Merge pull request #4156 from aszlig/vm-test-python
Convert VM tests to Python
This commit is contained in:
commit
05e6fe69f9
4 changed files with 182 additions and 155 deletions
|
@ -1,6 +1,6 @@
|
||||||
{ nixpkgs, system, overlay }:
|
{ nixpkgs, system, overlay }:
|
||||||
|
|
||||||
with import (nixpkgs + "/nixos/lib/testing.nix") {
|
with import (nixpkgs + "/nixos/lib/testing-python.nix") {
|
||||||
inherit system;
|
inherit system;
|
||||||
extraConfigurations = [ { nixpkgs.overlays = [ overlay ]; } ];
|
extraConfigurations = [ { nixpkgs.overlays = [ overlay ]; } ];
|
||||||
};
|
};
|
||||||
|
@ -64,6 +64,7 @@ in
|
||||||
makeTest (
|
makeTest (
|
||||||
|
|
||||||
{
|
{
|
||||||
|
name = "github-flakes";
|
||||||
|
|
||||||
nodes =
|
nodes =
|
||||||
{ # Impersonate github.com and api.github.com.
|
{ # Impersonate github.com and api.github.com.
|
||||||
|
@ -113,36 +114,37 @@ makeTest (
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
testScript = { nodes }:
|
testScript = { nodes }: ''
|
||||||
''
|
# fmt: off
|
||||||
use POSIX qw(strftime);
|
import json
|
||||||
|
import time
|
||||||
|
|
||||||
startAll;
|
start_all()
|
||||||
|
|
||||||
$github->waitForUnit("httpd.service");
|
github.wait_for_unit("httpd.service")
|
||||||
|
|
||||||
$client->succeed("curl -v https://github.com/ >&2");
|
client.succeed("curl -v https://github.com/ >&2")
|
||||||
|
client.succeed("nix registry list | grep nixpkgs")
|
||||||
|
|
||||||
$client->succeed("nix registry list | grep nixpkgs");
|
rev = client.succeed("nix flake info nixpkgs --json | jq -r .revision")
|
||||||
|
assert rev.strip() == "${nixpkgs.rev}", "revision mismatch"
|
||||||
|
|
||||||
$client->succeed("nix flake info nixpkgs --json | jq -r .revision") eq "${nixpkgs.rev}\n"
|
client.succeed("nix registry pin nixpkgs")
|
||||||
or die "revision mismatch";
|
|
||||||
|
|
||||||
$client->succeed("nix registry pin nixpkgs");
|
client.succeed("nix flake info nixpkgs --tarball-ttl 0 >&2")
|
||||||
|
|
||||||
$client->succeed("nix flake info nixpkgs --tarball-ttl 0 >&2");
|
# Shut down the web server. The flake should be cached on the client.
|
||||||
|
github.succeed("systemctl stop httpd.service")
|
||||||
|
|
||||||
# Shut down the web server. The flake should be cached on the client.
|
info = json.loads(client.succeed("nix flake info nixpkgs --json"))
|
||||||
$github->succeed("systemctl stop httpd.service");
|
date = time.strftime("%Y%m%d%H%M%S", time.gmtime(info['lastModified']))
|
||||||
|
assert date == "${nixpkgs.lastModifiedDate}", "time mismatch"
|
||||||
|
|
||||||
my $date = $client->succeed("nix flake info nixpkgs --json | jq -M .lastModified");
|
client.succeed("nix build nixpkgs#hello")
|
||||||
strftime("%Y%m%d%H%M%S", gmtime($date)) eq "${nixpkgs.lastModifiedDate}" or die "time mismatch";
|
|
||||||
|
|
||||||
$client->succeed("nix build nixpkgs#hello");
|
# The build shouldn't fail even with --tarball-ttl 0 (the server
|
||||||
|
# being down should not be a fatal error).
|
||||||
# The build shouldn't fail even with --tarball-ttl 0 (the server
|
client.succeed("nix build nixpkgs#fuse --tarball-ttl 0")
|
||||||
# being down should not be a fatal error).
|
'';
|
||||||
$client->succeed("nix build nixpkgs#fuse --tarball-ttl 0");
|
|
||||||
'';
|
|
||||||
|
|
||||||
})
|
})
|
||||||
|
|
|
@ -2,12 +2,13 @@
|
||||||
|
|
||||||
{ nixpkgs, system, overlay }:
|
{ nixpkgs, system, overlay }:
|
||||||
|
|
||||||
with import (nixpkgs + "/nixos/lib/testing.nix") {
|
with import (nixpkgs + "/nixos/lib/testing-python.nix") {
|
||||||
inherit system;
|
inherit system;
|
||||||
extraConfigurations = [ { nixpkgs.overlays = [ overlay ]; } ];
|
extraConfigurations = [ { nixpkgs.overlays = [ overlay ]; } ];
|
||||||
};
|
};
|
||||||
|
|
||||||
makeTest (let pkgA = pkgs.cowsay; pkgB = pkgs.wget; pkgC = pkgs.hello; in {
|
makeTest (let pkgA = pkgs.cowsay; pkgB = pkgs.wget; pkgC = pkgs.hello; in {
|
||||||
|
name = "nix-copy-closure";
|
||||||
|
|
||||||
nodes =
|
nodes =
|
||||||
{ client =
|
{ client =
|
||||||
|
@ -25,41 +26,46 @@ makeTest (let pkgA = pkgs.cowsay; pkgB = pkgs.wget; pkgC = pkgs.hello; in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
testScript = { nodes }:
|
testScript = { nodes }: ''
|
||||||
''
|
# fmt: off
|
||||||
startAll;
|
import subprocess
|
||||||
|
|
||||||
# Create an SSH key on the client.
|
start_all()
|
||||||
my $key = `${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f key -N ""`;
|
|
||||||
$client->succeed("mkdir -m 700 /root/.ssh");
|
|
||||||
$client->copyFileFromHost("key", "/root/.ssh/id_ed25519");
|
|
||||||
$client->succeed("chmod 600 /root/.ssh/id_ed25519");
|
|
||||||
|
|
||||||
# Install the SSH key on the server.
|
# Create an SSH key on the client.
|
||||||
$server->succeed("mkdir -m 700 /root/.ssh");
|
subprocess.run([
|
||||||
$server->copyFileFromHost("key.pub", "/root/.ssh/authorized_keys");
|
"${pkgs.openssh}/bin/ssh-keygen", "-t", "ed25519", "-f", "key", "-N", ""
|
||||||
$server->waitForUnit("sshd");
|
], capture_output=True, check=True)
|
||||||
$client->waitForUnit("network.target");
|
|
||||||
$client->succeed("ssh -o StrictHostKeyChecking=no " . $server->name() . " 'echo hello world'");
|
|
||||||
|
|
||||||
# Copy the closure of package A from the client to the server.
|
client.succeed("mkdir -m 700 /root/.ssh")
|
||||||
$server->fail("nix-store --check-validity ${pkgA}");
|
client.copy_from_host("key", "/root/.ssh/id_ed25519")
|
||||||
$client->succeed("nix-copy-closure --to server --gzip ${pkgA} >&2");
|
client.succeed("chmod 600 /root/.ssh/id_ed25519")
|
||||||
$server->succeed("nix-store --check-validity ${pkgA}");
|
|
||||||
|
|
||||||
# Copy the closure of package B from the server to the client.
|
# Install the SSH key on the server.
|
||||||
$client->fail("nix-store --check-validity ${pkgB}");
|
server.succeed("mkdir -m 700 /root/.ssh")
|
||||||
$client->succeed("nix-copy-closure --from server --gzip ${pkgB} >&2");
|
server.copy_from_host("key.pub", "/root/.ssh/authorized_keys")
|
||||||
$client->succeed("nix-store --check-validity ${pkgB}");
|
server.wait_for_unit("sshd")
|
||||||
|
client.wait_for_unit("network.target")
|
||||||
|
client.succeed(f"ssh -o StrictHostKeyChecking=no {server.name} 'echo hello world'")
|
||||||
|
|
||||||
# Copy the closure of package C via the SSH substituter.
|
# Copy the closure of package A from the client to the server.
|
||||||
$client->fail("nix-store -r ${pkgC}");
|
server.fail("nix-store --check-validity ${pkgA}")
|
||||||
# FIXME
|
client.succeed("nix-copy-closure --to server --gzip ${pkgA} >&2")
|
||||||
#$client->succeed(
|
server.succeed("nix-store --check-validity ${pkgA}")
|
||||||
# "nix-store --option use-ssh-substituter true"
|
|
||||||
# . " --option ssh-substituter-hosts root\@server"
|
|
||||||
# . " -r ${pkgC} >&2");
|
|
||||||
#$client->succeed("nix-store --check-validity ${pkgC}");
|
|
||||||
'';
|
|
||||||
|
|
||||||
|
# Copy the closure of package B from the server to the client.
|
||||||
|
client.fail("nix-store --check-validity ${pkgB}")
|
||||||
|
client.succeed("nix-copy-closure --from server --gzip ${pkgB} >&2")
|
||||||
|
client.succeed("nix-store --check-validity ${pkgB}")
|
||||||
|
|
||||||
|
# Copy the closure of package C via the SSH substituter.
|
||||||
|
client.fail("nix-store -r ${pkgC}")
|
||||||
|
# FIXME
|
||||||
|
# client.succeed(
|
||||||
|
# "nix-store --option use-ssh-substituter true"
|
||||||
|
# " --option ssh-substituter-hosts root\@server"
|
||||||
|
# " -r ${pkgC} >&2"
|
||||||
|
# )
|
||||||
|
# client.succeed("nix-store --check-validity ${pkgC}")
|
||||||
|
'';
|
||||||
})
|
})
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
{ nixpkgs, system, overlay }:
|
{ nixpkgs, system, overlay }:
|
||||||
|
|
||||||
with import (nixpkgs + "/nixos/lib/testing.nix") {
|
with import (nixpkgs + "/nixos/lib/testing-python.nix") {
|
||||||
inherit system;
|
inherit system;
|
||||||
extraConfigurations = [ { nixpkgs.overlays = [ overlay ]; } ];
|
extraConfigurations = [ { nixpkgs.overlays = [ overlay ]; } ];
|
||||||
};
|
};
|
||||||
|
@ -36,6 +36,7 @@ let
|
||||||
in
|
in
|
||||||
|
|
||||||
{
|
{
|
||||||
|
name = "remote-builds";
|
||||||
|
|
||||||
nodes =
|
nodes =
|
||||||
{ builder1 = builder;
|
{ builder1 = builder;
|
||||||
|
@ -66,44 +67,46 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
testScript = { nodes }:
|
testScript = { nodes }: ''
|
||||||
''
|
# fmt: off
|
||||||
startAll;
|
import subprocess
|
||||||
|
|
||||||
# Create an SSH key on the client.
|
start_all()
|
||||||
my $key = `${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f key -N ""`;
|
|
||||||
$client->succeed("mkdir -p -m 700 /root/.ssh");
|
|
||||||
$client->copyFileFromHost("key", "/root/.ssh/id_ed25519");
|
|
||||||
$client->succeed("chmod 600 /root/.ssh/id_ed25519");
|
|
||||||
|
|
||||||
# Install the SSH key on the builders.
|
# Create an SSH key on the client.
|
||||||
$client->waitForUnit("network.target");
|
subprocess.run([
|
||||||
foreach my $builder ($builder1, $builder2) {
|
"${pkgs.openssh}/bin/ssh-keygen", "-t", "ed25519", "-f", "key", "-N", ""
|
||||||
$builder->succeed("mkdir -p -m 700 /root/.ssh");
|
], capture_output=True, check=True)
|
||||||
$builder->copyFileFromHost("key.pub", "/root/.ssh/authorized_keys");
|
client.succeed("mkdir -p -m 700 /root/.ssh")
|
||||||
$builder->waitForUnit("sshd");
|
client.copy_from_host("key", "/root/.ssh/id_ed25519")
|
||||||
$client->succeed("ssh -o StrictHostKeyChecking=no " . $builder->name() . " 'echo hello world'");
|
client.succeed("chmod 600 /root/.ssh/id_ed25519")
|
||||||
}
|
|
||||||
|
|
||||||
# Perform a build and check that it was performed on the builder.
|
# Install the SSH key on the builders.
|
||||||
my $out = $client->succeed(
|
client.wait_for_unit("network.target")
|
||||||
"nix-build ${expr nodes.client.config 1} 2> build-output",
|
for builder in [builder1, builder2]:
|
||||||
"grep -q Hello build-output"
|
builder.succeed("mkdir -p -m 700 /root/.ssh")
|
||||||
);
|
builder.copy_from_host("key.pub", "/root/.ssh/authorized_keys")
|
||||||
$builder1->succeed("test -e $out");
|
builder.wait_for_unit("sshd")
|
||||||
|
client.succeed(f"ssh -o StrictHostKeyChecking=no {builder.name} 'echo hello world'")
|
||||||
|
|
||||||
# And a parallel build.
|
# Perform a build and check that it was performed on the builder.
|
||||||
my ($out1, $out2) = split /\s/,
|
out = client.succeed(
|
||||||
$client->succeed('nix-store -r $(nix-instantiate ${expr nodes.client.config 2})\!out $(nix-instantiate ${expr nodes.client.config 3})\!out');
|
"nix-build ${expr nodes.client.config 1} 2> build-output",
|
||||||
$builder1->succeed("test -e $out1 -o -e $out2");
|
"grep -q Hello build-output"
|
||||||
$builder2->succeed("test -e $out1 -o -e $out2");
|
)
|
||||||
|
builder1.succeed(f"test -e {out}")
|
||||||
|
|
||||||
# And a failing build.
|
# And a parallel build.
|
||||||
$client->fail("nix-build ${expr nodes.client.config 5}");
|
paths = client.succeed(r'nix-store -r $(nix-instantiate ${expr nodes.client.config 2})\!out $(nix-instantiate ${expr nodes.client.config 3})\!out')
|
||||||
|
out1, out2 = paths.split()
|
||||||
|
builder1.succeed(f"test -e {out1} -o -e {out2}")
|
||||||
|
builder2.succeed(f"test -e {out1} -o -e {out2}")
|
||||||
|
|
||||||
# Test whether the build hook automatically skips unavailable builders.
|
# And a failing build.
|
||||||
$builder1->block;
|
client.fail("nix-build ${expr nodes.client.config 5}")
|
||||||
$client->succeed("nix-build ${expr nodes.client.config 4}");
|
|
||||||
'';
|
|
||||||
|
|
||||||
|
# Test whether the build hook automatically skips unavailable builders.
|
||||||
|
builder1.block()
|
||||||
|
client.succeed("nix-build ${expr nodes.client.config 4}")
|
||||||
|
'';
|
||||||
})
|
})
|
||||||
|
|
150
tests/setuid.nix
150
tests/setuid.nix
|
@ -2,12 +2,13 @@
|
||||||
|
|
||||||
{ nixpkgs, system, overlay }:
|
{ nixpkgs, system, overlay }:
|
||||||
|
|
||||||
with import (nixpkgs + "/nixos/lib/testing.nix") {
|
with import (nixpkgs + "/nixos/lib/testing-python.nix") {
|
||||||
inherit system;
|
inherit system;
|
||||||
extraConfigurations = [ { nixpkgs.overlays = [ overlay ]; } ];
|
extraConfigurations = [ { nixpkgs.overlays = [ overlay ]; } ];
|
||||||
};
|
};
|
||||||
|
|
||||||
makeTest {
|
makeTest {
|
||||||
|
name = "setuid";
|
||||||
|
|
||||||
machine =
|
machine =
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
@ -17,94 +18,109 @@ makeTest {
|
||||||
virtualisation.pathsInNixDB = [ pkgs.stdenv pkgs.pkgsi686Linux.stdenv ];
|
virtualisation.pathsInNixDB = [ pkgs.stdenv pkgs.pkgsi686Linux.stdenv ];
|
||||||
};
|
};
|
||||||
|
|
||||||
testScript = { nodes }:
|
testScript = { nodes }: ''
|
||||||
''
|
# fmt: off
|
||||||
startAll;
|
start_all()
|
||||||
|
|
||||||
# Copying to /tmp should succeed.
|
# Copying to /tmp should succeed.
|
||||||
$machine->succeed('nix-build --no-sandbox -E \'(with import <nixpkgs> {}; runCommand "foo" {} "
|
machine.succeed(r"""
|
||||||
mkdir -p $out
|
nix-build --no-sandbox -E '(with import <nixpkgs> {}; runCommand "foo" {} "
|
||||||
cp ${pkgs.coreutils}/bin/id /tmp/id
|
mkdir -p $out
|
||||||
")\' ');
|
cp ${pkgs.coreutils}/bin/id /tmp/id
|
||||||
|
")'
|
||||||
|
""".strip())
|
||||||
|
|
||||||
$machine->succeed('[[ $(stat -c %a /tmp/id) = 555 ]]');
|
machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]')
|
||||||
|
|
||||||
$machine->succeed("rm /tmp/id");
|
machine.succeed("rm /tmp/id")
|
||||||
|
|
||||||
# Creating a setuid binary should fail.
|
# Creating a setuid binary should fail.
|
||||||
$machine->fail('nix-build --no-sandbox -E \'(with import <nixpkgs> {}; runCommand "foo" {} "
|
machine.fail(r"""
|
||||||
mkdir -p $out
|
nix-build --no-sandbox -E '(with import <nixpkgs> {}; runCommand "foo" {} "
|
||||||
cp ${pkgs.coreutils}/bin/id /tmp/id
|
mkdir -p $out
|
||||||
chmod 4755 /tmp/id
|
cp ${pkgs.coreutils}/bin/id /tmp/id
|
||||||
")\' ');
|
chmod 4755 /tmp/id
|
||||||
|
")'
|
||||||
|
""".strip())
|
||||||
|
|
||||||
$machine->succeed('[[ $(stat -c %a /tmp/id) = 555 ]]');
|
machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]')
|
||||||
|
|
||||||
$machine->succeed("rm /tmp/id");
|
machine.succeed("rm /tmp/id")
|
||||||
|
|
||||||
# Creating a setgid binary should fail.
|
# Creating a setgid binary should fail.
|
||||||
$machine->fail('nix-build --no-sandbox -E \'(with import <nixpkgs> {}; runCommand "foo" {} "
|
machine.fail(r"""
|
||||||
mkdir -p $out
|
nix-build --no-sandbox -E '(with import <nixpkgs> {}; runCommand "foo" {} "
|
||||||
cp ${pkgs.coreutils}/bin/id /tmp/id
|
mkdir -p $out
|
||||||
chmod 2755 /tmp/id
|
cp ${pkgs.coreutils}/bin/id /tmp/id
|
||||||
")\' ');
|
chmod 2755 /tmp/id
|
||||||
|
")'
|
||||||
|
""".strip())
|
||||||
|
|
||||||
$machine->succeed('[[ $(stat -c %a /tmp/id) = 555 ]]');
|
machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]')
|
||||||
|
|
||||||
$machine->succeed("rm /tmp/id");
|
machine.succeed("rm /tmp/id")
|
||||||
|
|
||||||
# The checks should also work on 32-bit binaries.
|
# The checks should also work on 32-bit binaries.
|
||||||
$machine->fail('nix-build --no-sandbox -E \'(with import <nixpkgs> { system = "i686-linux"; }; runCommand "foo" {} "
|
machine.fail(r"""
|
||||||
mkdir -p $out
|
nix-build --no-sandbox -E '(with import <nixpkgs> { system = "i686-linux"; }; runCommand "foo" {} "
|
||||||
cp ${pkgs.coreutils}/bin/id /tmp/id
|
mkdir -p $out
|
||||||
chmod 2755 /tmp/id
|
cp ${pkgs.coreutils}/bin/id /tmp/id
|
||||||
")\' ');
|
chmod 2755 /tmp/id
|
||||||
|
")'
|
||||||
|
""".strip())
|
||||||
|
|
||||||
$machine->succeed('[[ $(stat -c %a /tmp/id) = 555 ]]');
|
machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]')
|
||||||
|
|
||||||
$machine->succeed("rm /tmp/id");
|
machine.succeed("rm /tmp/id")
|
||||||
|
|
||||||
# The tests above use fchmodat(). Test chmod() as well.
|
# The tests above use fchmodat(). Test chmod() as well.
|
||||||
$machine->succeed('nix-build --no-sandbox -E \'(with import <nixpkgs> {}; runCommand "foo" { buildInputs = [ perl ]; } "
|
machine.succeed(r"""
|
||||||
mkdir -p $out
|
nix-build --no-sandbox -E '(with import <nixpkgs> {}; runCommand "foo" { buildInputs = [ perl ]; } "
|
||||||
cp ${pkgs.coreutils}/bin/id /tmp/id
|
mkdir -p $out
|
||||||
perl -e \"chmod 0666, qw(/tmp/id) or die\"
|
cp ${pkgs.coreutils}/bin/id /tmp/id
|
||||||
")\' ');
|
perl -e \"chmod 0666, qw(/tmp/id) or die\"
|
||||||
|
")'
|
||||||
|
""".strip())
|
||||||
|
|
||||||
$machine->succeed('[[ $(stat -c %a /tmp/id) = 666 ]]');
|
machine.succeed('[[ $(stat -c %a /tmp/id) = 666 ]]')
|
||||||
|
|
||||||
$machine->succeed("rm /tmp/id");
|
machine.succeed("rm /tmp/id")
|
||||||
|
|
||||||
$machine->fail('nix-build --no-sandbox -E \'(with import <nixpkgs> {}; runCommand "foo" { buildInputs = [ perl ]; } "
|
machine.fail(r"""
|
||||||
mkdir -p $out
|
nix-build --no-sandbox -E '(with import <nixpkgs> {}; runCommand "foo" { buildInputs = [ perl ]; } "
|
||||||
cp ${pkgs.coreutils}/bin/id /tmp/id
|
mkdir -p $out
|
||||||
perl -e \"chmod 04755, qw(/tmp/id) or die\"
|
cp ${pkgs.coreutils}/bin/id /tmp/id
|
||||||
")\' ');
|
perl -e \"chmod 04755, qw(/tmp/id) or die\"
|
||||||
|
")'
|
||||||
|
""".strip())
|
||||||
|
|
||||||
$machine->succeed('[[ $(stat -c %a /tmp/id) = 555 ]]');
|
machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]')
|
||||||
|
|
||||||
$machine->succeed("rm /tmp/id");
|
machine.succeed("rm /tmp/id")
|
||||||
|
|
||||||
# And test fchmod().
|
# And test fchmod().
|
||||||
$machine->succeed('nix-build --no-sandbox -E \'(with import <nixpkgs> {}; runCommand "foo" { buildInputs = [ perl ]; } "
|
machine.succeed(r"""
|
||||||
mkdir -p $out
|
nix-build --no-sandbox -E '(with import <nixpkgs> {}; runCommand "foo" { buildInputs = [ perl ]; } "
|
||||||
cp ${pkgs.coreutils}/bin/id /tmp/id
|
mkdir -p $out
|
||||||
perl -e \"my \\\$x; open \\\$x, qw(/tmp/id); chmod 01750, \\\$x or die\"
|
cp ${pkgs.coreutils}/bin/id /tmp/id
|
||||||
")\' ');
|
perl -e \"my \\\$x; open \\\$x, qw(/tmp/id); chmod 01750, \\\$x or die\"
|
||||||
|
")'
|
||||||
|
""".strip())
|
||||||
|
|
||||||
$machine->succeed('[[ $(stat -c %a /tmp/id) = 1750 ]]');
|
machine.succeed('[[ $(stat -c %a /tmp/id) = 1750 ]]')
|
||||||
|
|
||||||
$machine->succeed("rm /tmp/id");
|
machine.succeed("rm /tmp/id")
|
||||||
|
|
||||||
$machine->fail('nix-build --no-sandbox -E \'(with import <nixpkgs> {}; runCommand "foo" { buildInputs = [ perl ]; } "
|
machine.fail(r"""
|
||||||
mkdir -p $out
|
nix-build --no-sandbox -E '(with import <nixpkgs> {}; runCommand "foo" { buildInputs = [ perl ]; } "
|
||||||
cp ${pkgs.coreutils}/bin/id /tmp/id
|
mkdir -p $out
|
||||||
perl -e \"my \\\$x; open \\\$x, qw(/tmp/id); chmod 04777, \\\$x or die\"
|
cp ${pkgs.coreutils}/bin/id /tmp/id
|
||||||
")\' ');
|
perl -e \"my \\\$x; open \\\$x, qw(/tmp/id); chmod 04777, \\\$x or die\"
|
||||||
|
")'
|
||||||
|
""".strip())
|
||||||
|
|
||||||
$machine->succeed('[[ $(stat -c %a /tmp/id) = 555 ]]');
|
machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]')
|
||||||
|
|
||||||
$machine->succeed("rm /tmp/id");
|
|
||||||
'';
|
|
||||||
|
|
||||||
|
machine.succeed("rm /tmp/id")
|
||||||
|
'';
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue