2017-11-12 20:18:10 +01:00
|
|
|
# Mutable users tests.
|
|
|
|
|
2019-12-15 19:53:17 +01:00
|
|
|
import ./make-test-python.nix ({ pkgs, ...} : {
|
2017-11-12 20:18:10 +01:00
|
|
|
name = "mutable-users";
|
|
|
|
meta = with pkgs.stdenv.lib.maintainers; {
|
|
|
|
maintainers = [ gleber ];
|
|
|
|
};
|
|
|
|
|
|
|
|
nodes = {
|
2018-07-20 22:56:59 +02:00
|
|
|
machine = { ... }: {
|
2017-11-12 20:18:10 +01:00
|
|
|
users.mutableUsers = false;
|
|
|
|
};
|
2018-07-20 22:56:59 +02:00
|
|
|
mutable = { ... }: {
|
2017-11-12 20:18:10 +01:00
|
|
|
users.mutableUsers = true;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
testScript = {nodes, ...}: let
|
|
|
|
immutableSystem = nodes.machine.config.system.build.toplevel;
|
|
|
|
mutableSystem = nodes.mutable.config.system.build.toplevel;
|
|
|
|
in ''
|
2019-12-15 19:53:17 +01:00
|
|
|
machine.start()
|
|
|
|
machine.wait_for_unit("default.target")
|
2017-11-12 20:18:10 +01:00
|
|
|
|
|
|
|
# Machine starts in immutable mode. Add a user and test if reactivating
|
|
|
|
# configuration removes the user.
|
2019-12-15 19:53:17 +01:00
|
|
|
with subtest("Machine in immutable mode"):
|
|
|
|
assert "foobar" not in machine.succeed("cat /etc/passwd")
|
|
|
|
machine.succeed("sudo useradd foobar")
|
|
|
|
assert "foobar" in machine.succeed("cat /etc/passwd")
|
|
|
|
machine.succeed(
|
|
|
|
"${immutableSystem}/bin/switch-to-configuration test"
|
|
|
|
)
|
|
|
|
assert "foobar" not in machine.succeed("cat /etc/passwd")
|
2017-11-12 20:18:10 +01:00
|
|
|
|
|
|
|
# In immutable mode passwd is not wrapped, while in mutable mode it is
|
|
|
|
# wrapped.
|
2019-12-15 19:53:17 +01:00
|
|
|
with subtest("Password is wrapped in mutable mode"):
|
|
|
|
assert "/run/current-system/" in machine.succeed("which passwd")
|
|
|
|
machine.succeed(
|
|
|
|
"${mutableSystem}/bin/switch-to-configuration test"
|
|
|
|
)
|
|
|
|
assert "/run/wrappers/" in machine.succeed("which passwd")
|
2017-11-12 20:18:10 +01:00
|
|
|
'';
|
|
|
|
})
|