test: add brief test for prclock varlink interfaces and varlinkctl --collect

author Lennart Poettering <lennart@poettering.net>

Wed, 7 Feb 2024 10:51:11 +0000 (11:51 +0100)

committer Lennart Poettering <lennart@poettering.net>

Mon, 12 Feb 2024 11:04:18 +0000 (12:04 +0100)
author Lennart Poettering <lennart@poettering.net>
Wed, 7 Feb 2024 10:51:11 +0000 (11:51 +0100)
committer Lennart Poettering <lennart@poettering.net>
Mon, 12 Feb 2024 11:04:18 +0000 (12:04 +0100)
diff --git a/test/units/testsuite-70.pcrlock.sh b/test/units/testsuite-70.pcrlock.sh

index cd031b4ed6287535d64d8cb6c2148430ca40bd17..a9c5e9cd5e65645ccc0b3bb0676f432608b3fffa 100755 (executable)
--- a/test/units/testsuite-70.pcrlock.sh
+++ b/test/units/testsuite-70.pcrlock.sh
@@ -156,4 +156,20 @@ SYSTEMD_XBOOTLDR_PATH=/tmp/fakexbootldr SYSTEMD_RELAX_XBOOTLDR_CHECKS=1 "$SD_PCR
  (! "$SD_PCRLOCK" lock-uki /bin/true)
  (! "$SD_PCRLOCK" lock-file-system "")
  
+# Excercise Varlink API a bit (but first turn off condition)
+
+mkdir -p /run/systemd/system/systemd-pcrlock.socket.d
+cat > /run/systemd/system/systemd-pcrlock.socket.d/50-no-condition.conf <<EOF
+[Unit]
+# Turn off all conditions
+ConditionSecurity=
+EOF
+
+systemctl daemon-reload
+systemctl restart systemd-pcrlock.socket
+
+varlinkctl call /run/systemd/io.systemd.PCRLock io.systemd.PCRLock.RemovePolicy '{}'
+varlinkctl call /run/systemd/io.systemd.PCRLock io.systemd.PCRLock.MakePolicy '{}'
+varlinkctl call --collect --json=pretty /run/systemd/io.systemd.PCRLock io.systemd.PCRLock.ReadEventLog '{}'
+
  rm "$img" /tmp/pcrlockpwd
author	Lennart Poettering <lennart@poettering.net>
	Wed, 7 Feb 2024 10:51:11 +0000 (11:51 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Mon, 12 Feb 2024 11:04:18 +0000 (12:04 +0100)