set -e
TEST_DESCRIPTION="test credentials"
-NSPAWN_ARGUMENTS="${NSPAWN_ARGUMENTS:-} --set-credential=mynspawncredential:strangevalue"
-QEMU_OPTIONS="${QEMU_OPTIONS:-} -fw_cfg name=opt/io.systemd.credentials/myqemucredential,string=othervalue -smbios type=11,value=io.systemd.credential:smbioscredential=magicdata -smbios type=11,value=io.systemd.credential.binary:binarysmbioscredential=bWFnaWNiaW5hcnlkYXRh -smbios type=11,value=io.systemd.credential.binary:sysusers.extra=dSBjcmVkdGVzdHVzZXIK -smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=ZiAvdG1wL3NvdXJjZWRmcm9tY3JlZGVudGlhbCAtIC0gLSAtIHRtcGZpbGVzc2VjcmV0Cg=="
-KERNEL_APPEND="${KERNEL_APPEND:-} systemd.set_credential=kernelcmdlinecred:uff systemd.set_credential=sysctl.extra:kernel.domainname=sysctltest rd.systemd.import_credentials=no"
+
+NSPAWN_CREDS=(
+ "--set-credential=mynspawncredential:strangevalue"
+)
+NSPAWN_ARGUMENTS="${NSPAWN_ARGUMENTS:-} ${NSPAWN_CREDS[*]}"
+
+QEMU_CREDS=(
+ "-fw_cfg name=opt/io.systemd.credentials/myqemucredential,string=othervalue"
+ "-smbios type=11,value=io.systemd.credential:smbioscredential=magicdata"
+ "-smbios type=11,value=io.systemd.credential.binary:binarysmbioscredential=bWFnaWNiaW5hcnlkYXRh"
+ "-smbios type=11,value=io.systemd.credential.binary:sysusers.extra=dSBjcmVkdGVzdHVzZXIK"
+ "-smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=ZiAvdG1wL3NvdXJjZWRmcm9tY3JlZGVudGlhbCAtIC0gLSAtIHRtcGZpbGVzc2VjcmV0Cg=="
+)
+QEMU_OPTIONS="${QEMU_OPTIONS:-} ${QEMU_CREDS[*]}"
+
+KERNEL_CREDS=(
+ "systemd.set_credential=kernelcmdlinecred:uff"
+ "systemd.set_credential=sysctl.extra:kernel.domainname=sysctltest"
+ "systemd.set_credential=login.motd:hello"
+ "systemd.set_credential=login.issue:welcome"
+ "rd.systemd.import_credentials=no"
+)
+KERNEL_APPEND="${KERNEL_APPEND:-} ${KERNEL_CREDS[*]}"
# shellcheck source=test/test-functions
. "${TEST_BASE_DIR:?}/test-functions"
# Verify that writing a file via tmpfiles worked
[ "$(cat /tmp/sourcedfromcredential)" = "tmpfilessecret" ]
+ [ "$(cat /etc/motd.d/50-provision.conf)" = "hello" ]
+ [ "$(cat /etc/issue.d/50-provision.conf)" = "welcome" ]
else
echo "qemu_fw_cfg support missing in kernel. Sniff!"
expected_credential=""
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+# See tmpfiles.d(5) for details
+
+# Provision additional loging messages from credentials, if they are set. Note
+# that these lines are NOPs if the credentials are not set or if the files
+# already exist.
+f^ /etc/motd.d/50-provision.conf - - - - login.motd
+f^ /etc/issue.d/50-provision.conf - - - - login.issue
+
+# Provision a /etc/hosts file from credentials.
+f^ /etc/hosts - - - - network.hosts
ExecStart=systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev
SuccessExitStatus=DATAERR CANTCREAT
LoadCredential=tmpfiles.extra
+LoadCredential=login.motd
+LoadCredential=login.issue
+LoadCredential=network.hosts
projects / thirdparty / systemd.git / commitdiff
