If sh is not bash, some builtin command behave slightly differently.
E.g. if sh is provided by busybox, its builtin test command does not check if
the path is a mount point or not, and 'test -w' only checks the access mode of
the inode. So, even if a readonly filesystem is mounted on a directory,
the test command may succeed.
To avoid such confusion, let's unconditionally use bash.
[Service]
Type=exec
-ExecStart=sh -x -c 'while :; do printf "Hola\n" || touch /tmp/i-lose-my-logs; sleep 1; done'
+ExecStart=bash -x -c 'while :; do printf "Hola\n" || touch /tmp/i-lose-my-logs; sleep 1; done'
[Service]
Type=simple
-ExecStart=sh -c 'date +%%s >>/tmp/defer-reactivation.log; sleep 5'
+ExecStart=bash -c 'date +%%s >>/tmp/defer-reactivation.log; sleep 5'
[Service]
Type=oneshot
-ExecStart=sh -c 'sleep infinity & exit 0'
+ExecStart=bash -c 'sleep infinity & exit 0'
'service' : integration_test_template['configuration']['service'] + {
'NotifyAccess' : 'all',
# Issue: https://github.com/systemd/systemd/issues/2691
- 'ExecStop' : 'sh -c \'kill -SEGV $$$$\'',
+ 'ExecStop' : 'bash -c \'kill -SEGV $$$$\'',
'RemainAfterExit' : 'yes',
'TimeoutStopSec' : '270s',
},
BindPaths=/run/TEST-23-UNIT-FILE-marker-fixed:/tmp/testfile-marker-fixed
InaccessiblePaths=/run/inaccessible
ExecStartPre=grep -q -F MARKER_FIXED /tmp/testfile-marker-fixed
-ExecStart=sh -c 'systemd-notify --ready; until grep -q -F MARKER_RUNTIME /tmp/testfile-marker-runtime; do sleep 0.1; done; test ! -f /run/inaccessible/testfile-marker-fixed'
+ExecStart=bash -c 'systemd-notify --ready; until grep -q -F MARKER_RUNTIME /tmp/testfile-marker-runtime; do sleep 0.1; done; test ! -f /run/inaccessible/testfile-marker-fixed'
RuntimeMaxSec=5
Type=notify
RemainAfterExit=yes
-ExecStart=sh -c 'systemd-notify --ready; until grep -q -F MARKER_RUNTIME /tmp/testfile-marker-runtime; do sleep 0.1; done; exit 0'
+ExecStart=bash -c 'systemd-notify --ready; until grep -q -F MARKER_RUNTIME /tmp/testfile-marker-runtime; do sleep 0.1; done; exit 0'
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=sh -c "if [ -f /tmp/TEST-23-UNIT-FILE-retry-fail ]; then exit 0; else exit 1; fi"
+ExecStart=bash -c "if [ -f /tmp/TEST-23-UNIT-FILE-retry-fail ]; then exit 0; else exit 1; fi"
Restart=no
[Service]
ExecStart=/usr/lib/systemd/tests/testdata/TEST-52-HONORFIRSTSHUTDOWN.units/%N.sh
-ExecStop=sh -c 'kill -KILL $MAINPID'
+ExecStop=bash -c 'kill -KILL $MAINPID'
FailureAction=reboot
[Install]
[Unit]
Description=TEST-62-RESTRICT-IFACES-all-pings-work
[Service]
-ExecStart=sh -c 'ping -c 1 -W 0.2 192.168.113.1'
-ExecStart=sh -c 'ping -c 1 -W 0.2 192.168.113.5'
-ExecStart=sh -c 'ping -c 1 -W 0.2 192.168.113.9'
+ExecStart=bash -c 'ping -c 1 -W 0.2 192.168.113.1'
+ExecStart=bash -c 'ping -c 1 -W 0.2 192.168.113.5'
+ExecStart=bash -c 'ping -c 1 -W 0.2 192.168.113.9'
RestrictNetworkInterfaces=
Type=oneshot
[Unit]
Description=TEST-62-RESTRICT-IFACES-allow-list
[Service]
-ExecStart=sh -c 'ping -c 1 -W 0.2 192.168.113.1'
-ExecStart=sh -c 'ping -c 1 -W 0.2 192.168.113.5'
-ExecStart=sh -c '! ping -c 1 -W 0.2 192.168.113.9'
+ExecStart=bash -c 'ping -c 1 -W 0.2 192.168.113.1'
+ExecStart=bash -c 'ping -c 1 -W 0.2 192.168.113.5'
+ExecStart=bash -c '! ping -c 1 -W 0.2 192.168.113.9'
RestrictNetworkInterfaces=veth0
RestrictNetworkInterfaces=veth1
Type=oneshot
[Unit]
Description=TEST-62-RESTRICT-IFACES-deny-list
[Service]
-ExecStart=sh -c '! ping -c 1 -W 0.2 192.168.113.1'
-ExecStart=sh -c '! ping -c 1 -W 0.2 192.168.113.5'
-ExecStart=sh -c 'ping -c 1 -W 0.2 192.168.113.9'
+ExecStart=bash -c '! ping -c 1 -W 0.2 192.168.113.1'
+ExecStart=bash -c '! ping -c 1 -W 0.2 192.168.113.5'
+ExecStart=bash -c 'ping -c 1 -W 0.2 192.168.113.9'
RestrictNetworkInterfaces=~veth0
RestrictNetworkInterfaces=~veth1
Type=oneshot
[Unit]
Description=TEST-62-RESTRICT-IFACES-empty-assignment
[Service]
-ExecStart=sh -c 'ping -c 1 -W 0.2 192.168.113.1'
-ExecStart=sh -c 'ping -c 1 -W 0.2 192.168.113.5'
-ExecStart=sh -c 'ping -c 1 -W 0.2 192.168.113.9'
+ExecStart=bash -c 'ping -c 1 -W 0.2 192.168.113.1'
+ExecStart=bash -c 'ping -c 1 -W 0.2 192.168.113.5'
+ExecStart=bash -c 'ping -c 1 -W 0.2 192.168.113.9'
RestrictNetworkInterfaces=veth0
RestrictNetworkInterfaces=
Type=oneshot
[Unit]
Description=TEST-62-RESTRICT-IFACES-invert-assignment
[Service]
-ExecStart=sh -c '! ping -c 1 -W 0.2 192.168.113.1'
-ExecStart=sh -c 'ping -c 1 -W 0.2 192.168.113.5'
-ExecStart=sh -c '! ping -c 1 -W 0.2 192.168.113.9'
+ExecStart=bash -c '! ping -c 1 -W 0.2 192.168.113.1'
+ExecStart=bash -c 'ping -c 1 -W 0.2 192.168.113.5'
+ExecStart=bash -c '! ping -c 1 -W 0.2 192.168.113.9'
RestrictNetworkInterfaces=veth0
RestrictNetworkInterfaces=veth0 veth1
RestrictNetworkInterfaces=~veth0
[Unit]
Description=TEST-62-RESTRICT-IFACES-altname
[Service]
-ExecStart=sh -c 'ping -c 1 -W 0.2 192.168.113.1'
-ExecStart=sh -c 'ping -c 1 -W 0.2 192.168.113.5'
-ExecStart=sh -c '! ping -c 1 -W 0.2 192.168.113.9'
+ExecStart=bash -c 'ping -c 1 -W 0.2 192.168.113.1'
+ExecStart=bash -c 'ping -c 1 -W 0.2 192.168.113.5'
+ExecStart=bash -c '! ping -c 1 -W 0.2 192.168.113.9'
RestrictNetworkInterfaces=veth0-altname-with-more-than-15-chars
RestrictNetworkInterfaces=veth1-altname-with-more-than-15-chars
Type=oneshot
# SPDX-License-Identifier: LGPL-2.1-or-later
[Service]
-ExecStartPre=sh -c 'test "$TRIGGER_PATH" = /tmp/test63-glob-foo'
-ExecStartPre=sh -c 'test "$TRIGGER_UNIT" = test63-glob.path'
+ExecStartPre=bash -c 'test "$TRIGGER_PATH" = /tmp/test63-glob-foo'
+ExecStartPre=bash -c 'test "$TRIGGER_UNIT" = test63-glob.path'
ExecStart=systemd-notify --ready
RemainAfterExit=yes
Type=notify
ConditionPathExists=/tmp/nonexistent
[Service]
-ExecStartPre=sh -c 'test "$TRIGGER_PATH" = /tmp/test63'
-ExecStartPre=sh -c 'test "$TRIGGER_UNIT" = test63.path'
+ExecStartPre=bash -c 'test "$TRIGGER_PATH" = /tmp/test63'
+ExecStartPre=bash -c 'test "$TRIGGER_UNIT" = test63.path'
ExecStart=true
Description=Test for AmbientCapabilities (dynamic user)
[Service]
-ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002081"'
+ExecStart=bash -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002081"'
Type=oneshot
AmbientCapabilities=CAP_CHOWN CAP_SETUID CAP_NET_RAW
DynamicUser=yes
Description=Test for AmbientCapabilities
[Service]
-ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
+ExecStart=bash -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
Type=oneshot
User=nfsnobody
AmbientCapabilities=CAP_CHOWN
Description=Test for AmbientCapabilities
[Service]
-ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
+ExecStart=bash -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
Type=oneshot
User=nobody
AmbientCapabilities=CAP_CHOWN
Description=Test for AmbientCapabilities (daemon)
[Service]
-ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
+ExecStart=bash -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
Type=oneshot
User=daemon
AmbientCapabilities=CAP_CHOWN
Description=Test for AmbientCapabilities
[Service]
-ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
+ExecStart=bash -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
Type=oneshot
User=nfsnobody
AmbientCapabilities=CAP_CHOWN CAP_NET_RAW
Description=Test for AmbientCapabilities
[Service]
-ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
+ExecStart=bash -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
Type=oneshot
User=nobody
AmbientCapabilities=CAP_CHOWN CAP_NET_RAW
Description=Test for AmbientCapabilities (daemon)
[Service]
-ExecStart=sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
+ExecStart=bash -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
Type=oneshot
User=daemon
AmbientCapabilities=CAP_CHOWN CAP_NET_RAW
ConditionVersion=glibc " >= 2" " * "
[Service]
-ExecStart=touch /tmp/a ; /bin/sh -c 'touch /tmp/b' ; touch /tmp/c
+ExecStart=touch /tmp/a ; bash -c 'touch /tmp/b' ; touch /tmp/c
ExecStart=test -f /tmp/a
ExecStart=!test -f /tmp/b
ExecStart=!!test -f /tmp/c
# Also, through /tmp/test-exec-bindreadonlypaths
ExecStart=test -f /tmp/test-exec-bindreadonlypaths/thisisasimpletest
# The file cannot modify through /tmp/test-exec-bindreadonlypaths
-ExecStart=sh -x -c '! touch /tmp/test-exec-bindreadonlypaths/thisisasimpletest'
+ExecStart=bash -x -c '! touch /tmp/test-exec-bindreadonlypaths/thisisasimpletest'
# Cleanup
ExecStart=rm /tmp/thisisasimpletest
BindPaths=/tmp:/tmp/test-exec-bindpaths
[Service]
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
-ExecStart=sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep "^Bounding set .*cap_chown"'
+ExecStart=bash -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep "^Bounding set .*cap_chown"'
Type=oneshot
CapabilityBoundingSet=~CAP_CHOWN
Description=Test for CapabilityBoundingSet
[Service]
-ExecStart=sh -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set =cap_chown,cap_fowner,cap_kill"'
+ExecStart=bash -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set =cap_chown,cap_fowner,cap_kill"'
Type=oneshot
CapabilityBoundingSet=CAP_FOWNER
CapabilityBoundingSet=CAP_KILL CAP_CHOWN
Description=Test for CapabilityBoundingSet
[Service]
-ExecStart=sh -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set ="'
+ExecStart=bash -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set ="'
Type=oneshot
CapabilityBoundingSet=CAP_FOWNER CAP_KILL
CapabilityBoundingSet=
Description=Test for CapabilityBoundingSet
[Service]
-ExecStart=sh -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set =cap_fowner,cap_kill"'
+ExecStart=bash -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set =cap_fowner,cap_kill"'
Type=oneshot
CapabilityBoundingSet=CAP_FOWNER CAP_KILL
Type=oneshot
# exit 255 will fail the unit
-ExecCondition=/bin/sh -c 'exit 255'
+ExecCondition=bash -c 'exit 255'
# This should not get run
-ExecStart=sh -c 'true'
+ExecStart=bash -c 'true'
Type=oneshot
# exit codes [1, 254] will result in skipping the rest of execution
-ExecCondition=/bin/sh -c 'exit 0'
-ExecCondition=/bin/sh -c 'exit 254'
+ExecCondition=bash -c 'exit 0'
+ExecCondition=bash -c 'exit 254'
# This would normally fail the unit but will not get run due to the skip above
-ExecCondition=/bin/sh -c 'exit 255'
+ExecCondition=bash -c 'exit 255'
# This should not get run
-ExecStart=sh -c 'true'
+ExecStart=bash -c 'true'
Description=Test for CPUAffinity (simple)
[Service]
-ExecStart=sh -c 'test $$(cat /proc/self/status | grep Cpus_allowed: | rev | cut -c 1) = 1'
+ExecStart=bash -c 'test $$(cat /proc/self/status | grep Cpus_allowed: | rev | cut -c 1) = 1'
CPUAffinity=0
Description=Test for CPUAffinity (reset)
[Service]
-ExecStart=sh -c 'test $$(cat /proc/self/status | grep Cpus_allowed: | rev | cut -c 1) = 1'
+ExecStart=bash -c 'test $$(cat /proc/self/status | grep Cpus_allowed: | rev | cut -c 1) = 1'
CPUAffinity=0-1 3
CPUAffinity=
CPUAffinity=0
Description=Test for CPUAffinity (merge)
[Service]
-ExecStart=sh -c 'test $$(cat /proc/self/status | grep Cpus_allowed: | rev | cut -c 1) = 7'
+ExecStart=bash -c 'test $$(cat /proc/self/status | grep Cpus_allowed: | rev | cut -c 1) = 7'
CPUAffinity=0,1
CPUAffinity=1-2
ExecStart=test %d/very_top_secret = "${CREDENTIALS_DIRECTORY}/very_top_secret"
LoadCredential=very_top_secret
ExecStart=test %d/very_top_secret = "${CREDENTIALS_DIRECTORY}/very_top_secret"
-ExecStart=sh -c 'test %d/very_top_secret = "$TOP_SECRET"'
+ExecStart=bash -c 'test %d/very_top_secret = "$TOP_SECRET"'
ExecStartPost=test %d/very_top_secret = "${CREDENTIALS_DIRECTORY}/very_top_secret"
-ExecStartPost=sh -c 'test %d/very_top_secret = "$TOP_SECRET"'
+ExecStartPost=bash -c 'test %d/very_top_secret = "$TOP_SECRET"'
ExecStop=test %d/very_top_secret = "${CREDENTIALS_DIRECTORY}/very_top_secret"
-ExecStop=sh -c 'test %d/very_top_secret = "$TOP_SECRET"'
+ExecStop=bash -c 'test %d/very_top_secret = "$TOP_SECRET"'
ExecStopPost=test %d/very_top_secret = "${CREDENTIALS_DIRECTORY}/very_top_secret"
-ExecStopPost=sh -c 'test %d/very_top_secret = "$TOP_SECRET"'
+ExecStopPost=bash -c 'test %d/very_top_secret = "$TOP_SECRET"'
[Service]
Type=oneshot
-ExecStart=sh -x -c 'test "$$(id -nG)" = "adm" && test "$$(id -ng)" = "adm" && test "$$(id -nu)" = "adm"'
+ExecStart=bash -x -c 'test "$$(id -nG)" = "adm" && test "$$(id -ng)" = "adm" && test "$$(id -nu)" = "adm"'
# Multiple ExecStart= lines causes the issue #9702.
-ExecStart=sh -x -c 'test "$$(id -nG)" = "adm" && test "$$(id -ng)" = "adm" && test "$$(id -nu)" = "adm"'
+ExecStart=bash -x -c 'test "$$(id -nG)" = "adm" && test "$$(id -ng)" = "adm" && test "$$(id -nu)" = "adm"'
DynamicUser=yes
User=adm
ReadWritePaths=-/coverage
[Service]
Type=oneshot
-ExecStart=sh -x -c 'test "$$(id -nG)" = "games" && test "$$(id -ng)" = "games" && test "$$(id -nu)" = "games"'
+ExecStart=bash -x -c 'test "$$(id -nG)" = "games" && test "$$(id -ng)" = "games" && test "$$(id -nu)" = "games"'
# Multiple ExecStart= lines causes the issue #9702.
-ExecStart=sh -x -c 'test "$$(id -nG)" = "games" && test "$$(id -ng)" = "games" && test "$$(id -nu)" = "games"'
+ExecStart=bash -x -c 'test "$$(id -nG)" = "games" && test "$$(id -ng)" = "games" && test "$$(id -nu)" = "games"'
DynamicUser=yes
User=games
ReadWritePaths=-/coverage
Description=Test DynamicUser with User= and SupplementaryGroups=
[Service]
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
-ExecStart=sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "1"'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "1"'
Type=oneshot
User=1
DynamicUser=yes
Description=Test DynamicUser with User=
[Service]
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
-ExecStart=sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "1"'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "1"'
Type=oneshot
User=1
DynamicUser=yes
Description=Test for RuntimeDirectory with RuntimeDirectoryPreserve=yes and DynamicUser=yes
[Service]
-ExecStart=sh -x -c 'test -d %t/test-exec_runtimedirectorypreserve'
-ExecStart=sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectorypreserve"'
-ExecStart=sh -x -c 'touch $$RUNTIME_DIRECTORY/test'
+ExecStart=bash -x -c 'test -d %t/test-exec_runtimedirectorypreserve'
+ExecStart=bash -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectorypreserve"'
+ExecStart=bash -x -c 'touch $$RUNTIME_DIRECTORY/test'
Type=oneshot
RuntimeDirectory=test-exec_runtimedirectorypreserve
RuntimeDirectoryPreserve=yes
Description=Test for RuntimeDirectory with RuntimeDirectoryPreserve=yes and DynamicUser=yes 2nd trial
[Service]
-ExecStart=sh -x -c 'test -d %t/test-exec_runtimedirectorypreserve'
-ExecStart=sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectorypreserve"'
-ExecStart=sh -x -c 'test -f $$RUNTIME_DIRECTORY/test'
-ExecStart=sh -x -c 'touch $$RUNTIME_DIRECTORY/test'
+ExecStart=bash -x -c 'test -d %t/test-exec_runtimedirectorypreserve'
+ExecStart=bash -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectorypreserve"'
+ExecStart=bash -x -c 'test -f $$RUNTIME_DIRECTORY/test'
+ExecStart=bash -x -c 'touch $$RUNTIME_DIRECTORY/test'
Type=oneshot
RuntimeDirectory=test-exec_runtimedirectorypreserve
RuntimeDirectoryPreserve=yes
Description=Test for RuntimeDirectory with DynamicUser=yes migrated from RuntimeDirectoryPreserve=yes
[Service]
-ExecStart=sh -x -c 'test -d %t/test-exec_runtimedirectorypreserve'
-ExecStart=sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectorypreserve"'
-ExecStart=sh -x -c 'test -f $$RUNTIME_DIRECTORY/test'
-ExecStart=sh -x -c 'touch $$RUNTIME_DIRECTORY/test'
+ExecStart=bash -x -c 'test -d %t/test-exec_runtimedirectorypreserve'
+ExecStart=bash -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectorypreserve"'
+ExecStart=bash -x -c 'test -f $$RUNTIME_DIRECTORY/test'
+ExecStart=bash -x -c 'touch $$RUNTIME_DIRECTORY/test'
Type=oneshot
RuntimeDirectory=test-exec_runtimedirectorypreserve
DynamicUser=yes
ExecStart=test -d %S/test-dynamicuser-migrate2/hoge
ExecStart=touch %S/test-dynamicuser-migrate/yay
ExecStart=touch %S/test-dynamicuser-migrate2/hoge/yayyay
-ExecStart=sh -x -c 'test "$$STATE_DIRECTORY" = "%S/test-dynamicuser-migrate:%S/test-dynamicuser-migrate2/hoge"'
+ExecStart=bash -x -c 'test "$$STATE_DIRECTORY" = "%S/test-dynamicuser-migrate:%S/test-dynamicuser-migrate2/hoge"'
Type=oneshot
DynamicUser=no
ExecStart=touch %S/test-dynamicuser-migrate2/hoge/yayyay
ExecStart=touch %S/private/test-dynamicuser-migrate/yay
ExecStart=touch %S/private/test-dynamicuser-migrate2/hoge/yayyay
-ExecStart=sh -x -c 'test "$$STATE_DIRECTORY" = "%S/test-dynamicuser-migrate:%S/test-dynamicuser-migrate2/hoge"'
+ExecStart=bash -x -c 'test "$$STATE_DIRECTORY" = "%S/test-dynamicuser-migrate:%S/test-dynamicuser-migrate2/hoge"'
Type=oneshot
DynamicUser=yes
ExecStart=test -f %S/private/xxx/yyy/foo
ExecStart=test -f %S/private/xxx/zzz/foo
-ExecStart=sh -x -c 'test "$$STATE_DIRECTORY" = "%S/aaa:%S/aaa/bbb:%S/aaa/ccc:%S/abc:%S/quux/pief:%S/waldo:%S/xxx:%S/xxx/yyy:%S/xxx/zzz"'
+ExecStart=bash -x -c 'test "$$STATE_DIRECTORY" = "%S/aaa:%S/aaa/bbb:%S/aaa/ccc:%S/abc:%S/quux/pief:%S/waldo:%S/xxx:%S/xxx/yyy:%S/xxx/zzz"'
Type=oneshot
DynamicUser=yes
Description=Test DynamicUser with SupplementaryGroups=
[Service]
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
Type=oneshot
DynamicUser=yes
SupplementaryGroups=1 2
Description=Test for Environment
[Service]
-ExecStart=sh -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2-unset}" = "unset" && test "$${VAR3-unset}" = "unset"'
+ExecStart=bash -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2-unset}" = "unset" && test "$${VAR3-unset}" = "unset"'
Type=oneshot
Environment="VAR1=word1 word2" VAR2=word3 "VAR3=$word 5 6"
Environment=
Description=Test for Environment
[Service]
-ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = foobar'
+ExecStart=bash -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = foobar'
Type=oneshot
Environment="VAR1=word1 word2" VAR2=word3 "VAR3=$word 5 6"
Environment="VAR3=foobar"
Description=Test for No Environment Variable Substitution
[Service]
-ExecStart=sh -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2}" = "word3" && test "$${VAR3-unset}" = \'$word 5 6\''
-ExecStart=:/bin/sh -x -c 'test "$${VAR1-unset}" != "unset" && test "$${VAR2}" != "word3" && test "$${VAR3-unset}" != \'$word 5 6\''
+ExecStart=bash -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2}" = "word3" && test "$${VAR3-unset}" = \'$word 5 6\''
+ExecStart=:bash -x -c 'test "$${VAR1-unset}" != "unset" && test "$${VAR2}" != "word3" && test "$${VAR3-unset}" != \'$word 5 6\''
Type=oneshot
Environment="VAR2=word3" "VAR3=$word 5 6"
Description=Test for Environment
[Service]
-ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6"'
+ExecStart=bash -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6"'
Type=oneshot
Environment="VAR1=word1 word2" VAR2=word3 "VAR3=$word 5 6"
Description=Test for EnvironmentFile
[Service]
-ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes'
+ExecStart=bash -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes'
Type=oneshot
EnvironmentFile=/tmp/test-exec_environmentfile.conf
# SPDX-License-Identifier: LGPL-2.1-or-later
[Service]
-ExecStart=sh -x -c 'test "$$PATH" = "/usr" && test "$$VAR1" = word3 && test "$$VAR2" = "\\$$word 5 6"'
+ExecStart=bash -x -c 'test "$$PATH" = "/usr" && test "$$VAR1" = word3 && test "$$VAR2" = "\\$$word 5 6"'
Type=oneshot
ExecSearchPath=/tmp:/bin
Environment="PATH=/usr" VAR1=word3 "VAR2=$word 5 6"
# SPDX-License-Identifier: LGPL-2.1-or-later
[Service]
-ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$PATH" = "/tmp:/bin"'
+ExecStart=bash -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$PATH" = "/tmp:/bin"'
Type=oneshot
ExecSearchPath=/tmp:/bin
Environment="VAR1=word1 word2" VAR2=word3 "VAR3=$word 5 6"
Description=Test for ExecSearchPath with EnvironmentFile where EnvironmentFile sets PATH
[Service]
-ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = /usr'
+ExecStart=bash -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = /usr'
Type=oneshot
EnvironmentFile=/tmp/test-exec_execsearchpath_environmentfile-set.conf
ExecSearchPath=/tmp:/bin
Description=Test for ExecSearchPath with EnvironmentFile where EnvironmentFile does not set PATH
[Service]
-ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = "/tmp:/bin"'
+ExecStart=bash -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = "/tmp:/bin"'
Type=oneshot
ExecSearchPath=/tmp:/bin
EnvironmentFile=/tmp/test-exec_execsearchpath_environmentfile.conf
Description=Test for PassEnvironment with ExecSearchPath with PATH set by user
[Service]
-ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = "/usr"'
+ExecStart=bash -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = "/usr"'
Type=oneshot
PassEnvironment=VAR1 VAR2 VAR3 VAR4 VAR5 PATH
ExecSearchPath=/tmp:/bin
Description=Test for PassEnvironment with ExecSearchPath with PATH not set by user
[Service]
-ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = "/tmp:/bin"'
+ExecStart=bash -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes && test "$$PATH" = "/tmp:/bin"'
Type=oneshot
PassEnvironment=VAR1 VAR2 VAR3 VAR4 VAR5
ExecSearchPath=/tmp:/bin
[Service]
Type=oneshot
ExecSearchPath=/tmp:/bin:/usr/bin:%V
-ExecStart=sh -x -c 'test %V = /var/tmp && test "$$PATH" = "/tmp:/bin:/usr/bin:/var/tmp"'
+ExecStart=bash -x -c 'test %V = /var/tmp && test "$$PATH" = "/tmp:/bin:/usr/bin:/var/tmp"'
Description=Test for Group
[Service]
-ExecStart=sh -x -c 'test "$$(id -n -g)" = "nfsnobody"'
+ExecStart=bash -x -c 'test "$$(id -n -g)" = "nfsnobody"'
Type=oneshot
Group=nfsnobody
Description=Test for Group
[Service]
-ExecStart=sh -x -c 'test "$$(id -n -g)" = "nobody"'
+ExecStart=bash -x -c 'test "$$(id -n -g)" = "nobody"'
Type=oneshot
Group=nobody
Description=Test for Group
[Service]
-ExecStart=sh -x -c 'test "$$(id -n -g)" = "nogroup"'
+ExecStart=bash -x -c 'test "$$(id -n -g)" = "nogroup"'
Type=oneshot
Group=nogroup
Description=Test for Group (daemon)
[Service]
-ExecStart=sh -x -c 'test "$$(id -n -g)" = "daemon"'
+ExecStart=bash -x -c 'test "$$(id -n -g)" = "daemon"'
Type=oneshot
Group=daemon
Description=Test for IgnoreSIGPIPE=no
[Service]
-ExecStart=sh -x -c 'kill -PIPE 0'
+ExecStart=bash -x -c 'kill -PIPE 0'
Type=oneshot
IgnoreSIGPIPE=no
Description=Test for IgnoreSIGPIPE=yes
[Service]
-ExecStart=sh -x -c 'kill -PIPE 0'
+ExecStart=bash -x -c 'kill -PIPE 0'
Type=oneshot
IgnoreSIGPIPE=yes
[Service]
InaccessiblePaths=-/i-dont-exist
-ExecStart=sh -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
+ExecStart=bash -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
Type=oneshot
[Service]
InaccessiblePaths=/sys
-ExecStart=sh -x -c 'test "$$(stat -c %%a /sys)" = "0"'
+ExecStart=bash -x -c 'test "$$(stat -c %%a /sys)" = "0"'
Type=oneshot
Description=Test for IOSchedulingClass=best-effort
[Service]
-ExecStart=sh -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "best-effort"'
+ExecStart=bash -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "best-effort"'
Type=oneshot
IOSchedulingClass=best-effort
Description=Test for IOSchedulingClass=idle
[Service]
-ExecStart=sh -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "idle"'
+ExecStart=bash -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "idle"'
Type=oneshot
IOSchedulingClass=idle
[Service]
# Old kernels might report "none" here, new kernels "best-effort".
-ExecStart=sh -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "none" -o "$${c%%:*}" = "best-effort"'
+ExecStart=bash -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "none" -o "$${c%%:*}" = "best-effort"'
Type=oneshot
IOSchedulingClass=none
Description=Test for IOSchedulingClass=realtime
[Service]
-ExecStart=sh -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "realtime"'
+ExecStart=bash -x -c 'c=$$(LC_ALL=C ionice); test "$${c%%:*}" = "realtime"'
Type=oneshot
IOSchedulingClass=realtime
Description=Test for LoadCredential=
[Service]
-ExecStart=sh -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
-ExecStartPost=sh -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
-ExecStop=sh -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
-ExecStopPost=sh -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
+ExecStart=bash -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
+ExecStartPost=bash -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
+ExecStop=bash -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
+ExecStopPost=bash -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
Type=oneshot
LoadCredential=test-execute.load-credential
Description=Test for NetworkNamespacePath= without mount namespacing
[Service]
-ExecStart=sh -x -c '! ip link show dummy-test-exec'
-ExecStart=sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
+ExecStart=bash -x -c '! ip link show dummy-test-exec'
+ExecStart=bash -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
# Without mount namespacing, we can access the dummy-test-exec interface through sysfs.
-ExecStart=sh -x -c 'test -e /sys/class/net/dummy-test-exec'
-ExecStart=sh -x -c 'ip link show dummy-test-ns'
-ExecStart=sh -x -c 'test -e /proc/sys/net/ipv4/conf/dummy-test-ns'
+ExecStart=bash -x -c 'test -e /sys/class/net/dummy-test-exec'
+ExecStart=bash -x -c 'ip link show dummy-test-ns'
+ExecStart=bash -x -c 'test -e /proc/sys/net/ipv4/conf/dummy-test-ns'
# Without mount namespacing, we cannot access the dummy-test-ns interface through sysfs.
-ExecStart=sh -x -c 'test ! -e /sys/class/net/dummy-test-ns'
+ExecStart=bash -x -c 'test ! -e /sys/class/net/dummy-test-ns'
Type=oneshot
NetworkNamespacePath=/run/netns/test-execute-netns
PrivateMounts=no
Description=Test for NetworkNamespacePath= with mount namespacing
[Service]
-ExecStart=sh -x -c '! ip link show dummy-test-exec'
-ExecStart=sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
+ExecStart=bash -x -c '! ip link show dummy-test-exec'
+ExecStart=bash -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
# With mount namespacing, we cannot access the dummy-test-exec interface through sysfs.
-ExecStart=sh -x -c 'test ! -e /sys/class/net/dummy-test-exec'
-ExecStart=sh -x -c 'ip link show dummy-test-ns'
-ExecStart=sh -x -c 'test -e /proc/sys/net/ipv4/conf/dummy-test-ns'
+ExecStart=bash -x -c 'test ! -e /sys/class/net/dummy-test-exec'
+ExecStart=bash -x -c 'ip link show dummy-test-ns'
+ExecStart=bash -x -c 'test -e /proc/sys/net/ipv4/conf/dummy-test-ns'
# With mount namespacing, we can access the dummy-test-ns interface through sysfs.
-ExecStart=sh -x -c 'test -e /sys/class/net/dummy-test-ns'
+ExecStart=bash -x -c 'test -e /sys/class/net/dummy-test-ns'
Type=oneshot
NetworkNamespacePath=/run/netns/test-execute-netns
# NetworkNamespacePath= implies PrivateMounts=yes
[Service]
Type=oneshot
# This should work, as we explicitly disable the effect of NoExecPaths=
-ExecStart=+/bin/sh -c '/bin/cat /dev/null'
+ExecStart=+bash -c '/bin/cat /dev/null'
# This should also work, as we do not disable the effect of NoExecPaths= but invert the exit code
-ExecStart=sh -x -c '! /bin/cat /dev/null'
+ExecStart=bash -x -c '! /bin/cat /dev/null'
NoExecPaths=/bin/cat
Description=Test for OOMScoreAdjust
[Service]
-ExecStart=sh -x -c 'c=$$(cat /proc/self/oom_score_adj); test "$$c" -eq -100'
+ExecStart=bash -x -c 'c=$$(cat /proc/self/oom_score_adj); test "$$c" -eq -100'
Type=oneshot
OOMScoreAdjust=-100
Description=Test for OOMScoreAdjust
[Service]
-ExecStart=sh -x -c 'c=$$(cat /proc/self/oom_score_adj); test "$$c" -eq 100'
+ExecStart=bash -x -c 'c=$$(cat /proc/self/oom_score_adj); test "$$c" -eq 100'
Type=oneshot
OOMScoreAdjust=100
Description=Test for PassEnvironment with variables absent from the execution environment
[Service]
-ExecStart=sh -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2-unset}" = "unset" && test "$${VAR3-unset}" = "unset" && test "$${VAR4-unset}" = "unset" && test "$${VAR5-unset}" = "unset"'
+ExecStart=bash -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2-unset}" = "unset" && test "$${VAR3-unset}" = "unset" && test "$${VAR4-unset}" = "unset" && test "$${VAR5-unset}" = "unset"'
Type=oneshot
PassEnvironment=VAR1 VAR2 VAR3 VAR4 VAR5
Description=Test for PassEnvironment and erasing the variable list
[Service]
-ExecStart=sh -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2-unset}" = "unset" && test "$${VAR3-unset}" = "unset" && test "$${VAR4-unset}" = "unset" && test "$${VAR5-unset}" = "unset"'
+ExecStart=bash -x -c 'test "$${VAR1-unset}" = "unset" && test "$${VAR2-unset}" = "unset" && test "$${VAR3-unset}" = "unset" && test "$${VAR4-unset}" = "unset" && test "$${VAR5-unset}" = "unset"'
Type=oneshot
PassEnvironment=VAR1 VAR2 VAR3 VAR4 VAR5
PassEnvironment=
Description=Test for PassEnvironment with a variable name repeated
[Service]
-ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes'
+ExecStart=bash -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes'
Type=oneshot
PassEnvironment=VAR1 VAR2
PassEnvironment=VAR1 VAR3
Description=Test for PassEnvironment
[Service]
-ExecStart=sh -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes'
+ExecStart=bash -x -c 'test "$$VAR1" = "word1 word2" && test "$$VAR2" = word3 && test "$$VAR3" = "\\$$word 5 6" && test "$$VAR4" = "new\nline" && test "$$VAR5" = passwordwithbackslashes'
Type=oneshot
PassEnvironment=VAR1 VAR2 VAR3 VAR4 VAR5
Description=Test for Personality=aarch64
[Service]
-ExecStart=sh -c 'echo $(uname -m); exit $(test $(uname -m) = "aarch64")'
+ExecStart=bash -c 'echo $(uname -m); exit $(test $(uname -m) = "aarch64")'
Type=oneshot
Personality=aarch64
Description=Test for Personality=loongarch64
[Service]
-ExecStart=sh -c 'echo $(uname -m); exit $(test $(uname -m) = "loongarch64")'
+ExecStart=bash -c 'echo $(uname -m); exit $(test $(uname -m) = "loongarch64")'
Type=oneshot
Personality=loongarch64
Description=Test for Personality=ppc64
[Service]
-ExecStart=sh -c 'echo $(uname -m); exit $(test $(uname -m) = "ppc64")'
+ExecStart=bash -c 'echo $(uname -m); exit $(test $(uname -m) = "ppc64")'
Type=oneshot
Personality=ppc64
Description=Test for Personality=ppc64le
[Service]
-ExecStart=sh -c 'echo $(uname -m); exit $(test $(uname -m) = "ppc64le")'
+ExecStart=bash -c 'echo $(uname -m); exit $(test $(uname -m) = "ppc64le")'
Type=oneshot
Personality=ppc64le
Description=Test for Personality=s390
[Service]
-ExecStart=sh -x -c 'c=$$(uname -m); test "$$c" = "s390"'
+ExecStart=bash -x -c 'c=$$(uname -m); test "$$c" = "s390"'
Type=oneshot
Personality=s390
Description=Test for Personality=s390x
[Service]
-ExecStart=sh -x -c 'c=$$(uname -m); test "$$c" = "s390x"'
+ExecStart=bash -x -c 'c=$$(uname -m); test "$$c" = "s390x"'
Type=oneshot
Personality=s390x
Description=Test for Personality=x86-64
[Service]
-ExecStart=sh -x -c 'c=$$(uname -m); test "$$c" = "x86_64"'
+ExecStart=bash -x -c 'c=$$(uname -m); test "$$c" = "x86_64"'
Type=oneshot
Personality=x86-64
Description=Test for Personality=x86
[Service]
-ExecStart=sh -x -c 'c=$$(uname -m); test "$$c" = "i686" -o "$$c" = "x86_64"'
+ExecStart=bash -x -c 'c=$$(uname -m); test "$$c" = "i686" -o "$$c" = "x86_64"'
Type=oneshot
Personality=x86
Description=Test for PrivateDevices=yes with a bind mounted device
[Service]
-ExecStart=sh -c 'test -c /dev/kmsg'
-ExecStart=sh -c 'test ! -w /dev/'
+ExecStart=bash -c 'test -c /dev/kmsg'
+ExecStart=bash -c 'test ! -w /dev/'
Type=oneshot
PrivateDevices=yes
BindPaths=/dev/kmsg
Description=Test for PrivateDevices=yes with prefix
[Service]
-ExecStart=sh -x -c '! test -c /dev/kmsg'
-ExecStart=+/bin/sh -x -c 'test -c /dev/kmsg'
+ExecStart=bash -x -c '! test -c /dev/kmsg'
+ExecStart=+bash -x -c 'test -c /dev/kmsg'
Type=oneshot
PrivateDevices=yes
[Service]
PrivateDevices=no
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
-ExecStart=sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_mknod'
+ExecStart=bash -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_mknod'
Type=oneshot
[Service]
PrivateDevices=no
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
-ExecStart=sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_rawio'
+ExecStart=bash -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_rawio'
Type=oneshot
Description=Test for PrivateDevices=no
[Service]
-ExecStart=sh -x -c 'test -c /dev/kmsg'
+ExecStart=bash -x -c 'test -c /dev/kmsg'
Type=oneshot
PrivateDevices=no
[Service]
PrivateDevices=yes
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
-ExecStart=sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_mknod'
+ExecStart=bash -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_mknod'
Type=oneshot
[Service]
PrivateDevices=yes
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
-ExecStart=sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_rawio'
+ExecStart=bash -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_rawio'
Type=oneshot
Type=oneshot
# Check the group applied
-ExecStart=sh -x -c 'test "$$(id -n -g)" = "daemon"'
+ExecStart=bash -x -c 'test "$$(id -n -g)" = "daemon"'
# Check that the namespace applied
-ExecStart=sh -c 'test ! -c /dev/kmsg'
+ExecStart=bash -c 'test ! -c /dev/kmsg'
# Check that the owning group of a node is not daemon (should be the host root)
-ExecStart=sh -x -c 'test ! "$$(stat -c %%G /dev/stderr)" = "daemon"'
+ExecStart=bash -x -c 'test ! "$$(stat -c %%G /dev/stderr)" = "daemon"'
Description=Test for PrivateDevices=yes
[Service]
-ExecStart=sh -c 'test ! -c /dev/kmsg'
+ExecStart=bash -c 'test ! -c /dev/kmsg'
Type=oneshot
PrivateDevices=yes
Description=Test for PrivateNetwork= without mount namespacing
[Service]
-ExecStart=sh -x -c '! ip link show dummy-test-exec'
-ExecStart=sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
+ExecStart=bash -x -c '! ip link show dummy-test-exec'
+ExecStart=bash -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
# Without mount namespacing, we can access the dummy-test-exec interface through sysfs
-ExecStart=sh -x -c 'test -d /sys/class/net/dummy-test-exec'
+ExecStart=bash -x -c 'test -d /sys/class/net/dummy-test-exec'
Type=oneshot
PrivateNetwork=yes
PrivateMounts=no
Description=Test for PrivateNetwork= with mount namespacing
[Service]
-ExecStart=sh -x -c '! ip link show dummy-test-exec'
-ExecStart=sh -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
+ExecStart=bash -x -c '! ip link show dummy-test-exec'
+ExecStart=bash -x -c 'test ! -e /proc/sys/net/ipv4/conf/dummy-test-exec'
# With mount namespacing, we cannot access the dummy-test-exec interface through sysfs.
-ExecStart=sh -x -c 'test ! -e /sys/class/net/dummy-test-exec'
+ExecStart=bash -x -c 'test ! -e /sys/class/net/dummy-test-exec'
Type=oneshot
PrivateNetwork=yes
# PrivateNetwork=yes implies PrivateMounts=yes
Description=Test for PrivateTmp=yes with prefix
[Service]
-ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
-ExecStart=+/bin/sh -x -c 'test -f /tmp/test-exec_privatetmp'
+ExecStart=bash -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=+bash -x -c 'test -f /tmp/test-exec_privatetmp'
Type=oneshot
PrivateTmp=yes
Requires=var.mount
[Service]
-ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=bash -x -c 'test ! -f /tmp/test-exec_privatetmp'
ExecStart=touch /tmp/test-exec_privatetmp_disconnected
ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
-ExecStart=sh -x -c 'test x$$TMPDIR = x'
+ExecStart=bash -x -c 'test x$$TMPDIR = x'
Type=oneshot
ProtectSystem=strict
PrivateTmp=disconnected
Wants=var.mount
[Service]
-ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=bash -x -c 'test ! -f /tmp/test-exec_privatetmp'
ExecStart=touch /tmp/test-exec_privatetmp_disconnected
ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
-ExecStart=sh -x -c 'test x$$TMPDIR = x'
+ExecStart=bash -x -c 'test x$$TMPDIR = x'
Type=oneshot
ProtectSystem=strict
PrivateTmp=disconnected
DefaultDependencies=no
[Service]
-ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=bash -x -c 'test ! -f /tmp/test-exec_privatetmp'
ExecStart=touch /tmp/test-exec_privatetmp_disconnected
-ExecStart=sh -x -c '(! touch /var/tmp/test-exec_privatetmp_disconnected)'
-ExecStart=sh -x -c 'test $$TMPDIR = /tmp'
+ExecStart=bash -x -c '(! touch /var/tmp/test-exec_privatetmp_disconnected)'
+ExecStart=bash -x -c 'test $$TMPDIR = /tmp'
Type=oneshot
ProtectSystem=strict
PrivateTmp=disconnected
[Service]
ExecStart=+touch /tmp/test-exec_privatetmp_disconnected
-ExecStart=+sh -x -c 'test x$$TMPDIR = x'
+ExecStart=+bash -x -c 'test x$$TMPDIR = x'
Type=oneshot
PrivateTmp=disconnected
RequiresMountsFor=/var/
[Service]
-ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=bash -x -c 'test ! -f /tmp/test-exec_privatetmp'
ExecStart=touch /tmp/test-exec_privatetmp_disconnected
ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
-ExecStart=sh -x -c 'test x$$TMPDIR = x'
+ExecStart=bash -x -c 'test x$$TMPDIR = x'
Type=oneshot
ProtectSystem=strict
PrivateTmp=disconnected
WantsMountsFor=/var/
[Service]
-ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=bash -x -c 'test ! -f /tmp/test-exec_privatetmp'
ExecStart=touch /tmp/test-exec_privatetmp_disconnected
ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
-ExecStart=sh -x -c 'test x$$TMPDIR = x'
+ExecStart=bash -x -c 'test x$$TMPDIR = x'
Type=oneshot
ProtectSystem=strict
PrivateTmp=disconnected
Description=Test for PrivateTmp=disconnected
[Service]
-ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=bash -x -c 'test ! -f /tmp/test-exec_privatetmp'
ExecStart=touch /tmp/test-exec_privatetmp_disconnected
ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
-ExecStart=sh -x -c 'test x$$TMPDIR = x'
+ExecStart=bash -x -c 'test x$$TMPDIR = x'
Type=oneshot
ProtectSystem=strict
PrivateTmp=disconnected
Description=Test for PrivateTmp=no
[Service]
-ExecStart=sh -x -c 'test -f /tmp/test-exec_privatetmp'
+ExecStart=bash -x -c 'test -f /tmp/test-exec_privatetmp'
Type=oneshot
PrivateTmp=no
Description=Test for PrivateTmp=yes
[Service]
-ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=bash -x -c 'test ! -f /tmp/test-exec_privatetmp'
Type=oneshot
PrivateTmp=yes
ProtectHome=tmpfs
ProtectSystem=strict
Type=oneshot
-ExecStart=sh -x -c 'test "$$(stat -fc %%T /home)" = "tmpfs"'
+ExecStart=bash -x -c 'test "$$(stat -fc %%T /home)" = "tmpfs"'
[Service]
ProtectKernelLogs=no
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
-ExecStart=sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_syslog'
+ExecStart=bash -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_syslog'
Type=oneshot
[Service]
ProtectKernelLogs=yes
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
-ExecStart=sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_syslog'
+ExecStart=bash -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_syslog'
Type=oneshot
[Service]
ProtectKernelModules=no
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
-ExecStart=sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_module'
+ExecStart=bash -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_module'
Type=oneshot
[Service]
ProtectKernelModules=yes
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
-ExecStart=sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_module'
+ExecStart=bash -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_module'
Type=oneshot
[Service]
ProtectKernelModules=yes
-ExecStart=sh -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
+ExecStart=bash -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
Type=oneshot
[Service]
ReadOnlyPaths=-/i-dont-exist
-ExecStart=sh -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
+ExecStart=bash -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
Type=oneshot
[Service]
Type=oneshot
# This should work, as we explicitly disable the effect of ReadOnlyPaths=
-ExecStart=+/bin/sh -c 'touch /tmp/thisisasimpletest'
+ExecStart=+bash -c 'touch /tmp/thisisasimpletest'
# This should also work, as we do not disable the effect of ReadOnlyPaths= but invert the exit code
-ExecStart=sh -x -c '! touch /tmp/thisisasimpletest'
-ExecStart=+/bin/sh -c 'rm /tmp/thisisasimpletest'
+ExecStart=bash -x -c '! touch /tmp/thisisasimpletest'
+ExecStart=+bash -c 'rm /tmp/thisisasimpletest'
ReadOnlyPaths=/tmp
[Service]
ReadOnlyPaths=/etc -/i-dont-exist /usr
BindPaths=/etc:/tmp/etc2
-ExecStart=sh -x -c 'test ! -w /etc && test ! -w /usr && test ! -e /i-dont-exist && test -w /var'
+ExecStart=bash -x -c 'test ! -w /etc && test ! -w /usr && test ! -e /i-dont-exist && test -w /var'
Type=oneshot
[Service]
ReadOnlyPaths=/usr /etc /sys /dev -/i-dont-exist
PrivateDevices=yes
-ExecStart=sh -x -c 'test ! -w /usr && test ! -w /etc && test ! -w /sys && test ! -w /sys/fs/cgroup'
-ExecStart=sh -x -c 'test ! -w /dev && test ! -w /dev/shm && test ! -e /i-dont-exist && test -w /var'
+ExecStart=bash -x -c 'test ! -w /usr && test ! -w /etc && test ! -w /sys && test ! -w /sys/fs/cgroup'
+ExecStart=bash -x -c 'test ! -w /dev && test ! -w /dev/shm && test ! -e /i-dont-exist && test -w /var'
Type=oneshot
[Service]
ReadWritePaths=-/i-dont-exist
-ExecStart=sh -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
+ExecStart=bash -x -c 'd=$$(mktemp -d -p /tmp); trap "umount \'$$d\' && rmdir \'$$d\'" EXIT; mount -t tmpfs tmpfs "$$d"; grep "$$d" /proc/self/mountinfo && ! grep "$$d" /proc/$${PPID}/mountinfo && ! grep "$$d" /proc/1/mountinfo'
Type=oneshot
RestrictNamespaces=mnt pid
RestrictNamespaces=~mnt usr
ExecStart=unshare -p -f
-ExecStart=sh -c '! unshare -m -u -i -n'
+ExecStart=bash -c '! unshare -m -u -i -n'
Type=oneshot
RestrictNamespaces=mnt pid
RestrictNamespaces=mnt uts
ExecStart=unshare -m -u -p -f
-ExecStart=sh -c '! unshare -u -i -n'
+ExecStart=bash -c '! unshare -u -i -n'
Type=oneshot
Description=Test for RuntimeDirectoryMode
[Service]
-ExecStart=sh -x -c 'mode=$$(stat -c %%a %t/test-exec_runtimedirectory-mode); test "$$mode" = "750"'
-ExecStart=sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectory-mode"'
+ExecStart=bash -x -c 'mode=$$(stat -c %%a %t/test-exec_runtimedirectory-mode); test "$$mode" = "750"'
+ExecStart=bash -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectory-mode"'
Type=oneshot
RuntimeDirectory=test-exec_runtimedirectory-mode
RuntimeDirectoryMode=0750
Description=Test for RuntimeDirectory owner (must not be the default group of the user if Group is set)
[Service]
-ExecStart=sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nfsnobody"'
+ExecStart=bash -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nfsnobody"'
Type=oneshot
Group=nfsnobody
User=root
Description=Test for RuntimeDirectory owner (must not be the default group of the user if Group is set)
[Service]
-ExecStart=sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nobody"'
+ExecStart=bash -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nobody"'
Type=oneshot
Group=nobody
User=root
Description=Test for RuntimeDirectory owner (must not be the default group of the user if Group is set)
[Service]
-ExecStart=sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nogroup"'
+ExecStart=bash -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nogroup"'
Type=oneshot
Group=nogroup
User=root
Description=Test for RuntimeDirectory owner (must not be the default group of the user if Group is set)
[Service]
-ExecStart=sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner-daemon); test "$$group" = "daemon"'
+ExecStart=bash -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner-daemon); test "$$group" = "daemon"'
Type=oneshot
Group=daemon
User=root
Description=Test for RuntimeDirectory
[Service]
-ExecStart=sh -x -c 'test -d %t/test-exec_runtimedirectory'
-ExecStart=sh -x -c 'test -d %t/test-exec_runtimedirectory2/hogehoge'
-ExecStart=sh -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectory:%t/test-exec_runtimedirectory2/hogehoge"'
+ExecStart=bash -x -c 'test -d %t/test-exec_runtimedirectory'
+ExecStart=bash -x -c 'test -d %t/test-exec_runtimedirectory2/hogehoge'
+ExecStart=bash -x -c 'test "$$RUNTIME_DIRECTORY" = "%t/test-exec_runtimedirectory:%t/test-exec_runtimedirectory2/hogehoge"'
Type=oneshot
RuntimeDirectory=test-exec_runtimedirectory
RuntimeDirectory=./test-exec_runtimedirectory2///./hogehoge/.
Description=Test for SetCredential=
[Service]
-ExecStart=sh -x -c 'test "$$(cat %d/test-execute.set-credential)" = "hoge"'
-ExecStartPost=sh -x -c 'test "$$(cat %d/test-execute.set-credential)" = "hoge"'
+ExecStart=bash -x -c 'test "$$(cat %d/test-execute.set-credential)" = "hoge"'
+ExecStartPost=bash -x -c 'test "$$(cat %d/test-execute.set-credential)" = "hoge"'
ExecStop=bash -x -c '[[ ! -v CREDENTIALS_DIRECTORY ]]'
ExecStopPost=bash -x -c '[[ ! -v CREDENTIALS_DIRECTORY ]]'
Type=oneshot
[Service]
Type=oneshot
-ExecStart=sh -c 'test %t = $$XDG_RUNTIME_DIR'
-ExecStart=sh -c 'test %S = %h/.local/state'
-ExecStart=sh -c 'test %C = %h/.cache'
-ExecStart=sh -c 'test %L = %h/.local/state/log'
-ExecStart=sh -c 'test %E = %h/.config'
+ExecStart=bash -c 'test %t = $$XDG_RUNTIME_DIR'
+ExecStart=bash -c 'test %S = %h/.local/state'
+ExecStart=bash -c 'test %C = %h/.cache'
+ExecStart=bash -c 'test %L = %h/.local/state/log'
+ExecStart=bash -c 'test %E = %h/.config'
ExecStart=test %T = /tmp
ExecStart=test %V = /var/tmp
ExecStart=test %d = %t/credentials/%n
-ExecStart=sh -c 'test %u = $$(id -un)'
-ExecStart=sh -c 'test %U = $$(id -u)'
-ExecStart=sh -c 'test %g = $$(id -gn)'
-ExecStart=sh -c 'test %G = $$(id -g)'
+ExecStart=bash -c 'test %u = $$(id -un)'
+ExecStart=bash -c 'test %U = $$(id -u)'
+ExecStart=bash -c 'test %g = $$(id -gn)'
+ExecStart=bash -c 'test %G = $$(id -g)'
ExecStart=test %h = /root
-ExecStart=sh -c 'test -x %s'
-ExecStart=sh -c 'test %b = $$(cat /proc/sys/kernel/random/boot_id | sed -e 's/-//g')'
-ExecStart=sh -c 'test %H = $$(uname -n)'
-ExecStart=sh -c 'test %v = $$(uname -r)'
+ExecStart=bash -c 'test -x %s'
+ExecStart=bash -c 'test %b = $$(cat /proc/sys/kernel/random/boot_id | sed -e 's/-//g')'
+ExecStart=bash -c 'test %H = $$(uname -n)'
+ExecStart=bash -c 'test %v = $$(uname -r)'
ExecStart=test %j = specifier
ExecStart=test %J = specifier
ExecStart=test %f = /foo/bar
-ExecStart=sh -c 'test %u = $$(id -un)'
-ExecStart=sh -c 'test %U = $$(id -u)'
-ExecStart=sh -c 'test %g = $$(id -gn)'
-ExecStart=sh -c 'test %G = $$(id -g)'
+ExecStart=bash -c 'test %u = $$(id -un)'
+ExecStart=bash -c 'test %U = $$(id -u)'
+ExecStart=bash -c 'test %g = $$(id -gn)'
+ExecStart=bash -c 'test %G = $$(id -g)'
ExecStart=test %h = /root
-ExecStart=sh -c 'test -x %s'
-ExecStart=sh -c 'test %b = $$(cat /proc/sys/kernel/random/boot_id | sed -e 's/-//g')'
-ExecStart=sh -c 'test %H = $$(uname -n)'
-ExecStart=sh -c 'test %v = $$(uname -r)'
+ExecStart=bash -c 'test -x %s'
+ExecStart=bash -c 'test %b = $$(cat /proc/sys/kernel/random/boot_id | sed -e 's/-//g')'
+ExecStart=bash -c 'test %H = $$(uname -n)'
+ExecStart=bash -c 'test %v = $$(uname -r)'
Description=Test for StandardInputText= and StandardInputData=
[Service]
-ExecStart=sh -x -c 'd=$$(mktemp -d -p /tmp); echo -e "this is a test\nand this is more\nsomething encoded!\nsomething in multiple lines\nand some more\nand a more bas64 data\nsomething with strange\nembedded\tcharacters\nand something with a exec-stdin-data.service specifier" >$d/text ; cmp $d/text ; rm -rf $d'
+ExecStart=bash -x -c 'd=$$(mktemp -d -p /tmp); echo -e "this is a test\nand this is more\nsomething encoded!\nsomething in multiple lines\nand some more\nand a more bas64 data\nsomething with strange\nembedded\tcharacters\nand something with a exec-stdin-data.service specifier" >$d/text ; cmp $d/text ; rm -rf $d'
Type=oneshot
StandardInput=data
StandardInputText=this is a test
Description=Test for StandardOutput=append:
[Service]
-ExecStartPre=sh -c 'printf "hello\n" >/tmp/test-exec-standardoutput-output'
-ExecStartPre=sh -c 'printf "hello\nhello\n" >/tmp/test-exec-standardoutput-expected'
+ExecStartPre=bash -c 'printf "hello\n" >/tmp/test-exec-standardoutput-output'
+ExecStartPre=bash -c 'printf "hello\nhello\n" >/tmp/test-exec-standardoutput-expected'
StandardInput=data
StandardInputText=hello
StandardOutput=append:/tmp/test-exec-standardoutput-output
Description=Test for StandardOutput=file:
[Service]
-ExecStartPre=sh -c 'printf "nooo\nhello\n" >/tmp/test-exec-standardoutput-output'
-ExecStartPre=sh -c 'printf "hello\nello\n" >/tmp/test-exec-standardoutput-expected'
+ExecStartPre=bash -c 'printf "nooo\nhello\n" >/tmp/test-exec-standardoutput-output'
+ExecStartPre=bash -c 'printf "hello\nello\n" >/tmp/test-exec-standardoutput-expected'
StandardInput=data
StandardInputText=hello
StandardOutput=file:/tmp/test-exec-standardoutput-output
Description=Test for StandardOutput=truncate:
[Service]
-ExecStartPre=sh -c 'printf "hello\n" >/tmp/test-exec-standardoutput-output'
-ExecStartPre=sh -c 'printf "hi\n" >/tmp/test-exec-standardoutput-expected'
+ExecStartPre=bash -c 'printf "hello\n" >/tmp/test-exec-standardoutput-output'
+ExecStartPre=bash -c 'printf "hi\n" >/tmp/test-exec-standardoutput-expected'
StandardInput=data
StandardInputText=hi
StandardOutput=truncate:/tmp/test-exec-standardoutput-output
StandardError=null
-ExecStart=sh -c 'cat && cmp /tmp/test-exec-standardoutput-output /tmp/test-exec-standardoutput-expected'
+ExecStart=bash -c 'cat && cmp /tmp/test-exec-standardoutput-output /tmp/test-exec-standardoutput-expected'
Type=oneshot
Description=Test for Supplementary Group with multiple groups without Group and User
[Service]
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "%G" && exit 0; done; exit 1'
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
-ExecStart=sh -x -c 'test "$$(id -g)" = "%G" && test "$$(id -u)" = "%U"'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "%G" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'test "$$(id -g)" = "%G" && test "$$(id -u)" = "%U"'
Type=oneshot
SupplementaryGroups=1 2
Description=Test for Supplementary Group with multiple groups and Group=1
[Service]
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
-ExecStart=sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "%U"'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "%U"'
Type=oneshot
Group=1
SupplementaryGroups=1 2
Description=Test for Supplementary Group with multiple groups and Uid=1
[Service]
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
Type=oneshot
User=1
SupplementaryGroups=1 2
Description=Test for Supplementary Group with only one group and uid 1
[Service]
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
-ExecStart=sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "1"'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "1"'
Type=oneshot
User=1
Group=1
Description=Test for Supplementary Group with only one group
[Service]
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
-ExecStart=sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "0"'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "0"'
Type=oneshot
Group=1
SupplementaryGroups=1
Description=Test for Supplementary Group
[Service]
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "%G" && exit 0; done; exit 1'
-ExecStart=sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "%G" && exit 0; done; exit 1'
+ExecStart=bash -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
Type=oneshot
SupplementaryGroups=1
Description=Test for SystemCallFilter
[Service]
-ExecStart=sh -c '/bin/echo "This should not be seen"'
+ExecStart=bash -c '/bin/echo "This should not be seen"'
Type=oneshot
LimitCORE=0
SystemCallFilter=ioperm
Description=Test for SystemCallFilter
[Service]
-ExecStart=sh -c '/bin/echo "This should not be seen"'
+ExecStart=bash -c '/bin/echo "This should not be seen"'
Type=oneshot
LimitCORE=0
SystemCallFilter=~write open execve fexecve execveat exit_group close mmap munmap fstat DONOTEXIST
Description=Test for SystemCallFilter
[Service]
-ExecStart=sh -c '/bin/echo "This should not be seen"'
+ExecStart=bash -c '/bin/echo "This should not be seen"'
Type=oneshot
LimitCORE=0
SystemCallArchitectures=native
Description=Test bounding set is right with SystemCallFilter and non-root user
[Service]
-ExecStart=sh -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set =cap_net_bind_service"'
+ExecStart=bash -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set =cap_net_bind_service"'
Type=oneshot
User=1
SystemCallFilter=@system-service
Description=Test bounding set is right with SystemCallFilter and non-root user
[Service]
-ExecStart=sh -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set =cap_setpcap,cap_net_bind_service,cap_sys_admin"'
+ExecStart=bash -x -c 'c=$$(capsh --print | grep "Bounding set "); test "$$c" = "Bounding set =cap_setpcap,cap_net_bind_service,cap_sys_admin"'
Type=oneshot
User=1
SystemCallFilter=@system-service
Description=Test no_new_privs is unset for ProtectClock and non-root user
[Service]
-ExecStart=sh -x -c 'c=$$(cat /proc/self/status | grep "NoNewPrivs: "); test "$$c" = "NoNewPrivs: 0"'
+ExecStart=bash -x -c 'c=$$(cat /proc/self/status | grep "NoNewPrivs: "); test "$$c" = "NoNewPrivs: 0"'
Type=oneshot
User=1
ProtectClock=yes
Description=Test no_new_privs is unset for SystemCallFilter and non-root user
[Service]
-ExecStart=sh -x -c 'c=$$(cat /proc/self/status | grep "NoNewPrivs: "); test "$$c" = "NoNewPrivs: 0"'
+ExecStart=bash -x -c 'c=$$(cat /proc/self/status | grep "NoNewPrivs: "); test "$$c" = "NoNewPrivs: 0"'
Type=oneshot
User=1
SystemCallFilter=@system-service
Description=Test for SystemCallFilter
[Service]
-ExecStart=sh -c 'echo "Foo bar"'
+ExecStart=bash -c 'echo "Foo bar"'
Type=oneshot
SystemCallFilter=~read write open execve ioperm
SystemCallFilter=ioctl
Description=Test for SystemCallFilter
[Service]
-ExecStart=sh -c 'echo "Foo bar"'
+ExecStart=bash -c 'echo "Foo bar"'
Type=oneshot
SystemCallFilter=
Description=Test for SystemCallFilter
[Service]
-ExecStart=sh -c 'echo "Foo bar"'
+ExecStart=bash -c 'echo "Foo bar"'
Type=oneshot
SystemCallArchitectures=native
SystemCallFilter=
Description=Test for SystemCallFilter in system mode with User set
[Service]
-ExecStart=sh -c 'echo "Foo bar"'
+ExecStart=bash -c 'echo "Foo bar"'
Type=oneshot
User=nfsnobody
SystemCallFilter=~read write open execve ioperm
Description=Test for SystemCallFilter in system mode with User set
[Service]
-ExecStart=sh -c 'echo "Foo bar"'
+ExecStart=bash -c 'echo "Foo bar"'
Type=oneshot
User=nobody
SystemCallFilter=~read write open execve ioperm
Description=Test for SystemCallFilter in system mode with User set (daemon)
[Service]
-ExecStart=sh -c 'echo "Foo bar"'
+ExecStart=bash -c 'echo "Foo bar"'
Type=oneshot
User=daemon
SystemCallFilter=~read write open execve ioperm
TemporaryFileSystem=/var:ro,mode=0700,nostrictatime
# Check /proc/self/mountinfo
-ExecStart=sh -x -c 'test "$$(awk \'$$5 == "/var" && $$11 !~ /(^|,)mode=700(,|$$)/ { print $$6 }\' /proc/self/mountinfo)" = ""'
+ExecStart=bash -x -c 'test "$$(awk \'$$5 == "/var" && $$11 !~ /(^|,)mode=700(,|$$)/ { print $$6 }\' /proc/self/mountinfo)" = ""'
-ExecStart=sh -x -c 'test "$$(awk \'$$5 == "/var" && $$6 !~ /(^|,)ro(,|$$)/ { print $$6 }\' /proc/self/mountinfo)" = ""'
-ExecStart=sh -x -c 'test "$$(awk \'$$5 == "/var" && $$6 !~ /(^|,)nodev(,|$$)/ { print $$6 }\' /proc/self/mountinfo)" = ""'
-ExecStart=sh -x -c 'test "$$(awk \'$$5 == "/var" && $$6 ~ /(^|,)strictatime(,|$$)/ { print $$6 }\' /proc/self/mountinfo)" = ""'
+ExecStart=bash -x -c 'test "$$(awk \'$$5 == "/var" && $$6 !~ /(^|,)ro(,|$$)/ { print $$6 }\' /proc/self/mountinfo)" = ""'
+ExecStart=bash -x -c 'test "$$(awk \'$$5 == "/var" && $$6 !~ /(^|,)nodev(,|$$)/ { print $$6 }\' /proc/self/mountinfo)" = ""'
+ExecStart=bash -x -c 'test "$$(awk \'$$5 == "/var" && $$6 ~ /(^|,)strictatime(,|$$)/ { print $$6 }\' /proc/self/mountinfo)" = ""'
Type=oneshot
# Check directories exist
-ExecStart=sh -c 'test -d /var/test-exec-temporaryfilesystem/rw && test -d /var/test-exec-temporaryfilesystem/ro'
+ExecStart=bash -c 'test -d /var/test-exec-temporaryfilesystem/rw && test -d /var/test-exec-temporaryfilesystem/ro'
# Check TemporaryFileSystem= are empty
-ExecStart=sh -c 'for i in $$(ls -A /var); do test $$i = test-exec-temporaryfilesystem || false; done'
+ExecStart=bash -c 'for i in $$(ls -A /var); do test $$i = test-exec-temporaryfilesystem || false; done'
# Check default mode
-ExecStart=sh -x -c 'test "$$(stat -c %%a /var)" = "755"'
+ExecStart=bash -x -c 'test "$$(stat -c %%a /var)" = "755"'
# Cannot create a file in /var
-ExecStart=sh -c '! touch /var/hoge'
+ExecStart=bash -c '! touch /var/hoge'
# Create a file in /var/test-exec-temporaryfilesystem/rw
-ExecStart=sh -c 'touch /var/test-exec-temporaryfilesystem/rw/thisisasimpletest-temporaryfilesystem'
+ExecStart=bash -c 'touch /var/test-exec-temporaryfilesystem/rw/thisisasimpletest-temporaryfilesystem'
# Then, the file can be access through /tmp
-ExecStart=sh -c 'test -f /tmp/thisisasimpletest-temporaryfilesystem'
+ExecStart=bash -c 'test -f /tmp/thisisasimpletest-temporaryfilesystem'
# Also, through /var/test-exec-temporaryfilesystem/ro
-ExecStart=sh -c 'test -f /var/test-exec-temporaryfilesystem/ro/thisisasimpletest-temporaryfilesystem'
+ExecStart=bash -c 'test -f /var/test-exec-temporaryfilesystem/ro/thisisasimpletest-temporaryfilesystem'
# The file cannot modify through /var/test-exec-temporaryfilesystem/ro
-ExecStart=sh -c '! touch /var/test-exec-temporaryfilesystem/ro/thisisasimpletest-temporaryfilesystem'
+ExecStart=bash -c '! touch /var/test-exec-temporaryfilesystem/ro/thisisasimpletest-temporaryfilesystem'
# Cleanup
-ExecStart=sh -c 'rm /tmp/thisisasimpletest-temporaryfilesystem'
+ExecStart=bash -c 'rm /tmp/thisisasimpletest-temporaryfilesystem'
TemporaryFileSystem=/var:ro
BindPaths=/tmp:/var/test-exec-temporaryfilesystem/rw
ExecStart=test -d /var/test-exec-temporaryfilesystem/rw -a -d /var/test-exec-temporaryfilesystem/ro
# Check TemporaryFileSystem= are empty
-ExecStart=sh -c 'for i in $$(ls -A /var); do test $$i = test-exec-temporaryfilesystem || false; done'
+ExecStart=bash -c 'for i in $$(ls -A /var); do test $$i = test-exec-temporaryfilesystem || false; done'
# Check default mode
-ExecStart=sh -x -c 'test "$$(stat -c %%a /var)" = "755"'
+ExecStart=bash -x -c 'test "$$(stat -c %%a /var)" = "755"'
# Create a file in /var
ExecStart=touch /var/hoge
ExecStart=test -f /var/test-exec-temporaryfilesystem/ro/thisisasimpletest-temporaryfilesystem
# The file cannot modify through /var/test-exec-temporaryfilesystem/ro
-ExecStart=sh -c '! touch /var/test-exec-temporaryfilesystem/ro/thisisasimpletest-temporaryfilesystem'
+ExecStart=bash -c '! touch /var/test-exec-temporaryfilesystem/ro/thisisasimpletest-temporaryfilesystem'
# Cleanup
ExecStart=rm /tmp/thisisasimpletest-temporaryfilesystem
Type=oneshot
# Check TemporaryFileSystem= are empty
-ExecStart=sh -c 'for i in $$(ls -A /usr); do test $$i = lib -o $$i = lib64 -o $$i = bin -o $$i = sbin || false; done'
+ExecStart=bash -c 'for i in $$(ls -A /usr); do test $$i = lib -o $$i = lib64 -o $$i = bin -o $$i = sbin || false; done'
# Cannot create files under /usr
-ExecStart=sh -c '! touch /usr/hoge'
-ExecStart=sh -c '! touch /usr/bin/hoge'
+ExecStart=bash -c '! touch /usr/hoge'
+ExecStart=bash -c '! touch /usr/bin/hoge'
TemporaryFileSystem=/usr:ro
BindReadOnlyPaths=-/usr/lib -/usr/lib64 /usr/bin /usr/sbin
Description=Test for UMask
[Service]
-ExecStart=sh -x -c 'rm /tmp/test-exec-umask; touch /tmp/test-exec-umask; mode=$$(stat -c %%a /tmp/test-exec-umask); test "$$mode" = "600"'
+ExecStart=bash -x -c 'rm /tmp/test-exec-umask; touch /tmp/test-exec-umask; mode=$$(stat -c %%a /tmp/test-exec-umask); test "$$mode" = "600"'
Type=oneshot
UMask=0177
PrivateTmp=yes
Description=Test for UMask default
[Service]
-ExecStart=sh -x -c 'rm /tmp/test-exec-umask; touch /tmp/test-exec-umask; mode=$$(stat -c %%a /tmp/test-exec-umask); test "$$mode" = "644"'
+ExecStart=bash -x -c 'rm /tmp/test-exec-umask; touch /tmp/test-exec-umask; mode=$$(stat -c %%a /tmp/test-exec-umask); test "$$mode" = "644"'
Type=oneshot
PrivateTmp=yes
Description=Test for UnsetEnvironment
[Service]
-ExecStart=sh -x -c 'test "$$FOO" = "bar" && test "$${QUUX-X}" = "X" && test "$$VAR3" = "value3" && test "$${VAR4-X}" = "X" && test "$$VAR5" = "value5" && test "$${X%b-X}" = "X"'
+ExecStart=bash -x -c 'test "$$FOO" = "bar" && test "$${QUUX-X}" = "X" && test "$$VAR3" = "value3" && test "$${VAR4-X}" = "X" && test "$$VAR5" = "value5" && test "$${X%b-X}" = "X"'
Type=oneshot
Environment=FOO=bar QUUX=waldo VAR3=value3 VAR4=value4 VAR5=value5 X%b=%U
UnsetEnvironment=QUUX=waldo VAR3=somethingelse VAR4 X%b=%U
Description=Test for User
[Service]
-ExecStart=sh -x -c 'test "$$USER" = "nfsnobody"'
+ExecStart=bash -x -c 'test "$$USER" = "nfsnobody"'
Type=oneshot
User=nfsnobody
Description=Test for User
[Service]
-ExecStart=sh -x -c 'test "$$USER" = "nobody"'
+ExecStart=bash -x -c 'test "$$USER" = "nobody"'
Type=oneshot
User=nobody
Description=Test for User (daemon)
[Service]
-ExecStart=sh -x -c 'test "$$USER" = "daemon"'
+ExecStart=bash -x -c 'test "$$USER" = "daemon"'
Type=oneshot
User=daemon
Description=Test for WorkingDirectory with trailing dot
[Service]
-ExecStart=sh -x -c 'test "$$PWD" = "/tmp/test-exec_workingdirectory"'
+ExecStart=bash -x -c 'test "$$PWD" = "/tmp/test-exec_workingdirectory"'
Type=oneshot
WorkingDirectory=/tmp///./test-exec_workingdirectory/.
Description=Test for WorkingDirectory
[Service]
-ExecStart=sh -x -c 'test "$$PWD" = "/tmp/test-exec_workingdirectory"'
+ExecStart=bash -x -c 'test "$$PWD" = "/tmp/test-exec_workingdirectory"'
Type=oneshot
WorkingDirectory=/tmp/test-exec_workingdirectory
not_exp_links = ["foo3", "foo4", "foo5", "foo6", "foo7", "foo8"],
),
rules = r"""
- SUBSYSTEMS=="scsi", PROGRAM=="/bin/sh -c 'echo foo3 foo4 foo5 foo6 foo7 foo8 foo9 | sed s/foo9/bar9/'", KERNEL=="sda5", SYMLINK+="%c{7}"
+ SUBSYSTEMS=="scsi", PROGRAM=="/bin/bash -c 'echo foo3 foo4 foo5 foo6 foo7 foo8 foo9 | sed s/foo9/bar9/'", KERNEL=="sda5", SYMLINK+="%c{7}"
"""),
Rules.new(
not_exp_links = ["foo1"],
),
rules = r"""
- SUBSYSTEMS=="scsi", PROGRAM=="/bin/sh -c 'printf %%s \"foo1 foo2\" | grep \"foo1 foo2\"'", KERNEL=="sda5", SYMLINK+="%c{2}"
+ SUBSYSTEMS=="scsi", PROGRAM=="/bin/bash -c 'printf %%s \"foo1 foo2\" | grep \"foo1 foo2\"'", KERNEL=="sda5", SYMLINK+="%c{2}"
"""),
Rules.new(
not_exp_links = ["foo1"],
),
rules = r"""
-SUBSYSTEMS=="scsi", PROGRAM=="/bin/sh -c \"printf %%s 'foo1 foo2' | grep 'foo1 foo2'\"", KERNEL=="sda5", SYMLINK+="%c{2}"
+SUBSYSTEMS=="scsi", PROGRAM=="/bin/bash -c \"printf %%s 'foo1 foo2' | grep 'foo1 foo2'\"", KERNEL=="sda5", SYMLINK+="%c{2}"
"""),
Rules.new(
not_exp_links = ["foo1", "foo3"],
),
rules = r"""
- SUBSYSTEMS=="scsi", PROGRAM=="/bin/sh -c 'printf \"%%s %%s\" \"foo1 foo2\" \"foo3\"| grep \"foo1 foo2\"'", KERNEL=="sda5", SYMLINK+="%c{2}"
+ SUBSYSTEMS=="scsi", PROGRAM=="/bin/bash -c 'printf \"%%s %%s\" \"foo1 foo2\" \"foo3\"| grep \"foo1 foo2\"'", KERNEL=="sda5", SYMLINK+="%c{2}"
"""),
Rules.new(
[Unit]
Description=Wait for 2 seconds
[Service]
-ExecStart=sh -ec 'sleep 2'
+ExecStart=bash -ec 'sleep 2'
EOF
cat <<EOF >/run/systemd/system/wait5fail.service
[Unit]
Description=Wait for 5 seconds and fail
[Service]
-ExecStart=sh -ec 'sleep 5; false'
+ExecStart=bash -ec 'sleep 5; false'
EOF
# wait2 succeeds
# https://github.com/systemd/systemd/issues/15654
ID=$(systemd-id128 new)
printf "This will\nusually fail\nand be truncated\n" >/tmp/expected
-systemd-cat -t "$ID" sh -c 'env echo -n "This will";echo;env echo -n "usually fail";echo;env echo -n "and be truncated";echo;'
+systemd-cat -t "$ID" bash -c 'env echo -n "This will"; echo; env echo -n "usually fail"; echo; env echo -n "and be truncated"; echo;'
journalctl --sync
journalctl -b -o cat -t "$ID" >/tmp/output
diff /tmp/expected /tmp/output
rm -f /tmp/issue-26746-log /tmp/issue-26746-cursor
ID="$(systemd-id128 new)"
journalctl -t "$ID" --follow --cursor-file=/tmp/issue-26746-cursor | tee /tmp/issue-26746-log &
-systemd-cat -t "$ID" sh -c 'echo hogehoge'
+systemd-cat -t "$ID" bash -c 'echo hogehoge'
# shellcheck disable=SC2016
timeout 10 bash -c 'until [[ -f /tmp/issue-26746-log && "$(cat /tmp/issue-26746-log)" =~ hogehoge ]]; do sleep .5; done'
pkill -TERM journalctl
# MountAPIVFS=yes always bind mounts child mounts of APIVFS filesystems, which means /proc/sys is always read-only
# so we can't write to it when running in a container.
if ! systemd-detect-virt --container; then
- (! systemd-run -p PrivateUsersEx=self -p PrivatePIDs=yes -p MountAPIVFS=yes --wait --pipe -- sh -c 'echo 5 >/proc/sys/kernel/ns_last_pid')
- systemd-run -p PrivateUsersEx=self -p PrivatePIDs=yes -p MountAPIVFS=yes -p DelegateNamespaces=pid --wait --pipe -- sh -c 'echo 5 >/proc/sys/kernel/ns_last_pid'
+ (! systemd-run -p PrivateUsersEx=self -p PrivatePIDs=yes -p MountAPIVFS=yes --wait --pipe -- bash -c 'echo 5 >/proc/sys/kernel/ns_last_pid')
+ systemd-run -p PrivateUsersEx=self -p PrivatePIDs=yes -p MountAPIVFS=yes -p DelegateNamespaces=pid --wait --pipe -- bash -c 'echo 5 >/proc/sys/kernel/ns_last_pid'
fi
}
-p DynamicUser=yes \
-p EnvironmentFile=-/usr/lib/systemd/systemd-asan-env \
-p NotifyAccess=all \
- sh -c 'touch /tmp/a && touch /var/tmp/b && ! test -f /tmp/b && ! test -f /var/tmp/a && systemd-notify --ready && sleep infinity'
+ bash -c 'touch /tmp/a && touch /var/tmp/b && ! test -f /tmp/b && ! test -f /var/tmp/a && systemd-notify --ready && sleep infinity'
(! ls /tmp/systemd-private-"$(tr -d '-' < /proc/sys/kernel/random/boot_id)"-test-07-dynamic-user-tmp.service-* &>/dev/null)
(! ls /var/tmp/systemd-private-"$(tr -d '-' < /proc/sys/kernel/random/boot_id)"-test-07-dynamic-user-tmp.service-* &>/dev/null)
systemctl is-active test-07-dynamic-user-tmp.service
# Check that timestamps of a Type=notify service are consistent
-systemd-run --service-type notify --property NotifyAccess=all --unit notify.service --wait sh -c 'systemd-notify --ready; exit 1' || :
+systemd-run --service-type notify --property NotifyAccess=all --unit notify.service --wait bash -c 'systemd-notify --ready; exit 1' || :
start=$(systemctl show --property=ExecMainStartTimestampMonotonic --value notify.service)
handoff=$(systemctl show --property=ExecMainHandoffTimestampMonotonic --value notify.service)
cat >/run/systemd/system/my.service <<\EOF
[Service]
Type=oneshot
-ExecStartPre=sh -c 'test "$TRIGGER_UNIT" = my.timer'
-ExecStartPre=sh -c 'test -n "$TRIGGER_TIMER_REALTIME_USEC"'
-ExecStartPre=sh -c 'test -n "$TRIGGER_TIMER_MONOTONIC_USEC"'
+ExecStartPre=bash -c 'test "$TRIGGER_UNIT" = my.timer'
+ExecStartPre=bash -c 'test -n "$TRIGGER_TIMER_REALTIME_USEC"'
+ExecStartPre=bash -c 'test -n "$TRIGGER_TIMER_MONOTONIC_USEC"'
ExecStart=echo Timer runs me
EOF
# Issue: https://github.com/systemd/systemd/issues/27953
systemctl start issue27953.service
-timeout 10 sh -c 'while systemctl is-active issue27953.service; do sleep .5; done'
+timeout 10 bash -c 'while systemctl is-active issue27953.service; do sleep .5; done'
[[ "$(systemctl show -P ExitType issue27953.service)" == main ]]
socat - ABSTRACT-CONNECT:badbin_assert.socket
-timeout 10 sh -c 'while systemctl is-active badbin_assert.service; do sleep .5; done'
+timeout 10 bash -c 'while systemctl is-active badbin_assert.service; do sleep .5; done'
[[ "$(systemctl show -P ExecMainStatus badbin_assert.service)" == 203 ]]
Description=Test service
[Service]
StandardInput=socket
-ExecStart=sh -x -c cat
+ExecStart=bash -x -c cat
EOF
systemctl start issue-3171.socket
-p PrivateMounts=yes \
-p Delegate=yes \
-p DelegateSubgroup=supervisor \
- -p ExecStartPost='sh -c "cat /proc/self/cgroup; kill $MAINPID"' \
+ -p ExecStartPost='bash -c "cat /proc/self/cgroup; kill $MAINPID"' \
--unit delegate-subgroup-control \
--wait \
--pipe \
- sh -c 'echo +pids >/sys/fs/cgroup/cgroup.subtree_control; systemd-notify --ready; sleep infinity'
+ bash -c 'echo +pids >/sys/fs/cgroup/cgroup.subtree_control; systemd-notify --ready; sleep infinity'
)" "0::/"
}
--unit delegate-subgroup-pam \
--wait \
--pipe \
- sh -c 'echo +pids >/sys/fs/cgroup/cgroup.subtree_control'
+ bash -c 'echo +pids >/sys/fs/cgroup/cgroup.subtree_control'
}
run_testcases
[Service]
Type=oneshot
-ExecStart=sh -c 'echo "$EXPECTED_OUTPUT" > "$guest_output"'
+ExecStart=bash -c 'echo "$EXPECTED_OUTPUT" > "$guest_output"'
ExecStartPost=systemctl --no-block exit 0
TimeoutStopSec=15s
set +e
machinectl status long-running &>/dev/null && machinectl kill --signal=KILL long-running
- mountpoint -q /var/lib/machines && timeout 30 sh -c "until umount /var/lib/machines; do sleep .5; done"
+ mountpoint -q /var/lib/machines && timeout 30 bash -c "until umount /var/lib/machines; do sleep .5; done"
[[ -n "${NSPAWN_FRAGMENT:-}" ]] && rm -f "/etc/systemd/nspawn/$NSPAWN_FRAGMENT" "/var/lib/machines/$NSPAWN_FRAGMENT"
rm -f /run/systemd/nspawn/*.nspawn
}
"hooks" : {
"prestart" : [
{
- "path" : "/bin/sh",
+ "path" : "/bin/bash",
"args" : [
"-xec",
"echo \$PRESTART_FOO >/prestart"
],
"poststart" : [
{
- "path" : "/bin/sh",
+ "path" : "/bin/bash",
"args" : [
"touch",
"/poststart"
],
"poststop" : [
{
- "path" : "/bin/sh",
+ "path" : "/bin/bash",
"args" : [
"touch",
"/poststop"
'"linux" : { "readonlyPaths" : [ "/foo", 1 ] }'
'"linux" : { "readonlyPaths" : [ "/foo", "bar" ] }'
# Invalid hooks
- '"hooks" : { "prestart" : [ { "path" : "/bin/sh", "timeout" : 0 } ] }'
+ '"hooks" : { "prestart" : [ { "path" : "/bin/bash", "timeout" : 0 } ] }'
# Invalid annotations
'"annotations" : { "" : "bar" }'
'"annotations" : { "foo" : 1 }'
$snippet
}
EOF
- (! systemd-nspawn --oci-bundle="$OCI" sh -c 'echo hello')
+ (! systemd-nspawn --oci-bundle="$OCI" bash -c 'echo hello')
done
# Invalid OCI bundle version
}
}
EOF
-(! systemd-nspawn --oci-bundle="$OCI" sh -c 'echo hello')
+(! systemd-nspawn --oci-bundle="$OCI" bash -c 'echo hello')
set +e
machinectl kill --signal=KILL nss-mymachines-{noip,singleip,manyips}
- mountpoint -q /var/lib/machines && timeout 30 sh -c "until umount /var/lib/machines; do sleep .5; done"
+ mountpoint -q /var/lib/machines && timeout 30 bash -c "until umount /var/lib/machines; do sleep .5; done"
rm -f /run/systemd/nspawn/*.nspawn
}
systemd-run \
--property=RuntimeMaxSec=${runtime_max_sec}s \
-u runtime-max-sec-test-1.service \
- sh -c "while true; do sleep 1; done"
+ bash -c "while true; do sleep 1; done"
wait_for_timeout runtime-max-sec-test-1.service $((runtime_max_sec + 2))
systemd-run \
--property=RuntimeMaxSec=${runtime_max_sec}s \
--scope \
-u runtime-max-sec-test-2.scope \
- sh -c "while true; do sleep 1; done" &
+ bash -c "while true; do sleep 1; done" &
wait_for_timeout runtime-max-sec-test-2.scope $((runtime_max_sec + 2))
# These ensure that RuntimeMaxSec is honored for scope and service
# units if the value is changed and then the manager is reloaded.
systemd-run \
-u runtime-max-sec-test-3.service \
- sh -c "while true; do sleep 1; done"
+ bash -c "while true; do sleep 1; done"
mkdir -p /etc/systemd/system/runtime-max-sec-test-3.service.d/
cat >/etc/systemd/system/runtime-max-sec-test-3.service.d/override.conf <<EOF
[Service]
systemd-run \
--scope \
-u runtime-max-sec-test-4.scope \
- sh -c "while true; do sleep 1; done" &
+ bash -c "while true; do sleep 1; done" &
# Wait until the unit is running to avoid race with creating the override.
until systemctl is-active runtime-max-sec-test-4.scope; do
test -f /run/exec1
(! systemd-run --unit=exec2.service --wait -p StandardOutput=tty -p StandardError=tty -p Type=exec \
- -p ExecStopPost='touch /run/exec2' sh -c 'sleep 1; false')
+ -p ExecStopPost='touch /run/exec2' bash -c 'sleep 1; false')
test -f /run/exec2
cat >/tmp/forking1.sh <<EOF
-p StandardOutput=file:/tmp/stdout \
-p StandardError=file:/tmp/stderr \
-p Type=exec \
- sh -c 'echo x ; echo y >&2'
+ bash -c 'echo x ; echo y >&2'
cmp /tmp/stdout <<EOF
x
EOF
-p StandardOutput=file:/tmp/stdout \
-p StandardError=file:/tmp/stderr \
-p Type=exec \
- sh -c 'echo z ; echo a >&2'
+ bash -c 'echo z ; echo a >&2'
cmp /tmp/stdout <<EOF
z
EOF
-p StandardOutput=append:/tmp/stdout \
-p StandardError=append:/tmp/stderr \
-p Type=exec \
- sh -c 'echo b ; echo c >&2'
+ bash -c 'echo b ; echo c >&2'
cmp /tmp/stdout <<EOF
z
b
-p StandardOutput=truncate:/tmp/stdout \
-p StandardError=truncate:/tmp/stderr \
-p Type=exec \
- sh -c 'echo a ; echo b >&2'
+ bash -c 'echo a ; echo b >&2'
cmp /tmp/stdout <<EOF
a
EOF
# Check that this will work safely a second time
systemd-run --user -p StateDirectory=foo -p ConfigurationDirectory=foo --wait true
-( ! systemd-run --user -p StateDirectory=foo::ro --wait sh -c "echo foo > $HOME/.local/state/foo/baz")
-( ! systemd-run --user -p StateDirectory=foo:bar:ro --wait sh -c "echo foo > $HOME/.local/state/foo/baz")
+( ! systemd-run --user -p StateDirectory=foo::ro --wait bash -c "echo foo > $HOME/.local/state/foo/baz")
+( ! systemd-run --user -p StateDirectory=foo:bar:ro --wait bash -c "echo foo > $HOME/.local/state/foo/baz")
( ! test -f "$HOME"/.local/state/foo/baz)
test -L "$HOME"/.local/state/bar
(! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"=zzz test -f "${path}"/zzz/test-missing)
systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" test -d "${path}"/www
systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" test -L "${path}"/ro
- (! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" sh -c "echo foo > ${path}/www/test-missing")
+ (! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" bash -c "echo foo > ${path}/www/test-missing")
test -d "${path}"/zzz
test ! -L "${path}"/zzz
(! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=1 -p "${directory}"=zzz test -f "${path}"/zzz/test-missing)
systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=1 -p "${directory}"="www::ro www:ro:ro" test -d "${path}"/www
systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=1 -p "${directory}"="www::ro www:ro:ro" test -L "${path}"/ro
- (! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=1 -p "${directory}"="www::ro www:ro:ro" sh -c "echo foo > ${path}/www/test-missing")
+ (! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=1 -p "${directory}"="www::ro www:ro:ro" bash -c "echo foo > ${path}/www/test-missing")
test -L "${path}"/zzz
test -d "${path}"/private/zzz
(! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"=zzz test -f "${path}"/zzz/test-missing)
systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" test -d "${path}"/www
systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" test -L "${path}"/ro
- (! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" sh -c "echo foo > ${path}/www/test-missing")
+ (! systemd-run --wait -p RuntimeDirectoryPreserve=yes -p DynamicUser=0 -p "${directory}"="www::ro www:ro:ro" bash -c "echo foo > ${path}/www/test-missing")
test -d "${path}"/zzz
test ! -L "${path}"/zzz
ExecStart=test -f ${path}/zzz/test
ExecStart=test -d ${path}/www
ExecStart=test -L ${path}/ro
-ExecStart=sh -c "! test -w ${path}/www"
+ExecStart=bash -c "! test -w ${path}/www"
EOF
systemctl daemon-reload
systemctl start --wait testservice-34.service
runas testuser systemd-run --wait --user --unit=test-devices \
-p PrivateDevices=yes -p PrivateIPC=yes \
- sh -c "ls -1 /dev/ | wc -l | grep -q -F 18"
+ bash -c "ls -1 /dev/ | wc -l | grep -q -F 18"
# Same check as test/test-execute/exec-privatenetwork-yes.service
runas testuser systemd-run --wait --user --unit=test-network \
-p PrivateNetwork=yes \
- sh -x -c '! ip link | grep -E "^[0-9]+: " | grep -Ev ": (lo|(erspan|gre|gretap|ip_vti|ip6_vti|ip6gre|ip6tnl|sit|tunl)0@.*):"'
+ bash -x -c '! ip link | grep -E "^[0-9]+: " | grep -Ev ": (lo|(erspan|gre|gretap|ip_vti|ip6_vti|ip6gre|ip6tnl|sit|tunl)0@.*):"'
(! runas testuser systemd-run --wait --user --unit=test-hostname \
-p ProtectHostname=yes \
(! runas testuser systemd-run --wait --user --unit=test-kernel-tunable \
-p ProtectKernelTunables=yes \
- sh -c "echo 0 >/proc/sys/user/max_user_namespaces")
+ bash -c "echo 0 >/proc/sys/user/max_user_namespaces")
(! runas testuser systemd-run --wait --user --unit=test-kernel-mod \
-p ProtectKernelModules=yes \
- sh -c "modprobe -r overlay && modprobe overlay")
+ bash -c "modprobe -r overlay && modprobe overlay")
if sysctl kernel.dmesg_restrict=0; then
(! runas testuser systemd-run --wait --user --unit=test-kernel-log \
run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest ln -s /home/srub Areas/srub
run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest ln -s /root Areas/root
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest sh -c 'echo $HOME')" = "/home/subareatest"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest sh -c 'echo x$XDG_AREA')" = "x"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest sh -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb sh -c 'echo $HOME')" = "/home/subareatest/Areas/furb"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb sh -c 'echo $XDG_AREA')" = "furb"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb sh -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)/Areas/furb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest bash -c 'echo $HOME')" = "/home/subareatest"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest bash -c 'echo x$XDG_AREA')" = "x"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest bash -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb bash -c 'echo $HOME')" = "/home/subareatest/Areas/furb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb bash -c 'echo $XDG_AREA')" = "furb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb bash -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)/Areas/furb"
PASSWORD=quux homectl update subareatest --default-area=molb
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest sh -c 'echo $HOME')" = "/home/subareatest/Areas/molb"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest sh -c 'echo $XDG_AREA')" = "molb"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest sh -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)/Areas/molb"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb sh -c 'echo $HOME')" = "/home/subareatest/Areas/furb"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb sh -c 'echo $XDG_AREA')" = "furb"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb sh -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)/Areas/furb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest bash -c 'echo $HOME')" = "/home/subareatest/Areas/molb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest bash -c 'echo $XDG_AREA')" = "molb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest bash -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)/Areas/molb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb bash -c 'echo $HOME')" = "/home/subareatest/Areas/furb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb bash -c 'echo $XDG_AREA')" = "furb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb bash -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)/Areas/furb"
# Install a PK rule that allows 'subareatest' user to invoke run0 without password, just for testing
cat >/usr/share/polkit-1/rules.d/subareatest.rules <<'EOF'
EOF
# Test "recursive" operation
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=molb sh -c 'echo $HOME')" = "/home/subareatest/Areas/molb"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=molb sh -c 'echo $XDG_AREA')" = "molb"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=molb sh -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)/Areas/molb"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=molb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb sh -c 'echo $HOME')" = "/home/subareatest/Areas/furb"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=molb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb sh -c 'echo $XDG_AREA')" = "furb"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=molb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb sh -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)/Areas/furb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=molb bash -c 'echo $HOME')" = "/home/subareatest/Areas/molb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=molb bash -c 'echo $XDG_AREA')" = "molb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=molb bash -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)/Areas/molb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=molb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb bash -c 'echo $HOME')" = "/home/subareatest/Areas/furb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=molb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb bash -c 'echo $XDG_AREA')" = "furb"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=molb run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=furb bash -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)/Areas/furb"
# Test symlinked area
mkdir -p /home/srub
chown subareatest:subareatest /home/srub
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=srub sh -c 'echo $HOME')" = "/home/srub"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=srub sh -c 'echo $XDG_AREA')" = "srub"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=srub sh -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)/Areas/srub"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=srub bash -c 'echo $HOME')" = "/home/srub"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=srub bash -c 'echo $XDG_AREA')" = "srub"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=srub bash -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)/Areas/srub"
# Verify that login into an area not owned by target user will be redirected to main area
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=root sh -c 'echo $HOME')" = "/home/subareatest"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=root sh -c 'echo x$XDG_AREA')" = "x"
-test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=root sh -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=root bash -c 'echo $HOME')" = "/home/subareatest"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=root bash -c 'echo x$XDG_AREA')" = "x"
+test "$(run0 --property=SetCredential=pam.authtok.systemd-run0:quux -u subareatest --area=root bash -c 'echo $XDG_RUNTIME_DIR')" = "/run/user/$(id -u subareatest)"
systemctl stop user@"$(id -u subareatest)".service
RemainAfterExit=yes
MountAPIVFS=yes
PrivateTmp=yes
-ExecStart=sh -c ' \\
+ExecStart=bash -c ' \\
systemd-notify --ready; \\
while [ ! -f /tmp/img/usr/lib/os-release ] || ! grep -q -F MARKER /tmp/img/usr/lib/os-release; do \\
sleep 0.1; \\
systemd-run -M testuser@ --user --pipe --wait \
--property RootImage="$MINIMAL_IMAGE.raw" \
--property ExtensionImages=/tmp/app0.raw \
- sh -c "test -e \"/dev/mapper/${MINIMAL_IMAGE_ROOTHASH}-verity\" && test -e \"/dev/mapper/$(</tmp/app0.roothash)-verity\""
+ bash -c "test -e \"/dev/mapper/${MINIMAL_IMAGE_ROOTHASH}-verity\" && test -e \"/dev/mapper/$(</tmp/app0.roothash)-verity\""
# Without a signature this should not work, as mountfsd should reject it, even if we explicitly ask to
# trust it
(! systemd-run -M testuser@ --user --pipe --wait \
--property RootImage="$MINIMAL_IMAGE.raw" \
--property ExtensionImages=/tmp/app0.raw \
- sh -c "test -e \"/dev/mapper/${MINIMAL_IMAGE_ROOTHASH}-verity\" && test -e \"/dev/mapper/$(</tmp/app0.roothash)-verity\"")
+ bash -c "test -e \"/dev/mapper/${MINIMAL_IMAGE_ROOTHASH}-verity\" && test -e \"/dev/mapper/$(</tmp/app0.roothash)-verity\"")
(! systemd-run -M testuser@ --user --pipe --wait \
--property RootImage="$MINIMAL_IMAGE.raw" \
--property ExtensionImages=/tmp/app0.raw \
--property ExtensionImagePolicy=root=verity+signed+absent:usr=verity+signed+absent \
- sh -c "test -e \"/dev/mapper/${MINIMAL_IMAGE_ROOTHASH}-verity\" && test -e \"/dev/mapper/$(</tmp/app0.roothash)-verity\"")
+ bash -c "test -e \"/dev/mapper/${MINIMAL_IMAGE_ROOTHASH}-verity\" && test -e \"/dev/mapper/$(</tmp/app0.roothash)-verity\"")
mv /tmp/app0.roothash.p7s.bak /tmp/app0.roothash.p7s
fi
[Service]
Type=notify
NotifyAccess=all
-ExecStart=sh -c "echo 'Hello from test unit' >/tmp/testfile; systemd-notify --ready; sleep infinity"
+ExecStart=bash -c "echo 'Hello from test unit' >/tmp/testfile; systemd-notify --ready; sleep infinity"
PrivateTmp=disconnected
EOF
# Start the service
SuccessAction=reboot
[Service]
-ExecStart=sh -xec 'echo 0 >/sys/fs/selinux/enforce; fixfiles -f -F relabel; rm /.autorelabel;'
+ExecStart=bash -xec 'echo 0 >/sys/fs/selinux/enforce; fixfiles -f -F relabel; rm /.autorelabel;'
Type=oneshot
TimeoutSec=infinity
projects / thirdparty / systemd.git / commitdiff
