type=oneshot
+ProtectSystem=strict
+PrivateTmp=disconnected
diff --git a/test/test-execute/exec-privatetmp-disconnected-requires-mounts-for-var.service b/test/test-execute/exec-privatetmp-disconnected-requires-mounts-for-var.service
new file mode 100644
index 00000000000..349c1379841
--- /dev/null
+++ b/test/test-execute/exec-privatetmp-disconnected-requires-mounts-for-var.service
@@ -0,0 +1,14 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for PrivateTmp=disconnected with RequiresMountsFor=/var/
+DefaultDependencies=no
+RequiresMountsFor=/var/
+
+[Service]
+ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=touch /tmp/test-exec_privatetmp_disconnected
+ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
+ExecStart=sh -x -c 'test x$$TMPDIR = x'
+Type=oneshot
+ProtectSystem=strict
+PrivateTmp=disconnected
diff --git a/test/test-execute/exec-privatetmp-disconnected-wants-mounts-for-var.service b/test/test-execute/exec-privatetmp-disconnected-wants-mounts-for-var.service
new file mode 100644
index 00000000000..09ac3495b83
--- /dev/null
+++ b/test/test-execute/exec-privatetmp-disconnected-wants-mounts-for-var.service
@@ -0,0 +1,14 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for PrivateTmp=disconnected with WantsMountsFor=/var/
+DefaultDependencies=no
+WantsMountsFor=/var/
+
+[Service]
+ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=touch /tmp/test-exec_privatetmp_disconnected
+ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
+ExecStart=sh -x -c 'test x$$TMPDIR = x'
+Type=oneshot
+ProtectSystem=strict
+PrivateTmp=disconnected
diff --git a/test/test-execute/exec-privatetmp-disconnected.service b/test/test-execute/exec-privatetmp-disconnected.service
new file mode 100644
index 00000000000..fbee568d743
--- /dev/null
+++ b/test/test-execute/exec-privatetmp-disconnected.service
@@ -0,0 +1,12 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for PrivateTmp=disconnected
+
+[Service]
+ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=touch /tmp/test-exec_privatetmp_disconnected
+ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
+ExecStart=sh -x -c 'test x$$TMPDIR = x'
+Type=oneshot
+ProtectSystem=strict
+PrivateTmp=disconnected