diff options
author | Joachim Fasting <joachifm@fastmail.fm> | 2019-01-06 13:17:38 +0100 |
---|---|---|
committer | Joachim Fasting <joachifm@fastmail.fm> | 2019-01-06 13:19:28 +0100 |
commit | 39c30a33c182764a26dba00f56fa4e3982a1c979 (patch) | |
tree | 96fa5465b2b5777ad45ca81d280ac38402257c13 /nixos/tests/hardened.nix | |
parent | b3d8aa2677e8adf0fa6a779695e87d4ad091fd2f (diff) |
nixos/tests/hardened: test loading out-of-tree-modules
Diffstat (limited to 'nixos/tests/hardened.nix')
-rw-r--r-- | nixos/tests/hardened.nix | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/nixos/tests/hardened.nix b/nixos/tests/hardened.nix index 683f56c45af4a..07bd10963bab6 100644 --- a/nixos/tests/hardened.nix +++ b/nixos/tests/hardened.nix @@ -5,7 +5,7 @@ import ./make-test.nix ({ pkgs, ...} : { }; machine = - { lib, pkgs, ... }: + { lib, pkgs, config, ... }: with lib; { users.users.alice = { isNormalUser = true; extraGroups = [ "proc" ]; }; users.users.sybil = { isNormalUser = true; group = "wheel"; }; @@ -22,12 +22,19 @@ import ./make-test.nix ({ pkgs, ...} : { options = [ "noauto" ]; }; }; + boot.extraModulePackages = [ config.boot.kernelPackages.wireguard ]; + boot.kernelModules = [ "wireguard" ]; }; testScript = '' $machine->waitForUnit("multi-user.target"); + # Test loading out-of-tree modules + subtest "extra-module-packages", sub { + $machine->succeed("grep -Fq wireguard /proc/modules"); + }; + # Test hidepid subtest "hidepid", sub { $machine->succeed("grep -Fq hidepid=2 /proc/mounts"); |