]>
Commit | Line | Data |
---|---|---|
4ddb85b1 MP |
1 | #!/usr/bin/env python3 |
2 | # | |
3 | # networkd integration test | |
4 | # This uses temporary configuration in /run and temporary veth devices, and | |
5 | # does not write anything on disk or change any system configuration; | |
6 | # but it assumes (and checks at the beginning) that networkd is not currently | |
7 | # running. | |
daad34df MP |
8 | # |
9 | # This can be run on a normal installation, in QEMU, nspawn (with | |
10 | # --private-network), LXD (with "--config raw.lxc=lxc.aa_profile=unconfined"), | |
11 | # or LXC system containers. You need at least the "ip" tool from the iproute | |
12 | # package; it is recommended to install dnsmasq too to get full test coverage. | |
13 | # | |
4ddb85b1 MP |
14 | # ATTENTION: This uses the *installed* networkd, not the one from the built |
15 | # source tree. | |
16 | # | |
17 | # (C) 2015 Canonical Ltd. | |
18 | # Author: Martin Pitt <martin.pitt@ubuntu.com> | |
19 | # | |
20 | # systemd is free software; you can redistribute it and/or modify it | |
21 | # under the terms of the GNU Lesser General Public License as published by | |
22 | # the Free Software Foundation; either version 2.1 of the License, or | |
23 | # (at your option) any later version. | |
24 | ||
25 | # systemd is distributed in the hope that it will be useful, but | |
26 | # WITHOUT ANY WARRANTY; without even the implied warranty of | |
27 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
28 | # Lesser General Public License for more details. | |
29 | # | |
30 | # You should have received a copy of the GNU Lesser General Public License | |
31 | # along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
32 | ||
ec89276c | 33 | import errno |
4ddb85b1 MP |
34 | import os |
35 | import sys | |
36 | import time | |
37 | import unittest | |
38 | import tempfile | |
39 | import subprocess | |
40 | import shutil | |
89748b0a | 41 | import socket |
4ddb85b1 | 42 | |
ec89276c DM |
43 | HAVE_DNSMASQ = shutil.which('dnsmasq') is not None |
44 | ||
45 | NETWORK_UNITDIR = '/run/systemd/network' | |
46 | ||
47 | NETWORKD_WAIT_ONLINE = shutil.which('systemd-networkd-wait-online', | |
48 | path='/usr/lib/systemd:/lib/systemd') | |
4ddb85b1 | 49 | |
30b42a9a MP |
50 | RESOLV_CONF = '/run/systemd/resolve/resolv.conf' |
51 | ||
4ddb85b1 | 52 | |
ec89276c DM |
53 | def setUpModule(): |
54 | """Initialize the environment, and perform sanity checks on it.""" | |
55 | if NETWORKD_WAIT_ONLINE is None: | |
56 | raise OSError(errno.ENOENT, 'systemd-networkd-wait-online not found') | |
57 | ||
58 | # Do not run any tests if the system is using networkd already. | |
59 | if subprocess.call(['systemctl', 'is-active', '--quiet', | |
60 | 'systemd-networkd.service']) == 0: | |
61 | raise unittest.SkipTest('networkd is already active') | |
62 | ||
63 | # Avoid "Failed to open /dev/tty" errors in containers. | |
64 | os.environ['SYSTEMD_LOG_TARGET'] = 'journal' | |
65 | ||
66 | # Ensure the unit directory exists so tests can dump files into it. | |
67 | os.makedirs(NETWORK_UNITDIR, exist_ok=True) | |
68 | ||
69 | ||
70 | class NetworkdTestingUtilities: | |
71 | """Provide a set of utility functions to facilitate networkd tests. | |
72 | ||
73 | This class must be inherited along with unittest.TestCase to define | |
74 | some required methods. | |
75 | """ | |
76 | ||
618b196e DM |
77 | def add_veth_pair(self, veth, peer, veth_options=(), peer_options=()): |
78 | """Add a veth interface pair, and queue them to be removed.""" | |
79 | subprocess.check_call(['ip', 'link', 'add', 'name', veth] + | |
80 | list(veth_options) + | |
81 | ['type', 'veth', 'peer', 'name', peer] + | |
82 | list(peer_options)) | |
83 | self.addCleanup(subprocess.call, ['ip', 'link', 'del', 'dev', peer]) | |
84 | ||
ec89276c DM |
85 | def write_network(self, unit_name, contents): |
86 | """Write a network unit file, and queue it to be removed.""" | |
87 | unit_path = os.path.join(NETWORK_UNITDIR, unit_name) | |
88 | ||
89 | with open(unit_path, 'w') as unit: | |
90 | unit.write(contents) | |
91 | self.addCleanup(os.remove, unit_path) | |
92 | ||
93 | def write_network_dropin(self, unit_name, dropin_name, contents): | |
94 | """Write a network unit drop-in, and queue it to be removed.""" | |
95 | dropin_dir = os.path.join(NETWORK_UNITDIR, "%s.d" % unit_name) | |
96 | dropin_path = os.path.join(dropin_dir, "%s.conf" % dropin_name) | |
97 | ||
98 | os.makedirs(dropin_dir, exist_ok=True) | |
b56be296 | 99 | self.addCleanup(os.rmdir, dropin_dir) |
ec89276c DM |
100 | with open(dropin_path, 'w') as dropin: |
101 | dropin.write(contents) | |
102 | self.addCleanup(os.remove, dropin_path) | |
103 | ||
b56be296 DJL |
104 | def read_attr(self, link, attribute): |
105 | """Read a link attributed from the sysfs.""" | |
106 | # Note we we don't want to check if interface `link' is managed, we | |
107 | # want to evaluate link variable and pass the value of the link to | |
108 | # assert_link_states e.g. eth0=managed. | |
109 | self.assert_link_states(**{link:'managed'}) | |
110 | with open(os.path.join('/sys/class/net', link, attribute)) as f: | |
111 | return f.readline().strip() | |
112 | ||
a09dc546 DM |
113 | def assert_link_states(self, **kwargs): |
114 | """Match networkctl link states to the given ones. | |
115 | ||
116 | Each keyword argument should be the name of a network interface | |
117 | with its expected value of the "SETUP" column in output from | |
118 | networkctl. The interfaces have five seconds to come online | |
119 | before the check is performed. Every specified interface must | |
120 | be present in the output, and any other interfaces found in the | |
121 | output are ignored. | |
122 | ||
123 | A special interface state "managed" is supported, which matches | |
124 | any value in the "SETUP" column other than "unmanaged". | |
125 | """ | |
126 | if not kwargs: | |
127 | return | |
128 | interfaces = set(kwargs) | |
129 | ||
130 | # Wait for the requested interfaces, but don't fail for them. | |
131 | subprocess.call([NETWORKD_WAIT_ONLINE, '--timeout=5'] + | |
132 | ['--interface=%s' % iface for iface in kwargs]) | |
133 | ||
134 | # Validate each link state found in the networkctl output. | |
135 | out = subprocess.check_output(['networkctl', '--no-legend']).rstrip() | |
136 | for line in out.decode('utf-8').split('\n'): | |
137 | fields = line.split() | |
138 | if len(fields) >= 5 and fields[1] in kwargs: | |
139 | iface = fields[1] | |
140 | expected = kwargs[iface] | |
141 | actual = fields[-1] | |
142 | if (actual != expected and | |
143 | not (expected == 'managed' and actual != 'unmanaged')): | |
144 | self.fail("Link %s expects state %s, found %s" % | |
145 | (iface, expected, actual)) | |
146 | interfaces.remove(iface) | |
147 | ||
148 | # Ensure that all requested interfaces have been covered. | |
149 | if interfaces: | |
150 | self.fail("Missing links in status output: %s" % interfaces) | |
151 | ||
ec89276c | 152 | |
b56be296 DJL |
153 | class BridgeTest(NetworkdTestingUtilities, unittest.TestCase): |
154 | """Provide common methods for testing networkd against servers.""" | |
155 | ||
156 | def setUp(self): | |
157 | self.write_network('port1.netdev', '''\ | |
158 | [NetDev] | |
159 | Name=port1 | |
160 | Kind=dummy | |
161 | MACAddress=12:34:56:78:9a:bc''') | |
162 | self.write_network('port2.netdev', '''\ | |
163 | [NetDev] | |
164 | Name=port2 | |
165 | Kind=dummy | |
166 | MACAddress=12:34:56:78:9a:bd''') | |
167 | self.write_network('mybridge.netdev', '''\ | |
168 | [NetDev] | |
169 | Name=mybridge | |
170 | Kind=bridge''') | |
171 | self.write_network('port1.network', '''\ | |
172 | [Match] | |
173 | Name=port1 | |
174 | [Network] | |
175 | Bridge=mybridge''') | |
176 | self.write_network('port2.network', '''\ | |
177 | [Match] | |
178 | Name=port2 | |
179 | [Network] | |
180 | Bridge=mybridge''') | |
181 | self.write_network('mybridge.network', '''\ | |
182 | [Match] | |
183 | Name=mybridge | |
184 | [Network] | |
185 | DNS=192.168.250.1 | |
186 | Address=192.168.250.33/24 | |
187 | Gateway=192.168.250.1''') | |
188 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
189 | ||
190 | def tearDown(self): | |
191 | subprocess.check_call(['systemctl', 'stop', 'systemd-networkd']) | |
192 | subprocess.check_call(['ip', 'link', 'del', 'mybridge']) | |
193 | subprocess.check_call(['ip', 'link', 'del', 'port1']) | |
194 | subprocess.check_call(['ip', 'link', 'del', 'port2']) | |
195 | ||
196 | def test_bridge_init(self): | |
197 | self.assert_link_states( | |
198 | port1='managed', | |
199 | port2='managed', | |
200 | mybridge='managed') | |
201 | ||
202 | def test_bridge_port_priority(self): | |
203 | self.assertEqual(self.read_attr('port1', 'brport/priority'), '32') | |
204 | self.write_network_dropin('port1.network', 'priority', '''\ | |
205 | [Bridge] | |
206 | Priority=28 | |
207 | ''') | |
208 | subprocess.check_call(['systemctl', 'restart', 'systemd-networkd']) | |
209 | self.assertEqual(self.read_attr('port1', 'brport/priority'), '28') | |
210 | ||
211 | def test_bridge_port_priority_set_zero(self): | |
212 | """It should be possible to set the bridge port priority to 0""" | |
213 | self.assertEqual(self.read_attr('port2', 'brport/priority'), '32') | |
214 | self.write_network_dropin('port2.network', 'priority', '''\ | |
215 | [Bridge] | |
216 | Priority=0 | |
217 | ''') | |
218 | subprocess.check_call(['systemctl', 'restart', 'systemd-networkd']) | |
219 | self.assertEqual(self.read_attr('port2', 'brport/priority'), '0') | |
220 | ||
ec89276c DM |
221 | class ClientTestBase(NetworkdTestingUtilities): |
222 | """Provide common methods for testing networkd against servers.""" | |
223 | ||
fd0cec03 MP |
224 | @classmethod |
225 | def setUpClass(klass): | |
226 | klass.orig_log_level = subprocess.check_output( | |
227 | ['systemctl', 'show', '--value', '--property', 'LogLevel'], | |
228 | universal_newlines=True).strip() | |
229 | subprocess.check_call(['systemd-analyze', 'set-log-level', 'debug']) | |
230 | ||
231 | @classmethod | |
232 | def tearDownClass(klass): | |
233 | subprocess.check_call(['systemd-analyze', 'set-log-level', klass.orig_log_level]) | |
234 | ||
4ddb85b1 MP |
235 | def setUp(self): |
236 | self.iface = 'test_eth42' | |
237 | self.if_router = 'router_eth42' | |
238 | self.workdir_obj = tempfile.TemporaryDirectory() | |
239 | self.workdir = self.workdir_obj.name | |
ec89276c | 240 | self.config = 'test_eth42.network' |
4ddb85b1 MP |
241 | |
242 | # get current journal cursor | |
fd0cec03 | 243 | subprocess.check_output(['journalctl', '--sync']) |
4ddb85b1 MP |
244 | out = subprocess.check_output(['journalctl', '-b', '--quiet', |
245 | '--no-pager', '-n0', '--show-cursor'], | |
246 | universal_newlines=True) | |
247 | self.assertTrue(out.startswith('-- cursor:')) | |
248 | self.journal_cursor = out.split()[-1] | |
249 | ||
250 | def tearDown(self): | |
251 | self.shutdown_iface() | |
4ddb85b1 | 252 | subprocess.call(['systemctl', 'stop', 'systemd-networkd']) |
9e0c296a MP |
253 | subprocess.call(['ip', 'link', 'del', 'dummy0'], |
254 | stderr=subprocess.DEVNULL) | |
4ddb85b1 MP |
255 | |
256 | def show_journal(self, unit): | |
257 | '''Show journal of given unit since start of the test''' | |
258 | ||
259 | print('---- %s ----' % unit) | |
fd0cec03 | 260 | subprocess.check_output(['journalctl', '--sync']) |
4ddb85b1 MP |
261 | sys.stdout.flush() |
262 | subprocess.call(['journalctl', '-b', '--no-pager', '--quiet', | |
263 | '--cursor', self.journal_cursor, '-u', unit]) | |
264 | ||
265 | def create_iface(self, ipv6=False): | |
266 | '''Create test interface with DHCP server behind it''' | |
267 | ||
268 | raise NotImplementedError('must be implemented by a subclass') | |
269 | ||
270 | def shutdown_iface(self): | |
271 | '''Remove test interface and stop DHCP server''' | |
272 | ||
273 | raise NotImplementedError('must be implemented by a subclass') | |
274 | ||
275 | def print_server_log(self): | |
276 | '''Print DHCP server log for debugging failures''' | |
277 | ||
278 | raise NotImplementedError('must be implemented by a subclass') | |
279 | ||
280 | def do_test(self, coldplug=True, ipv6=False, extra_opts='', | |
281 | online_timeout=10, dhcp_mode='yes'): | |
d26fdaa2 MP |
282 | try: |
283 | subprocess.check_call(['systemctl', 'start', 'systemd-resolved']) | |
284 | except subprocess.CalledProcessError: | |
285 | self.show_journal('systemd-resolved.service') | |
286 | raise | |
ec89276c | 287 | self.write_network(self.config, '''\ |
38d78d1e | 288 | [Match] |
4ddb85b1 MP |
289 | Name=%s |
290 | [Network] | |
291 | DHCP=%s | |
292 | %s''' % (self.iface, dhcp_mode, extra_opts)) | |
293 | ||
294 | if coldplug: | |
295 | # create interface first, then start networkd | |
296 | self.create_iface(ipv6=ipv6) | |
297 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
e8c0de91 | 298 | elif coldplug is not None: |
4ddb85b1 MP |
299 | # start networkd first, then create interface |
300 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
301 | self.create_iface(ipv6=ipv6) | |
e8c0de91 MP |
302 | else: |
303 | # "None" means test sets up interface by itself | |
304 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
4ddb85b1 MP |
305 | |
306 | try: | |
ec89276c | 307 | subprocess.check_call([NETWORKD_WAIT_ONLINE, '--interface', |
4ddb85b1 MP |
308 | self.iface, '--timeout=%i' % online_timeout]) |
309 | ||
310 | if ipv6: | |
311 | # check iface state and IP 6 address; FIXME: we need to wait a bit | |
312 | # longer, as the iface is "configured" already with IPv4 *or* | |
313 | # IPv6, but we want to wait for both | |
00d5eaaf | 314 | for _ in range(10): |
4ddb85b1 MP |
315 | out = subprocess.check_output(['ip', 'a', 'show', 'dev', self.iface]) |
316 | if b'state UP' in out and b'inet6 2600' in out and b'inet 192.168' in out: | |
317 | break | |
318 | time.sleep(1) | |
319 | else: | |
320 | self.fail('timed out waiting for IPv6 configuration') | |
321 | ||
322 | self.assertRegex(out, b'inet6 2600::.* scope global .*dynamic') | |
323 | self.assertRegex(out, b'inet6 fe80::.* scope link') | |
324 | else: | |
325 | # should have link-local address on IPv6 only | |
326 | out = subprocess.check_output(['ip', '-6', 'a', 'show', 'dev', self.iface]) | |
cda39975 | 327 | self.assertRegex(out, br'inet6 fe80::.* scope link') |
4ddb85b1 MP |
328 | self.assertNotIn(b'scope global', out) |
329 | ||
330 | # should have IPv4 address | |
331 | out = subprocess.check_output(['ip', '-4', 'a', 'show', 'dev', self.iface]) | |
332 | self.assertIn(b'state UP', out) | |
cda39975 | 333 | self.assertRegex(out, br'inet 192.168.5.\d+/.* scope global dynamic') |
4ddb85b1 MP |
334 | |
335 | # check networkctl state | |
336 | out = subprocess.check_output(['networkctl']) | |
23fa427d | 337 | self.assertRegex(out, (r'%s\s+ether\s+[a-z-]+\s+unmanaged' % self.if_router).encode()) |
cda39975 | 338 | self.assertRegex(out, (r'%s\s+ether\s+routable\s+configured' % self.iface).encode()) |
4ddb85b1 MP |
339 | |
340 | out = subprocess.check_output(['networkctl', 'status', self.iface]) | |
cda39975 ZJS |
341 | self.assertRegex(out, br'Type:\s+ether') |
342 | self.assertRegex(out, br'State:\s+routable.*configured') | |
343 | self.assertRegex(out, br'Address:\s+192.168.5.\d+') | |
4ddb85b1 | 344 | if ipv6: |
cda39975 | 345 | self.assertRegex(out, br'2600::') |
4ddb85b1 | 346 | else: |
cda39975 ZJS |
347 | self.assertNotIn(br'2600::', out) |
348 | self.assertRegex(out, br'fe80::') | |
349 | self.assertRegex(out, br'Gateway:\s+192.168.5.1') | |
350 | self.assertRegex(out, br'DNS:\s+192.168.5.1') | |
4ddb85b1 MP |
351 | except (AssertionError, subprocess.CalledProcessError): |
352 | # show networkd status, journal, and DHCP server log on failure | |
ec89276c | 353 | with open(os.path.join(NETWORK_UNITDIR, self.config)) as f: |
4ddb85b1 MP |
354 | print('\n---- %s ----\n%s' % (self.config, f.read())) |
355 | print('---- interface status ----') | |
356 | sys.stdout.flush() | |
357 | subprocess.call(['ip', 'a', 'show', 'dev', self.iface]) | |
358 | print('---- networkctl status %s ----' % self.iface) | |
359 | sys.stdout.flush() | |
360 | subprocess.call(['networkctl', 'status', self.iface]) | |
361 | self.show_journal('systemd-networkd.service') | |
362 | self.print_server_log() | |
363 | raise | |
364 | ||
30b42a9a MP |
365 | for timeout in range(50): |
366 | with open(RESOLV_CONF) as f: | |
367 | contents = f.read() | |
368 | if 'nameserver 192.168.5.1\n' in contents: | |
369 | break | |
370 | time.sleep(0.1) | |
371 | else: | |
372 | self.fail('nameserver 192.168.5.1 not found in ' + RESOLV_CONF) | |
4ddb85b1 | 373 | |
e8c0de91 | 374 | if coldplug is False: |
4ddb85b1 MP |
375 | # check post-down.d hook |
376 | self.shutdown_iface() | |
377 | ||
378 | def test_coldplug_dhcp_yes_ip4(self): | |
379 | # we have a 12s timeout on RA, so we need to wait longer | |
380 | self.do_test(coldplug=True, ipv6=False, online_timeout=15) | |
381 | ||
382 | def test_coldplug_dhcp_yes_ip4_no_ra(self): | |
383 | # with disabling RA explicitly things should be fast | |
384 | self.do_test(coldplug=True, ipv6=False, | |
f921f573 | 385 | extra_opts='IPv6AcceptRA=False') |
4ddb85b1 MP |
386 | |
387 | def test_coldplug_dhcp_ip4_only(self): | |
388 | # we have a 12s timeout on RA, so we need to wait longer | |
389 | self.do_test(coldplug=True, ipv6=False, dhcp_mode='ipv4', | |
390 | online_timeout=15) | |
391 | ||
392 | def test_coldplug_dhcp_ip4_only_no_ra(self): | |
393 | # with disabling RA explicitly things should be fast | |
394 | self.do_test(coldplug=True, ipv6=False, dhcp_mode='ipv4', | |
f921f573 | 395 | extra_opts='IPv6AcceptRA=False') |
4ddb85b1 MP |
396 | |
397 | def test_coldplug_dhcp_ip6(self): | |
398 | self.do_test(coldplug=True, ipv6=True) | |
399 | ||
400 | def test_hotplug_dhcp_ip4(self): | |
401 | # With IPv4 only we have a 12s timeout on RA, so we need to wait longer | |
402 | self.do_test(coldplug=False, ipv6=False, online_timeout=15) | |
403 | ||
404 | def test_hotplug_dhcp_ip6(self): | |
405 | self.do_test(coldplug=False, ipv6=True) | |
406 | ||
94363cbb | 407 | def test_route_only_dns(self): |
ec89276c | 408 | self.write_network('myvpn.netdev', '''\ |
38d78d1e | 409 | [NetDev] |
94363cbb MP |
410 | Name=dummy0 |
411 | Kind=dummy | |
412 | MACAddress=12:34:56:78:9a:bc''') | |
ec89276c | 413 | self.write_network('myvpn.network', '''\ |
38d78d1e | 414 | [Match] |
94363cbb MP |
415 | Name=dummy0 |
416 | [Network] | |
417 | Address=192.168.42.100 | |
418 | DNS=192.168.42.1 | |
419 | Domains= ~company''') | |
94363cbb MP |
420 | |
421 | self.do_test(coldplug=True, ipv6=False, | |
422 | extra_opts='IPv6AcceptRouterAdvertisements=False') | |
423 | ||
30b42a9a MP |
424 | with open(RESOLV_CONF) as f: |
425 | contents = f.read() | |
94363cbb MP |
426 | # ~company is not a search domain, only a routing domain |
427 | self.assertNotRegex(contents, 'search.*company') | |
30b42a9a MP |
428 | # our global server should appear |
429 | self.assertIn('nameserver 192.168.5.1\n', contents) | |
b9fe94ca MP |
430 | # should not have domain-restricted server as global server |
431 | self.assertNotIn('nameserver 192.168.42.1\n', contents) | |
432 | ||
433 | def test_route_only_dns_all_domains(self): | |
ec89276c | 434 | self.write_network('myvpn.netdev', '''[NetDev] |
b9fe94ca MP |
435 | Name=dummy0 |
436 | Kind=dummy | |
437 | MACAddress=12:34:56:78:9a:bc''') | |
ec89276c | 438 | self.write_network('myvpn.network', '''[Match] |
b9fe94ca MP |
439 | Name=dummy0 |
440 | [Network] | |
441 | Address=192.168.42.100 | |
442 | DNS=192.168.42.1 | |
443 | Domains= ~company ~.''') | |
b9fe94ca MP |
444 | |
445 | self.do_test(coldplug=True, ipv6=False, | |
446 | extra_opts='IPv6AcceptRouterAdvertisements=False') | |
447 | ||
448 | with open(RESOLV_CONF) as f: | |
449 | contents = f.read() | |
450 | ||
451 | # ~company is not a search domain, only a routing domain | |
452 | self.assertNotRegex(contents, 'search.*company') | |
453 | ||
454 | # our global server should appear | |
455 | self.assertIn('nameserver 192.168.5.1\n', contents) | |
456 | # should have company server as global server due to ~. | |
457 | self.assertIn('nameserver 192.168.42.1\n', contents) | |
94363cbb | 458 | |
4ddb85b1 | 459 | |
ec89276c | 460 | @unittest.skipUnless(HAVE_DNSMASQ, 'dnsmasq not installed') |
4ddb85b1 MP |
461 | class DnsmasqClientTest(ClientTestBase, unittest.TestCase): |
462 | '''Test networkd client against dnsmasq''' | |
463 | ||
464 | def setUp(self): | |
465 | super().setUp() | |
466 | self.dnsmasq = None | |
e8c0de91 | 467 | self.iface_mac = 'de:ad:be:ef:47:11' |
4ddb85b1 | 468 | |
b9fe94ca | 469 | def create_iface(self, ipv6=False, dnsmasq_opts=None): |
4ddb85b1 MP |
470 | '''Create test interface with DHCP server behind it''' |
471 | ||
472 | # add veth pair | |
e8c0de91 MP |
473 | subprocess.check_call(['ip', 'link', 'add', 'name', self.iface, |
474 | 'address', self.iface_mac, | |
475 | 'type', 'veth', 'peer', 'name', self.if_router]) | |
4ddb85b1 MP |
476 | |
477 | # give our router an IP | |
478 | subprocess.check_call(['ip', 'a', 'flush', 'dev', self.if_router]) | |
479 | subprocess.check_call(['ip', 'a', 'add', '192.168.5.1/24', 'dev', self.if_router]) | |
480 | if ipv6: | |
481 | subprocess.check_call(['ip', 'a', 'add', '2600::1/64', 'dev', self.if_router]) | |
482 | subprocess.check_call(['ip', 'link', 'set', self.if_router, 'up']) | |
483 | ||
484 | # add DHCP server | |
485 | self.dnsmasq_log = os.path.join(self.workdir, 'dnsmasq.log') | |
486 | lease_file = os.path.join(self.workdir, 'dnsmasq.leases') | |
487 | if ipv6: | |
488 | extra_opts = ['--enable-ra', '--dhcp-range=2600::10,2600::20'] | |
489 | else: | |
490 | extra_opts = [] | |
b9fe94ca MP |
491 | if dnsmasq_opts: |
492 | extra_opts += dnsmasq_opts | |
4ddb85b1 MP |
493 | self.dnsmasq = subprocess.Popen( |
494 | ['dnsmasq', '--keep-in-foreground', '--log-queries', | |
495 | '--log-facility=' + self.dnsmasq_log, '--conf-file=/dev/null', | |
496 | '--dhcp-leasefile=' + lease_file, '--bind-interfaces', | |
497 | '--interface=' + self.if_router, '--except-interface=lo', | |
498 | '--dhcp-range=192.168.5.10,192.168.5.200'] + extra_opts) | |
499 | ||
500 | def shutdown_iface(self): | |
501 | '''Remove test interface and stop DHCP server''' | |
502 | ||
503 | if self.if_router: | |
504 | subprocess.check_call(['ip', 'link', 'del', 'dev', self.if_router]) | |
505 | self.if_router = None | |
506 | if self.dnsmasq: | |
507 | self.dnsmasq.kill() | |
508 | self.dnsmasq.wait() | |
509 | self.dnsmasq = None | |
510 | ||
511 | def print_server_log(self): | |
512 | '''Print DHCP server log for debugging failures''' | |
513 | ||
514 | with open(self.dnsmasq_log) as f: | |
515 | sys.stdout.write('\n\n---- dnsmasq log ----\n%s\n------\n\n' % f.read()) | |
516 | ||
b9fe94ca MP |
517 | def test_resolved_domain_restricted_dns(self): |
518 | '''resolved: domain-restricted DNS servers''' | |
519 | ||
520 | # create interface for generic connections; this will map all DNS names | |
521 | # to 192.168.42.1 | |
522 | self.create_iface(dnsmasq_opts=['--address=/#/192.168.42.1']) | |
ec89276c | 523 | self.write_network('general.network', '''\ |
b9fe94ca MP |
524 | [Match] |
525 | Name=%s | |
526 | [Network] | |
527 | DHCP=ipv4 | |
528 | IPv6AcceptRA=False''' % self.iface) | |
529 | ||
530 | # create second device/dnsmasq for a .company/.lab VPN interface | |
531 | # static IPs for simplicity | |
618b196e | 532 | self.add_veth_pair('testvpnclient', 'testvpnrouter') |
b9fe94ca MP |
533 | subprocess.check_call(['ip', 'a', 'flush', 'dev', 'testvpnrouter']) |
534 | subprocess.check_call(['ip', 'a', 'add', '10.241.3.1/24', 'dev', 'testvpnrouter']) | |
535 | subprocess.check_call(['ip', 'link', 'set', 'testvpnrouter', 'up']) | |
536 | ||
537 | vpn_dnsmasq_log = os.path.join(self.workdir, 'dnsmasq-vpn.log') | |
538 | vpn_dnsmasq = subprocess.Popen( | |
539 | ['dnsmasq', '--keep-in-foreground', '--log-queries', | |
540 | '--log-facility=' + vpn_dnsmasq_log, '--conf-file=/dev/null', | |
541 | '--dhcp-leasefile=/dev/null', '--bind-interfaces', | |
542 | '--interface=testvpnrouter', '--except-interface=lo', | |
543 | '--address=/math.lab/10.241.3.3', '--address=/cantina.company/10.241.4.4']) | |
544 | self.addCleanup(vpn_dnsmasq.wait) | |
545 | self.addCleanup(vpn_dnsmasq.kill) | |
546 | ||
ec89276c | 547 | self.write_network('vpn.network', '''\ |
b9fe94ca MP |
548 | [Match] |
549 | Name=testvpnclient | |
550 | [Network] | |
551 | IPv6AcceptRA=False | |
552 | Address=10.241.3.2/24 | |
553 | DNS=10.241.3.1 | |
554 | Domains= ~company ~lab''') | |
555 | ||
556 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
ec89276c | 557 | subprocess.check_call([NETWORKD_WAIT_ONLINE, '--interface', self.iface, |
b9fe94ca MP |
558 | '--interface=testvpnclient', '--timeout=20']) |
559 | ||
560 | # ensure we start fresh with every test | |
561 | subprocess.check_call(['systemctl', 'restart', 'systemd-resolved']) | |
562 | ||
563 | # test vpnclient specific domains; these should *not* be answered by | |
564 | # the general DNS | |
565 | out = subprocess.check_output(['systemd-resolve', 'math.lab']) | |
566 | self.assertIn(b'math.lab: 10.241.3.3', out) | |
567 | out = subprocess.check_output(['systemd-resolve', 'kettle.cantina.company']) | |
568 | self.assertIn(b'kettle.cantina.company: 10.241.4.4', out) | |
569 | ||
570 | # test general domains | |
571 | out = subprocess.check_output(['systemd-resolve', 'megasearch.net']) | |
572 | self.assertIn(b'megasearch.net: 192.168.42.1', out) | |
573 | ||
574 | with open(self.dnsmasq_log) as f: | |
575 | general_log = f.read() | |
576 | with open(vpn_dnsmasq_log) as f: | |
577 | vpn_log = f.read() | |
578 | ||
579 | # VPN domains should only be sent to VPN DNS | |
580 | self.assertRegex(vpn_log, 'query.*math.lab') | |
581 | self.assertRegex(vpn_log, 'query.*cantina.company') | |
27e2e323 MP |
582 | self.assertNotIn('.lab', general_log) |
583 | self.assertNotIn('.company', general_log) | |
b9fe94ca MP |
584 | |
585 | # general domains should not be sent to the VPN DNS | |
586 | self.assertRegex(general_log, 'query.*megasearch.net') | |
587 | self.assertNotIn('megasearch.net', vpn_log) | |
588 | ||
4050e04b MP |
589 | def test_resolved_etc_hosts(self): |
590 | '''resolved queries to /etc/hosts''' | |
591 | ||
592 | # FIXME: -t MX query fails with enabled DNSSEC (even when using | |
593 | # the known negative trust anchor .internal instead of .example) | |
594 | conf = '/run/systemd/resolved.conf.d/test-disable-dnssec.conf' | |
595 | os.makedirs(os.path.dirname(conf), exist_ok=True) | |
596 | with open(conf, 'w') as f: | |
597 | f.write('[Resolve]\nDNSSEC=no') | |
598 | self.addCleanup(os.remove, conf) | |
599 | ||
600 | # create /etc/hosts bind mount which resolves my.example for IPv4 | |
601 | hosts = os.path.join(self.workdir, 'hosts') | |
602 | with open(hosts, 'w') as f: | |
603 | f.write('172.16.99.99 my.example\n') | |
604 | subprocess.check_call(['mount', '--bind', hosts, '/etc/hosts']) | |
605 | self.addCleanup(subprocess.call, ['umount', '/etc/hosts']) | |
606 | subprocess.check_call(['systemctl', 'stop', 'systemd-resolved.service']) | |
607 | ||
608 | # note: different IPv4 address here, so that it's easy to tell apart | |
609 | # what resolved the query | |
610 | self.create_iface(dnsmasq_opts=['--host-record=my.example,172.16.99.1,2600::99:99', | |
611 | '--host-record=other.example,172.16.0.42,2600::42', | |
612 | '--mx-host=example,mail.example'], | |
613 | ipv6=True) | |
614 | self.do_test(coldplug=None, ipv6=True) | |
615 | ||
616 | try: | |
617 | # family specific queries | |
618 | out = subprocess.check_output(['systemd-resolve', '-4', 'my.example']) | |
619 | self.assertIn(b'my.example: 172.16.99.99', out) | |
620 | # we don't expect an IPv6 answer; if /etc/hosts has any IP address, | |
621 | # it's considered a sufficient source | |
622 | self.assertNotEqual(subprocess.call(['systemd-resolve', '-6', 'my.example']), 0) | |
623 | # "any family" query; IPv4 should come from /etc/hosts | |
624 | out = subprocess.check_output(['systemd-resolve', 'my.example']) | |
625 | self.assertIn(b'my.example: 172.16.99.99', out) | |
626 | # IP → name lookup; again, takes the /etc/hosts one | |
627 | out = subprocess.check_output(['systemd-resolve', '172.16.99.99']) | |
628 | self.assertIn(b'172.16.99.99: my.example', out) | |
629 | ||
630 | # non-address RRs should fall back to DNS | |
631 | out = subprocess.check_output(['systemd-resolve', '--type=MX', 'example']) | |
632 | self.assertIn(b'example IN MX 1 mail.example', out) | |
633 | ||
634 | # other domains query DNS | |
635 | out = subprocess.check_output(['systemd-resolve', 'other.example']) | |
636 | self.assertIn(b'172.16.0.42', out) | |
637 | out = subprocess.check_output(['systemd-resolve', '172.16.0.42']) | |
638 | self.assertIn(b'172.16.0.42: other.example', out) | |
639 | except (AssertionError, subprocess.CalledProcessError): | |
640 | self.show_journal('systemd-resolved.service') | |
641 | self.print_server_log() | |
642 | raise | |
643 | ||
e8c0de91 MP |
644 | def test_transient_hostname(self): |
645 | '''networkd sets transient hostname from DHCP''' | |
646 | ||
89748b0a MP |
647 | orig_hostname = socket.gethostname() |
648 | self.addCleanup(socket.sethostname, orig_hostname) | |
649 | # temporarily move /etc/hostname away; restart hostnamed to pick it up | |
650 | if os.path.exists('/etc/hostname'): | |
651 | subprocess.check_call(['mount', '--bind', '/dev/null', '/etc/hostname']) | |
652 | self.addCleanup(subprocess.call, ['umount', '/etc/hostname']) | |
653 | subprocess.check_call(['systemctl', 'stop', 'systemd-hostnamed.service']) | |
654 | ||
e8c0de91 MP |
655 | self.create_iface(dnsmasq_opts=['--dhcp-host=%s,192.168.5.210,testgreen' % self.iface_mac]) |
656 | self.do_test(coldplug=None, extra_opts='IPv6AcceptRA=False', dhcp_mode='ipv4') | |
657 | ||
fd0cec03 MP |
658 | try: |
659 | # should have received the fixed IP above | |
660 | out = subprocess.check_output(['ip', '-4', 'a', 'show', 'dev', self.iface]) | |
661 | self.assertRegex(out, b'inet 192.168.5.210/24 .* scope global dynamic') | |
2926b130 MP |
662 | # should have set transient hostname in hostnamed; this is |
663 | # sometimes a bit lagging (issue #4753), so retry a few times | |
664 | for retry in range(1, 6): | |
665 | out = subprocess.check_output(['hostnamectl']) | |
666 | if b'testgreen' in out: | |
667 | break | |
668 | time.sleep(5) | |
669 | sys.stdout.write('[retry %i] ' % retry) | |
670 | sys.stdout.flush() | |
671 | else: | |
672 | self.fail('Transient hostname not found in hostnamectl:\n%s' % out.decode()) | |
fd0cec03 MP |
673 | # and also applied to the system |
674 | self.assertEqual(socket.gethostname(), 'testgreen') | |
675 | except AssertionError: | |
676 | self.show_journal('systemd-networkd.service') | |
677 | self.show_journal('systemd-hostnamed.service') | |
678 | self.print_server_log() | |
679 | raise | |
89748b0a MP |
680 | |
681 | def test_transient_hostname_with_static(self): | |
682 | '''transient hostname is not applied if static hostname exists''' | |
683 | ||
684 | orig_hostname = socket.gethostname() | |
685 | self.addCleanup(socket.sethostname, orig_hostname) | |
686 | if not os.path.exists('/etc/hostname'): | |
687 | self.writeConfig('/etc/hostname', orig_hostname) | |
688 | subprocess.check_call(['systemctl', 'stop', 'systemd-hostnamed.service']) | |
689 | ||
690 | self.create_iface(dnsmasq_opts=['--dhcp-host=%s,192.168.5.210,testgreen' % self.iface_mac]) | |
691 | self.do_test(coldplug=None, extra_opts='IPv6AcceptRA=False', dhcp_mode='ipv4') | |
692 | ||
fd0cec03 MP |
693 | try: |
694 | # should have received the fixed IP above | |
695 | out = subprocess.check_output(['ip', '-4', 'a', 'show', 'dev', self.iface]) | |
696 | self.assertRegex(out, b'inet 192.168.5.210/24 .* scope global dynamic') | |
697 | # static hostname wins over transient one, thus *not* applied | |
698 | self.assertEqual(socket.gethostname(), orig_hostname) | |
699 | except AssertionError: | |
700 | self.show_journal('systemd-networkd.service') | |
701 | self.show_journal('systemd-hostnamed.service') | |
702 | self.print_server_log() | |
703 | raise | |
e8c0de91 | 704 | |
4ddb85b1 MP |
705 | |
706 | class NetworkdClientTest(ClientTestBase, unittest.TestCase): | |
707 | '''Test networkd client against networkd server''' | |
708 | ||
709 | def setUp(self): | |
710 | super().setUp() | |
711 | self.dnsmasq = None | |
712 | ||
2c99aba7 | 713 | def create_iface(self, ipv6=False, dhcpserver_opts=None): |
4ddb85b1 MP |
714 | '''Create test interface with DHCP server behind it''' |
715 | ||
716 | # run "router-side" networkd in own mount namespace to shield it from | |
717 | # "client-side" configuration and networkd | |
718 | (fd, script) = tempfile.mkstemp(prefix='networkd-router.sh') | |
719 | self.addCleanup(os.remove, script) | |
720 | with os.fdopen(fd, 'w+') as f: | |
38d78d1e ZJS |
721 | f.write('''\ |
722 | #!/bin/sh -eu | |
4ddb85b1 MP |
723 | mkdir -p /run/systemd/network |
724 | mkdir -p /run/systemd/netif | |
725 | mount -t tmpfs none /run/systemd/network | |
726 | mount -t tmpfs none /run/systemd/netif | |
727 | [ ! -e /run/dbus ] || mount -t tmpfs none /run/dbus | |
728 | # create router/client veth pair | |
729 | cat << EOF > /run/systemd/network/test.netdev | |
730 | [NetDev] | |
731 | Name=%(ifr)s | |
732 | Kind=veth | |
733 | ||
734 | [Peer] | |
735 | Name=%(ifc)s | |
736 | EOF | |
737 | ||
738 | cat << EOF > /run/systemd/network/test.network | |
739 | [Match] | |
740 | Name=%(ifr)s | |
741 | ||
742 | [Network] | |
743 | Address=192.168.5.1/24 | |
744 | %(addr6)s | |
745 | DHCPServer=yes | |
746 | ||
747 | [DHCPServer] | |
748 | PoolOffset=10 | |
749 | PoolSize=50 | |
750 | DNS=192.168.5.1 | |
2c99aba7 | 751 | %(dhopts)s |
4ddb85b1 MP |
752 | EOF |
753 | ||
754 | # run networkd as in systemd-networkd.service | |
5ed0dcf4 | 755 | exec $(systemctl cat systemd-networkd.service | sed -n '/^ExecStart=/ { s/^.*=//; s/^[@+-]//; s/^!*//; p}') |
2c99aba7 MP |
756 | ''' % {'ifr': self.if_router, 'ifc': self.iface, 'addr6': ipv6 and 'Address=2600::1/64' or '', |
757 | 'dhopts': dhcpserver_opts or ''}) | |
4ddb85b1 MP |
758 | |
759 | os.fchmod(fd, 0o755) | |
760 | ||
761 | subprocess.check_call(['systemd-run', '--unit=networkd-test-router.service', | |
762 | '-p', 'InaccessibleDirectories=-/etc/systemd/network', | |
763 | '-p', 'InaccessibleDirectories=-/run/systemd/network', | |
764 | '-p', 'InaccessibleDirectories=-/run/systemd/netif', | |
765 | '--service-type=notify', script]) | |
766 | ||
767 | # wait until devices got created | |
00d5eaaf | 768 | for _ in range(50): |
4ddb85b1 MP |
769 | out = subprocess.check_output(['ip', 'a', 'show', 'dev', self.if_router]) |
770 | if b'state UP' in out and b'scope global' in out: | |
771 | break | |
772 | time.sleep(0.1) | |
773 | ||
774 | def shutdown_iface(self): | |
775 | '''Remove test interface and stop DHCP server''' | |
776 | ||
777 | if self.if_router: | |
778 | subprocess.check_call(['systemctl', 'stop', 'networkd-test-router.service']) | |
779 | # ensure failed transient unit does not stay around | |
780 | subprocess.call(['systemctl', 'reset-failed', 'networkd-test-router.service']) | |
781 | subprocess.call(['ip', 'link', 'del', 'dev', self.if_router]) | |
782 | self.if_router = None | |
783 | ||
784 | def print_server_log(self): | |
785 | '''Print DHCP server log for debugging failures''' | |
786 | ||
787 | self.show_journal('networkd-test-router.service') | |
788 | ||
789 | @unittest.skip('networkd does not have DHCPv6 server support') | |
790 | def test_hotplug_dhcp_ip6(self): | |
791 | pass | |
792 | ||
793 | @unittest.skip('networkd does not have DHCPv6 server support') | |
794 | def test_coldplug_dhcp_ip6(self): | |
795 | pass | |
796 | ||
d2bc1251 MP |
797 | def test_search_domains(self): |
798 | ||
799 | # we don't use this interface for this test | |
800 | self.if_router = None | |
801 | ||
ec89276c | 802 | self.write_network('test.netdev', '''\ |
38d78d1e | 803 | [NetDev] |
d2bc1251 MP |
804 | Name=dummy0 |
805 | Kind=dummy | |
806 | MACAddress=12:34:56:78:9a:bc''') | |
ec89276c | 807 | self.write_network('test.network', '''\ |
38d78d1e | 808 | [Match] |
d2bc1251 MP |
809 | Name=dummy0 |
810 | [Network] | |
811 | Address=192.168.42.100 | |
812 | DNS=192.168.42.1 | |
813 | Domains= one two three four five six seven eight nine ten''') | |
d2bc1251 MP |
814 | |
815 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
816 | ||
30b42a9a MP |
817 | for timeout in range(50): |
818 | with open(RESOLV_CONF) as f: | |
819 | contents = f.read() | |
820 | if ' one' in contents: | |
821 | break | |
822 | time.sleep(0.1) | |
823 | self.assertRegex(contents, 'search .*one two three four') | |
824 | self.assertNotIn('seven\n', contents) | |
825 | self.assertIn('# Too many search domains configured, remaining ones ignored.\n', contents) | |
d2bc1251 MP |
826 | |
827 | def test_search_domains_too_long(self): | |
828 | ||
829 | # we don't use this interface for this test | |
830 | self.if_router = None | |
831 | ||
832 | name_prefix = 'a' * 60 | |
833 | ||
ec89276c | 834 | self.write_network('test.netdev', '''\ |
38d78d1e | 835 | [NetDev] |
d2bc1251 MP |
836 | Name=dummy0 |
837 | Kind=dummy | |
838 | MACAddress=12:34:56:78:9a:bc''') | |
ec89276c | 839 | self.write_network('test.network', '''\ |
38d78d1e | 840 | [Match] |
d2bc1251 MP |
841 | Name=dummy0 |
842 | [Network] | |
843 | Address=192.168.42.100 | |
844 | DNS=192.168.42.1 | |
38d78d1e | 845 | Domains={p}0 {p}1 {p}2 {p}3 {p}4'''.format(p=name_prefix)) |
d2bc1251 MP |
846 | |
847 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
848 | ||
30b42a9a MP |
849 | for timeout in range(50): |
850 | with open(RESOLV_CONF) as f: | |
851 | contents = f.read() | |
852 | if ' one' in contents: | |
853 | break | |
854 | time.sleep(0.1) | |
38d78d1e | 855 | self.assertRegex(contents, 'search .*{p}0 {p}1 {p}2'.format(p=name_prefix)) |
30b42a9a | 856 | self.assertIn('# Total length of all search domains is too long, remaining ones ignored.', contents) |
d2bc1251 | 857 | |
047a0dac JSB |
858 | def test_dropin(self): |
859 | # we don't use this interface for this test | |
860 | self.if_router = None | |
861 | ||
ec89276c | 862 | self.write_network('test.netdev', '''\ |
047a0dac JSB |
863 | [NetDev] |
864 | Name=dummy0 | |
865 | Kind=dummy | |
866 | MACAddress=12:34:56:78:9a:bc''') | |
ec89276c | 867 | self.write_network('test.network', '''\ |
047a0dac JSB |
868 | [Match] |
869 | Name=dummy0 | |
870 | [Network] | |
871 | Address=192.168.42.100 | |
872 | DNS=192.168.42.1''') | |
ec89276c | 873 | self.write_network_dropin('test.network', 'dns', '''\ |
047a0dac JSB |
874 | [Network] |
875 | DNS=127.0.0.1''') | |
876 | ||
877 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
878 | ||
879 | for timeout in range(50): | |
880 | with open(RESOLV_CONF) as f: | |
881 | contents = f.read() | |
882 | if ' 127.0.0.1' in contents: | |
883 | break | |
884 | time.sleep(0.1) | |
885 | self.assertIn('nameserver 192.168.42.1\n', contents) | |
886 | self.assertIn('nameserver 127.0.0.1\n', contents) | |
887 | ||
2c99aba7 MP |
888 | def test_dhcp_timezone(self): |
889 | '''networkd sets time zone from DHCP''' | |
890 | ||
891 | def get_tz(): | |
892 | out = subprocess.check_output(['busctl', 'get-property', 'org.freedesktop.timedate1', | |
893 | '/org/freedesktop/timedate1', 'org.freedesktop.timedate1', 'Timezone']) | |
894 | assert out.startswith(b's "') | |
895 | out = out.strip() | |
896 | assert out.endswith(b'"') | |
897 | return out[3:-1].decode() | |
898 | ||
899 | orig_timezone = get_tz() | |
900 | self.addCleanup(subprocess.call, ['timedatectl', 'set-timezone', orig_timezone]) | |
901 | ||
902 | self.create_iface(dhcpserver_opts='EmitTimezone=yes\nTimezone=Pacific/Honolulu') | |
903 | self.do_test(coldplug=None, extra_opts='IPv6AcceptRA=false\n[DHCP]\nUseTimezone=true', dhcp_mode='ipv4') | |
904 | ||
905 | # should have applied the received timezone | |
906 | try: | |
907 | self.assertEqual(get_tz(), 'Pacific/Honolulu') | |
908 | except AssertionError: | |
909 | self.show_journal('systemd-networkd.service') | |
910 | self.show_journal('systemd-hostnamed.service') | |
911 | raise | |
912 | ||
913 | ||
618b196e DM |
914 | class MatchClientTest(unittest.TestCase, NetworkdTestingUtilities): |
915 | """Test [Match] sections in .network files. | |
916 | ||
917 | Be aware that matching the test host's interfaces will wipe their | |
918 | configuration, so as a precaution, all network files should have a | |
919 | restrictive [Match] section to only ever interfere with the | |
920 | temporary veth interfaces created here. | |
921 | """ | |
922 | ||
923 | def tearDown(self): | |
924 | """Stop networkd.""" | |
925 | subprocess.call(['systemctl', 'stop', 'systemd-networkd']) | |
926 | ||
927 | def test_basic_matching(self): | |
928 | """Verify the Name= line works throughout this class.""" | |
929 | self.add_veth_pair('test_if1', 'fake_if2') | |
930 | self.write_network('test.network', "[Match]\nName=test_*\n[Network]") | |
931 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
932 | self.assert_link_states(test_if1='managed', fake_if2='unmanaged') | |
933 | ||
934 | def test_inverted_matching(self): | |
935 | """Verify that a '!'-prefixed value inverts the match.""" | |
936 | # Use a MAC address as the interfaces' common matching attribute | |
937 | # to avoid depending on udev, to support testing in containers. | |
938 | mac = '00:01:02:03:98:99' | |
939 | self.add_veth_pair('test_veth', 'test_peer', | |
940 | ['addr', mac], ['addr', mac]) | |
941 | self.write_network('no-veth.network', """\ | |
942 | [Match] | |
943 | MACAddress=%s | |
944 | Name=!nonexistent *peer* | |
945 | [Network]""" % mac) | |
946 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
947 | self.assert_link_states(test_veth='managed', test_peer='unmanaged') | |
948 | ||
949 | ||
a09dc546 DM |
950 | class UnmanagedClientTest(unittest.TestCase, NetworkdTestingUtilities): |
951 | """Test if networkd manages the correct interfaces.""" | |
952 | ||
953 | def setUp(self): | |
954 | """Write .network files to match the named veth devices.""" | |
955 | # Define the veth+peer pairs to be created. | |
956 | # Their pairing doesn't actually matter, only their names do. | |
957 | self.veths = { | |
958 | 'm1def': 'm0unm', | |
959 | 'm1man': 'm1unm', | |
960 | } | |
961 | ||
962 | # Define the contents of .network files to be read in order. | |
963 | self.configs = ( | |
964 | "[Match]\nName=m1def\n", | |
965 | "[Match]\nName=m1unm\n[Link]\nUnmanaged=yes\n", | |
966 | "[Match]\nName=m1*\n[Link]\nUnmanaged=no\n", | |
967 | ) | |
968 | ||
969 | # Write out the .network files to be cleaned up automatically. | |
970 | for i, config in enumerate(self.configs): | |
971 | self.write_network("%02d-test.network" % i, config) | |
972 | ||
973 | def tearDown(self): | |
974 | """Stop networkd.""" | |
975 | subprocess.call(['systemctl', 'stop', 'systemd-networkd']) | |
976 | ||
977 | def create_iface(self): | |
978 | """Create temporary veth pairs for interface matching.""" | |
979 | for veth, peer in self.veths.items(): | |
618b196e | 980 | self.add_veth_pair(veth, peer) |
a09dc546 DM |
981 | |
982 | def test_unmanaged_setting(self): | |
983 | """Verify link states with Unmanaged= settings, hot-plug.""" | |
984 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
985 | self.create_iface() | |
986 | self.assert_link_states(m1def='managed', | |
987 | m1man='managed', | |
988 | m1unm='unmanaged', | |
989 | m0unm='unmanaged') | |
990 | ||
991 | def test_unmanaged_setting_coldplug(self): | |
992 | """Verify link states with Unmanaged= settings, cold-plug.""" | |
993 | self.create_iface() | |
994 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
995 | self.assert_link_states(m1def='managed', | |
996 | m1man='managed', | |
997 | m1unm='unmanaged', | |
998 | m0unm='unmanaged') | |
999 | ||
1000 | def test_catchall_config(self): | |
1001 | """Verify link states with a catch-all config, hot-plug.""" | |
1002 | # Don't actually catch ALL interfaces. It messes up the host. | |
1003 | self.write_network('all.network', "[Match]\nName=m[01]???\n") | |
1004 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
1005 | self.create_iface() | |
1006 | self.assert_link_states(m1def='managed', | |
1007 | m1man='managed', | |
1008 | m1unm='unmanaged', | |
1009 | m0unm='managed') | |
1010 | ||
1011 | def test_catchall_config_coldplug(self): | |
1012 | """Verify link states with a catch-all config, cold-plug.""" | |
1013 | # Don't actually catch ALL interfaces. It messes up the host. | |
1014 | self.write_network('all.network', "[Match]\nName=m[01]???\n") | |
1015 | self.create_iface() | |
1016 | subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) | |
1017 | self.assert_link_states(m1def='managed', | |
1018 | m1man='managed', | |
1019 | m1unm='unmanaged', | |
1020 | m0unm='managed') | |
1021 | ||
1022 | ||
4ddb85b1 MP |
1023 | if __name__ == '__main__': |
1024 | unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout, | |
1025 | verbosity=2)) |