systemd-analyze runs the generators in a sandbox, which makes gcov
unhappy since it can't update its counters. Let's "silence" gcov in this
particular case by telling it to look for gcov note files in /tmp (where
shouldn't be any, so gcov won't try to update any counters).
Fixes following failure:
===
May 17 04:12:04 TEST-74-AUX-UTILS.sh[2684]: + systemd-mount --owner=testuser /dev/loop0 /tmp/tmp.DVQdo2ou53/mnt
(snip)
May 17 04:15:04 systemd[1]: dev-loop0.device: Job dev-loop0.device/start timed out.
May 17 04:15:04 systemd[1]: dev-loop0.device: Job 5812 dev-loop0.device/start finished, result=timeout
May 17 04:15:04 systemd[1]: Timed out waiting for device dev-loop0.device - /dev/loop0.
May 17 04:15:04 systemd[1]: tmp-tmp.DVQdo2ou53-mnt.mount: Job 5804 tmp-tmp.DVQdo2ou53-mnt.mount/start finished, result=dependency
May 17 04:15:04 systemd[1]: Dependency failed for tmp-tmp.DVQdo2ou53-mnt.mount - /tmp/tmp.DVQdo2ou53/mnt.
May 17 04:15:04 systemd[1]: tmp-tmp.DVQdo2ou53-mnt.mount: Job tmp-tmp.DVQdo2ou53-mnt.mount/start failed with result 'dependency'.
May 17 04:15:04 systemd[1]: systemd-fsck@dev-loop0.service: Job 5805 systemd-fsck@dev-loop0.service/start finished, result=dependency
May 17 04:15:04 systemd[1]: Dependency failed for systemd-fsck@dev-loop0.service - File System Check on /dev/loop0.
May 17 04:15:04 systemd[1]: systemd-fsck@dev-loop0.service: Job systemd-fsck@dev-loop0.service/start failed with result 'dependency'.
May 17 04:15:04 systemd[1]: dev-loop0.device: Job dev-loop0.device/start failed with result 'timeout'.
(snip)
May 17 04:15:04 systemd-mount[2856]: A dependency job for tmp-tmp.DVQdo2ou53-mnt.mount failed. See 'journalctl -xe' for details.
In mkosi, we run the test inside the VM instead of outside. To simplify
the implementation we drop the reboot part and only verify that we can
schedule and cancel shutdowns and that the wall messages are sent as
expected.
Encrypted /var is skipped because meson's limitations make per test
images not really feasible and we can't encrypt /var by default because
it slows down the image build too much.
Co-authored-by: Richard Maw <richard.maw@codethink.co.uk>
For manager test runs, the generator output paths are located in
/tmp, which means that if we mount a private /tmp for generators,
we lose all the generated units (actually the generators will just
fail because the directories don't exist, but if they did exist,
we'd still lose all the units).
Let's avoid the problem by skipping the private /tmp for manager
test runs. This also avoids any possible privilege issues with
mounting a private /tmp that might happen in this scenario.
On Debian/Ubuntu, the unit is named tgt.service instead of tgtd.service,
so let's make sure we take that into account.
On CentOS, tgtd.service is not available, so let's skip the test if we
can't find the service.
Let's remove the unneeded NotifyAccess=all and start the socket
and service in the test itself instead of via the service unit. This
makes the test unit identical to the other test units which will allow
us to autogenerate it in a later commit.
Having these named differently than the test itself mostly creates
unecessary confusion and makes writing logic against the tests harder
so let's rename the testsuite-xx units and scripts to just use the
test name itself.
Currently, on soft-reboot, /run/credentials/@system is unmounted
because it has DefaultDependencies=yes and as such will have
Conflicts=umount.target and Before=umount.target. Let's make sure
credential mounts survive soft-reboot by implying DefaultDependencies=no
for credential mounts.
A fixed name is too rigid, let's give users the ability to define
custom drop-in names which at the same time also allows defining
multiple dropins per unit.
We use ~ as the separator because:
- ':' is not allowed in credential names
- '=' is used to separate credential from value in mkosi's --credential
argument.
- '-' is commonly used in filenames
- '@' already has meaning as the unit template specifier which might be
confusing when adding dropins for template units
Otherwise, at this stage, the interface may be in e.g. initialized or
pending state, and the drop-in file introduced by the previous command
may not be registered to the state file for the interface.
Fixes#32685.
We already changed logs-filtering.service to sleep 2 seconds before
exiting to combat flakyness, let's do the same for the delegated
cgroup filtering payload.
Fixes#32696 (hopefully)
Let's run mkfs on the file we create instead of the loop device and
let's use udevadm wait --settle to wait for udev to settle before
doing anything with the loop device
Fixes#32680 (hopefully)
Currently test-aux-scope.service can get killed by the test before
it's had a chance to setup its signal handler. Make it Type=notify
to fix the race.
Fixes#32670 (hopefully)
For some reason this fails on ext4 with "No space left on device".
Until we figure out why, let's skip the test on ext4 (which is reported
as ext2/ext3 by stat).
This module is builtin on ubuntu causing the test to fail. Let's
use just dummy instead. I tried replacing it with scsi_debug but
that caused issues with modprobe complaining it could not remove
scsi_debug because it was in use.
When root authorized keys are provided by mkosi they are not
newline-terminated so appending a public key to the file results
in a corrupt key, so just to be safe we add an empty line.
Depending on host configuration this may or may not be included (e.g.
on mkosi we get a result without an ifindex field). Let's strip it from
the resolved reply to avoid failing the test.
Other distributions may be able to install selinux
but they are not expected to use it.
The distribution is tested rather than whether selinux is enabled
because it is expected to work on CentOS and Fedora
and we want it to fail noisily.
TEST-26-SYSTEMCTL is racy as we call systemctl is-active immediately
after systemctl kill. Let's implement --wait for systemctl kill and
use it in TEST-26-SYSTEMCTL to avoid the race.
On OpenSUSE the systemd-hostnamed does not fail and is unloaded which
causes reset-failed to fail. So let's ignore any errors from reset-failed
to make the test more robust.
The rootfs only has 64K UIDs available when booting with virtiofs,
whereas the nspawn tests want to use user namespace which require
more than 64K UIDs.
Let's use oneshot services as we don't need long running services
for the tests we're doing. Let's also increase the sleeps a little
as the current values weren't sufficient when running the test locally
on my machine with mkosi.
If 3 lock messages get sent when going to sleep
then we can falsely assume we have woken up if we only assume we have at least two
so checking we have more than we did before sleeping addresses that issue.
OpenSUSE images seem to be unhappy with either how they are built
or what they are being asked to do.
The listed device-mapper failure is just one of the strange errors,
I have also seen it fail to propagate cgroup properties into new cgroups
that were previously guaranteed to exist.