diff options
author | r-vdp <ramses@well-founded.dev> | 2023-08-02 13:51:06 +0200 |
---|---|---|
committer | r-vdp <ramses@well-founded.dev> | 2023-08-02 13:51:06 +0200 |
commit | 127e2ed645137ccbcbedb3ba316e1c8bf3ab9ae1 (patch) | |
tree | 6b0e3b5505bf715a8639bb29de2df85ae252da29 /nixos/tests/user-expiry.nix | |
parent | 9da75fdaf147dc525861e8a534780d563c897dba (diff) |
nixos/update-users-groups: add nixos test for the expires option
Diffstat (limited to 'nixos/tests/user-expiry.nix')
-rw-r--r-- | nixos/tests/user-expiry.nix | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/nixos/tests/user-expiry.nix b/nixos/tests/user-expiry.nix new file mode 100644 index 0000000000000..bcaed7a0ccb0b --- /dev/null +++ b/nixos/tests/user-expiry.nix @@ -0,0 +1,70 @@ +let + alice = "alice"; + bob = "bob"; + eve = "eve"; + passwd = "pass1"; +in +{ + name = "user-expiry"; + + nodes = { + machine = { + users.users = { + ${alice} = { + initialPassword = passwd; + isNormalUser = true; + expires = "1990-01-01"; + }; + ${bob} = { + initialPassword = passwd; + isNormalUser = true; + expires = "2990-01-01"; + }; + ${eve} = { + initialPassword = passwd; + isNormalUser = true; + }; + }; + }; + }; + + testScript = '' + def switch_to_tty(tty_number): + machine.fail(f"pgrep -f 'agetty.*tty{tty_number}'") + machine.send_key(f"alt-f{tty_number}") + machine.wait_until_succeeds(f"[ $(fgconsole) = {tty_number} ]") + machine.wait_for_unit(f"getty@tty{tty_number}.service") + machine.wait_until_succeeds(f"pgrep -f 'agetty.*tty{tty_number}'") + + + machine.wait_for_unit("multi-user.target") + machine.wait_for_unit("getty@tty1.service") + + with subtest("${alice} cannot login"): + machine.wait_until_tty_matches("1", "login: ") + machine.send_chars("${alice}\n") + machine.wait_until_tty_matches("1", "Password: ") + machine.send_chars("${passwd}\n") + + machine.wait_until_succeeds("journalctl --grep='account ${alice} has expired \\(account expired\\)'") + machine.wait_until_tty_matches("1", "login: ") + + with subtest("${bob} can login"): + switch_to_tty(2) + machine.wait_until_tty_matches("2", "login: ") + machine.send_chars("${bob}\n") + machine.wait_until_tty_matches("2", "Password: ") + machine.send_chars("${passwd}\n") + + machine.wait_until_succeeds("pgrep -u ${bob} bash") + + with subtest("${eve} can login"): + switch_to_tty(3) + machine.wait_until_tty_matches("3", "login: ") + machine.send_chars("${eve}\n") + machine.wait_until_tty_matches("3", "Password: ") + machine.send_chars("${passwd}\n") + + machine.wait_until_succeeds("pgrep -u ${eve} bash") + ''; +} |