diff options
Diffstat (limited to 'nixos/tests')
-rw-r--r-- | nixos/tests/doas.nix | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/nixos/tests/doas.nix b/nixos/tests/doas.nix index 9c0a4bdc7563f..5e9ce4b2c799c 100644 --- a/nixos/tests/doas.nix +++ b/nixos/tests/doas.nix @@ -78,6 +78,13 @@ import ./make-test-python.nix ( 'su - test7 -c "SSH_AUTH_SOCK=HOLEY doas env"' ): raise Exception("failed to exclude SSH_AUTH_SOCK") + + # Test that the doas setuid wrapper precedes the unwrapped version in PATH after + # calling doas. + # The PATH set by doas is defined in + # ../../pkgs/tools/security/doas/0001-add-NixOS-specific-dirs-to-safe-PATH.patch + with subtest("recursive calls to doas from subprocesses should succeed"): + machine.succeed('doas -u test0 sh -c "doas -u test0 true"') ''; } ) |