From 0ccdd6f2b043e5123ffd1f76cd2187c39ce19b94 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 11 Sep 2020 07:46:59 +0200 Subject: nixos/tor: improve type-checking and hardening Fixes #77395. Fixes #82790. --- nixos/tests/tor.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/tests') diff --git a/nixos/tests/tor.nix b/nixos/tests/tor.nix index ad07231557c3..c061f59226cf 100644 --- a/nixos/tests/tor.nix +++ b/nixos/tests/tor.nix @@ -17,7 +17,7 @@ rec { environment.systemPackages = with pkgs; [ netcat ]; services.tor.enable = true; services.tor.client.enable = true; - services.tor.controlPort = 9051; + services.tor.settings.ControlPort = 9051; }; testScript = '' -- cgit v1.2.3 From ffe5ff6009017ebbc384e38b5a26e37556d60ecc Mon Sep 17 00:00:00 2001 From: Sarah Brofeldt Date: Mon, 4 Jan 2021 21:33:32 +0100 Subject: dockerTools: Test buildLayeredImage with symlinks This exercises layer creation in face of store path symlinks, ensuring they are not dereferenced, which can lead to broken layer tarballs --- nixos/tests/docker-tools.nix | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'nixos/tests') diff --git a/nixos/tests/docker-tools.nix b/nixos/tests/docker-tools.nix index 8402ba68b720..369ef94f9fad 100644 --- a/nixos/tests/docker-tools.nix +++ b/nixos/tests/docker-tools.nix @@ -247,5 +247,12 @@ import ./make-test-python.nix ({ pkgs, ... }: { ).strip() == "${if pkgs.system == "aarch64-linux" then "amd64" else "arm64"}" ) + + with subtest("buildLayeredImage doesn't dereference /nix/store symlink layers"): + docker.succeed( + "docker load --input='${examples.layeredStoreSymlink}'", + "docker run --rm ${examples.layeredStoreSymlink.imageName} bash -c 'test -L ${examples.layeredStoreSymlink.passthru.symlink}'", + "docker rmi ${examples.layeredStoreSymlink.imageName}", + ) ''; }) -- cgit v1.2.3 From fe8ec6a07ff1597495204bdcc979b39b5aac3e5e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9o=20Gaspard?= Date: Tue, 5 Jan 2021 04:05:38 +0100 Subject: nixos tests: fix postgresql-wal-receiver.nix's eval --- nixos/tests/postgresql-wal-receiver.nix | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'nixos/tests') diff --git a/nixos/tests/postgresql-wal-receiver.nix b/nixos/tests/postgresql-wal-receiver.nix index 432b46234f9c..905f4b22e97b 100644 --- a/nixos/tests/postgresql-wal-receiver.nix +++ b/nixos/tests/postgresql-wal-receiver.nix @@ -1,10 +1,17 @@ +{ system ? builtins.currentSystem, + config ? {}, + pkgs ? import ../.. { inherit system config; } +}: + +with import ../lib/testing-python.nix { inherit system pkgs; }; + let # Makes a test for a PostgreSQL package, given by name and looked up from `pkgs`. makePostgresqlWalReceiverTest = postgresqlPackage: { name = postgresqlPackage; value = - import ./make-test-python.nix ({ pkgs, lib, ... }: let + let pkg = pkgs."${postgresqlPackage}"; postgresqlDataDir = "/var/lib/postgresql/${pkg.psqlSchema}"; @@ -19,7 +26,7 @@ let then pkgs.writeTextDir "recovery.signal" "" else pkgs.writeTextDir "recovery.conf" "restore_command = 'cp ${walBackupDir}/%f %p'"; - in { + in makeTest { name = "postgresql-wal-receiver-${postgresqlPackage}"; meta.maintainers = with lib.maintainers; [ pacien ]; @@ -104,7 +111,7 @@ let "test $(sudo -u postgres psql --pset='pager=off' --tuples-only --command='select count(distinct val) from dummy;') -eq 100" ) ''; - }); + }; }; # Maps the generic function over all attributes of PostgreSQL packages -- cgit v1.2.3 From a7331d1403e7480b2a68700977cef290491ababc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9o=20Gaspard?= Date: Tue, 5 Jan 2021 04:12:53 +0100 Subject: nixos tests: fix postgresql-wal-receiver --- nixos/tests/postgresql-wal-receiver.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'nixos/tests') diff --git a/nixos/tests/postgresql-wal-receiver.nix b/nixos/tests/postgresql-wal-receiver.nix index 905f4b22e97b..0e8b3bfd6c34 100644 --- a/nixos/tests/postgresql-wal-receiver.nix +++ b/nixos/tests/postgresql-wal-receiver.nix @@ -6,13 +6,14 @@ with import ../lib/testing-python.nix { inherit system pkgs; }; let + lib = pkgs.lib; + # Makes a test for a PostgreSQL package, given by name and looked up from `pkgs`. makePostgresqlWalReceiverTest = postgresqlPackage: { name = postgresqlPackage; value = let - pkg = pkgs."${postgresqlPackage}"; postgresqlDataDir = "/var/lib/postgresql/${pkg.psqlSchema}"; replicationUser = "wal_receiver_user"; -- cgit v1.2.3 From 6c3d21aff953a2f61086fa9dfd22ccaa919910f0 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Tue, 5 Jan 2021 08:25:53 +0000 Subject: nixos/getty: rename from services.mingetty It's been 8.5 years since NixOS used mingetty, but the option was never renamed (despite the file definining the module being renamed in 9f5051b76c1 ("Rename mingetty module to agetty")). I've chosen to rename it to services.getty here, rather than services.agetty, because getty is implemantation-neutral and also the name of the unit that is generated. --- nixos/tests/login.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/tests') diff --git a/nixos/tests/login.nix b/nixos/tests/login.nix index d36c1a91be43..ce11e1f942ab 100644 --- a/nixos/tests/login.nix +++ b/nixos/tests/login.nix @@ -50,7 +50,7 @@ import ./make-test-python.nix ({ pkgs, latestKernel ? false, ... }: with subtest("Virtual console logout"): machine.send_chars("exit\n") machine.wait_until_fails("pgrep -u alice bash") - machine.screenshot("mingetty") + machine.screenshot("getty") with subtest("Check whether ctrl-alt-delete works"): machine.send_key("ctrl-alt-delete") -- cgit v1.2.3