diff options
author | Dominique Martinet <asmadeus@codewreck.org> | 2022-03-05 07:50:12 +0900 |
---|---|---|
committer | Dominique Martinet <asmadeus@codewreck.org> | 2022-04-01 07:09:27 +0900 |
commit | 829c611b489f606c0b84fd315052681e8a03b083 (patch) | |
tree | c3b335b471c98fa847c7ccfd342c891b5d2babbf /nixos/tests/logrotate.nix | |
parent | b0a04e41052a7abf2c0538cd2f9c97bf9c86d911 (diff) |
logrotate: add logrotate-checkconf.service
the build-time check is not safe (e.g. doesn't protect from bad users or nomissingok paths missing), so add a new unit for configuration switch time check
Diffstat (limited to 'nixos/tests/logrotate.nix')
-rw-r--r-- | nixos/tests/logrotate.nix | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/nixos/tests/logrotate.nix b/nixos/tests/logrotate.nix index 31592f0a39c58..b0685f3af9ff1 100644 --- a/nixos/tests/logrotate.nix +++ b/nixos/tests/logrotate.nix @@ -17,6 +17,12 @@ import ./make-test-python.nix ({ pkgs, ... }: rec { nodes = { defaultMachine = { ... }: { }; + failingMachine = { ... }: { + services.logrotate.configFile = pkgs.writeText "logrotate.conf" '' + # self-written config file + su notarealuser notagroupeither + ''; + }; machine = { config, ... }: { imports = [ importTest ]; @@ -128,5 +134,19 @@ import ./make-test-python.nix ({ pkgs, ... }: rec { "[[ $(sed -ne '/\"compat_keep\" {/,/}/p' /tmp/logrotate.conf | grep -w rotate) = \" rotate 1\" ]]", "! sed -ne '/\"compat_keep\" {/,/}/p' /tmp/logrotate.conf | grep -w keep", ) + # also check configFile option + failingMachine.succeed( + "conf=$(systemctl cat logrotate | grep -oE '/nix/store[^ ]*logrotate.conf'); cp $conf /tmp/logrotate.conf", + "grep 'self-written config' /tmp/logrotate.conf", + ) + with subtest("Check logrotate-checkconf service"): + machine.wait_for_unit("logrotate-checkconf.service") + # wait_for_unit also asserts for success, so wait for + # parent target instead and check manually. + failingMachine.wait_for_unit("multi-user.target") + info = failingMachine.get_unit_info("logrotate-checkconf.service") + if info["ActiveState"] != "failed": + raise Exception('logrotate-checkconf.service was not failed') + ''; }) |