summaryrefslogtreecommitdiffstats
path: root/test (follow)
Commit message (Collapse)AuthorAgeFilesLines
* test: add link to Ubuntu autopkgtest status page in READMELuca Boccassi47 hours1-0/+4
| | | | Known issues will be listed there by the team managing the infra
* pid1: add GracefulOptions= setting to .mount unitsLennart Poettering3 days1-0/+7
| | | | | | | | This new setting can be used to specify mount options that shall only be added to the mount option string if the kernel supports them. This shall be used for adding "usrquota" to tmp.mount without breaking compat, but is generally be useful.
* run0: allow explicit control of service manager activation for run0 sessionsLennart Poettering3 days1-0/+21
| | | | | | | | | | | | | | This adds a new --lightweight=yes/no switch which allows controlling whether the invoked service will have the service manager around or not. Moreover, this changes that if the target user is root it will now support to the lightweight mode, i.e. run0 towards root will no longer pull in the service manager (a real tty login via getty still will though!). My thinking here is that quickly raising privileges via run0 probably shouldn't be considered a proper login but just something short lived, temporary for a single command or similar.
* logind: introduce "user-light" session classLennart Poettering3 days1-0/+13
| | | | | | | | | | | | | | | | | | | | | | | This new session class is to "user" what "background" is to "background-light": it doesn't cause the per-user service manager to start. This new session class is now the default if no session class was provided at session registration time and the following conditions hold: 1. The session is not graphical 2. The user is not a regular user (but not root) Or in other words root and system users won't get a service manager started automatically if they go through a PAM session as part of things like cron or ftp. They will however still get one if they log in graphically. This changes behaviour a bit, but hopefully in OK was. This also makes "background-light" for system users incl. root. This addresses one of the ideas discussed in #34988.
* logind: register PAM sessions via Varlink instead of D-Bus (#35264)Lennart Poettering3 days1-0/+4
|\ | | | | | | | | | | | | | | This makes things a bit faster (because it cuts down a bit on roundtrips) and prepares ground so that one day we can let logind run in earlier boot already, making it a bit less special. communication between logind and pid1 is still dbus only, hence there's a lot of room for further improvement I guess.
| * logind: add basic Varlink APILennart Poettering3 days1-0/+4
| | | | | | | | | | For now this only covers CreateSession() and ReleaseSession(), i.e. the two operations pam_systemd cares about.
* | machine: introduce io.systemd.MachineImage.SetPoolLimit (#35953)Lennart Poettering3 days1-0/+6
|\ \ | |/ |/| | | | | | | This PR introduces io.systemd.MachineImage.SetPoolLimit method which is alternative to DBus's SetPoolLimit. This is last function for org.freedesktop.machine1 Dbus interface
| * machine: tests for io.systemd.MachineImage.SetPoolLimitIvan Kruglov3 days1-0/+6
| |
* | test: Drop sandbox() from integration test wrapperDaan De Meyer3 days1-21/+9
|/ | | | | | With the latest changes, this is not required anymore as mkosi sandbox will set up the proper $PATH to make sure the executables from the build directory are used.
* oomd: support reloading configuration at runtimeSea-Eun Lee4 days1-0/+34
|
* fmf: Only move logs if corresponding directory existsDaan De Meyer4 days1-2/+2
| | | | Otherwise find fails with an error.
* test: Only move journal file if we didn't just unlink itDaan De Meyer4 days1-2/+1
|
* test: Fix bug in integration test wrapperDaan De Meyer5 days1-1/+1
|
* fmf: Skip TEST-21-DFUZZERDaan De Meyer8 days1-0/+4
| | | | | Similar to Github Actions, since we don't build with sanitizers in the packit job, let's skip TEST-21-DFUZZER.
* fmf: Use different heuristic on beefy systemsDaan De Meyer8 days1-1/+9
| | | | | | If we save journals in /tmp, we can run a larger number of tests in parallel so let's make use of the larger number of CPUs if the tests run on a beefy machine.
* fmf: Bump inotify limits to avoid systemd-nspawn failuresDaan De Meyer8 days1-0/+4
|
* test: Move StateDirectory= directive into dropinDaan De Meyer8 days2-1/+1
| | | | | | | The integration-test-setup calls require StateDirectory= but some tests override the test unit used which then won't have StateDirectory= so let's move StateDirectory= into the dropin as well to avoid this issue.
* test: Don't register machines with machined unless we're in interactive modeDaan De Meyer8 days1-1/+1
|
* test: Add option to save in progress test journals to /tmpDaan De Meyer8 days2-1/+15
| | | | | | | | | | | The journal isn't the best at being fast, especially when writing to disk and not to memory, which can cause integration tests to grind to a halt on beefy systems due to all the systemd-journal-remote instances not being able to write journal entries to disk fast enough. Let's introduce an option to allow writing in progress test journals to use /tmp which can be used on beefy systems with lots of memory to speed things up.
* tree-wide: Fix python formattingDaan De Meyer8 days1-3/+3
| | | | | The new release of ruff formats a few more things which causes linter failures in CI so let's fix those formatting nits.
* fmf: Move meson logs and failed test journals to test artifacts dir (#35939)Yu Watanabe8 days1-8/+8
|\
| * fmf: Use one fewer than number of available CPUs againDaan De Meyer9 days1-8/+1
| | | | | | | | | | | | | | | | | | This effectively reverts b8582198ca1e6fe390f7169e623a9130b68a6b36 as I can not get the testing farm bare metal machines working downstream and even if I managed to, without also using the testing farm bare metal machines upstream (for which there is no capacity), the setup would very quickly bitrot anyway so we'll just run the container based tests for now.
| * fmf: Log clock sourceDaan De Meyer9 days1-0/+2
| |
| * fmf: Move meson logs and failed test journals to test artifacts dirDaan De Meyer9 days1-1/+6
| |
* | pam: add session class "none" to disable logind sessions (#35171)Lennart Poettering9 days1-1/+9
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | pam_systemd is used to create logind sessions and to apply extended attributes from json user records. Not every application that creates a pam session expects a login scope, but may be interested in the extended attributes of json user records. Session class "none" implements this service by disabling logind for this session altogether. --- Closes: #34988
| * | test: add session class "none" login testRonan Pigott2025-01-031-1/+9
| | |
* | | machine: introduce io.systemd.Machine.OpenRootDirectory method (#35880)Daan De Meyer9 days1-0/+4
|\ \ \ | | | | | | | | | | | | This PR introduces io.systemd.Machine.OpenRootDirectory method which is DBus's alternative to OpenMachineRootDirectory.
| * | | machine: tests for io.systemd.Machine.OpenRootDirectoryIvan Kruglov9 days1-0/+4
| | | |
* | | | mkosi: Re-enable TEST-21-DFUZZER when running with sanitizersDaan De Meyer9 days1-1/+0
| |_|/ |/| | | | | | | | | | | Similar to how CentOS CI did it previously, let's only run TEST-21-DFUZZER when built with sanitizers for maximum effect.
* | | Two integration test fixes (#35937)Daan De Meyer9 days3-3/+10
|\ \ \
| * | | test: Only plug in integration-test-setup.sh in interactive modeDaan De Meyer9 days2-2/+9
| | | | | | | | | | | | | | | | | | | | | | | | If we're not running interactively, there's no point in the features from integration-test-setup.sh which are intended for interactive development and debugging so lets skip adding it in that case.
| * | | test: Drop set -x from integration-test-setup.shDaan De Meyer9 days1-1/+1
| |/ /
* | | fmf: Force SELinux relabel when running within testing farmDaan De Meyer9 days1-0/+3
| | | | | | | | | | | | | | | We expect to run as root within testing farm and to have permissions to do selinux relabelling so let's enable it explicitly.
* | | TEST-06-SELINUX: Add knob to allow checking for AVCsDaan De Meyer9 days3-0/+21
|/ / | | | | | | | | | | When running the integration tests downstream, it's useful to be able to test that a new systemd version doesn't introduce any AVC denials, so let's add a knob to make that possible.
* | sd-device: make sd_device_new_from_path() accept relative path to device nodeYu Watanabe9 days1-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Even though udevadm accepts relative syspath, previously, udevadm could not use relative path to device node: === $ cd /dev $ udevadm info sda Bad argument "sda", expected an absolute path in /dev/ or /sys/ or a unit name: Invalid argument $ udevadm info /usr/../dev/sda Unknown device "/usr/../dev/sda": No such device === With this change, both the above cases work fine. Note, still sd_device_new_from_devname() requires absolute path starts with /dev/, for safety.
* | fmf: Use different heuristic for number of process with many CPUsDaan De Meyer9 days1-1/+8
| | | | | | | | | | | | | | Downstream we sometimes end up with machines with lots of CPUs which leads to running out of memory when trying to run the tests in VMs. So let's switch to a different heuristic when we have lots of CPUs to avoid running out of memory.
* | nsresource: optionally mangle userns names passed to nsresourced (#35900)Lennart Poettering10 days1-1/+4
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We enforce quite strict rules on naming userns we assign uid ranges to for users. So strict that they are hard to get right for clients. hence, let's optionally mangle provided strings so that they work for us. This should make it much easier to work with the API, as something reasonable happens regarldess what kind of garbage a client sets as name. mangling the name is opt-in for clients, so that there's tight control for the client on the name, but also "fire and forget".
| * | test: make sure the userns long name mangling codepaths are testedLennart Poettering10 days1-1/+4
| | |
* | | pid1: allow removal of foreign-owned subcgroups of cgroups owned by some ↵Lennart Poettering10 days1-0/+34
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | user (#35922) This improves operation in unprivileged userns environments, where unpriv user code might invoke a container with a delegated userns UID range, and thus ends up with a subcgroup owned by another UID. With this patch any user is always allowed to remove their own cgroups even if it has subcgroups owned by other users. This removes a DoS of sorts, and enforces the rule that users strictly own everything below cgroups they own.
| * | | test: add testcase that verifies we can safely delete subcgroups owned by ↵Lennart Poettering10 days1-0/+34
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | other users if we own the parent This is a test for the previous commits: we create an unpriv, delegated cgroup in --user mode, then create a subcgroup that is owned by some other user (to mimic the case where an unpriv user got a userns with delegated UIDs assigned), and then try to stop the unit. traditionally this would fail, because our unpriv systemd --user instance can't remove the subcrroup owned by someone else. With the earlier patches this is addressed.
* / / fmf: Dump CPU and memory informationDaan De Meyer10 days1-0/+4
|/ /
* | fmf: Only mess with /etc/yum.repos.d when running within testing farmDaan De Meyer10 days1-6/+12
| | | | | | | | | | If running tmt locally to debug the test script, make sure we don't mess with /etc/yum.repos.d.
* | fmf: Fix globDaan De Meyer10 days1-1/+4
| | | | | | | | | | | | Globs inside quotes aren't expanded and we need the glob to be more specific to avoid matching multiple entries inside the tmt source directory.
* | fmf: Fix dist-git exampleDaan De Meyer10 days1-3/+0
| | | | | | | | | | All that's needed is dist-git-source: true so remove the other settings that aren't required.
* | fmf: Don't fail if we can't put selinux in permissive modeDaan De Meyer10 days1-2/+2
| | | | | | | | | | The tests might be running unprivileged or in an environment without selinux so let's not fail if we can't put it in permissive mode.
* | udev: introduce io.systemd.Udev varlink interface (#35721)Lennart Poettering11 days1-0/+6
|\ \ | | | | | | Replaces #25523.
| * | TEST-17-UDEV: wait for udevd being restarted after exit control commandYu Watanabe11 days1-0/+6
| | | | | | | | | | | | Also wait for created devices being processed before running tests.
* | | fmf: Check out target branch in packitDaan De Meyer11 days1-1/+1
| | |
* | | test: add test case for AddDependencyUnitFiles assertLuca Boccassi11 days1-0/+11
|/ / | | | | | | Follow-up for d87dc74e8f1a30d72a0f202e411400bab34ab55a
* | machine: introduce io.systemd.Machine.{CopyFrom, CopyTo} methods (#34913)Daan De Meyer12 days1-7/+26
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR introduces io.systemd.Machine.CopyFrom and CopyTo method which are DBus alternatives of: - CopyFromMachine - CopyToMachine - CopyFromMachineWithFlags - CopyToMachineWithFlags The PR also contain tests
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-18 14:06:42 +0100