system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-07-21 02:05:05 +00:00
Code Issues Actions 9 Packages Projects Releases Wiki Activity

test: set correct group for systemd-journal-upload tests

Browse source 
We can't use the systemd-journal-upload user here, since it's created
dynamically by DynamicUser=yes. However, we can use the group specified
in SupplementaryGroups=, so do exactly that.
This commit is contained in:
Frantisek Sumsal 2023-12-04 21:33:15 +01:00
parent e4d216f2dc
commit 52c1fb6885
2 changed files with 7 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
test/test-functions
View file

@ -157,6 +157,7 @@ BASICTOOLS=(
bash
capsh
cat
chgrp
chmod
chown
chroot
@ -2870,14 +2871,14 @@ inst_binary() {
# Same as above, but we need to wrap certain libraries unconditionally
#
# chown, getent, login, setfacl, su, useradd, userdel
# chgrp, chown, getent, login, setfacl, su, useradd, userdel
# - dlopen() (not only) systemd's PAM modules
# ls, mkfs.*, mksquashfs, mkswap, setpriv, stat
# - pull in nss_systemd with certain options (like ls -l) when
# nsswitch.conf uses [SUCCESS=merge] (like on Arch Linux)
# delv, dig - pull in nss_resolve if `resolve` is in nsswitch.conf
# tar - called by machinectl in TEST-25
bin_rx='/(agetty|chown|curl|delv|dig|getfacl|getent|id|login|ls|mkfs\.[a-z0-9]+|mksquashfs|mkswap|setfacl|setpriv|stat|su|tar|useradd|userdel)$'
bin_rx='/(agetty|chgrp|chown|curl|delv|dig|getfacl|getent|id|login|ls|mkfs\.[a-z0-9]+|mksquashfs|mkswap|setfacl|setpriv|stat|su|tar|useradd|userdel)$'
if get_bool "$IS_BUILT_WITH_ASAN" && [[ "$bin" =~ $bin_rx ]]; then
wrap_binary=1
# Ugh, so we want to disable LSan in most cases for the wrapped binaries, since

7
test/units/testsuite-04.journal-remote.sh
View file

@ -161,8 +161,8 @@ openssl x509 -req -days 7 \
-CA /run/systemd/remote-pki/ca.crt \
-CAkey /run/systemd/remote-pki/ca.key \
-out /run/systemd/remote-pki/server.crt
setfacl -R -m "u:systemd-journal-remote:rwX" /run/systemd/remote-pki
setfacl -R -m "u:systemd-journal-upload:rwX" /run/systemd/remote-pki
chown -R systemd-journal-remote:systemd-journal /run/systemd/remote-pki
chmod -R g+rwX /run/systemd/remote-pki
# Reconfigure journal-upload/journal remote with the new keys
cat >/run/systemd/journal-remote.conf.d/99-test.conf <<EOF
@ -215,7 +215,8 @@ cat >/run/systemd/system/systemd-journal-upload.service.d/99-test.conf <<EOF
Restart=no
EOF
systemctl daemon-reload
setfacl -R -m "u:systemd-journal-upload:rwX" /run/systemd/journal-remote-tls
chgrp -R systemd-journal /run/systemd/journal-remote-tls
chmod -R g+rwX /run/systemd/journal-remote-tls
systemctl restart systemd-journal-upload
timeout 10 bash -xec 'while [[ "$(systemctl show -P ActiveState systemd-journal-upload)" != failed ]]; do sleep 1; done'