test: add coverage for RootImage= in user units

Follow-up for 046a1487db00ca1a98b8cc3f5bcecb8b1f1a214b

diff --git a/test/units/TEST-50-DISSECT.mountfsd.sh b/test/units/TEST-50-DISSECT.mountfsd.sh
index d2ce67714adbaee66bf9fcd254114c7e77a75096..52fa94ecc5b6fbfc9a50c5e87577698a9f4aaded 100755 (executable)
--- a/test/units/TEST-50-DISSECT.mountfsd.sh
+++ b/test/units/TEST-50-DISSECT.mountfsd.sh
@@ -67,6 +67,14 @@ systemd-dissect --image-policy='root=verity+signed:=absent+unused' --mtree /var/
 # This should fail before we install the key
 (! systemd-dissect --image-policy='root=signed:=absent+unused' --mtree /var/tmp/unpriv.raw >/dev/null)
 
+# If the kernel support is present unprivileged user units should be able to use verity images too
+if [ "$VERITY_SIG_SUPPORTED" -eq 1 ]; then
+    systemd-run -M testuser@ --user --pipe --wait \
+        --property PrivateUsers=yes \
+        --property RootImage="$MINIMAL_IMAGE.gpt" \
+        test -e "/dev/mapper/${MINIMAL_IMAGE_ROOTHASH}-verity"
+fi
+
 # Install key in keychain
 mkdir -p /run/verity.d
 cp /tmp/test-50-unpriv-cert.crt /run/verity.d/