[Service]
Type=notify
-ExecStart=bash -c "echo failure >> /tmp/success-failure-test-result && systemd-notify --ready && sleep infinity"
+ExecStart=bash -c "echo failure >>/tmp/success-failure-test-result && systemd-notify --ready && sleep infinity"
# a restart, the third a stop followed by a start
if [ -e "$COUNTER" ] ; then
- read -r N < "$COUNTER"
+ read -r N <"$COUNTER"
else
N=0
fi
# First iteration
test "${LISTEN_FDS:-0}" -eq 0
test ! -e "$FILE"
- echo waldi > "$FILE"
- systemd-notify --fd=3 --fdname="fd-$N-$PINNED" 3< "$FILE"
+ echo waldi >"$FILE"
+ systemd-notify --fd=3 --fdname="fd-$N-$PINNED" 3<"$FILE"
elif [ "$N" -eq 1 ] || { [ "$N" -eq 2 ] && [ "$PINNED" -eq 1 ]; } ; then
# Second iteration, or iteration with pinning on
test "${LISTEN_FDS:-0}" -eq 1
# We reopen fd #3 here, so that the read offset is at zero each time (hence no <&3 here…)
- read -r word < /proc/self/fd/3
+ read -r word </proc/self/fd/3
test "$word" = "waldi"
else
test "${LISTEN_FDS:-0}" -eq 0
if [ "$N" -ge 2 ] ; then
rm "$COUNTER" "$FILE"
else
- echo $((N + 1)) > "$COUNTER"
+ echo $((N + 1)) >"$COUNTER"
fi
systemd-notify --ready --status="Ready"
console.sendline('root')
console.expect('bash.*# ', 10)
- console.sendline('> /testok')
+ console.sendline('>/testok')
logger.info('power off')
console.sendline('poweroff')
--unit="$name" \
--wait "$test" && ret=0 || ret=$?
- exec {LOCK_FD}> /lock
+ exec {LOCK_FD}>/lock
flock --exclusive ${LOCK_FD}
if [[ $ret -eq 77 ]] || [[ $ret -eq 127 ]]; then
mkdir -p "$container_systemd_dir"
# Generate a phony random machine-id for the container
- uuidgen -r | tr -d '-' | tr '[:upper:]' '[:lower:]' > "${CONTAINER_ROOT_FS}/etc/machine-id"
+ uuidgen -r | tr -d '-' | tr '[:upper:]' '[:lower:]' >"${CONTAINER_ROOT_FS}/etc/machine-id"
cat <<EOF >"$internal_test_service"
[Unit]
[Service]
Type=oneshot
-ExecStart=bash -c 'echo "$EXPECTED_OUTPUT" > "$guest_output"'
+ExecStart=bash -c 'echo "$EXPECTED_OUTPUT" >"$guest_output"'
ExecStartPost=systemctl --no-block exit 0
TimeoutStopSec=15s
varlinkctl call --more /run/systemd/io.systemd.Import io.systemd.Import.Pull '{"class":"confext","remote":"file:///var/tmp/importtest.tar.gz","local":"importtest8","type":"tar","verify":"no"}'
cmp /var/tmp/importtest /var/lib/confexts/importtest8/importtest
-echo -n "systemd.pull=tar,confext,verify=no:importtest9:file:///var/tmp/importtest.tar.gz " > "$TEST_CMDLINE"
-cat /proc/cmdline >> "$TEST_CMDLINE"
+echo -n "systemd.pull=tar,confext,verify=no:importtest9:file:///var/tmp/importtest.tar.gz " >"$TEST_CMDLINE"
+cat /proc/cmdline >>"$TEST_CMDLINE"
mount --bind "$TEST_CMDLINE" /proc/cmdline
cat /proc/cmdline
root="$(mktemp -d /var/lib/machines/TEST-13-NSPAWN.link-journal.XXX)"
create_dummy_container "$root"
- systemd-id128 new > "$root"/etc/machine-id
+ systemd-id128 new >"$root"/etc/machine-id
hoge="/var/log/journal/$(cat "$root"/etc/machine-id)/"
mkdir -p "$hoge"
cat /var/tmp/pull-oci-test/v2/ocicombo/manifests/latest
jq < /var/tmp/pull-oci-test/v2/ocicombo/manifests/latest
-cat > /usr/lib/systemd/oci-registry/registry.localfile.oci-registry <<EOF
+cat >/usr/lib/systemd/oci-registry/registry.localfile.oci-registry <<EOF
{
"defaultProtocol" : "file",
"overrideRegistry" : "/var/tmp/pull-oci-test"
loginctl enable-linger testuser
run0 -u testuser mkdir -p .config/systemd/nspawn/
-run0 -u testuser -i "echo -e \"[Exec]\nKillSignal=SIGKILL\n\" > .config/systemd/nspawn/zurps.nspawn"
+run0 -u testuser -i "echo -e \"[Exec]\nKillSignal=SIGKILL\n\" >.config/systemd/nspawn/zurps.nspawn"
run0 -u testuser systemctl start --user systemd-nspawn@zurps.service
machinectl status zurps
run0 -u testuser importctl --user export-tar zurps /var/tmp/image-tar/kurps.tar.gz -m
run0 -u testuser importctl --user import-tar /var/tmp/image-tar/kurps.tar.gz -m
-run0 -u testuser -i "echo -e \"[Exec]\nKillSignal=SIGKILL\n\" > .config/systemd/nspawn/kurps.nspawn"
+run0 -u testuser -i "echo -e \"[Exec]\nKillSignal=SIGKILL\n\" >.config/systemd/nspawn/kurps.nspawn"
run0 -u testuser systemctl start --user systemd-nspawn@kurps.service
machinectl terminate kurps
-run0 -u testuser -D /var/tmp/image-tar/ bash -c 'sha256sum kurps.tar.gz > SHA256SUMS'
+run0 -u testuser -D /var/tmp/image-tar/ bash -c 'sha256sum kurps.tar.gz >SHA256SUMS'
run0 -u testuser importctl --user pull-tar file:///var/tmp/image-tar/kurps.tar.gz nurps --verify=checksum -m
-run0 -u testuser -i "echo -e \"[Exec]\nKillSignal=SIGKILL\n\" > .config/systemd/nspawn/nurps.nspawn"
+run0 -u testuser -i "echo -e \"[Exec]\nKillSignal=SIGKILL\n\" >.config/systemd/nspawn/nurps.nspawn"
run0 -u testuser systemctl start --user systemd-nspawn@nurps.service
machinectl terminate nurps
run0 -u testuser machinectl --user image-status wamms
run0 -u testuser machinectl --user show-image wamms
-run0 -u testuser -i "echo -e \"[Exec]\nKillSignal=SIGKILL\n\" > .config/systemd/nspawn/wamms.nspawn"
+run0 -u testuser -i "echo -e \"[Exec]\nKillSignal=SIGKILL\n\" >.config/systemd/nspawn/wamms.nspawn"
run0 -u testuser systemctl start --user systemd-nspawn@wamms.service
run0 -u testuser systemctl stop --user systemd-nspawn@zurps.service
rules="/run/udev/rules.d/99-test-17.global-property.rules"
mkdir -p "${rules%/*}"
-cat > "$rules" <<'EOF'
+cat >"$rules" <<'EOF'
ENV{FOO}=="?*", ENV{PROP_FOO}="$env{FOO}"
ENV{BAR}=="?*", ENV{PROP_BAR}="$env{BAR}"
EOF
rules="/run/udev/rules.d/99-test-17.serialization.rules"
mkdir -p "${rules%/*}"
-cat > "$rules" <<'EOF'
+cat >"$rules" <<'EOF'
SUBSYSTEM!="mem", GOTO="end"
KERNEL!="null", GOTO="end"
ACTION=="remove", GOTO="end"
IMPORT{db}="INVOCATIONS"
IMPORT{program}="/usr/bin/bash -c 'systemctl show --property=InvocationID systemd-udevd.service'"
ENV{INVOCATIONS}+="%E{ACTION}_%E{SEQNUM}_%E{InvocationID}"
-ACTION=="add", RUN+="/usr/bin/bash -c ':> /tmp/marker'", RUN+="/usr/bin/sleep 10"
+ACTION=="add", RUN+="/usr/bin/bash -c ': >/tmp/marker'", RUN+="/usr/bin/sleep 10"
LABEL="end"
EOF
# Check that this will work safely a second time
systemd-run --user -p StateDirectory=foo -p ConfigurationDirectory=foo --wait true
-( ! systemd-run --user -p StateDirectory=foo::ro --wait bash -c "echo foo > $HOME/.local/state/foo/baz")
-( ! systemd-run --user -p StateDirectory=foo:bar:ro --wait bash -c "echo foo > $HOME/.local/state/foo/baz")
+( ! systemd-run --user -p StateDirectory=foo::ro --wait bash -c "echo foo >$HOME/.local/state/foo/baz")
+( ! systemd-run --user -p StateDirectory=foo:bar:ro --wait bash -c "echo foo >$HOME/.local/state/foo/baz")
( ! test -f "$HOME"/.local/state/foo/baz)
test -L "$HOME"/.local/state/bar
(! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"=zzz test -f "${path}"/zzz/test-missing)
systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" test -d "${path}"/www
systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" test -L "${path}"/ro
- (! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" bash -c "echo foo > ${path}/www/test-missing")
+ (! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" bash -c "echo foo >${path}/www/test-missing")
test -d "${path}"/zzz
test ! -L "${path}"/zzz
(! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=1 -p "${directory}"=zzz test -f "${path}"/zzz/test-missing)
systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=1 -p "${directory}"="www::ro www:ro:ro" test -d "${path}"/www
systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=1 -p "${directory}"="www::ro www:ro:ro" test -L "${path}"/ro
- (! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=1 -p "${directory}"="www::ro www:ro:ro" bash -c "echo foo > ${path}/www/test-missing")
+ (! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=1 -p "${directory}"="www::ro www:ro:ro" bash -c "echo foo >${path}/www/test-missing")
test -L "${path}"/zzz
test -d "${path}"/private/zzz
(! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"=zzz test -f "${path}"/zzz/test-missing)
systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" test -d "${path}"/www
systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" test -L "${path}"/ro
- (! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" bash -c "echo foo > ${path}/www/test-missing")
+ (! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" bash -c "echo foo >${path}/www/test-missing")
test -d "${path}"/zzz
test ! -L "${path}"/zzz
session required pam_unix.so
EOF
- cat > "$SCRIPT" <<'EOF'
+ cat >"$SCRIPT" <<'EOF'
#!/usr/bin/env bash
set -ex
typeset -i AMB MASK
bash -c 'keyctl link @u @s; eval "$1"' -- "$2"
}
- fscrypt_run0 fsfsfs1234 'echo "hello fscrypt" > /home/fscrypttest/file1'
+ fscrypt_run0 fsfsfs1234 'echo "hello fscrypt" >/home/fscrypttest/file1'
[[ "$(fscrypt_run0 fsfsfs1234 'cat /home/fscrypttest/file1')" == "hello fscrypt" ]]
fscrypt_run0 fsfsfs1234 'mkdir /home/fscrypttest/subdir'
fscrypt_run0 fsfsfs1234 'dd if=/dev/urandom of=/home/fscrypttest/subdir/blob bs=4096 count=8 status=none'
fscrypt_run0 fsfsfs1234 'cp /home/fscrypttest/subdir/blob /home/fscrypttest/subdir/blob.copy && cmp /home/fscrypttest/subdir/blob /home/fscrypttest/subdir/blob.copy'
- fscrypt_run0 fsfsfs1234 'echo appended >> /home/fscrypttest/file1 && grep -F appended /home/fscrypttest/file1 >/dev/null'
+ fscrypt_run0 fsfsfs1234 'echo appended >>/home/fscrypttest/file1 && grep -F appended /home/fscrypttest/file1 >/dev/null'
fscrypt_run0 fsfsfs1234 'rm /home/fscrypttest/subdir/blob.copy && test ! -e /home/fscrypttest/subdir/blob.copy'
systemctl stop user@"$(id -u fscrypttest)".service 2>/dev/null || true
trap rm_rf_sshbindir EXIT
# Create a fake "ssh" binary that validates everything works as expected if invoked for the "ssh-unix:" Varlink transport
-cat > "$SSHBINDIR"/ssh <<'EOF'
+cat >"$SSHBINDIR"/ssh <<'EOF'
#!/usr/bin/env bash
set -xe
SYSTEMD_SSH="$SSHBINDIR/ssh" varlinkctl info ssh-unix:foobar:/run/systemd/journal/io.systemd.journal
# Now build another fake "ssh" binary that does the same for "ssh-exec:"
-cat > "$SSHBINDIR"/ssh <<'EOF'
+cat >"$SSHBINDIR"/ssh <<'EOF'
#!/usr/bin/env bash
set -xe
UPGRADE_SOCKET2="$(mktemp -d)/upgrade.sock"
systemd-notify --fork -q -- python3 "$UPGRADE_SERVER" "$UPGRADE_SOCKET2"
-echo "file input test" > /tmp/test-upgrade-input
-result="$(varlinkctl call --upgrade "unix:$UPGRADE_SOCKET2" io.systemd.test.Reverse '{"foo":"file"}' < /tmp/test-upgrade-input)"
+echo "file input test" >/tmp/test-upgrade-input
+result="$(varlinkctl call --upgrade "unix:$UPGRADE_SOCKET2" io.systemd.test.Reverse '{"foo":"file"}' </tmp/test-upgrade-input)"
echo "$result" | grep "<<< UPGRADED >>>" >/dev/null
echo "$result" | grep '"foo": "file"' >/dev/null
echo "$result" | grep "tset tupni elif" >/dev/null
# Test --upgrade over ssh-exec: transport (pipe pair, not a bidirectional socket).
# This exercises the input_fd != output_fd path in sd_varlink_call_and_upgrade().
# Reuse the same server script without a socket argument - it speaks over stdin/stdout.
-cat > "$SSHBINDIR"/ssh <<EOF
+cat >"$SSHBINDIR"/ssh <<EOF
#!/usr/bin/env bash
exec python3 "$UPGRADE_SERVER"
EOF
# Since stdout goes to the socket (not the terminal), write results to a file for verification.
EXEC_RESULT="$(mktemp)"
varlinkctl call --upgrade --exec "unix:$UPGRADE_SOCKET" io.systemd.test.Reverse '{"foo":"bar"}' -- \
- bash -c "head -2 > '$EXEC_RESULT'; echo 'hello world'; head -1 >> '$EXEC_RESULT'"
+ bash -c "head -2 >'$EXEC_RESULT'; echo 'hello world'; head -1 >>'$EXEC_RESULT'"
grep "<<< UPGRADED >>>" "$EXEC_RESULT" >/dev/null
grep '"foo": "bar"' "$EXEC_RESULT" >/dev/null
grep "dlrow olleh" "$EXEC_RESULT" >/dev/null
varlinkctl serve io.systemd.Compress.Decompress gunzip)
SERVE_TMPDIR="$(mktemp -d)"
-echo "untrusted data decompressed safely via varlink serve" | gzip > "$SERVE_TMPDIR/compressed.gz"
-result="$(varlinkctl call --upgrade "unix:$SERVE_SOCKET" io.systemd.Compress.Decompress '{}' < "$SERVE_TMPDIR/compressed.gz")"
+echo "untrusted data decompressed safely via varlink serve" | gzip >"$SERVE_TMPDIR/compressed.gz"
+result="$(varlinkctl call --upgrade "unix:$SERVE_SOCKET" io.systemd.Compress.Decompress '{}' <"$SERVE_TMPDIR/compressed.gz")"
echo "$result" | grep "untrusted data decompressed safely" >/dev/null
kill "$SERVE_PID" 2>/dev/null || true
wait "$SERVE_PID" 2>/dev/null || true
set -ex
set -o pipefail
-if ! env --block-signal=SIGUSR1 true 2> /dev/null ; then
+if ! env --block-signal=SIGUSR1 true 2>/dev/null; then
echo "env tool too old, can't block signals, skipping test." >&2
echo OK >/testok
exit 0
mkfifo /tmp/syncfifo1 /tmp/syncfifo2
sync_in() {
- read -r x < /tmp/syncfifo1
+ read -r x </tmp/syncfifo1
test "$x" = "$1"
}
# Now test basic fdstore behaviour
MYSCRIPT="/tmp/myscript$RANDOM.sh"
-cat >> "$MYSCRIPT" <<'EOF'
+cat >>"$MYSCRIPT" <<'EOF'
#!/usr/bin/env bash
set -eux
set -o pipefail
test "$FDSTORE" -eq 7
N="/tmp/$RANDOM"
-echo $RANDOM > "$N"
-systemd-notify --fd=4 --fdname=quux --pid=parent 4< "$N"
+echo $RANDOM >"$N"
+systemd-notify --fd=4 --fdname=quux --pid=parent 4<"$N"
rm "$N"
systemd-notify --ready
exec sleep infinity
mkdir -p "/run/systemd/system/systemd-nspawn@$CONTAINER.service.d"
# Bind-mounting /etc into the container kinda defeats the purpose of --volatile=,
# but we need the ASan-related overrides scattered across /etc
- cat > "/run/systemd/system/systemd-nspawn@$CONTAINER.service.d/override.conf" <<EOF
+ cat >"/run/systemd/system/systemd-nspawn@$CONTAINER.service.d/override.conf" <<EOF
[Service]
ExecStart=
ExecStart=systemd-nspawn --quiet --link-journal=try-guest --keep-unit --machine=%i --boot \
while IFS= read -r -t 60 line <&3; do
echo "$line"
[[ "$line" == LINK_IDS=* ]] && break
-done > /tmp/restrict-fsaccess-dvk-attach.out
+done >/tmp/restrict-fsaccess-dvk-attach.out
# Fail closed if helper died before printing the full handshake: an unattached
# program would let the subsequent verity exec test pass trivially.
while IFS= read -r -t 60 line <&3; do
echo "$line"
[[ "$line" == LINK_IDS=* ]] && break
-done > /tmp/restrict-fsaccess-attach.out
+done >/tmp/restrict-fsaccess-attach.out
VERITY_MAP_ID=$(sed -n 's/^VERITY_MAP_ID=//p' /tmp/restrict-fsaccess-attach.out)
BSS_MAP_ID=$(sed -n 's/^BSS_MAP_ID=//p' /tmp/restrict-fsaccess-attach.out)
state_file=/run/TEST-91-LIVEUPDATE-failure.attempt
attempt=$(cat "$state_file" 2>/dev/null || echo 0)
attempt=$((attempt + 1))
-echo "$attempt" > "$state_file"
+echo "$attempt" >"$state_file"
if [[ "$attempt" -eq 1 ]]; then
systemd-notify --fd=0 --fdname=mem </dev/zero
else
# Exercise the FD-store preservation chain across a kexec for a privileged
# nspawn container managed as a system service:
- # payload (inside container) -> systemd-nspawn@fdstore.service fdstore
- # -> LUO -> after kexec PID 1 restores the fdstore -> systemd-nspawn ->
+ # payload (inside container) → systemd-nspawn@fdstore.service fdstore
+ # → LUO → after kexec PID 1 restores the fdstore → systemd-nspawn →
# payload verifies content matches.
create_dummy_container /var/lib/machines/fdstore
cat >/var/lib/machines/fdstore/sbin/init <<'EOF'
projects / thirdparty / systemd.git / commitdiff
