diff options
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/system/boot/systemd/coredump.nix | 53 | ||||
| -rw-r--r-- | nixos/tests/all-tests.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/systemd-coredump.nix | 44 |
3 files changed, 75 insertions, 23 deletions
diff --git a/nixos/modules/system/boot/systemd/coredump.nix b/nixos/modules/system/boot/systemd/coredump.nix index ea4f9f79b8d4f..c2ca973d38074 100644 --- a/nixos/modules/system/boot/systemd/coredump.nix +++ b/nixos/modules/system/boot/systemd/coredump.nix @@ -28,30 +28,37 @@ in { }; }; - config = { - systemd.additionalUpstreamSystemUnits = [ - "systemd-coredump.socket" - "systemd-coredump@.service" - ]; - - environment.etc = { - "systemd/coredump.conf".text = - '' - [Coredump] - ${cfg.extraConfig} - ''; + config = mkMerge [ - # install provided sysctl snippets - "sysctl.d/50-coredump.conf".source = "${systemd}/example/sysctl.d/50-coredump.conf"; - "sysctl.d/50-default.conf".source = "${systemd}/example/sysctl.d/50-default.conf"; - }; + (mkIf cfg.enable { + systemd.additionalUpstreamSystemUnits = [ + "systemd-coredump.socket" + "systemd-coredump@.service" + ]; - users.users.systemd-coredump = { - uid = config.ids.uids.systemd-coredump; - group = "systemd-coredump"; - }; - users.groups.systemd-coredump = {}; + environment.etc = { + "systemd/coredump.conf".text = + '' + [Coredump] + ${cfg.extraConfig} + ''; + + # install provided sysctl snippets + "sysctl.d/50-coredump.conf".source = "${systemd}/example/sysctl.d/50-coredump.conf"; + "sysctl.d/50-default.conf".source = "${systemd}/example/sysctl.d/50-default.conf"; + }; + + users.users.systemd-coredump = { + uid = config.ids.uids.systemd-coredump; + group = "systemd-coredump"; + }; + users.groups.systemd-coredump = {}; + }) + + (mkIf (!cfg.enable) { + boot.kernel.sysctl."kernel.core_pattern" = mkDefault "core"; + }) + + ]; - boot.kernel.sysctl."kernel.core_pattern" = mkIf (!cfg.enable) "core"; - }; } diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index ff54a327424e8..06210095cfce3 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -537,6 +537,7 @@ in { systemd-binfmt = handleTestOn ["x86_64-linux"] ./systemd-binfmt.nix {}; systemd-boot = handleTest ./systemd-boot.nix {}; systemd-confinement = handleTest ./systemd-confinement.nix {}; + systemd-coredump = handleTest ./systemd-coredump.nix {}; systemd-cryptenroll = handleTest ./systemd-cryptenroll.nix {}; systemd-escaping = handleTest ./systemd-escaping.nix {}; systemd-initrd-btrfs-raid = handleTest ./systemd-initrd-btrfs-raid.nix {}; diff --git a/nixos/tests/systemd-coredump.nix b/nixos/tests/systemd-coredump.nix new file mode 100644 index 0000000000000..62137820878bd --- /dev/null +++ b/nixos/tests/systemd-coredump.nix @@ -0,0 +1,44 @@ +import ./make-test-python.nix ({ pkgs, ... }: + +let + + crasher = pkgs.writeCBin "crasher" "int main;"; + + commonConfig = { + systemd.services.crasher.serviceConfig = { + ExecStart = "${crasher}/bin/crasher"; + StateDirectory = "crasher"; + WorkingDirectory = "%S/crasher"; + Restart = "no"; + }; + }; + +in + +{ + name = "systemd-coredump"; + meta = with pkgs.lib.maintainers; { + maintainers = [ squalus ]; + }; + + nodes.machine1 = { pkgs, lib, ... }: commonConfig; + nodes.machine2 = { pkgs, lib, ... }: lib.recursiveUpdate commonConfig { + systemd.coredump.enable = false; + systemd.package = pkgs.systemd.override { + withCoredump = false; + }; + }; + + testScript = '' + with subtest("systemd-coredump enabled"): + machine1.wait_for_unit("multi-user.target") + machine1.wait_for_unit("systemd-coredump.socket") + machine1.systemctl("start crasher"); + machine1.wait_until_succeeds("coredumpctl list | grep crasher", timeout=10) + machine1.fail("stat /var/lib/crasher/core") + + with subtest("systemd-coredump disabled"): + machine2.systemctl("start crasher"); + machine2.wait_until_succeeds("stat /var/lib/crasher/core", timeout=10) + ''; +}) |