test-execute: add basic tests for LoadCredential= and SetCredential=

diff --git a/src/test/test-execute.c b/src/test/test-execute.c
index ceecf373bf82941844277bd6e9d77e2b4ed0398e..e19565ef922478370ffdd8900ad1024944bf4e25 100644 (file)
--- a/src/test/test-execute.c
+++ b/src/test/test-execute.c
@@ -265,6 +265,12 @@ static void test_exec_cpuaffinity(Manager *m) {
         test(m, "exec-cpuaffinity3.service", 0, CLD_EXITED);
 }
 
+static void test_exec_credentials(Manager *m) {
+        test(m, "exec-set-credential.service", 0, CLD_EXITED);
+        test(m, "exec-load-credential.service", MANAGER_IS_SYSTEM(m) ? 0 : EXIT_CREDENTIALS, CLD_EXITED);
+        test(m, "exec-credentials-dir-specifier.service", MANAGER_IS_SYSTEM(m) ? 0 : EXIT_CREDENTIALS, CLD_EXITED);
+}
+
 static void test_exec_workingdirectory(Manager *m) {
         assert_se(mkdir_p("/tmp/test-exec_workingdirectory", 0755) >= 0);
 
@@ -1093,7 +1099,6 @@ static void test_exec_specifier(Manager *m) {
                 test(m, "exec-specifier-user.service", 0, CLD_EXITED);
         test(m, "exec-specifier@foo-bar.service", 0, CLD_EXITED);
         test(m, "exec-specifier-interpolation.service", 0, CLD_EXITED);
-        test(m, "exec-specifier-credentials-dir.service", MANAGER_IS_SYSTEM(m) ? 0 : EXIT_CREDENTIALS, CLD_EXITED);
 }
 
 static void test_exec_standardinput(Manager *m) {
@@ -1149,6 +1154,7 @@ static void run_tests(LookupScope scope, char **patterns) {
                 entry(test_exec_capabilityboundingset),
                 entry(test_exec_condition),
                 entry(test_exec_cpuaffinity),
+                entry(test_exec_credentials),
                 entry(test_exec_dynamicuser),
                 entry(test_exec_environment),
                 entry(test_exec_environmentfile),
@@ -1273,6 +1279,8 @@ static int prepare_ns(const char *process_name) {
                         assert_se(mkdir_p(p, 0) >= 0);
                         assert_se(mount_nofollow_verbose(LOG_DEBUG, "tmpfs", p, "tmpfs", MS_NOSUID|MS_NODEV, "mode=0000") >= 0);
                 }
+
+                assert_se(write_string_file("/run/credstore/test-execute.load-credential", "foo", WRITE_STRING_FILE_CREATE) >= 0);
         }
 
         return r;

diff --git a/test/test-execute/exec-specifier-credentials-dir.service b/test/test-execute/exec-credentials-dir-specifier.service
similarity index 100%
rename from test/test-execute/exec-specifier-credentials-dir.service
rename to test/test-execute/exec-credentials-dir-specifier.service

diff --git a/test/test-execute/exec-load-credential.service b/test/test-execute/exec-load-credential.service
new file mode 100644 (file)
index 0000000..b3e3650
--- /dev/null
+++ b/test/test-execute/exec-load-credential.service
@@ -0,0 +1,8 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for LoadCredential=
+
+[Service]
+ExecStart=/bin/sh -x -c 'test "$$(cat %d/test-execute.load-credential)" = "foo"'
+Type=oneshot
+LoadCredential=test-execute.load-credential

diff --git a/test/test-execute/exec-set-credential.service b/test/test-execute/exec-set-credential.service
new file mode 100644 (file)
index 0000000..2af236d
--- /dev/null
+++ b/test/test-execute/exec-set-credential.service
@@ -0,0 +1,8 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for SetCredential=
+
+[Service]
+ExecStart=/bin/sh -x -c 'test "$$(cat %d/test-execute.set-credential)" = "hoge"'
+Type=oneshot
+SetCredential=test-execute.set-credential:hoge