set -eux
set -o pipefail
+runas() {
+ declare userid=$1
+ shift
+ # shellcheck disable=SC2016
+ su "$userid" -s /bin/sh -c 'XDG_RUNTIME_DIR=/run/user/$UID exec "$@"' -- sh "$@"
+}
+
if ! command -v systemd-repart &>/dev/null; then
echo "no systemd-repart" >/skipped
exit 0
local defs imgs output
local loop volume
- defs="$(mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
- imgs="$(mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
+ defs="$(runas testuser mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
+ imgs="$(runas testuser mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
# shellcheck disable=SC2064
trap "rm -rf '$defs' '$imgs'" RETURN
# 1. create an empty image
- systemd-repart --empty=create \
- --size=1G \
- --seed="$seed" \
- "$imgs/zzz"
+ runas testuser systemd-repart --empty=create \
+ --size=1G \
+ --seed="$seed" \
+ "$imgs/zzz"
output=$(sfdisk -d "$imgs/zzz" | grep -v -e 'sector-size' -e '^$')
PaddingMinBytes=92M
EOF
- systemd-repart --definitions="$defs" \
- --dry-run=no \
- --seed="$seed" \
- --include-partitions=home,swap \
- "$imgs/zzz"
+ runas testuser systemd-repart --definitions="$defs" \
+ --dry-run=no \
+ --seed="$seed" \
+ --include-partitions=home,swap \
+ "$imgs/zzz"
output=$(sfdisk -d "$imgs/zzz" | grep -v -e 'sector-size' -e '^$')
$imgs/zzz1 : start= 2048, size= 591856, type=933AC7E1-2EB4-4F13-B844-0E14E2AEF915, uuid=4980595D-D74A-483A-AA9E-9903879A0EE5, name=\"home-first\", attrs=\"GUID:59\"
$imgs/zzz4 : start= 1777624, size= 131072, type=0657FD6D-A4AB-43C4-84E5-0933C84B4F4F, uuid=78C92DB8-3D2B-4823-B0DC-792B78F66F1E, name=\"swap\""
- systemd-repart --definitions="$defs" \
- --dry-run=no \
- --seed="$seed" \
- --exclude-partitions=root \
- "$imgs/zzz"
+ runas testuser systemd-repart --definitions="$defs" \
+ --dry-run=no \
+ --seed="$seed" \
+ --exclude-partitions=root \
+ "$imgs/zzz"
output=$(sfdisk -d "$imgs/zzz" | grep -v -e 'sector-size' -e '^$')
$imgs/zzz1 : start= 2048, size= 591856, type=933AC7E1-2EB4-4F13-B844-0E14E2AEF915, uuid=4980595D-D74A-483A-AA9E-9903879A0EE5, name=\"home-first\", attrs=\"GUID:59\"
$imgs/zzz4 : start= 1777624, size= 131072, type=0657FD6D-A4AB-43C4-84E5-0933C84B4F4F, uuid=78C92DB8-3D2B-4823-B0DC-792B78F66F1E, name=\"swap\""
- systemd-repart --definitions="$defs" \
- --dry-run=no \
- --seed="$seed" \
- "$imgs/zzz"
+ runas testuser systemd-repart --definitions="$defs" \
+ --dry-run=no \
+ --seed="$seed" \
+ "$imgs/zzz"
output=$(sfdisk -d "$imgs/zzz" | grep -v -e 'sector-size' -e '^$')
echo "Label=ignored_label" >>"$defs/home.conf"
echo "UUID=b0b1b2b3b4b5b6b7b8b9babbbcbdbebf" >>"$defs/home.conf"
- systemd-repart --definitions="$defs" \
- --dry-run=no \
- --seed="$seed" \
- "$imgs/zzz"
+ runas testuser systemd-repart --definitions="$defs" \
+ --dry-run=no \
+ --seed="$seed" \
+ "$imgs/zzz"
output=$(sfdisk -d "$imgs/zzz" | grep -v -e 'sector-size' -e '^$')
# 4. Resizing to 2G
- systemd-repart --definitions="$defs" \
- --size=2G \
- --dry-run=no \
- --seed="$seed" \
- "$imgs/zzz"
+ runas testuser systemd-repart --definitions="$defs" \
+ --size=2G \
+ --dry-run=no \
+ --seed="$seed" \
+ "$imgs/zzz"
output=$(sfdisk -d "$imgs/zzz" | grep -v -e 'sector-size' -e '^$')
CopyBlocks=$imgs/block-copy
EOF
- systemd-repart --definitions="$defs" \
- --size=3G \
- --dry-run=no \
- --seed="$seed" \
- "$imgs/zzz"
+ runas testuser systemd-repart --definitions="$defs" \
+ --size=3G \
+ --dry-run=no \
+ --seed="$seed" \
+ "$imgs/zzz"
output=$(sfdisk -d "$imgs/zzz" | grep -v -e 'sector-size' -e '^$')
cmp --bytes=$((4096*10240)) --ignore-initial=0:$((512*4194264)) "$imgs/block-copy" "$imgs/zzz"
- if systemd-detect-virt --quiet --container; then
- echo "Skipping encrypt tests in container."
- return
- fi
-
# 6. Testing Format=/Encrypt=/CopyFiles=
cat >"$defs/extra3.conf" <<EOF
SizeMinBytes=48M
EOF
- systemd-repart --definitions="$defs" \
- --size=auto \
- --dry-run=no \
- --seed="$seed" \
- "$imgs/zzz"
+ runas testuser systemd-repart --definitions="$defs" \
+ --size=auto \
+ --dry-run=no \
+ --seed="$seed" \
+ "$imgs/zzz"
output=$(sfdisk -d "$imgs/zzz" | grep -v -e 'sector-size' -e '^$')
$imgs/zzz6 : start= 4194264, size= 2097152, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, uuid=2A1D97E1-D0A3-46CC-A26E-ADC643926617, name=\"block-copy\"
$imgs/zzz7 : start= 6291416, size= 98304, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, uuid=7B93D1F2-595D-4CE3-B0B9-837FBD9E63B0, name=\"luks-format-copy\""
+ if systemd-detect-virt --quiet --container; then
+ echo "Skipping encrypt mount tests in container."
+ return
+ fi
+
loop="$(losetup -P --show --find "$imgs/zzz")"
udevadm wait --timeout 60 --settle "${loop:?}"
test_dropin() {
local defs imgs output
- defs="$(mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
- imgs="$(mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
+ defs="$(runas testuser mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
+ imgs="$(runas testuser mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
# shellcheck disable=SC2064
trap "rm -rf '$defs' '$imgs'" RETURN
Label=label2
EOF
- output=$(systemd-repart --definitions="$defs" --empty=create --size=100M --json=pretty "$imgs/zzz")
+ output=$(runas testuser systemd-repart --definitions="$defs" \
+ --empty=create \
+ --size=100M \
+ --json=pretty \
+ "$imgs/zzz")
diff -u <(echo "$output") - <<EOF
[
test_multiple_definitions() {
local defs imgs output
- defs="$(mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
- imgs="$(mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
+ defs="$(runas testuser mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
+ imgs="$(runas testuser mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
# shellcheck disable=SC2064
trap "rm -rf '$defs' '$imgs'" RETURN
Label=label2
EOF
- output=$(systemd-repart --definitions="$defs/1" --definitions="$defs/2" --empty=create --size=100M --json=pretty "$imgs/zzz")
+ output=$(runas testuser systemd-repart --definitions="$defs/1" \
+ --definitions="$defs/2" \
+ --empty=create \
+ --size=100M \
+ --json=pretty \
+ "$imgs/zzz")
diff -u <(echo "$output") - <<EOF
[
test_copy_blocks() {
local defs imgs output
- if systemd-detect-virt --quiet --container; then
- echo "Skipping copy blocks tests in container."
- return
- fi
-
- defs="$(mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
- imgs="$(mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
+ defs="$(runas testuser mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
+ imgs="$(runas testuser mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
# shellcheck disable=SC2064
trap "rm -rf '$defs' '$imgs'" RETURN
MakeDirectories=/usr /efi
EOF
- systemd-repart --definitions="$defs" \
- --empty=create \
- --size=auto \
- --seed="$seed" \
- "$imgs/zzz"
+ runas testuser systemd-repart --definitions="$defs" \
+ --empty=create \
+ --size=auto \
+ --seed="$seed" \
+ "$imgs/zzz"
output=$(sfdisk --dump "$imgs/zzz")
assert_in "$imgs/zzz2 : start= 22528, size= 20480, type=${root_guid}, uuid=${root_uuid}, name=\"root-${architecture}\", attrs=\"GUID:59\"" "$output"
assert_in "$imgs/zzz3 : start= 43008, size= 20480, type=${usr_guid}, uuid=${usr_uuid}, name=\"usr-${architecture}\", attrs=\"GUID:60\"" "$output"
+ if systemd-detect-virt --quiet --container; then
+ echo "Skipping second part of copy blocks tests in container."
+ return
+ fi
+
# Then, create another image with CopyBlocks=auto
cat >"$defs/esp.conf" <<EOF
CopyBlocks=auto
EOF
+ # --image needs root privileges so skip runas testuser here.
systemd-repart --definitions="$defs" \
--empty=create \
--size=auto \
test_unaligned_partition() {
local defs imgs output
- defs="$(mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
- imgs="$(mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
+ defs="$(runas testuser mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
+ imgs="$(runas testuser mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
# shellcheck disable=SC2064
trap "rm -rf '$defs' '$imgs'" RETURN
Type=root-${architecture}
EOF
- truncate -s 10g "$imgs/unaligned"
+ runas testuser truncate -s 10g "$imgs/unaligned"
sfdisk "$imgs/unaligned" <<EOF
label: gpt
start=71092, size=3591848
EOF
- systemd-repart --definitions="$defs" \
- --seed="$seed" \
- --dry-run=no \
- "$imgs/unaligned"
+ runas testuser systemd-repart --definitions="$defs" \
+ --seed="$seed" \
+ --dry-run=no \
+ "$imgs/unaligned"
output=$(sfdisk --dump "$imgs/unaligned")
# testcase for #21817
- defs="$(mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
- imgs="$(mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
+ defs="$(runas testuser mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
+ imgs="$(runas testuser mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
# shellcheck disable=SC2064
trap "rm -rf '$defs' '$imgs'" RETURN
Type=root
EOF
- truncate -s 100m "$imgs/21817.img"
+ runas testuser truncate -s 100m "$imgs/21817.img"
sfdisk "$imgs/21817.img" <<EOF
label: gpt
,
EOF
- systemd-repart --pretty=yes \
- --definitions "$imgs" \
- --seed="$seed" \
- --dry-run=no \
- "$imgs/21817.img"
+ runas testuser systemd-repart --pretty=yes \
+ --definitions "$imgs" \
+ --seed="$seed" \
+ --dry-run=no \
+ "$imgs/21817.img"
output=$(sfdisk --dump "$imgs/21817.img")
# testcase for #24553
- defs="$(mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
- imgs="$(mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
+ defs="$(runas testuser mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
+ imgs="$(runas testuser mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
# shellcheck disable=SC2064
trap "rm -rf '$defs' '$imgs'" RETURN
EOF
# 1. Operate on a small image compared with SizeMinBytes=.
- truncate -s 8g "$imgs/zzz"
+ runas testuser truncate -s 8g "$imgs/zzz"
sfdisk "$imgs/zzz" <"$imgs/partscript"
# This should fail, but not trigger assertions.
- assert_rc 1 systemd-repart --definitions="$defs" \
- --seed="$seed" \
- --dry-run=no \
- "$imgs/zzz"
+ assert_rc 1 runas testuser systemd-repart --definitions="$defs" \
+ --seed="$seed" \
+ --dry-run=no \
+ "$imgs/zzz"
output=$(sfdisk --dump "$imgs/zzz")
assert_in "$imgs/zzz2 : start= 524328, size= 14848000, type=${root_guid}, uuid=${root_uuid}, name=\"root-${architecture}\"" "$output"
# 2. Operate on an larger image compared with SizeMinBytes=.
rm -f "$imgs/zzz"
- truncate -s 12g "$imgs/zzz"
+ runas testuser truncate -s 12g "$imgs/zzz"
sfdisk "$imgs/zzz" <"$imgs/partscript"
# This should succeed.
- systemd-repart --definitions="$defs" \
- --seed="$seed" \
- --dry-run=no \
- "$imgs/zzz"
+ runas testuser systemd-repart --definitions="$defs" \
+ --seed="$seed" \
+ --dry-run=no \
+ "$imgs/zzz"
output=$(sfdisk --dump "$imgs/zzz")
assert_in "$imgs/zzz2 : start= 524328, size= 24641456, type=${root_guid}, uuid=${root_uuid}, name=\"root-${architecture}\"" "$output"
EOF
rm -f "$imgs/zzz"
- truncate -s 8g "$imgs/zzz"
+ runas testuser truncate -s 8g "$imgs/zzz"
sfdisk "$imgs/zzz" <"$imgs/partscript"
# This should also succeed, but root is not extended.
- systemd-repart --definitions="$defs" \
- --seed="$seed" \
- --dry-run=no \
- "$imgs/zzz"
+ runas testuser systemd-repart --definitions="$defs" \
+ --seed="$seed" \
+ --dry-run=no \
+ "$imgs/zzz"
output=$(sfdisk --dump "$imgs/zzz")
assert_in "$imgs/zzz2 : start= 524328, size= 14848000, type=${root_guid}, uuid=${root_uuid}, name=\"root-${architecture}\"" "$output"
# 4. Multiple partitions with Priority= (large disk)
rm -f "$imgs/zzz"
- truncate -s 12g "$imgs/zzz"
+ runas testuser truncate -s 12g "$imgs/zzz"
sfdisk "$imgs/zzz" <"$imgs/partscript"
# This should also succeed, and root is extended.
- systemd-repart --definitions="$defs" \
- --seed="$seed" \
- --dry-run=no \
- "$imgs/zzz"
+ runas testuser systemd-repart --definitions="$defs" \
+ --seed="$seed" \
+ --dry-run=no \
+ "$imgs/zzz"
output=$(sfdisk --dump "$imgs/zzz")
assert_in "$imgs/zzz2 : start= 524328, size= 20971520, type=${root_guid}, uuid=${root_uuid}, name=\"root-${architecture}\"" "$output"
test_zero_uuid() {
local defs imgs output
- defs="$(mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
- imgs="$(mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
+ defs="$(runas testuser mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
+ imgs="$(runas testuser mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
# shellcheck disable=SC2064
trap "rm -rf '$defs' '$imgs'" RETURN
UUID=null
EOF
- systemd-repart --definitions="$defs" \
- --seed="$seed" \
- --dry-run=no \
- --empty=create \
- --size=auto \
- "$imgs/zero"
+ runas testuser systemd-repart --definitions="$defs" \
+ --seed="$seed" \
+ --dry-run=no \
+ --empty=create \
+ --size=auto \
+ "$imgs/zero"
output=$(sfdisk --dump "$imgs/zero")
test_verity() {
local defs imgs output
- if systemd-detect-virt --quiet --container; then
- echo "Skipping verity test in container."
- return
- fi
-
- defs="$(mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
- imgs="$(mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
+ defs="$(runas testuser mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
+ imgs="$(runas testuser mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
# shellcheck disable=SC2064
trap "rm -rf '$defs' '$imgs'" RETURN
emailAddress = test@email.com
EOF
- openssl req -config "$defs/verity.openssl.cnf" -new -x509 -newkey rsa:1024 -keyout "$defs/verity.key" -out "$defs/verity.crt" -days 365 -nodes
+ runas testuser openssl req -config "$defs/verity.openssl.cnf" \
+ -new -x509 \
+ -newkey rsa:1024 \
+ -keyout "$defs/verity.key" \
+ -out "$defs/verity.crt" \
+ -days 365 \
+ -nodes
mkdir -p /run/verity.d
ln -s "$defs/verity.crt" /run/verity.d/ok.crt
- output=$(systemd-repart --definitions="$defs" \
- --seed="$seed" \
- --dry-run=no \
- --empty=create \
- --size=auto \
- --json=pretty \
- --private-key="$defs/verity.key" \
- --certificate="$defs/verity.crt" \
- "$imgs/verity")
+ output=$(runas testuser systemd-repart --definitions="$defs" \
+ --seed="$seed" \
+ --dry-run=no \
+ --empty=create \
+ --size=auto \
+ --json=pretty \
+ --private-key="$defs/verity.key" \
+ --certificate="$defs/verity.crt" \
+ "$imgs/verity")
roothash=$(jq -r ".[] | select(.type == \"root-${architecture}-verity\") | .roothash" <<< "$output")
# Check that we can dissect, mount and unmount a repart verity image. (and that the image UUID is deterministic)
+ if systemd-detect-virt --quiet --container; then
+ echo "Skipping verity test dissect part in container."
+ return
+ fi
+
systemd-dissect "$imgs/verity" --root-hash "$roothash"
systemd-dissect "$imgs/verity" --root-hash "$roothash" --json=short | grep -q '"imageUuid":"1d2ce291-7cce-4f7d-bc83-fdb49ad74ebd"'
systemd-dissect "$imgs/verity" --root-hash "$roothash" -M "$imgs/mnt"
test_issue_24786() {
local defs imgs root output
- if systemd-detect-virt --quiet --container; then
- echo "Skipping verity test in container."
- return
- fi
-
- defs="$(mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
- imgs="$(mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
- root="$(mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
+ defs="$(runas testuser mktemp --directory "/tmp/test-repart.XXXXXXXXXX")"
+ imgs="$(runas testuser mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
+ root="$(runas testuser mktemp --directory "/var/tmp/test-repart.XXXXXXXXXX")"
# shellcheck disable=SC2064
trap "rm -rf '$defs' '$imgs' '$root'" RETURN
CopyFiles=/usr:/
EOF
- output=$(systemd-repart --definitions="$defs" \
- --seed="$seed" \
- --dry-run=no \
- --empty=create \
- --size=auto \
- --json=pretty \
- --root="$root" \
- "$imgs/zzz")
+ output=$(runas testuser systemd-repart --definitions="$defs" \
+ --seed="$seed" \
+ --dry-run=no \
+ --empty=create \
+ --size=auto \
+ --json=pretty \
+ --root="$root" \
+ "$imgs/zzz")
+
+ if systemd-detect-virt --quiet --container; then
+ echo "Skipping issue 24786 test loop/mount parts in container."
+ return
+ fi
loop=$(losetup -P --show -f "$imgs/zzz")
udevadm wait --timeout 60 --settle "${loop:?}"
truncate -s 100m "$imgs/$sector.img"
loop=$(losetup -b "$sector" -P --show -f "$imgs/$sector.img" )
udevadm wait --timeout 60 --settle "${loop:?}"
+ # This operates on a loop device which we don't support doing without root privileges so we skip runas
+ # here.
systemd-repart --pretty=yes \
--definitions="$defs" \
--seed="$seed" \
projects / thirdparty / systemd.git / commitdiff
