- When modifying existing tests, please convert the test to use the new assertion
macros from `tests.h` if it is not already using those.
+
+## Integration Tests
+
+- Never use `grep -q` in a pipeline, use `grep >/dev/null` instead. The former
+ will generate `SIGPIPE` for the previous command in the pipeline when it finds
+ a match which will cause the test to fail unexpectedly.
test -f "$uki"
if [ -x "$bootctl" ]; then
- "$bootctl" kernel-inspect "$uki" | grep -qE 'Kernel Type: +uki$'
- "$bootctl" kernel-inspect "$uki" | grep -qE 'Version: +1\.1\.3$'
- "$bootctl" kernel-inspect "$uki" | grep -qE 'Cmdline: +opt1 opt2$'
+ "$bootctl" kernel-inspect "$uki" | grep -E 'Kernel Type: +uki$' >/dev/null
+ "$bootctl" kernel-inspect "$uki" | grep -E 'Version: +1\.1\.3$' >/dev/null
+ "$bootctl" kernel-inspect "$uki" | grep -E 'Cmdline: +opt1 opt2$' >/dev/null
fi
- "$ukify" inspect "$uki" | grep -qE '^.sbat'
- "$ukify" inspect "$uki" | grep -qE '^.cmdline'
- "$ukify" inspect "$uki" | grep -qE '^.uname'
- "$ukify" inspect "$uki" | grep -qE '^.initrd'
- "$ukify" inspect "$uki" | grep -qE '^.linux'
- "$ukify" inspect "$uki" | grep -qE '^.dtb'
+ "$ukify" inspect "$uki" | grep -E '^.sbat' >/dev/null
+ "$ukify" inspect "$uki" | grep -E '^.cmdline' >/dev/null
+ "$ukify" inspect "$uki" | grep -E '^.uname' >/dev/null
+ "$ukify" inspect "$uki" | grep -E '^.initrd' >/dev/null
+ "$ukify" inspect "$uki" | grep -E '^.linux' >/dev/null
+ "$ukify" inspect "$uki" | grep -E '^.dtb' >/dev/null
rm "$D/sources/install.conf.d/override.conf"
fi
ID="$(systemd-id128 new)"
systemd-cat -t "$ID" bash -c "for ((i=0;i<100;i++)); do echo -n hoge with ${c}; done; echo"
journalctl --sync
- timeout 10 bash -c "until SYSTEMD_LOG_LEVEL=debug journalctl --verify --quiet --file /var/log/journal/$MACHINE_ID/system.journal 2>&1 | grep -q -F 'compress=${c}'; do sleep .5; done"
+ timeout 10 bash -c "until SYSTEMD_LOG_LEVEL=debug journalctl --verify --quiet --file /var/log/journal/$MACHINE_ID/system.journal 2>&1 | grep -F 'compress=${c}' >/dev/null; do sleep .5; done"
# $SYSTEMD_JOURNAL_COMPRESS= also works for journal-remote
if [[ -x /usr/lib/systemd/systemd-journal-remote ]]; then
for cc in NONE XZ LZ4 ZSTD; do
rm -f /tmp/foo.journal
SYSTEMD_JOURNAL_COMPRESS="${cc}" /usr/lib/systemd/systemd-journal-remote --split-mode=none -o /tmp/foo.journal --getter="journalctl -b -o export -t $ID"
- SYSTEMD_LOG_LEVEL=debug journalctl --verify --quiet --file /tmp/foo.journal 2>&1 | grep -q -F "compress=${cc}"
- journalctl -t "$ID" -o cat --file /tmp/foo.journal | grep -q -F "hoge with ${c}"
+ SYSTEMD_LOG_LEVEL=debug journalctl --verify --quiet --file /tmp/foo.journal 2>&1 | grep -F "compress=${cc}" >/dev/null
+ journalctl -t "$ID" -o cat --file /tmp/foo.journal | grep -F "hoge with ${c}" >/dev/null
done
fi
done
# Forward Secure Sealing
-if ! journalctl --version | grep -qF +GCRYPT; then
+if ! journalctl --version | grep -F +GCRYPT >/dev/null; then
echo "Built without gcrypt, skipping the FSS tests"
exit 0
fi
ID="$(systemd-id128 new)"
echo -e 'HEAD\nTAIL\nTAIL' | systemd-cat -t "$ID"
journalctl --sync
-journalctl -b -t "$ID" | grep -q HEAD
-journalctl -b -t "$ID" | grep -q TAIL
-journalctl -b -t "$ID" --truncate-newline | grep -q HEAD
-journalctl -b -t "$ID" --truncate-newline | grep -q -v TAIL
+journalctl -b -t "$ID" | grep HEAD >/dev/null
+journalctl -b -t "$ID" | grep TAIL >/dev/null
+journalctl -b -t "$ID" --truncate-newline | grep HEAD >/dev/null
+journalctl -b -t "$ID" --truncate-newline | grep -v TAIL >/dev/null
# '-b all' negates earlier use of -b (-b and -m are otherwise exclusive)
journalctl -b -1 -b all -m >/dev/null
systemd-run --wait --pipe --unit "$SERVICE_NAME" "${ARGUMENTS[@]}" \
bash -xec "test -r /dev/null; test ! -w /dev/null; test ! -r $LODEV; test -w $LODEV; test ! -r /dev/tty; test ! -w /dev/tty"
- if ! systemctl --version | grep -qF -- "-BPF_FRAMEWORK"; then
+ if ! systemctl --version | grep -F -- "-BPF_FRAMEWORK" >/dev/null; then
# SocketBind*=
ARGUMENTS=(
-p SocketBindAllow=
check_mount_opts 'BPFDelegateAttachments=BPFFlowDissector,BPFCgroupSysctl,BPFNetfilter' 'delegate_attachs=flow_dissector:cgroup_sysctl:netfilter'
# Building test-bpf-token requires BPF support
-if systemctl --version | grep -q -- -BPF_FRAMEWORK; then
+if systemctl --version | grep -- -BPF_FRAMEWORK >/dev/null; then
exit 0
fi
# again with the userspace options. Typically, the window between the two calls is very short, but when
# the mount event source is ratelimited after the first event, processing the second event may be delayed
# about 1 second. Hence, here we need to wait for a while.
- timeout 10 bash -c 'until systemctl show --property=After --value tmp-deptest.mount | grep -q -F remote-fs-pre.target; do sleep .1; done'
+ timeout 10 bash -c 'until systemctl show --property=After --value tmp-deptest.mount | grep -F remote-fs-pre.target >/dev/null; do sleep .1; done'
after=$(systemctl show --property=After --value tmp-deptest.mount)
assert_not_in "local-fs-pre.target" "$after"
assert_in "remote-fs-pre.target" "$after"
# test io.systemd.Machine.List with sshAddress and sshPrivateKeyPath fields
varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.Register '{"name": "registered-container", "class": "container", "sshAddress": "localhost", "sshPrivateKeyPath": "/non-existent"}'
timeout 30 bash -c "until varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.List '{\"name\":\"registered-container\"}'; do sleep 0.5; done"
-varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.List '{"name":"registered-container"}' | jq '.sshAddress' | grep -q 'localhost'
-varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.List '{"name":"registered-container"}' | jq '.sshPrivateKeyPath' | grep -q 'non-existent'
+varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.List '{"name":"registered-container"}' | jq '.sshAddress' | grep 'localhost' >/dev/null
+varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.List '{"name":"registered-container"}' | jq '.sshPrivateKeyPath' | grep 'non-existent' >/dev/null
varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.Unregister '{"name": "registered-container"}'
# test io.systemd.Machine.List with addresses, OSRelease, and UIDShift fields
(! journalctl -u systemd-machined.service --since="$TS" --grep 'Connection busy')
machinectl terminate container-without-os-release
-(ip addr show lo | grep -q 192.168.1.100) || ip address add 192.168.1.100/24 dev lo
+(ip addr show lo | grep 192.168.1.100 >/dev/null) || ip address add 192.168.1.100/24 dev lo
(! varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.List '{"name": ".host"}' | grep 'addresses')
varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.List '{"name": ".host", "acquireMetadata": "yes"}' | grep 'addresses'
(! varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.List '{"name": ".host"}' | grep 'OSRelease')
SYSTEMD_LOG_LEVEL=debug udevadm trigger --verbose --settle --action add /dev/null
test -f /run/udev/data/c1:3
-udevadm info /dev/null | grep -q 'E: HOGE=aa\\x20\\x20\\x20bb'
-udevadm info /dev/null | grep -q 'E: FOO=\\x20aaa\\x20'
+udevadm info /dev/null | grep 'E: HOGE=aa\\x20\\x20\\x20bb' >/dev/null
+udevadm info /dev/null | grep 'E: FOO=\\x20aaa\\x20' >/dev/null
rm /run/udev/rules.d/50-testsuite.rules
udevadm control --reload
while : ; do
(
- udevadm info "$ROOTDEV" | grep -q -v SYSTEMD_WANTS=foobar.service
- udevadm info "$ROOTDEV" | grep -q -v SYSTEMD_WANTS=waldo.service
- systemctl show -p WantedBy foobar.service | grep -q -v "${ROOTDEV#/dev/}"
- systemctl show -p WantedBy waldo.service | grep -q -v "${ROOTDEV#/dev/}"
+ udevadm info "$ROOTDEV" | grep -v SYSTEMD_WANTS=foobar.service >/dev/null
+ udevadm info "$ROOTDEV" | grep -v SYSTEMD_WANTS=waldo.service >/dev/null
+ systemctl show -p WantedBy foobar.service | grep -v "${ROOTDEV#/dev/}" >/dev/null
+ systemctl show -p WantedBy waldo.service | grep -v "${ROOTDEV#/dev/}" >/dev/null
) && break
sleep .5
while : ; do
(
- udevadm info "$ROOTDEV" | grep -q SYSTEMD_WANTS=foobar.service
- udevadm info "$ROOTDEV" | grep -q -v SYSTEMD_WANTS=waldo.service
- systemctl show -p WantedBy foobar.service | grep -q "${ROOTDEV#/dev/}"
- systemctl show -p WantedBy waldo.service | grep -q -v "${ROOTDEV#/dev/}"
+ udevadm info "$ROOTDEV" | grep SYSTEMD_WANTS=foobar.service >/dev/null
+ udevadm info "$ROOTDEV" | grep -v SYSTEMD_WANTS=waldo.service >/dev/null
+ systemctl show -p WantedBy foobar.service | grep "${ROOTDEV#/dev/}" >/dev/null
+ systemctl show -p WantedBy waldo.service | grep -v "${ROOTDEV#/dev/}" >/dev/null
) && break
sleep .5
while : ; do
(
- udevadm info "$ROOTDEV" | grep -q -v SYSTEMD_WANTS=foobar.service
- udevadm info "$ROOTDEV" | grep -q SYSTEMD_WANTS=waldo.service
- systemctl show -p WantedBy foobar.service | grep -q -v "${ROOTDEV#/dev/}"
- systemctl show -p WantedBy waldo.service | grep -q "${ROOTDEV#/dev/}"
+ udevadm info "$ROOTDEV" | grep -v SYSTEMD_WANTS=foobar.service >/dev/null
+ udevadm info "$ROOTDEV" | grep SYSTEMD_WANTS=waldo.service >/dev/null
+ systemctl show -p WantedBy foobar.service | grep -v "${ROOTDEV#/dev/}" >/dev/null
+ systemctl show -p WantedBy waldo.service | grep "${ROOTDEV#/dev/}" >/dev/null
) && break
sleep .5
while : ; do
(
- udevadm info "$ROOTDEV" | grep -q -v SYSTEMD_WANTS=foobar.service
- udevadm info "$ROOTDEV" | grep -q -v SYSTEMD_WANTS=waldo.service
- systemctl show -p WantedBy foobar.service | grep -q -v "${ROOTDEV#/dev/}"
- systemctl show -p WantedBy waldo.service | grep -q -v "${ROOTDEV#/dev/}"
+ udevadm info "$ROOTDEV" | grep -v SYSTEMD_WANTS=foobar.service >/dev/null
+ udevadm info "$ROOTDEV" | grep -v SYSTEMD_WANTS=waldo.service >/dev/null
+ systemctl show -p WantedBy foobar.service | grep -v "${ROOTDEV#/dev/}" >/dev/null
+ systemctl show -p WantedBy waldo.service | grep -v "${ROOTDEV#/dev/}" >/dev/null
) && break
sleep .5
test -f /run/udev/tags/added/c1:3
test ! -f /run/udev/tags/changed/c1:3
-udevadm info /dev/null | grep -q 'E: TAGS=.*:added:.*'
-udevadm info /dev/null | grep -q 'E: CURRENT_TAGS=.*:added:.*'
-udevadm info /dev/null | grep -q 'E: TAGS=.*:changed:.*' && { echo 'unexpected TAGS='; exit 1; }
-udevadm info /dev/null | grep -q 'E: CURRENT_TAGS=.*:changed:.*' && { echo 'unexpected CURRENT_TAGS='; exit 1; }
+udevadm info /dev/null | grep 'E: TAGS=.*:added:.*' >/dev/null
+udevadm info /dev/null | grep 'E: CURRENT_TAGS=.*:added:.*' >/dev/null
+udevadm info /dev/null | grep 'E: TAGS=.*:changed:.*' >/dev/null && { echo 'unexpected TAGS='; exit 1; }
+udevadm info /dev/null | grep 'E: CURRENT_TAGS=.*:changed:.*' >/dev/null && { echo 'unexpected CURRENT_TAGS='; exit 1; }
SYSTEMD_LOG_LEVEL=debug udevadm trigger --verbose --settle --action change /dev/null
test -f /run/udev/tags/added/c1:3
test -f /run/udev/tags/changed/c1:3
-udevadm info /dev/null | grep -q 'E: TAGS=.*:added:.*'
-udevadm info /dev/null | grep -q 'E: CURRENT_TAGS=.*:added:.*' && { echo 'unexpected CURRENT_TAGS='; exit 1; }
-udevadm info /dev/null | grep -q 'E: TAGS=.*:changed:.*'
-udevadm info /dev/null | grep -q 'E: CURRENT_TAGS=.*:changed:.*'
+udevadm info /dev/null | grep 'E: TAGS=.*:added:.*' >/dev/null
+udevadm info /dev/null | grep 'E: CURRENT_TAGS=.*:added:.*' >/dev/null && { echo 'unexpected CURRENT_TAGS='; exit 1; }
+udevadm info /dev/null | grep 'E: TAGS=.*:changed:.*' >/dev/null
+udevadm info /dev/null | grep 'E: CURRENT_TAGS=.*:changed:.*' >/dev/null
SYSTEMD_LOG_LEVEL=debug udevadm trigger --verbose --settle --action add /dev/null
test -f /run/udev/tags/added/c1:3
test -f /run/udev/tags/changed/c1:3
-udevadm info /dev/null | grep -q 'E: TAGS=.*:added:.*'
-udevadm info /dev/null | grep -q 'E: CURRENT_TAGS=.*:added:.*'
-udevadm info /dev/null | grep -q 'E: TAGS=.*:changed:.*'
-udevadm info /dev/null | grep -q 'E: CURRENT_TAGS=.*:changed:.*' && { echo 'unexpected CURRENT_TAGS='; exit 1; }
+udevadm info /dev/null | grep 'E: TAGS=.*:added:.*' >/dev/null
+udevadm info /dev/null | grep 'E: CURRENT_TAGS=.*:added:.*' >/dev/null
+udevadm info /dev/null | grep 'E: TAGS=.*:changed:.*' >/dev/null
+udevadm info /dev/null | grep 'E: CURRENT_TAGS=.*:changed:.*' >/dev/null && { echo 'unexpected CURRENT_TAGS='; exit 1; }
rm /run/udev/rules.d/50-testsuite.rules
udevadm control --reload
test -n "$found"
journalctl --sync
- timeout -v 30 journalctl _PID=1 _COMM=systemd --since "$since" -n all --follow | grep -m 1 -q -F 'foobar: systemd-udevd failed to process the device, ignoring: File exists'
+ timeout -v 30 bash -c "journalctl _PID=1 _COMM=systemd --since '$since' -n all --follow | grep -m 1 -q -F 'foobar: systemd-udevd failed to process the device, ignoring: File exists'"
# check if the invalid SYSTEMD_ALIAS property for the interface foobar is ignored by PID1
assert_eq "$(systemctl show --property=SysFSPath --value /sys/subsystem/net/devices/hoge)" "/sys/devices/virtual/net/hoge"
}
# timestamp. But, if the timestamp is visible in "stat" it is a
# good indicator that the test can be run.
TEST_TMPFILES_AGEBY_BTIME=${TEST_TMPFILES_AGEBY_BTIME:-0}
-if stat --format "%w" /tmp/ageby 2>/dev/null | grep -qv '^[\?\-]$'; then
+if stat --format "%w" /tmp/ageby 2>/dev/null | grep -v '^[\?\-]$' >/dev/null; then
TEST_TMPFILES_AGEBY_BTIME=1
fi
# Check for an invalid "age" and "age-by" arguments.
for a in ':' ':1s' '2:1h' 'nope:42h' '" :7m"' 'm:' '::' '"+r^w-x:2/h"' 'b ar::64'; do
- systemd-tmpfiles --clean - <<EOF 2>&1 | grep -q -F 'Invalid age'
+ systemd-tmpfiles --clean - <<EOF 2>&1 | grep -F 'Invalid age' >/dev/null
d /tmp/ageby - - - ${a} -
EOF
done
# show/set-environment
# Make sure PATH is set
-systemctl show-environment | grep -q '^PATH='
+systemctl show-environment | grep '^PATH=' >/dev/null
# Let's add an entry and override a built-in one
systemctl set-environment PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/testaddition FOO=BAR
# Check that both are set
-systemctl show-environment | grep -q '^PATH=.*testaddition$'
-systemctl show-environment | grep -q '^FOO=BAR$'
+systemctl show-environment | grep '^PATH=.*testaddition$' >/dev/null
+systemctl show-environment | grep '^FOO=BAR$' >/dev/null
systemctl daemon-reload
# Check again after the reload
-systemctl show-environment | grep -q '^PATH=.*testaddition$'
-systemctl show-environment | grep -q '^FOO=BAR$'
+systemctl show-environment | grep '^PATH=.*testaddition$' >/dev/null
+systemctl show-environment | grep '^FOO=BAR$' >/dev/null
# Check that JSON output is supported
-systemctl show-environment --output=json | grep -q '^{.*"FOO":"BAR".*}$'
+systemctl show-environment --output=json | grep '^{.*"FOO":"BAR".*}$' >/dev/null
# Drop both
systemctl unset-environment FOO PATH
# Check that one is gone and the other reverted to the built-in
systemctl show-environment | grep '^FOO=$' && exit 1
systemctl show-environment | grep '^PATH=.*testaddition$' && exit 1
-systemctl show-environment | grep -q '^PATH='
+systemctl show-environment | grep '^PATH=' >/dev/null
# Check import-environment
export IMPORT_THIS=hello
export IMPORT_THIS_TOO=world
test -f "/run/systemd/user/$GLOBAL_UNIT_NAME"
# Test 2: Read the global unit with systemctl cat --global
-systemctl cat --global "$GLOBAL_UNIT_NAME" | grep -q "ExecStart=/bin/true"
+systemctl cat --global "$GLOBAL_UNIT_NAME" | grep "ExecStart=/bin/true" >/dev/null
# Test 3: Edit existing global unit (add a drop-in)
systemctl edit --global --runtime --stdin "$GLOBAL_UNIT_NAME" <<EOF
# Verify drop-in was created
test -f "/run/systemd/user/$GLOBAL_UNIT_NAME.d/override.conf"
-systemctl cat --global "$GLOBAL_UNIT_NAME" | grep -q "Environment=TEST=value"
+systemctl cat --global "$GLOBAL_UNIT_NAME" | grep "Environment=TEST=value" >/dev/null
# Test 4: Create a masked global unit in /run/
mkdir -p /run/systemd/user
ln -sf /dev/null "/run/systemd/user/$GLOBAL_MASKED_UNIT"
# Test 5: Verify cat shows it's masked
-systemctl cat --global "$GLOBAL_MASKED_UNIT" 2>&1 | grep -q "masked"
+systemctl cat --global "$GLOBAL_MASKED_UNIT" 2>&1 | grep "masked" >/dev/null
# Test 6: Verify edit refuses to edit masked unit
-(! systemctl edit --global --runtime --stdin --full "$GLOBAL_MASKED_UNIT" </dev/null 2>&1) | grep -q "masked"
+(! systemctl edit --global --runtime --stdin --full "$GLOBAL_MASKED_UNIT" </dev/null 2>&1) | grep "masked" >/dev/null
# Cleanup global test units
rm -f "/run/systemd/user/$GLOBAL_UNIT_NAME"
systemctl is-active minimal-app0-bar.service
systemctl is-active minimal-app0-foo.service && exit 1
-portablectl list | grep -q -F "minimal_1"
-busctl tree org.freedesktop.portable1 --no-pager | grep -q -F '/org/freedesktop/portable1/image/minimal_5f1'
+portablectl list | grep -F "minimal_1" >/dev/null
+busctl tree org.freedesktop.portable1 --no-pager | grep -F '/org/freedesktop/portable1/image/minimal_5f1' >/dev/null
portablectl detach --now --enable --runtime /tmp/minimal_1 minimal-app0
-portablectl list | grep -q -F "No images."
-busctl tree org.freedesktop.portable1 --no-pager | grep -q -F '/org/freedesktop/portable1/image/minimal_5f1' && exit 1
+portablectl list | grep -F "No images." >/dev/null
+busctl tree org.freedesktop.portable1 --no-pager | grep -F '/org/freedesktop/portable1/image/minimal_5f1' && exit 1 >/dev/null
mkdir /tmp/rootdir /tmp/app0 /tmp/app1 /tmp/overlay /tmp/os-release-fix /tmp/os-release-fix/etc
mount /tmp/app0.raw /tmp/app0
systemctl is-active app0.service
systemctl is-active app1.service
-portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -q -f /tmp/rootdir/usr/lib/os-release
-portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -q -f /tmp/app0/usr/lib/extension-release.d/extension-release.app0
-portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -q -f /tmp/app1/usr/lib/extension-release.d/extension-release.app2
-portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -q -f /tmp/app1/usr/lib/systemd/system/app1.service
-portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -q -f /tmp/app0/usr/lib/systemd/system/app0.service
+portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -f /tmp/rootdir/usr/lib/os-release >/dev/null
+portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -f /tmp/app0/usr/lib/extension-release.d/extension-release.app0 >/dev/null
+portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -f /tmp/app1/usr/lib/extension-release.d/extension-release.app2 >/dev/null
+portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -f /tmp/app1/usr/lib/systemd/system/app1.service >/dev/null
+portablectl inspect --cat --extension app0 --extension app1 rootdir app0 app1 | grep -f /tmp/app0/usr/lib/systemd/system/app0.service >/dev/null
grep -q -F "LogExtraFields=PORTABLE=app0" /run/systemd/system.attached/app0.service.d/20-portable.conf
grep -q -F "LogExtraFields=PORTABLE_ROOT=rootdir" /run/systemd/system.attached/app0.service.d/20-portable.conf
systemctl is-active minimal-app0-bar.service
systemctl is-active minimal-app0-foo.service && exit 1
-portablectl list | grep -q -F "minimal_1"
-busctl tree org.freedesktop.portable1 --no-pager | grep -q -F '/org/freedesktop/portable1/image/minimal_5f1'
+portablectl list | grep -F "minimal_1" >/dev/null
+busctl tree org.freedesktop.portable1 --no-pager | grep -F '/org/freedesktop/portable1/image/minimal_5f1' >/dev/null
portablectl detach --now --runtime /usr/share/minimal_1.raw minimal-app0
-portablectl list | grep -q -F "No images."
-busctl tree org.freedesktop.portable1 --no-pager | grep -q -F '/org/freedesktop/portable1/image/minimal_5f1' && exit 1
+portablectl list | grep -F "No images." >/dev/null
+busctl tree org.freedesktop.portable1 --no-pager | grep -F '/org/freedesktop/portable1/image/minimal_5f1' && exit 1 >/dev/null
# Ensure we don't regress (again) when using --force
systemctl is-active minimal-app0-bar.service
systemctl is-active minimal-app0-foo.service && exit 1
-portablectl list | grep -q -F "minimal_1"
-busctl tree org.freedesktop.portable1 --no-pager | grep -q -F '/org/freedesktop/portable1/image/minimal_5f1'
+portablectl list | grep -F "minimal_1" >/dev/null
+busctl tree org.freedesktop.portable1 --no-pager | grep -F '/org/freedesktop/portable1/image/minimal_5f1' >/dev/null
portablectl detach --force --now --runtime /usr/share/minimal_1.raw minimal-app0
-portablectl list | grep -q -F "No images."
-busctl tree org.freedesktop.portable1 --no-pager | grep -q -F '/org/freedesktop/portable1/image/minimal_5f1' && exit 1
+portablectl list | grep -F "No images." >/dev/null
+busctl tree org.freedesktop.portable1 --no-pager | grep -F '/org/freedesktop/portable1/image/minimal_5f1' >/dev/null && exit 1
portablectl "${ARGS[@]}" attach --now --runtime --extension /tmp/app0.raw /usr/share/minimal_0.raw app0
status="$(portablectl is-attached --extension /tmp/app10.raw /usr/share/minimal_0.raw)"
[[ "${status}" == "running-runtime" ]]
-portablectl inspect --force --cat --extension /tmp/app10.raw /usr/share/minimal_0.raw app0 | grep -q -F "Extension Release: /tmp/app10.raw"
+portablectl inspect --force --cat --extension /tmp/app10.raw /usr/share/minimal_0.raw app0 | grep -F "Extension Release: /tmp/app10.raw" >/dev/null
# Ensure that we can detach even when an image has been deleted already (stop the unit manually as
# portablectl won't find it)
status="$(portablectl is-attached --extension /tmp/app0.raw --extension /tmp/conf0.raw /usr/share/minimal_0.raw)"
[[ "${status}" == "running-runtime" ]]
-portablectl inspect --force --cat --extension /tmp/app0.raw --extension /tmp/conf0.raw /usr/share/minimal_0.raw app0 | grep -q -F "Extension Release: /tmp/conf0.raw"
+portablectl inspect --force --cat --extension /tmp/app0.raw --extension /tmp/conf0.raw /usr/share/minimal_0.raw app0 | grep -F "Extension Release: /tmp/conf0.raw" >/dev/null
portablectl detach --now --runtime --extension /tmp/app0.raw --extension /tmp/conf0.raw /usr/share/minimal_0.raw app0
# Ensure 'portablectl list' shows the correct status for both images
portablectl list
-portablectl list | grep -F "minimal_0" | grep -q -F "attached-runtime"
-portablectl list | grep -F "app0" | grep -q -F "attached-runtime"
-portablectl list | grep -F "app1" | grep -q -F "attached-runtime"
+portablectl list | grep -F "minimal_0" | grep -F "attached-runtime" >/dev/null
+portablectl list | grep -F "app0" | grep -F "attached-runtime" >/dev/null
+portablectl list | grep -F "app1" | grep -F "attached-runtime" >/dev/null
portablectl detach --runtime --extension /tmp/app0.raw /usr/share/minimal_0.raw app
# Quick smoke tests
-systemd-dissect --no-pager /usr/share/minimal_0.raw | grep -q '✓ portable service'
-systemd-dissect --no-pager /usr/share/minimal_1.raw | grep -q '✓ portable service'
-systemd-dissect --no-pager /tmp/app0.raw | grep -q '✓ sysext for portable service'
-systemd-dissect --no-pager /tmp/app1.raw | grep -q '✓ sysext for portable service'
-systemd-dissect --no-pager /tmp/conf0.raw | grep -q '✓ confext for portable service'
+systemd-dissect --no-pager /usr/share/minimal_0.raw | grep '✓ portable service' >/dev/null
+systemd-dissect --no-pager /usr/share/minimal_1.raw | grep '✓ portable service' >/dev/null
+systemd-dissect --no-pager /tmp/app0.raw | grep '✓ sysext for portable service' >/dev/null
+systemd-dissect --no-pager /tmp/app1.raw | grep '✓ sysext for portable service' >/dev/null
+systemd-dissect --no-pager /tmp/conf0.raw | grep '✓ confext for portable service' >/dev/null
# Lack of ID field in os-release should be rejected, but it caused a crash in the past instead
mkdir -p /tmp/emptyroot/usr/lib
loginctl terminate-user logind-test-user
- if ! timeout 30 bash -c "while loginctl --no-legend | grep -q logind-test-user; do sleep 1; done"; then
+ if ! timeout 30 bash -c "while loginctl --no-legend | grep logind-test-user >/dev/null; do sleep 1; done"; then
loginctl
echo "WARNING: session for logind-test-user still active, ignoring."
fi
return 1
fi
- if ! loginctl session-status "$session" | grep -q "Unit: session-${session}\.scope"; then
+ if ! loginctl session-status "$session" | grep "Unit: session-${session}\.scope" >/dev/null; then
echo "cannot find scope unit for session $session" >&2
return 1
fi
return
fi
- if loginctl --no-legend | grep -v manager | grep -q logind-test-user; then
+ if loginctl --no-legend | grep -v manager | grep logind-test-user >/dev/null; then
echo >&2 "Session of the 'logind-test-user' is already present."
exit 1
fi
# become idle again. 'Lock' signal is sent out for each session, we have at
# least one session, so minimum of 2 "Lock" signals must have been sent.
journalctl --sync
- timeout -v 35 journalctl -b -u systemd-logind.service --since="$ts" -n all --follow | grep -m 1 -q 'Sent message type=signal .* member=Lock'
+ timeout -v 35 bash -c "journalctl -b -u systemd-logind.service --since='$ts' -n all --follow | grep -m 1 -q 'Sent message type=signal .* member=Lock'"
# We need to know that a new message was sent after waking up,
# so we must track how many happened before sleeping to check we have extra.
# Wait again
journalctl --sync
- timeout -v 35 journalctl -b -u systemd-logind.service --since="$ts" -n all --follow | grep -m "$((locks + 1))" -q 'Sent message type=signal .* member=Lock'
- timeout -v 35 journalctl -b -u systemd-logind.service --since="$ts" -n all --follow | grep -m 2 -q -F 'System idle. Will be locked now.'
+ timeout -v 35 bash -c "journalctl -b -u systemd-logind.service --since='$ts' -n all --follow | grep -m '$((locks + 1))' -q 'Sent message type=signal .* member=Lock'"
+ timeout -v 35 bash -c "journalctl -b -u systemd-logind.service --since='$ts' -n all --follow | grep -m 2 -q -F 'System idle. Will be locked now.'"
}
testcase_session_properties() {
assert_eq "$(loginctl list-sessions --no-legend | grep -v manager | awk '$3 == "logind-test-user" { print $8 }')" no
assert_eq "$(loginctl list-sessions --no-legend | grep -v manager | awk '$3 == "logind-test-user" { print $9 }')" '-'
- loginctl list-seats --no-legend | grep -Fwq "${seat?}"
+ loginctl list-seats --no-legend | grep -Fw "${seat?}" >/dev/null
assert_eq "$(loginctl list-users --no-legend | awk '$2 == "logind-test-user" { print $1 }')" "$(id -ru logind-test-user)"
assert_eq "$(loginctl list-users --no-legend | awk '$2 == "logind-test-user" { print $3 }')" no
systemd-run --quiet --service-type=notify --unit=test-linger-signal-wait --pty \
-p Environment=SYSTEMD_LOG_LEVEL=debug \
-p ExecStartPost="loginctl enable-linger logind-test-user" \
- busctl --timeout=30 wait "/org/freedesktop/login1/user/_$(id -ru logind-test-user)" org.freedesktop.DBus.Properties PropertiesChanged | grep -qF '"Linger" b true'
+ busctl --timeout=30 wait "/org/freedesktop/login1/user/_$(id -ru logind-test-user)" org.freedesktop.DBus.Properties PropertiesChanged | grep -F '"Linger" b true' >/dev/null
assert_eq "$(loginctl list-users --no-legend | awk '$2 == "logind-test-user" { print $3 }')" yes
for s in $(loginctl list-sessions --no-legend | grep tty | awk '$3 == "logind-test-user" { print $1 }'); do
loginctl terminate-session "$s"
done
- if ! timeout 30 bash -c "while loginctl --no-legend | grep tty | grep -q logind-test-user; do sleep 1; done"; then
+ if ! timeout 30 bash -c "while loginctl --no-legend | grep tty | grep logind-test-user >/dev/null; do sleep 1; done"; then
echo "WARNING: session for logind-test-user still active, ignoring."
return
fi
systemd-sysusers --inline "u lightuser"
systemd-run -u "$TRANSIENTUNIT3" -p PAMName="$PAMSERVICE" -p "Environment=XDG_SESSION_TYPE=unspecified" -p Type=exec -p User=lightuser sleep infinity
- loginctl | grep lightuser | grep -q background-light
+ loginctl | grep lightuser | grep -w background-light >/dev/null
systemctl stop "$TRANSIENTUNIT3"
systemd-run -u "$TRANSIENTUNIT4" -p PAMName="$PAMSERVICE" -p "Environment=XDG_SESSION_TYPE=tty" -p Type=exec -p User=lightuser sleep infinity
- loginctl | grep lightuser | grep -q user-light
+ loginctl | grep lightuser | grep -w user-light >/dev/null
systemctl stop "$TRANSIENTUNIT4"
# Now check that run0's session class control works
systemd-run --service-type=notify run0 -u lightuser --unit="$RUN0UNIT0" sleep infinity
- loginctl | grep lightuser | grep -qw background-light
+ loginctl | grep lightuser | grep -w background-light >/dev/null
systemctl stop "$RUN0UNIT0"
systemd-run --service-type=notify run0 -u lightuser --unit="$RUN0UNIT1" --lightweight=yes sleep infinity
- loginctl | grep lightuser | grep -qw background-light
+ loginctl | grep lightuser | grep -w background-light >/dev/null
systemctl stop "$RUN0UNIT1"
systemd-run --service-type=notify run0 -u lightuser --unit="$RUN0UNIT2" --lightweight=no sleep infinity
- loginctl | grep lightuser | grep -qw background
+ loginctl | grep lightuser | grep -w background >/dev/null
systemctl stop "$RUN0UNIT2"
systemd-run --service-type=notify run0 -u root --unit="$RUN0UNIT3" sleep infinity
- loginctl | grep root | grep -qw background-light
+ loginctl | grep root | grep -w background-light >/dev/null
systemctl stop "$RUN0UNIT3"
}
for c in $classes; do
unit="user-sleeper-$c.service"
systemctl --quiet is-active "$unit"
- loginctl | grep logind-test-user | grep -qw "$c"
+ loginctl | grep logind-test-user | grep -w "$c" >/dev/null
systemctl kill "$unit"
done
}
systemd-run -p NUMAPolicy=local -p NUMAMask=0 -p CPUAffinity=numa --unit "$runUnit" sleep 1000
systemctlCheckNUMAProperties "$runUnit" "local" ""
- systemctl cat "$runUnit" | grep -q 'CPUAffinity=numa'
+ systemctl cat "$runUnit" | grep 'CPUAffinity=numa' >/dev/null
pid1StopUnit "$runUnit"
fi
runas testuser systemd-run --wait --user --unit=test-devices \
-p PrivateDevices=yes -p PrivateIPC=yes \
- bash -c "ls -1 /dev/ | wc -l | grep -q -F 18"
+ bash -c "ls -1 /dev/ | wc -l | grep -F 18 >/dev/null"
# Same check as test/test-execute/exec-privatenetwork-yes.service
runas testuser systemd-run --wait --user --unit=test-network \
}
wait_for_state() {
- timeout 2m bash -c "until homectl inspect '${1:?}' | grep -qF 'State: $2'; do sleep 2; done"
+ timeout 2m bash -c "until homectl inspect '${1:?}' | grep -F 'State: $2' >/dev/null; do sleep 2; done"
}
FSTYPE="$(stat --file-system --format "%T" /)"
NEWPASSWORD=quux homectl create tmpfsquota --storage=subvolume --dev-shm-limit=50K --tmp-limit=50K -P
for p in /dev/shm /tmp; do
- if findmnt -n -o options "$p" | grep -q usrquota; then
+ if findmnt -n -o options "$p" | grep usrquota >/dev/null; then
# Check if we can display the quotas. If we cannot, than it's likely
# that PID1 was also not able to set the limits and we should not fail
# in the tests below.
testcase_sign() {
# Test signing key logic
- homectl list-signing-keys | grep -q local.public
- (! (homectl list-signing-keys | grep -q signtest.public))
+ homectl list-signing-keys | grep local.public >/dev/null
+ (! (homectl list-signing-keys | grep signtest.public >/dev/null))
if built_with_musl; then
# FIXME: musl does not support yescrypt. Use SHA512 and update signature.
# Let's now add the signing key
print_public_key | homectl add-signing-key --key-name=signtest.public
homectl get-signing-key signtest.public | cmp - <(print_public_key)
- homectl list-signing-keys | grep -q local.public
- homectl list-signing-keys | grep -q signtest.public
+ homectl list-signing-keys | grep local.public >/dev/null
+ homectl list-signing-keys | grep signtest.public >/dev/null
# Now create the account with this, it should work now
print_identity | homectl create -P --identity=- --seize=no
(! PASSWORD="test" homectl with signtest true)
# Verify key is really gone
- homectl list-signing-keys | grep -q local.public
- (! (homectl list-signing-keys | grep -q signtest.public))
+ homectl list-signing-keys | grep local.public >/dev/null
+ (! (homectl list-signing-keys | grep signtest.public >/dev/null))
# Test unregister + adopt
mkdir /home/elsewhere
# add signing key via credential
wait_for_state signtest inactive
homectl remove-signing-key signtest.public
- (! (homectl list-signing-keys | grep -q signtest.public))
+ (! (homectl list-signing-keys | grep signtest.public >/dev/null))
systemd-run --wait -p "SetCredential=home.add-signing-key.signtest.public:$(print_public_key)" homectl firstboot
- homectl list-signing-keys | grep -q signtest.public
+ homectl list-signing-keys | grep signtest.public >/dev/null
# register user via credential
mkdir /home/elsewhere2
fi
systemd-dissect --json=short "$MINIMAL_IMAGE.raw" | \
- grep -q -F '{"rw":"ro","designator":"root","partition_uuid":null,"partition_label":null,"fstype":"squashfs","architecture":null,"verity":"external"'
-systemd-dissect "$MINIMAL_IMAGE.raw" | grep -q -F "MARKER=1"
+ grep -F '{"rw":"ro","designator":"root","partition_uuid":null,"partition_label":null,"fstype":"squashfs","architecture":null,"verity":"external"' >/dev/null
+systemd-dissect "$MINIMAL_IMAGE.raw" | grep -F "MARKER=1" >/dev/null
# shellcheck disable=SC2153
-systemd-dissect "$MINIMAL_IMAGE.raw" | grep -q -F -f <(sed 's/"//g' "$OS_RELEASE")
+systemd-dissect "$MINIMAL_IMAGE.raw" | grep -F -f <(sed 's/"//g' "$OS_RELEASE") >/dev/null
-systemd-dissect --list "$MINIMAL_IMAGE.raw" | grep -q '^etc/os-release$'
+systemd-dissect --list "$MINIMAL_IMAGE.raw" | grep '^etc/os-release$' >/dev/null
systemd-dissect --mtree "$MINIMAL_IMAGE.raw" --mtree-hash yes | \
- grep -qE "^.(/usr|)/bin/cat type=file mode=0755 uid=0 gid=0 size=[0-9]* sha256sum=[a-z0-9]*$"
+ grep -E "^.(/usr|)/bin/cat type=file mode=0755 uid=0 gid=0 size=[0-9]* sha256sum=[a-z0-9]*$" >/dev/null
systemd-dissect --mtree "$MINIMAL_IMAGE.raw" --mtree-hash no | \
- grep -qE "^.(/usr|)/bin/cat type=file mode=0755 uid=0 gid=0 size=[0-9]*$"
+ grep -E "^.(/usr|)/bin/cat type=file mode=0755 uid=0 gid=0 size=[0-9]*$" >/dev/null
read -r SHA256SUM1 _ < <(systemd-dissect --copy-from "$MINIMAL_IMAGE.raw" etc/os-release | sha256sum)
test "$SHA256SUM1" != ""
test "$SHA256SUM2" != ""
test "$SHA256SUM1" = "$SHA256SUM2"
-if systemctl --version | grep -qF -- "+LIBARCHIVE" ; then
+if systemctl --version | grep -F -- "+LIBARCHIVE" >/dev/null; then
# Make sure tarballs are reproducible
read -r SHA256SUM1 _ < <(systemd-dissect --make-archive "$MINIMAL_IMAGE.raw" | sha256sum)
test "$SHA256SUM1" != ""
--json=short \
--root-hash="$MINIMAL_IMAGE_ROOTHASH" \
--verity-data="$MINIMAL_IMAGE.fooverity" | \
- grep -q -F '{"rw":"ro","designator":"root","partition_uuid":null,"partition_label":null,"fstype":"squashfs","architecture":null,"verity":"external"'
+ grep -F '{"rw":"ro","designator":"root","partition_uuid":null,"partition_label":null,"fstype":"squashfs","architecture":null,"verity":"external"' >/dev/null
systemd-dissect "$MINIMAL_IMAGE.raw" \
--root-hash="$MINIMAL_IMAGE_ROOTHASH" \
--verity-data="$MINIMAL_IMAGE.fooverity" | \
- grep -q -F "MARKER=1"
+ grep -F "MARKER=1" >/dev/null
systemd-dissect "$MINIMAL_IMAGE.raw" \
--root-hash="$MINIMAL_IMAGE_ROOTHASH" \
--verity-data="$MINIMAL_IMAGE.fooverity" | \
- grep -q -F -f <(sed 's/"//g' "$OS_RELEASE")
+ grep -F -f <(sed 's/"//g' "$OS_RELEASE") >/dev/null
mv "$MINIMAL_IMAGE.fooverity" "$MINIMAL_IMAGE.verity"
mv "$MINIMAL_IMAGE.foohash" "$MINIMAL_IMAGE.roothash"
fi
# Ensure the kernel is verifying the signature if the mkosi key is in the keyring
if [ "$VERITY_SIG_SUPPORTED" -eq 1 ]; then
- veritysetup status "$(cat "$MINIMAL_IMAGE.roothash")-verity" | grep -q "verified (with signature)"
+ veritysetup status "$(cat "$MINIMAL_IMAGE.roothash")-verity" | grep "verified (with signature)" >/dev/null
fi
systemd-dissect --umount "$IMAGE_DIR/mount"
systemd-dissect --umount "$IMAGE_DIR/mount2"
SYSTEMD_VERITY_SHARING=0 systemd-dissect --mount "$MINIMAL_IMAGE.raw" "$IMAGE_DIR/mount"
d=""
for f in /dev/mapper/*; do
- if [[ "$(basename "$f")" =~ ^loop.*-verity ]] && veritysetup status "$(basename "$f")" | grep -q "$MINIMAL_IMAGE.raw"; then
+ if [[ "$(basename "$f")" =~ ^loop.*-verity ]] && veritysetup status "$(basename "$f")" | grep "$MINIMAL_IMAGE.raw" >/dev/null; then
d="$f"
break
fi
done
test -n "$d"
-dmsetup ls | grep -q "$(basename "$d")"
+dmsetup ls | grep "$(basename "$d")" >/dev/null
umount -R "$IMAGE_DIR/mount"
timeout 60 bash -c "while test -e $d; do sleep 0.1; done"
-( ! dmsetup ls | grep -q "$(basename "$d")")
+( ! dmsetup ls | grep "$(basename "$d")") >/dev/null
# Test BindLogSockets=
systemd-run --wait -p RootImage="$MINIMAL_IMAGE.raw" mountpoint /run/systemd/journal/socket
btrfs subvolume delete /test-dissect-btrfs-snapshot
fi
-systemd-run -P -p RootImage="$MINIMAL_IMAGE.raw" cat /usr/lib/os-release | grep -q -F "MARKER=1"
+systemd-run -P -p RootImage="$MINIMAL_IMAGE.raw" cat /usr/lib/os-release | grep -F "MARKER=1" >/dev/null
mv "$MINIMAL_IMAGE.verity" "$MINIMAL_IMAGE.fooverity"
mv "$MINIMAL_IMAGE.roothash" "$MINIMAL_IMAGE.foohash"
systemd-run -P \
-p RootHash="$MINIMAL_IMAGE.foohash" \
-p RootVerity="$MINIMAL_IMAGE.fooverity" \
-p BindLogSockets=yes \
- cat /usr/lib/os-release | grep -q -F "MARKER=1"
+ cat /usr/lib/os-release | grep -F "MARKER=1" >/dev/null
# Let's use the long option name just here as a test
systemd-run -P \
--property RootImage="$MINIMAL_IMAGE.raw" \
--property RootHash="$MINIMAL_IMAGE_ROOTHASH" \
--property RootVerity="$MINIMAL_IMAGE.fooverity" \
- cat /usr/lib/os-release | grep -q -F "MARKER=1"
+ cat /usr/lib/os-release | grep -F "MARKER=1" >/dev/null
mv "$MINIMAL_IMAGE.fooverity" "$MINIMAL_IMAGE.verity"
mv "$MINIMAL_IMAGE.foohash" "$MINIMAL_IMAGE.roothash"
systemd-dissect --json=short \
--root-hash "$MINIMAL_IMAGE_ROOTHASH" \
"$MINIMAL_IMAGE.gpt" | \
- grep -q '{"rw":"ro","designator":"root","partition_uuid":"'"$ROOT_UUID"'","partition_label":"Root Partition","fstype":"squashfs","architecture":"'"$ARCHITECTURE"'","verity":"signed",'
+ grep '{"rw":"ro","designator":"root","partition_uuid":"'"$ROOT_UUID"'","partition_label":"Root Partition","fstype":"squashfs","architecture":"'"$ARCHITECTURE"'","verity":"signed",' >/dev/null
systemd-dissect --json=short \
--root-hash "$MINIMAL_IMAGE_ROOTHASH" \
"$MINIMAL_IMAGE.gpt" | \
- grep -q '{"rw":"ro","designator":"root-verity","partition_uuid":"'"$VERITY_UUID"'","partition_label":"Verity Partition","fstype":"DM_verity_hash","architecture":"'"$ARCHITECTURE"'","verity":null,'
+ grep '{"rw":"ro","designator":"root-verity","partition_uuid":"'"$VERITY_UUID"'","partition_label":"Verity Partition","fstype":"DM_verity_hash","architecture":"'"$ARCHITECTURE"'","verity":null,' >/dev/null
if [[ -n "${OPENSSL_CONFIG:-}" ]]; then
systemd-dissect --json=short \
--root-hash "$MINIMAL_IMAGE_ROOTHASH" \
"$MINIMAL_IMAGE.gpt" | \
- grep -qE '{"rw":"ro","designator":"root-verity-sig","partition_uuid":"'".*"'","partition_label":"Signature Partition","fstype":"verity_hash_signature","architecture":"'"$ARCHITECTURE"'","verity":null,'
+ grep -E '{"rw":"ro","designator":"root-verity-sig","partition_uuid":"'".*"'","partition_label":"Signature Partition","fstype":"verity_hash_signature","architecture":"'"$ARCHITECTURE"'","verity":null,' >/dev/null
fi
-systemd-dissect --root-hash "$MINIMAL_IMAGE_ROOTHASH" "$MINIMAL_IMAGE.gpt" | grep -q -F "MARKER=1"
-systemd-dissect --root-hash "$MINIMAL_IMAGE_ROOTHASH" "$MINIMAL_IMAGE.gpt" | grep -q -F -f <(sed 's/"//g' "$OS_RELEASE")
+systemd-dissect --root-hash "$MINIMAL_IMAGE_ROOTHASH" "$MINIMAL_IMAGE.gpt" | grep -F "MARKER=1" >/dev/null
+systemd-dissect --root-hash "$MINIMAL_IMAGE_ROOTHASH" "$MINIMAL_IMAGE.gpt" | grep -F -f <(sed 's/"//g' "$OS_RELEASE") >/dev/null
# Test image policies
systemd-dissect --validate "$MINIMAL_IMAGE.gpt"
-p RootImage="$MINIMAL_IMAGE.gpt" \
-p RootHash="$MINIMAL_IMAGE_ROOTHASH" \
-p MountAPIVFS=yes \
- cat /usr/lib/os-release | grep -q -F "MARKER=1"
+ cat /usr/lib/os-release | grep -F "MARKER=1" >/dev/null
systemd-run --wait -P \
-p RootImage="$MINIMAL_IMAGE.gpt" \
-p RootHash="$MINIMAL_IMAGE_ROOTHASH" \
-p RootImagePolicy='*' \
-p MountAPIVFS=yes \
- cat /usr/lib/os-release | grep -q -F "MARKER=1"
+ cat /usr/lib/os-release | grep -F "MARKER=1" >/dev/null
(! systemd-run --wait -P \
-p RootImage="$MINIMAL_IMAGE.gpt" \
-p RootHash="$MINIMAL_IMAGE_ROOTHASH" \
-p RootImagePolicy='~' \
-p MountAPIVFS=yes \
- cat /usr/lib/os-release | grep -q -F "MARKER=1")
+ cat /usr/lib/os-release | grep -F "MARKER=1") >/dev/null
(! systemd-run --wait -P \
-p RootImage="$MINIMAL_IMAGE.gpt" \
-p RootHash="$MINIMAL_IMAGE_ROOTHASH" \
-p RootImagePolicy='-' \
-p MountAPIVFS=yes \
- cat /usr/lib/os-release | grep -q -F "MARKER=1")
+ cat /usr/lib/os-release | grep -F "MARKER=1") >/dev/null
(! systemd-run --wait -P \
-p RootImage="$MINIMAL_IMAGE.gpt" \
-p RootHash="$MINIMAL_IMAGE_ROOTHASH" \
-p RootImagePolicy='root=absent' \
-p MountAPIVFS=yes \
- cat /usr/lib/os-release | grep -q -F "MARKER=1")
+ cat /usr/lib/os-release | grep -F "MARKER=1") >/dev/null
systemd-run --wait -P \
-p RootImage="$MINIMAL_IMAGE.gpt" \
-p RootHash="$MINIMAL_IMAGE_ROOTHASH" \
-p RootImagePolicy='root=verity' \
-p MountAPIVFS=yes \
- cat /usr/lib/os-release | grep -q -F "MARKER=1"
+ cat /usr/lib/os-release | grep -F "MARKER=1" >/dev/null
systemd-run --wait -P \
-p RootImage="$MINIMAL_IMAGE.gpt" \
-p RootHash="$MINIMAL_IMAGE_ROOTHASH" \
-p RootImagePolicy='root=signed' \
-p MountAPIVFS=yes \
- cat /usr/lib/os-release | grep -q -F "MARKER=1"
+ cat /usr/lib/os-release | grep -F "MARKER=1" >/dev/null
(! systemd-run --wait -P \
-p RootImage="$MINIMAL_IMAGE.gpt" \
-p RootHash="$MINIMAL_IMAGE_ROOTHASH" \
-p RootImagePolicy='root=encrypted' \
-p MountAPIVFS=yes \
- cat /usr/lib/os-release | grep -q -F "MARKER=1")
+ cat /usr/lib/os-release | grep -F "MARKER=1") >/dev/null
systemd-dissect --root-hash "$MINIMAL_IMAGE_ROOTHASH" --mount "$MINIMAL_IMAGE.gpt" "$IMAGE_DIR/mount"
grep -q -F -f "$OS_RELEASE" "$IMAGE_DIR/mount/usr/lib/os-release"
-p RootImage="$MINIMAL_IMAGE.gpt" \
-p RootHash="$MINIMAL_IMAGE_ROOTHASH" \
-p MountAPIVFS=yes \
- cat /usr/lib/os-release | grep -q -F "MARKER=1"
+ cat /usr/lib/os-release | grep -F "MARKER=1" >/dev/null
systemd-run -P \
-p RootImage="$MINIMAL_IMAGE.raw" \
-p RootImageOptions="root:nosuid,dev home:ro,dev ro,noatime" \
- mount | grep -F "squashfs" | grep -q -F "nosuid"
+ mount | grep -F "squashfs" | grep -F "nosuid" >/dev/null
systemd-run -P \
-p RootImage="$MINIMAL_IMAGE.gpt" \
-p RootImageOptions="root:ro,noatime root:ro,dev" \
- mount | grep -F "squashfs" | grep -q -F "noatime"
+ mount | grep -F "squashfs" | grep -F "noatime" >/dev/null
mkdir -p "$IMAGE_DIR/result"
cat >/run/systemd/system/testservice-50a.service <<EOF
RootImageOptions=nosuid,dev
EOF
systemctl start testservice-50a.service
-grep -F "squashfs" "$IMAGE_DIR/result/a" | grep -q -F "noatime"
-grep -F "squashfs" "$IMAGE_DIR/result/a" | grep -q -F -v "nosuid"
+grep -F "squashfs" "$IMAGE_DIR/result/a" | grep -F "noatime" >/dev/null
+grep -F "squashfs" "$IMAGE_DIR/result/a" | grep -F -v "nosuid" >/dev/null
cat >/run/systemd/system/testservice-50b.service <<EOF
[Service]
MountAPIVFS=yes
EOF
systemctl start testservice-50b.service
-grep -F "squashfs" "$IMAGE_DIR/result/b" | grep -q -F "noatime"
+grep -F "squashfs" "$IMAGE_DIR/result/b" | grep -F "noatime" >/dev/null
# Check that specifier escape is applied %%foo → %foo
busctl get-property org.freedesktop.systemd1 \
# Now do some checks with MountImages, both by itself, with options and in combination with RootImage, and as single FS or GPT image
systemd-run -P \
-p MountImages="$MINIMAL_IMAGE.gpt:/run/img1 $MINIMAL_IMAGE.raw:/run/img2" \
- cat /run/img1/usr/lib/os-release | grep -q -F "MARKER=1"
+ cat /run/img1/usr/lib/os-release | grep -F "MARKER=1" >/dev/null
systemd-run -P \
-p MountImages="$MINIMAL_IMAGE.gpt:/run/img1 $MINIMAL_IMAGE.raw:/run/img2" \
- cat /run/img2/usr/lib/os-release | grep -q -F "MARKER=1"
+ cat /run/img2/usr/lib/os-release | grep -F "MARKER=1" >/dev/null
systemd-run -P \
-p MountImages="$MINIMAL_IMAGE.gpt:/run/img1 $MINIMAL_IMAGE.raw:/run/img2:nosuid,dev" \
- mount | grep -F "squashfs" | grep -q -F "nosuid"
+ mount | grep -F "squashfs" | grep -F "nosuid" >/dev/null
systemd-run -P \
-p MountImages="$MINIMAL_IMAGE.gpt:/run/img1:root:nosuid $MINIMAL_IMAGE.raw:/run/img2:home:suid" \
- mount | grep -F "squashfs" | grep -q -F "nosuid"
+ mount | grep -F "squashfs" | grep -F "nosuid" >/dev/null
systemd-run -P \
-p MountImages="$MINIMAL_IMAGE.raw:/run/img2\:3" \
- cat /run/img2:3/usr/lib/os-release | grep -q -F "MARKER=1"
+ cat /run/img2:3/usr/lib/os-release | grep -F "MARKER=1" >/dev/null
systemd-run -P \
-p MountImages="$MINIMAL_IMAGE.raw:/run/img2\:3:nosuid" \
- mount | grep -F "squashfs" | grep -q -F "nosuid"
+ mount | grep -F "squashfs" | grep -F "nosuid" >/dev/null
systemd-run -P \
-p TemporaryFileSystem=/run \
-p RootImage="$MINIMAL_IMAGE.raw" \
-p MountImages="$MINIMAL_IMAGE.gpt:/run/img1 $MINIMAL_IMAGE.raw:/run/img2" \
- cat /usr/lib/os-release | grep -q -F "MARKER=1"
+ cat /usr/lib/os-release | grep -F "MARKER=1" >/dev/null
systemd-run -P \
-p TemporaryFileSystem=/run \
-p RootImage="$MINIMAL_IMAGE.raw" \
-p MountImages="$MINIMAL_IMAGE.gpt:/run/img1 $MINIMAL_IMAGE.raw:/run/img2" \
- cat /run/img1/usr/lib/os-release | grep -q -F "MARKER=1"
+ cat /run/img1/usr/lib/os-release | grep -F "MARKER=1" >/dev/null
systemd-run -P \
-p TemporaryFileSystem=/run \
-p RootImage="$MINIMAL_IMAGE.gpt" \
-p RootHash="$MINIMAL_IMAGE_ROOTHASH" \
-p MountImages="$MINIMAL_IMAGE.gpt:/run/img1 $MINIMAL_IMAGE.raw:/run/img2" \
- cat /run/img2/usr/lib/os-release | grep -q -F "MARKER=1"
+ cat /run/img2/usr/lib/os-release | grep -F "MARKER=1" >/dev/null
systemd-run -P \
-p MountImages="$MINIMAL_IMAGE.raw:/run/img2" \
- veritysetup status "${MINIMAL_IMAGE_ROOTHASH}-verity" | grep -q "${MINIMAL_IMAGE_ROOTHASH}"
+ veritysetup status "${MINIMAL_IMAGE_ROOTHASH}-verity" | grep "${MINIMAL_IMAGE_ROOTHASH}" >/dev/null
cat >/run/systemd/system/testservice-50c.service <<EOF
[Service]
MountAPIVFS=yes
EOF
systemctl start testservice-50c.service
grep -q -F "MARKER=1" "$IMAGE_DIR/result/c"
-grep -F "squashfs" "$IMAGE_DIR/result/c" | grep -q -F "noatime"
-grep -F "squashfs" "$IMAGE_DIR/result/c" | grep -q -F -v "nosuid"
+grep -F "squashfs" "$IMAGE_DIR/result/c" | grep -F "noatime" >/dev/null
+grep -F "squashfs" "$IMAGE_DIR/result/c" | grep -F -v "nosuid" >/dev/null
# Adding a new mounts at runtime works if the unit is in the active state,
# so use Type=notify to make sure there's no race condition in the test
systemd-run -P \
--property ExtensionImages=/tmp/app0.raw \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /opt/script0.sh | grep -q -F "extension-release.app0"
+ cat /opt/script0.sh | grep -F "extension-release.app0" >/dev/null
systemd-run -P \
--property ExtensionImages=/tmp/app0.raw \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /usr/lib/systemd/system/some_file | grep -q -F "MARKER=1"
+ cat /usr/lib/systemd/system/some_file | grep -F "MARKER=1" >/dev/null
systemd-run -P \
--property ExtensionImages="/tmp/app0.raw /tmp/app1.raw" \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /opt/script0.sh | grep -q -F "extension-release.app0"
+ cat /opt/script0.sh | grep -F "extension-release.app0" >/dev/null
systemd-run -P \
--property ExtensionImages="/tmp/app0.raw /tmp/app1.raw" \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /usr/lib/systemd/system/some_file | grep -q -F "MARKER=1"
+ cat /usr/lib/systemd/system/some_file | grep -F "MARKER=1" >/dev/null
systemd-run -P \
--property ExtensionImages="/tmp/app0.raw /tmp/app1.raw" \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /opt/script1.sh | grep -q -F "extension-release.app2"
+ cat /opt/script1.sh | grep -F "extension-release.app2" >/dev/null
systemd-run -P \
--property ExtensionImages="/tmp/app0.raw /tmp/app1.raw" \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /usr/lib/systemd/system/other_file | grep -q -F "MARKER=1"
+ cat /usr/lib/systemd/system/other_file | grep -F "MARKER=1" >/dev/null
systemd-run -P \
--property ExtensionImages=/tmp/app-nodistro.raw \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /usr/lib/systemd/system/some_file | grep -q -F "MARKER=1"
+ cat /usr/lib/systemd/system/some_file | grep -F "MARKER=1" >/dev/null
systemd-run -P \
--property ExtensionImages=/etc/service-scoped-test.raw \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /etc/systemd/system/some_file | grep -q -F "MARKER_CONFEXT_123"
+ cat /etc/systemd/system/some_file | grep -F "MARKER_CONFEXT_123" >/dev/null
systemd-run -P \
--property ExtensionImages="/tmp/app0.raw /tmp/conf0.raw" \
- veritysetup status "$(cat /tmp/app0.roothash)-verity" | grep -q "$(cat /tmp/app0.roothash)"
+ veritysetup status "$(cat /tmp/app0.roothash)-verity" | grep "$(cat /tmp/app0.roothash)" >/dev/null
systemd-run -P \
--property ExtensionImages="/tmp/app0.raw /tmp/conf0.raw" \
- veritysetup status "$(cat /tmp/conf0.roothash)-verity" | grep -q "$(cat /tmp/conf0.roothash)"
+ veritysetup status "$(cat /tmp/conf0.roothash)-verity" | grep "$(cat /tmp/conf0.roothash)" >/dev/null
# Check that two identical verity images at different paths do not fail with -ELOOP from OverlayFS
mkdir -p /tmp/loop
--property ExtensionImages=/tmp/loop/app0_copy.raw \
--property RootImage="$MINIMAL_IMAGE.raw" \
"${BIND_LOG_SOCKETS[@]}" \
- cat /opt/script0.sh | grep -q -F "extension-release.app0"
+ cat /opt/script0.sh | grep -F "extension-release.app0" >/dev/null
rm -rf /tmp/loop/
# Check that using a symlink to NAME-VERSION.raw works as long as the symlink has the correct name NAME.raw
systemd-run -P \
--property ExtensionImages=/tmp/symlink-test/app-nodistro.raw \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /usr/lib/systemd/system/some_file | grep -q -F "MARKER=1"
+ cat /usr/lib/systemd/system/some_file | grep -F "MARKER=1" >/dev/null
# Symlink check again but for confext
mkdir -p /etc/symlink-test/
systemd-run -P \
--property ExtensionImages=/etc/symlink-test/service-scoped-test.raw \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /etc/systemd/system/some_file | grep -q -F "MARKER_CONFEXT_123"
+ cat /etc/systemd/system/some_file | grep -F "MARKER_CONFEXT_123" >/dev/null
# And again mixing sysext and confext
systemd-run -P \
--property ExtensionImages=/tmp/symlink-test/app-nodistro.raw \
--property ExtensionImages=/etc/symlink-test/service-scoped-test.raw \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /etc/systemd/system/some_file | grep -q -F "MARKER_CONFEXT_123"
+ cat /etc/systemd/system/some_file | grep -F "MARKER_CONFEXT_123" >/dev/null
systemd-run -P \
--property ExtensionImages=/tmp/symlink-test/app-nodistro.raw \
--property ExtensionImages=/etc/symlink-test/service-scoped-test.raw \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /usr/lib/systemd/system/some_file | grep -q -F "MARKER=1"
+ cat /usr/lib/systemd/system/some_file | grep -F "MARKER=1" >/dev/null
cat >/run/systemd/system/testservice-50e.service <<EOF
[Service]
systemd-run -P \
--property ExtensionDirectories="$IMAGE_DIR/app0" \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /opt/script0.sh | grep -q -F "extension-release.app0"
+ cat /opt/script0.sh | grep -F "extension-release.app0" >/dev/null
systemd-run -P \
--property ExtensionDirectories="$IMAGE_DIR/app0" \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /usr/lib/systemd/system/some_file | grep -q -F "MARKER=1"
+ cat /usr/lib/systemd/system/some_file | grep -F "MARKER=1" >/dev/null
systemd-run -P \
--property ExtensionDirectories="$IMAGE_DIR/app0 $IMAGE_DIR/app1" \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /opt/script0.sh | grep -q -F "extension-release.app0"
+ cat /opt/script0.sh | grep -F "extension-release.app0" >/dev/null
systemd-run -P \
--property ExtensionDirectories="$IMAGE_DIR/app0 $IMAGE_DIR/app1" \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /usr/lib/systemd/system/some_file | grep -q -F "MARKER=1"
+ cat /usr/lib/systemd/system/some_file | grep -F "MARKER=1" >/dev/null
systemd-run -P \
--property ExtensionDirectories="$IMAGE_DIR/app0 $IMAGE_DIR/app1" \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /opt/script1.sh | grep -q -F "extension-release.app2"
+ cat /opt/script1.sh | grep -F "extension-release.app2" >/dev/null
systemd-run -P \
--property ExtensionDirectories="$IMAGE_DIR/app0 $IMAGE_DIR/app1" \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /usr/lib/systemd/system/other_file | grep -q -F "MARKER=1"
+ cat /usr/lib/systemd/system/other_file | grep -F "MARKER=1" >/dev/null
systemd-run -P \
--property ExtensionDirectories="$IMAGE_DIR/app-nodistro" \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /usr/lib/systemd/system/some_file | grep -q -F "MARKER=1"
+ cat /usr/lib/systemd/system/some_file | grep -F "MARKER=1" >/dev/null
systemd-run -P \
--property ExtensionDirectories="$IMAGE_DIR/service-scoped-test" \
--property RootImage="$MINIMAL_IMAGE.raw" \
- cat /etc/systemd/system/some_file | grep -q -F "MARKER_CONFEXT_123"
+ cat /etc/systemd/system/some_file | grep -F "MARKER_CONFEXT_123" >/dev/null
cat >/run/systemd/system/testservice-50f.service <<EOF
[Service]
MountAPIVFS=yes
ln -s "$IMAGE_DIR/app0" "$VDIR/${VBASE}_0"
ln -s "$IMAGE_DIR/app1" "$VDIR/${VBASE}_1"
-systemd-run -P --property ExtensionDirectories="$VDIR -$EMPTY_VDIR -$NONEXISTENT_VDIR" cat /opt/script1.sh | grep -q -F "extension-release.app2"
+systemd-run -P --property ExtensionDirectories="$VDIR -$EMPTY_VDIR -$NONEXISTENT_VDIR" cat /opt/script1.sh | grep -F "extension-release.app2" >/dev/null
rm -rf "$VDIR" "$EMPTY_VDIR"
systemctl is-active testservice-50k.service
# Ensure the kernel is verifying the signature if the mkosi key is in the keyring
if [ "$VERITY_SIG_SUPPORTED" -eq 1 ]; then
- veritysetup status "$(cat "$MINIMAL_IMAGE.roothash")-verity" | grep -q "verified (with signature)"
+ veritysetup status "$(cat "$MINIMAL_IMAGE.roothash")-verity" | grep "verified (with signature)" >/dev/null
fi
# First reload should pick up the v1 marker
mksquashfs "$VDIR/${VBASE}_1" "$VDIR2/${VBASE}_1.raw" -noappend
ln -s "$MINIMAL_IMAGE.raw" "$VDIR/${VBASE}_34.raw"
ln -s "$MINIMAL_IMAGE.raw" "$VDIR/${VBASE}_35.raw"
-systemd-run -P -p RootImage="$VDIR" cat /usr/lib/os-release | grep -q -F "MARKER=1"
+systemd-run -P -p RootImage="$VDIR" cat /usr/lib/os-release | grep -F "MARKER=1" >/dev/null
rm "$VDIR/${VBASE}_33.raw" "$VDIR/${VBASE}_34.raw" "$VDIR/${VBASE}_35.raw"
rmdir "$VDIR"
mksquashfs testkit/ testkit.raw -noappend
cp testkit.raw /run/extensions/
unsquashfs -force -l /run/extensions/testkit.raw
-systemd-dissect --no-pager /run/extensions/testkit.raw | grep -q '✓ sysext for portable service'
-systemd-dissect --no-pager /run/extensions/testkit.raw | grep -q '✓ sysext for system'
+systemd-dissect --no-pager /run/extensions/testkit.raw | grep '✓ sysext for portable service' >/dev/null
+systemd-dissect --no-pager /run/extensions/testkit.raw | grep '✓ sysext for system' >/dev/null
systemd-sysext merge
systemd-sysext status
grep -q -F "MARKER_SYSEXT_123" /usr/lib/testfile
mksquashfs testjob/ testjob.raw -noappend
cp testjob.raw /run/confexts/
unsquashfs -force -l /run/confexts/testjob.raw
-systemd-dissect --no-pager /run/confexts/testjob.raw | grep -q '✓ confext for system'
-systemd-dissect --no-pager /run/confexts/testjob.raw | grep -q '✓ confext for portable service'
+systemd-dissect --no-pager /run/confexts/testjob.raw | grep '✓ confext for system' >/dev/null
+systemd-dissect --no-pager /run/confexts/testjob.raw | grep '✓ confext for portable service' >/dev/null
systemd-confext merge
systemd-confext status
grep -q -F "MARKER_CONFEXT_123" /etc/testfile
# "journalctl -u foo.service" may not work as expected, especially entries for _TRANSPORT=stdout,
# for short-living services or when the service manager generates debugging logs.
# Instead, SYSLOG_IDENTIFIER= should be reliable for stdout. Let's use it.
-timeout -v 30s journalctl -b SYSLOG_IDENTIFIER=echo _TRANSPORT=stdout -o cat -n all --follow | grep -m 1 -q '^foo$'
+timeout -v 30s bash -c "journalctl -b SYSLOG_IDENTIFIER=echo _TRANSPORT=stdout -o cat -n all --follow | grep -m 1 -q '^foo$'"
systemd-sysext unmerge --no-reload
# Grep on the Warning to find the warning helper mentioning the daemon reload.
-systemctl status foo.service 2>&1 | grep -q -F "Warning"
+systemctl status foo.service 2>&1 | grep -F "Warning" >/dev/null
systemd-sysext merge
systemd-sysext unmerge
-systemctl status foo.service 2>&1 | grep -v -q -F "Warning"
+systemctl status foo.service 2>&1 | grep -v -F "Warning" >/dev/null
rm /var/lib/extensions/app-reload.raw
# Sneak in a couple of expected-to-fail invocations to cover
/run/systemd/userdb/io.systemd.NamespaceResource \
io.systemd.NamespaceResource.AllocateUserRange \
'{"name":"test-supported","size":65536,"userNamespaceFileDescriptor":0}' 2>&1 || true) |
- grep -q "io.systemd.NamespaceResource.UserNamespaceInterfaceNotSupported"; then
+ grep "io.systemd.NamespaceResource.UserNamespaceInterfaceNotSupported" >/dev/null; then
echo "User namespace interface not supported, skipping mountfsd/nsresourced tests"
exit 0
fi
# Verify mount succeeds
systemctl daemon-reload
systemctl start "$unit"
- systemctl --no-pager show -p SubState --value "$unit" | grep -q mounted
+ systemctl --no-pager show -p SubState --value "$unit" | grep mounted >/dev/null
# Verify mount fails with different credential file content
echo bar >"$credfile"
cmp /tmp/ts54-concat <(echo -n aaa)
# Now test encrypted credentials (only supported when built with OpenSSL though)
-if systemctl --version | grep -q -- +OPENSSL ; then
+if systemctl --version | grep -- +OPENSSL >/dev/null; then
echo -n $RANDOM >/tmp/test-54-plaintext
systemd-creds encrypt --name=test-54 /tmp/test-54-plaintext /tmp/test-54-ciphertext
systemd-creds decrypt --name=test-54 /tmp/test-54-ciphertext | cmp /tmp/test-54-plaintext
grep -q /injected /proc/self/mountinfo
# Make sure the getty generator processed the credentials properly
- systemctl -P Wants show getty.target | grep -q container-getty@idontexist.service
+ systemctl -P Wants show getty.target | grep container-getty@idontexist.service >/dev/null
fi
# Decrypt/encrypt via varlink
systemctl "$@" status TEST-55-OOMD-workload.slice
# Verify systemd-oomd is monitoring the expected units.
- timeout 1m bash -xec "until oomctl | grep -q -F 'Path: $cgroup_path'; do sleep 1; done"
+ timeout 1m bash -xec "until oomctl | grep -F 'Path: $cgroup_path' >/dev/null; do sleep 1; done"
assert_in 'Memory Pressure Limit: 20.00%' \
"$(oomctl | tac | sed -e '/Memory Pressure Monitored CGroups:/q' | tac | grep -A8 "Path: $cgroup_path")"
# Validate that the VolumeLabel= had the desired effect
PASSWORD="" systemd-dissect "$imgs/zzz" -M "$imgs/mount"
- udevadm info /dev/disk/by-label/schrupfel | grep -q ID_FS_TYPE=crypto_LUKS
+ udevadm info /dev/disk/by-label/schrupfel | grep ID_FS_TYPE=crypto_LUKS >/dev/null
systemd-dissect -U "$imgs/mount"
}
fi
systemd-dissect "$imgs/verity" --root-hash "$drh"
- systemd-dissect "$imgs/verity" --root-hash "$drh" --json=short | grep -q '"imageUuid":"1d2ce291-7cce-4f7d-bc83-fdb49ad74ebd"'
+ systemd-dissect "$imgs/verity" --root-hash "$drh" --json=short | grep '"imageUuid":"1d2ce291-7cce-4f7d-bc83-fdb49ad74ebd"' >/dev/null
systemd-dissect "$imgs/verity" --root-hash "$drh" -M "$imgs/mnt"
systemd-dissect -U "$imgs/mnt"
systemd-dissect "$imgs/offline" --root-hash "$offline_drh"
- systemd-dissect "$imgs/offline" --root-hash "$offline_drh" --json=short | grep -q '"imageUuid":"1d2ce291-7cce-4f7d-bc83-fdb49ad74ebd"'
+ systemd-dissect "$imgs/offline" --root-hash "$offline_drh" --json=short | grep '"imageUuid":"1d2ce291-7cce-4f7d-bc83-fdb49ad74ebd"' >/dev/null
systemd-dissect "$imgs/offline" --root-hash "$offline_drh" -M "$imgs/mnt"
systemd-dissect -U "$imgs/mnt"
}
udevadm wait --timeout=60 --settle "${loop:?}p1" "${loop:?}p2"
# Check that the verity block sizes are as expected
- veritysetup dump "${loop}p2" | grep 'Data block size:' | grep -q '4096'
- veritysetup dump "${loop}p2" | grep 'Hash block size:' | grep -q '1024'
+ veritysetup dump "${loop}p2" | grep 'Data block size:' | grep '4096' >/dev/null
+ veritysetup dump "${loop}p2" | grep 'Hash block size:' | grep '1024' >/dev/null
}
testcase_verity_hash_size_from_data_size() {
assert_rc 0 test $data_bytes -lt $((100 * 1024 * 1024))
# Check that the verity hash tree is created from the actual on-disk data, not the custom size
- veritysetup dump "${loop}p2" | grep 'Data blocks:' | grep -q "$data_verity_blocks"
+ veritysetup dump "${loop}p2" | grep 'Data blocks:' | grep "$data_verity_blocks" >/dev/null
}
testcase_exclude_files() {
systemctl start testservice-fail-restart-debug-59.service
wait_on_state_or_fail "testservice-fail-restart-debug-59.service" "failed" "15"
journalctl --sync
-journalctl -b | grep -q "Failed to follow symlinks on /nonexistent-debug-59: No such file or directory"
+journalctl -b | grep "Failed to follow symlinks on /nonexistent-debug-59: No such file or directory" >/dev/null
touch /testok
systemctl daemon-reload
# check that unit is active(mounted)
- systemctl --no-pager show -p SubState --value "$long_path" | grep -q mounted
+ systemctl --no-pager show -p SubState --value "$long_path" | grep mounted >/dev/null
# check that relevant part of journal doesn't contain any errors related to unit
[ "$(journalctl -b --since="$ts" --priority=err | grep -c "$long_mnt")" = "0" ]
done
systemctl daemon-reload
- systemctl list-units -t mount tmp-meow* | grep -q tmp-meow
+ systemctl list-units -t mount tmp-meow* | grep tmp-meow >/dev/null
for ((i = 0; i < num_dirs; i++)); do
umount "/tmp/meow${i}"
# Figure out if we have entered the rate limit state.
# If the infra is slow we might not enter the rate limit state; in that case skip the exit check.
journalctl --sync
- if timeout 2m journalctl -u init.scope --since="$ts" -n all --follow | grep -m 1 -q -F '(mount-monitor-dispatch) entered rate limit'; then
+ if timeout 2m bash -c "journalctl -u init.scope --since='$ts' -n all --follow | grep -m 1 -q -F '(mount-monitor-dispatch) entered rate limit'"; then
journalctl --sync
- timeout 2m journalctl -u init.scope --since="$ts" -n all --follow | grep -m 1 -q -F '(mount-monitor-dispatch) left rate limit'
+ timeout 2m bash -c "journalctl -u init.scope --since='$ts' -n all --follow | grep -m 1 -q -F '(mount-monitor-dispatch) left rate limit'"
fi
# Verify that the mount units are always cleaned up at the end.
# Give some time for units to settle so we don't race between exiting the rate limit state and cleaning up the units.
- timeout 2m bash -c 'while systemctl list-units -t mount tmp-meow* | grep -q tmp-meow; do systemctl daemon-reload; sleep 10; done'
+ timeout 2m bash -c 'while systemctl list-units -t mount tmp-meow* | grep tmp-meow >/dev/null; do systemctl daemon-reload; sleep 10; done'
}
mkdir -p /run/systemd/journald.conf.d
exit 77
fi
-if systemctl --version | grep -q -F -- "-BPF_FRAMEWORK"; then
+if systemctl --version | grep -F -- "-BPF_FRAMEWORK" >/dev/null; then
echo "bpf-framework is disabled" >>/skipped
exit 77
fi
(! systemd-analyze security --threshold=90 --offline=true /tmp/testfile.service)
# Ensure we print the list of ACLs, see https://github.com/systemd/systemd/issues/23185
-systemd-analyze security --offline=true /tmp/testfile.service | grep -q -F "/dev/sda"
+systemd-analyze security --offline=true /tmp/testfile.service | grep -F "/dev/sda" >/dev/null
# Make sure that running generators under systemd-analyze verify works.
# Note: sd-analyze spawns generators in a sandbox which makes gcov unhapy, so temporarily override
rm /tmp/img/usr/lib/systemd/system/testfile.service
-if systemd-analyze --version | grep -q -F "+ELFUTILS"; then
+if systemd-analyze --version | grep -F "+ELFUTILS" >/dev/null; then
systemd-analyze inspect-elf /lib/systemd/systemd
- systemd-analyze inspect-elf --json=short /lib/systemd/systemd | grep -q -F '"elfType":"executable"'
+ systemd-analyze inspect-elf --json=short /lib/systemd/systemd | grep -F '"elfType":"executable"' >/dev/null
# For some unknown reason the .note.dlopen sections are removed when building with sanitizers, so only
# run this test if we're not running under sanitizers.
# Let's also test the "image-policy" verb
-systemd-analyze image-policy '*' 2>&1 | grep -q -F "Long form: =verity+signed+encrypted+unprotected+unused+absent"
-systemd-analyze image-policy '-' 2>&1 | grep -q -F "Long form: =unused+absent"
-systemd-analyze image-policy 'home=encrypted:usr=verity' 2>&1 | grep -q -F "Long form: usr=verity:home=encrypted:=unused+absent"
-systemd-analyze image-policy 'home=encrypted:usr=verity' 2>&1 | grep -q -e '^home \+encrypted \+'
-systemd-analyze image-policy 'home=encrypted:usr=verity' 2>&1 | grep -q -e '^usr \+verity \+'
-systemd-analyze image-policy 'home=encrypted:usr=verity' 2>&1 | grep -q -e '^root \+ignore \+'
-systemd-analyze image-policy 'home=encrypted:usr=verity' 2>&1 | grep -q -e '^usr-verity \+unprotected \+'
+systemd-analyze image-policy '*' 2>&1 | grep -F "Long form: =verity+signed+encrypted+unprotected+unused+absent" >/dev/null
+systemd-analyze image-policy '-' 2>&1 | grep -F "Long form: =unused+absent" >/dev/null
+systemd-analyze image-policy 'home=encrypted:usr=verity' 2>&1 | grep -F "Long form: usr=verity:home=encrypted:=unused+absent" >/dev/null
+systemd-analyze image-policy 'home=encrypted:usr=verity' 2>&1 | grep -e '^home \+encrypted \+' >/dev/null
+systemd-analyze image-policy 'home=encrypted:usr=verity' 2>&1 | grep -e '^usr \+verity \+' >/dev/null
+systemd-analyze image-policy 'home=encrypted:usr=verity' 2>&1 | grep -e '^root \+ignore \+' >/dev/null
+systemd-analyze image-policy 'home=encrypted:usr=verity' 2>&1 | grep -e '^usr-verity \+unprotected \+' >/dev/null
(! systemd-analyze image-policy 'doedel')
local plugin_path
plugin_path="$(cryptsetup --help | sed -nr 's/.*LUKS2 external token plugin path: (.*)\./\1/p')/libcryptsetup-token-systemd-tpm2.so)"
- cryptsetup --help | grep -q 'LUKS2 external token plugin support is compiled-in' && [[ -f "$plugin_path" ]]
+ cryptsetup --help | grep 'LUKS2 external token plugin support is compiled-in' >/dev/null && [[ -f "$plugin_path" ]]
}
tpm_check_failure_with_wrong_pin() {
# sure that sysupdate still recognizes the installation and can complete it
# in place
rm -r "$WORKDIR/xbootldr/EFI/Linux/uki_v5.efi.extra.d"
- "$SYSUPDATE" --offline list v5 | grep -q "incomplete"
+ "$SYSUPDATE" --offline list v5 | grep "incomplete" >/dev/null
update_now
- "$SYSUPDATE" --offline list v5 | grep -qv "incomplete"
+ "$SYSUPDATE" --offline list v5 | grep -v "incomplete" >/dev/null
verify_version "$blockdev" "$sector_size" v3 1
verify_version_current "$blockdev" "$sector_size" v5 2
test ! -f "$WORKDIR/xbootldr/EFI/Linux/uki_v5.efi.extra.d/optional.efi"
mkdir "$CONFIGDIR/optional.feature.d"
echo -e "[Feature]\nEnabled=true" > "$CONFIGDIR/optional.feature.d/enable.conf"
- "$SYSUPDATE" --offline list v5 | grep -q "incomplete"
+ "$SYSUPDATE" --offline list v5 | grep "incomplete" >/dev/null
update_now
- "$SYSUPDATE" --offline list v5 | grep -qv "incomplete"
+ "$SYSUPDATE" --offline list v5 | grep -v "incomplete" >/dev/null
verify_version "$blockdev" "$sector_size" v3 1
verify_version_current "$blockdev" "$sector_size" v5 2
test -f "$WORKDIR/xbootldr/EFI/Linux/uki_v5.efi.extra.d/optional.efi"
rm -r "$CONFIGDIR/optional.feature.d"
(! "$SYSUPDATE" --verify=no check-new)
"$SYSUPDATE" vacuum
- "$SYSUPDATE" --offline list v5 | grep -qv "incomplete"
+ "$SYSUPDATE" --offline list v5 | grep -v "incomplete" >/dev/null
verify_version "$blockdev" "$sector_size" v3 1
verify_version_current "$blockdev" "$sector_size" v5 2
test ! -f "$WORKDIR/xbootldr/EFI/Linux/uki_v5.efi.extra.d/optional.efi"
systemd-run --quiet --service-type=notify --unit=test-busctl-wait --pty \
-p Environment=SYSTEMD_LOG_LEVEL=debug \
-p ExecStartPost="busctl emit /test org.freedesktop.fake1 TestSignal s success" \
- busctl --timeout=30 wait /test org.freedesktop.fake1 TestSignal | grep -qF 's "success"'
+ busctl --timeout=30 wait /test org.freedesktop.fake1 TestSignal | grep -F 's "success"' >/dev/null
busctl get-property org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager \
Version
grep -q "KEYMAP=foo" "$ROOT/etc/vconsole.conf"
systemd-firstboot --root="$ROOT" --timezone=Europe/Berlin
-readlink "$ROOT/etc/localtime" | grep -q "Europe/Berlin"
+readlink "$ROOT/etc/localtime" | grep "Europe/Berlin" >/dev/null
systemd-firstboot --root="$ROOT" --hostname "foobar"
grep -q "foobar" "$ROOT/etc/hostname"
grep -q "LANG=foo" "$ROOT$LOCALE_PATH"
grep -q "LC_MESSAGES=bar" "$ROOT$LOCALE_PATH"
grep -q "KEYMAP=foo" "$ROOT/etc/vconsole.conf"
-readlink "$ROOT/etc/localtime" | grep -q "Europe/Berlin$"
+readlink "$ROOT/etc/localtime" | grep "Europe/Berlin$" >/dev/null
grep -q "foobar" "$ROOT/etc/hostname"
grep -q "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" "$ROOT/etc/machine-id"
grep -q "^root:x:0:0:.*:/bin/fooshell$" "$ROOT/etc/passwd"
grep -q "LANG=locale-overwrite" "$ROOT$LOCALE_PATH"
grep -q "LC_MESSAGES=messages-overwrite" "$ROOT$LOCALE_PATH"
grep -q "KEYMAP=keymap-overwrite" "$ROOT/etc/vconsole.conf"
-readlink "$ROOT/etc/localtime" | grep -q "/Europe/Berlin$"
+readlink "$ROOT/etc/localtime" | grep "/Europe/Berlin$" >/dev/null
grep -q "hostname-overwrite" "$ROOT/etc/hostname"
grep -q "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" "$ROOT/etc/machine-id"
grep -q "^root:x:0:0:.*:/bin/barshell$" "$ROOT/etc/passwd"
systemd-firstboot --root="$ROOT" --prompt-keymap-auto >/dev/null
fi
echo -ne "Europe/Berlin\n" | systemd-firstboot --root="$ROOT" --prompt-timezone
-readlink "$ROOT/etc/localtime" | grep -q "Europe/Berlin$"
+readlink "$ROOT/etc/localtime" | grep "Europe/Berlin$" >/dev/null
echo -ne "foobar\n" | systemd-firstboot --root="$ROOT" --prompt-hostname
grep -q "foobar" "$ROOT/etc/hostname"
# With no root password provided, a locked account should be created.
grep -q "LANG=foo" "$ROOT$LOCALE_PATH"
grep -q "LC_MESSAGES=bar" "$ROOT$LOCALE_PATH"
grep -q "KEYMAP=foo" "$ROOT/etc/vconsole.conf"
-readlink "$ROOT/etc/localtime" | grep -q "Europe/Berlin$"
+readlink "$ROOT/etc/localtime" | grep "Europe/Berlin$" >/dev/null
grep -q "^root:x:0:0:.*:/bin/fooshell$" "$ROOT/etc/passwd"
grep -q "^root:$ROOT_HASHED_PASSWORD1:" "$ROOT/etc/shadow"
# Ensure NSS doesn't try to automount via open_tree
if [[ ! -v ASAN_OPTIONS ]]; then
systemctl stop systemd-userdbd.socket systemd-userdbd.service
- set +o pipefail
- systemd-run -q -t --property SystemCallFilter=~open_tree id definitelynotarealuser | grep -q "no such user"
- systemd-run -q -t --property SystemCallFilter=~open_tree id --groups definitelynotarealuser | grep -q "no such user"
- systemd-run -q -t --property SystemCallFilter=~open_tree groups definitelynotarealuser | grep -q "no such user"
- set -o pipefail
+ (! systemd-run -q -t --property SystemCallFilter=~open_tree id definitelynotarealuser) | grep "no such user" >/dev/null
+ (! systemd-run -q -t --property SystemCallFilter=~open_tree id --groups definitelynotarealuser) | grep "no such user" >/dev/null
+ (! systemd-run -q -t --property SystemCallFilter=~open_tree groups definitelynotarealuser) | grep "no such user" >/dev/null
# getent shows no output when the entry is not found, but exists with 2, while sd-run crashing will exit
# with 1
assert_rc 2 systemd-run -q -t --property SystemCallFilter=~open_tree getent passwd definitelynotarealuser
varlinkctl --more call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{}'
varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"name": "multi-user.target"}'
varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"pid": {"pid": 1}}'
-(! varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{}' |& grep -q "called without 'more' flag")
+(! varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{}' |& grep "called without 'more' flag" >/dev/null)
varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"name": "init.scope", "pid": {"pid": 1}}'
(! varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"name": ""}')
(! varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"name": "non-existent.service"}')
# defaults to yes (both the global and per-link settings are yes)
assert_in 'yes' "$(resolvectl mdns hoge)"
assert_in 'yes' "$(resolvectl llmnr hoge)"
- lsof -p "$(systemctl show --property MainPID --value systemd-resolved.service)" | grep -q ":mdns\|:5353"
+ lsof -p "$(systemctl show --property MainPID --value systemd-resolved.service)" | grep ":mdns\|:5353" >/dev/null
# set per-link setting
resolvectl mdns hoge yes
resolvectl llmnr hoge yes
echo "LLMNR=no"
} >/run/systemd/resolved.conf.d/90-mdns-llmnr.conf
systemctl reload systemd-resolved.service
- (! lsof -p "$(systemctl show --property MainPID --value systemd-resolved.service)" | grep -q ":mdns\|:5353")
+ (! lsof -p "$(systemctl show --property MainPID --value systemd-resolved.service)" | grep ":mdns\|:5353" >/dev/null)
# set per-link setting
resolvectl mdns hoge yes
resolvectl llmnr hoge yes
/usr/lib/systemd/systemd-networkd-wait-online --timeout=0 --dns --interface=dns0
# Wait until it blocks waiting for updated DNS config
- timeout 30 bash -c "journalctl -b -u $unit -f | grep -q -m1 'dns0: No.*DNS server is accessible'"
+ timeout 30 bash -c "journalctl -b -u $unit -f | grep -m1 'dns0: No.*DNS server is accessible'" >/dev/null
# Update the global configuration. Restart rather than reload systemd-resolved so that
# systemd-networkd-wait-online has to re-connect to the varlink service.
test "$(systemd-analyze fdstore "$MYUNIT" | wc -l)" -eq 2
systemd-analyze fdstore "$MYUNIT" --json=short
-systemd-analyze fdstore "$MYUNIT" --json=short | grep -P -q '\[{"fdname":"quux","type":.*,"devno":\[.*\],"inode":.*,"rdevno":null,"path":"/tmp/.*","flags":"ro"}\]'
+systemd-analyze fdstore "$MYUNIT" --json=short | grep -P '\[{"fdname":"quux","type":.*,"devno":\[.*\],"inode":.*,"rdevno":null,"path":"/tmp/.*","flags":"ro"}\]' >/dev/null
systemctl stop "$MYUNIT"
rm "$MYSCRIPT"
# Ensure secure boot is enabled and not in setup mode
cmp /sys/firmware/efi/efivars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c <(printf '\6\0\0\0\1')
cmp /sys/firmware/efi/efivars/SetupMode-8be4df61-93ca-11d2-aa0d-00e098032b8c <(printf '\6\0\0\0\0')
- bootctl status | grep -q "Secure Boot: enabled"
+ bootctl status | grep "Secure Boot: enabled" >/dev/null
# Ensure the addon is fully loaded and parsed
- bootctl status | grep -q "global-addon: loader/addons/test.addon.efi"
- bootctl status | grep "cmdline" | grep -q addonfoobar
+ bootctl status | grep "global-addon: loader/addons/test.addon.efi" >/dev/null
+ bootctl status | grep "cmdline" | grep addonfoobar >/dev/null
grep -q addonfoobar /proc/cmdline
}
# Discover additional metadata (unit description should now contain filesystem label)
systemd-mount --no-ask-password --discover "$LOOP" "$WORK_DIR/mnt"
test -e "$WORK_DIR/mnt/foo.bar"
-systemctl show -P Description "$WORK_DIR/mnt" | grep -q sd-mount-test
+systemctl show -P Description "$WORK_DIR/mnt" | grep sd-mount-test >/dev/null
systemd-umount "$WORK_DIR/mnt"
# Set a unit description
systemd-mount --description="Very Important Unit" "$LOOP" "$WORK_DIR/mnt"
test -e "$WORK_DIR/mnt/foo.bar"
-systemctl show -P Description "$WORK_DIR/mnt" | grep -q "Very Important Unit"
+systemctl show -P Description "$WORK_DIR/mnt" | grep "Very Important Unit" >/dev/null
systemd-umount "$WORK_DIR/mnt"
# Set a property
systemd-mount --property="Description=Foo Bar" "$LOOP" "$WORK_DIR/mnt"
test -e "$WORK_DIR/mnt/foo.bar"
-systemctl show -P Description "$WORK_DIR/mnt" | grep -q "Foo Bar"
+systemctl show -P Description "$WORK_DIR/mnt" | grep "Foo Bar" >/dev/null
systemd-umount "$WORK_DIR/mnt"
# Set mount options
systemd-mount --options=ro,x-foo-bar "$LOOP" "$WORK_DIR/mnt"
test -e "$WORK_DIR/mnt/foo.bar"
-systemctl show -P Options "$WORK_DIR/mnt" | grep -Eq "(^ro|,ro)"
-systemctl show -P Options "$WORK_DIR/mnt" | grep -q "x-foo-bar"
+systemctl show -P Options "$WORK_DIR/mnt" | grep -E "(^ro|,ro)" >/dev/null
+systemctl show -P Options "$WORK_DIR/mnt" | grep "x-foo-bar" >/dev/null
systemd-umount "$WORK_DIR/mnt"
# Mount with only source set
systemd-umount "$WORK_DIR/mnt"
# Automount + automount-specific property
systemd-mount -A --automount-property="Description=Bar Baz" "$LOOP" "$WORK_DIR/mnt"
-systemctl show -P Description "$(systemd-escape --path "$WORK_DIR/mnt").automount" | grep -q "Bar Baz"
+systemctl show -P Description "$(systemd-escape --path "$WORK_DIR/mnt").automount" | grep "Bar Baz" >/dev/null
test -e "$WORK_DIR/mnt/foo.bar"
# Call --umount via --machine=, first with a relative path (bad) and then with
# an absolute one (good)
GRACEFULTEST="/tmp/graceful/$RANDOM"
systemd-mount --tmpfs --options="x-systemd.graceful-option=idefinitelydontexist,x-systemd.graceful-option=nr_inodes=4711,x-systemd.graceful-option=idonexisteither" "$GRACEFULTEST"
findmnt -n -o options "$GRACEFULTEST"
-findmnt -n -o options "$GRACEFULTEST" | grep -q nr_inodes=4711
+findmnt -n -o options "$GRACEFULTEST" | grep nr_inodes=4711 >/dev/null
umount "$GRACEFULTEST"
systemd-dissect --mount --mkdir /var/tmp/validatefs-test.raw /tmp/validatefs-test.mount
getfattr --dump /tmp/validatefs-test.mount/
-getfattr --dump /tmp/validatefs-test.mount/ | grep -q user.validatefs.gpt_type_uuid=
-getfattr --dump /tmp/validatefs-test.mount/ | grep -q user.validatefs.gpt_label=\"kromm\"
-getfattr --dump /tmp/validatefs-test.mount/ | grep -q user.validatefs.mount_point=\"/\"
+getfattr --dump /tmp/validatefs-test.mount/ | grep user.validatefs.gpt_type_uuid= >/dev/null
+getfattr --dump /tmp/validatefs-test.mount/ | grep user.validatefs.gpt_label=\"kromm\" >/dev/null
+getfattr --dump /tmp/validatefs-test.mount/ | grep user.validatefs.mount_point=\"/\" >/dev/null
/usr/lib/systemd/systemd-validatefs --root=/tmp/validatefs-test.mount /tmp/validatefs-test.mount/
(! /usr/lib/systemd/systemd-validatefs /tmp/validatefs-test.mount/ )
getfattr --dump /tmp/validatefs-test.mount/usr
-getfattr --dump /tmp/validatefs-test.mount/usr | grep -q user.validatefs.gpt_type_uuid='".*\\000.*"'
-getfattr --dump /tmp/validatefs-test.mount/usr | grep -q user.validatefs.gpt_label='"plisch\\000plisch-verity"'
-getfattr --dump /tmp/validatefs-test.mount/usr | grep -q user.validatefs.mount_point=\"/usr\"
+getfattr --dump /tmp/validatefs-test.mount/usr | grep user.validatefs.gpt_type_uuid='".*\\000.*"' >/dev/null
+getfattr --dump /tmp/validatefs-test.mount/usr | grep user.validatefs.gpt_label='"plisch\\000plisch-verity"' >/dev/null
+getfattr --dump /tmp/validatefs-test.mount/usr | grep user.validatefs.mount_point=\"/usr\" >/dev/null
/usr/lib/systemd/systemd-validatefs --root=/tmp/validatefs-test.mount /tmp/validatefs-test.mount/usr
(! /usr/lib/systemd/systemd-validatefs /tmp/validatefs-test.mount/usr )
getfattr --dump /tmp/validatefs-test.mount/home
-getfattr --dump /tmp/validatefs-test.mount/home | grep -q user.validatefs.gpt_type_uuid=
-getfattr --dump /tmp/validatefs-test.mount/home | grep -q user.validatefs.gpt_label=\"rupft\"
-getfattr --dump /tmp/validatefs-test.mount/home | grep -q user.validatefs.mount_point=\"/home\"
+getfattr --dump /tmp/validatefs-test.mount/home | grep user.validatefs.gpt_type_uuid= >/dev/null
+getfattr --dump /tmp/validatefs-test.mount/home | grep user.validatefs.gpt_label=\"rupft\" >/dev/null
+getfattr --dump /tmp/validatefs-test.mount/home | grep user.validatefs.mount_point=\"/home\" >/dev/null
/usr/lib/systemd/systemd-validatefs --root=/tmp/validatefs-test.mount /tmp/validatefs-test.mount/home
(! /usr/lib/systemd/systemd-validatefs /tmp/validatefs-test.mount/home )
getfattr --dump /tmp/validatefs-test.mount/efi
-(! getfattr --dump /tmp/validatefs-test.mount/efi | grep -q user.validatefs.gpt_type_uuid= )
-(! getfattr --dump /tmp/validatefs-test.mount/efi | grep -q user.validatefs.gpt_label= )
-(! getfattr --dump /tmp/validatefs-test.mount/efi | grep -q user.validatefs.mount_point= )
+(! getfattr --dump /tmp/validatefs-test.mount/efi | grep user.validatefs.gpt_type_uuid= >/dev/null )
+(! getfattr --dump /tmp/validatefs-test.mount/efi | grep user.validatefs.gpt_label= >/dev/null )
+(! getfattr --dump /tmp/validatefs-test.mount/efi | grep user.validatefs.mount_point= >/dev/null )
/usr/lib/systemd/systemd-validatefs --root=/tmp/validatefs-test.mount /tmp/validatefs-test.mount/efi
/usr/lib/systemd/systemd-validatefs /tmp/validatefs-test.mount/efi
# Need to have bpf-lsm
grep -q bpf /sys/kernel/security/lsm &&
# ...and libbpf installed
- find /usr/lib* -name "libbpf.so.*" 2>/dev/null | grep -q . &&
+ find /usr/lib* -name "libbpf.so.*" 2>/dev/null | grep . >/dev/null &&
# Ensure mountfsd/nsresourced are listening
systemctl start systemd-mountfsd.socket systemd-nsresourced.socket &&
io.systemd.NamespaceResource.AllocateUserRange \
'{"name":"test-supported","size":65536,"userNamespaceFileDescriptor":0}' \
2>&1 || true) |
- grep -q "io.systemd.NamespaceResource.UserNamespaceInterfaceNotSupported"
+ grep "io.systemd.NamespaceResource.UserNamespaceInterfaceNotSupported" >/dev/null
}
# Bump the reboot counter and call systemctl with the given arguments
projects / thirdparty / systemd.git / commitdiff
