Merge pull request #183361 from olafklingt/jane2alice
use consistently user alice for examples
This commit is contained in:
commit
c5abcd4270
14 changed files with 26 additions and 26 deletions
|
@ -169,7 +169,7 @@ configuration, GPU devices have world-read/write permissions
|
|||
(`/dev/dri/renderD*`) or are tagged as `uaccess` (`/dev/dri/card*`). The
|
||||
access control lists of devices with the `uaccess` tag will be updated
|
||||
automatically when a user logs in through `systemd-logind`. For example,
|
||||
if the user *jane* is logged in, the access control list should look as
|
||||
if the user *alice* is logged in, the access control list should look as
|
||||
follows:
|
||||
|
||||
```ShellSession
|
||||
|
@ -178,7 +178,7 @@ $ getfacl /dev/dri/card0
|
|||
# owner: root
|
||||
# group: video
|
||||
user::rw-
|
||||
user:jane:rw-
|
||||
user:alice:rw-
|
||||
group::rw-
|
||||
mask::rw-
|
||||
other::---
|
||||
|
|
|
@ -194,7 +194,7 @@ environment.variables.VK_ICD_FILENAMES =
|
|||
devices with the <literal>uaccess</literal> tag will be updated
|
||||
automatically when a user logs in through
|
||||
<literal>systemd-logind</literal>. For example, if the user
|
||||
<emphasis>jane</emphasis> is logged in, the access control list
|
||||
<emphasis>alice</emphasis> is logged in, the access control list
|
||||
should look as follows:
|
||||
</para>
|
||||
<programlisting>
|
||||
|
@ -203,7 +203,7 @@ $ getfacl /dev/dri/card0
|
|||
# owner: root
|
||||
# group: video
|
||||
user::rw-
|
||||
user:jane:rw-
|
||||
user:alice:rw-
|
||||
group::rw-
|
||||
mask::rw-
|
||||
other::---
|
||||
|
|
|
@ -55,7 +55,7 @@ with lib;
|
|||
# services.xserver.libinput.enable = true;
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
# users.users.jane = {
|
||||
# users.users.alice = {
|
||||
# isNormalUser = true;
|
||||
# extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
|
||||
# };
|
||||
|
|
|
@ -175,7 +175,7 @@ in
|
|||
# services.xserver.libinput.enable = true;
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
# users.users.jane = {
|
||||
# users.users.alice = {
|
||||
# isNormalUser = true;
|
||||
# extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
|
||||
# packages = with pkgs; [
|
||||
|
|
|
@ -76,7 +76,7 @@ in {
|
|||
{
|
||||
dm_file = '''
|
||||
admin:secret_password:localhost
|
||||
jane:xyzzy:*
|
||||
alice:xyzzy:*
|
||||
''';
|
||||
ban_file = '''
|
||||
# Bob is a jerk
|
||||
|
|
|
@ -73,7 +73,7 @@ in {
|
|||
{
|
||||
dm_file = '''
|
||||
admin:secret_password:localhost
|
||||
jane:xyzzy:*
|
||||
alice:xyzzy:*
|
||||
''';
|
||||
motd = "Welcome to Deliantra!";
|
||||
settings = '''
|
||||
|
|
|
@ -156,7 +156,7 @@ in
|
|||
owner = mkOption {
|
||||
type = types.str;
|
||||
default = "nobody";
|
||||
example = "Joe Admin";
|
||||
example = "Bob Foobawr";
|
||||
description = lib.mdDoc "Real name of the owner of the instance";
|
||||
};
|
||||
ownerEmail = mkOption {
|
||||
|
|
|
@ -346,7 +346,7 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
"docker load --input='${examples.layeredImageWithFakeRootCommands}'"
|
||||
)
|
||||
docker.succeed(
|
||||
"docker run --rm ${examples.layeredImageWithFakeRootCommands.imageName} sh -c 'stat -c '%u' /home/jane | grep -E ^1000$'"
|
||||
"docker run --rm ${examples.layeredImageWithFakeRootCommands.imageName} sh -c 'stat -c '%u' /home/alice | grep -E ^1000$'"
|
||||
)
|
||||
|
||||
with subtest("Ensure docker load on merged images loads all of the constituent images"):
|
||||
|
@ -389,7 +389,7 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
"docker load --input='${examples.mergedBashFakeRoot}'"
|
||||
)
|
||||
docker.succeed(
|
||||
"docker run --rm ${examples.layeredImageWithFakeRootCommands.imageName} sh -c 'stat -c '%u' /home/jane | grep -E ^1000$'"
|
||||
"docker run --rm ${examples.layeredImageWithFakeRootCommands.imageName} sh -c 'stat -c '%u' /home/alice | grep -E ^1000$'"
|
||||
)
|
||||
|
||||
with subtest("The image contains store paths referenced by the fakeRootCommands output"):
|
||||
|
|
|
@ -47,9 +47,9 @@ import ./make-test-python.nix ({ pkgs, lib, ...} : {
|
|||
" --data 'dbhash={}'"
|
||||
" --data 'title=NixOS'"
|
||||
" --data 'message=Docs'"
|
||||
" --data 'firstname=John'"
|
||||
" --data 'lastname=Doe'"
|
||||
" --data 'email=john.doe@nixos.org'"
|
||||
" --data 'firstname=Bob'"
|
||||
" --data 'lastname=Foobar'"
|
||||
" --data 'email=bob.foobar@nixos.org'"
|
||||
" --data 'password=verysafe'"
|
||||
" -f localhost:3000/api/setup"
|
||||
).format(dbhash)
|
||||
|
|
|
@ -13,14 +13,14 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
|
||||
virtualHosts.lockedroot = {
|
||||
inherit root;
|
||||
basicAuth.alice = "jane";
|
||||
basicAuth.alice = "pwofa";
|
||||
};
|
||||
|
||||
virtualHosts.lockedsubdir = {
|
||||
inherit root;
|
||||
locations."/sublocation/" = {
|
||||
alias = "${root}/";
|
||||
basicAuth.bob = "john";
|
||||
basicAuth.bob = "pwofb";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -33,7 +33,7 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
|
||||
webserver.fail("curl --fail --resolve lockedroot:80:127.0.0.1 http://lockedroot")
|
||||
webserver.succeed(
|
||||
"curl --fail --resolve lockedroot:80:127.0.0.1 http://alice:jane@lockedroot"
|
||||
"curl --fail --resolve lockedroot:80:127.0.0.1 http://alice:pwofa@lockedroot"
|
||||
)
|
||||
|
||||
webserver.succeed("curl --fail --resolve lockedsubdir:80:127.0.0.1 http://lockedsubdir")
|
||||
|
@ -41,7 +41,7 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
"curl --fail --resolve lockedsubdir:80:127.0.0.1 http://lockedsubdir/sublocation/index.html"
|
||||
)
|
||||
webserver.succeed(
|
||||
"curl --fail --resolve lockedsubdir:80:127.0.0.1 http://bob:john@lockedsubdir/sublocation/index.html"
|
||||
"curl --fail --resolve lockedsubdir:80:127.0.0.1 http://bob:pwofb@lockedsubdir/sublocation/index.html"
|
||||
)
|
||||
'';
|
||||
})
|
||||
|
|
|
@ -13,7 +13,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: {
|
|||
webHost = "localhost";
|
||||
};
|
||||
};
|
||||
listMasters = [ "joe@example.org" ];
|
||||
listMasters = [ "bob@example.org" ];
|
||||
web.enable = true;
|
||||
web.https = false;
|
||||
database = {
|
||||
|
|
|
@ -10,8 +10,8 @@ let
|
|||
Key-Length: 1024
|
||||
Subkey-Type: ELG-E
|
||||
Subkey-Length: 1024
|
||||
Name-Real: Joe Tester
|
||||
Name-Email: joe@foo.bar
|
||||
Name-Real: Bob Foobar
|
||||
Name-Email: bob@foo.bar
|
||||
Expire-Date: 0
|
||||
# Do a commit here, so that we can later print "done"
|
||||
%commit
|
||||
|
@ -19,7 +19,7 @@ let
|
|||
EOF
|
||||
gpg --batch --generate-key foo
|
||||
rm $out/S.gpg-agent $out/S.gpg-agent.*
|
||||
gpg --export joe@foo.bar -a > $out/pubkey.gpg
|
||||
gpg --export bob@foo.bar -a > $out/pubkey.gpg
|
||||
'');
|
||||
|
||||
nspawnImages = (pkgs.runCommand "localhost" { buildInputs = [ pkgs.coreutils pkgs.gnupg ]; } ''
|
||||
|
|
|
@ -6,7 +6,7 @@ let
|
|||
Please find this *really* important attachment.
|
||||
|
||||
Yours truly,
|
||||
John
|
||||
Bob
|
||||
'';
|
||||
in writeScriptBin "send-message" ''
|
||||
#!${(python3.withPackages (ps: [ ps.slixmpp ])).interpreter}
|
||||
|
|
|
@ -584,8 +584,8 @@ rec {
|
|||
pkgs.pkgsStatic.busybox
|
||||
];
|
||||
fakeRootCommands = ''
|
||||
mkdir -p ./home/jane
|
||||
chown 1000 ./home/jane
|
||||
mkdir -p ./home/alice
|
||||
chown 1000 ./home/alice
|
||||
ln -s ${pkgs.hello.overrideAttrs (o: {
|
||||
# A unique `hello` to make sure that it isn't included via another mechanism by accident.
|
||||
configureFlags = o.configureFlags or [] ++ [ " --program-prefix=layeredImageWithFakeRootCommands-" ];
|
||||
|
@ -607,7 +607,7 @@ rec {
|
|||
];
|
||||
|
||||
# tarball consisting of bash and layered image with different owner of the
|
||||
# /home/jane directory
|
||||
# /home/alice directory
|
||||
mergedBashFakeRoot = pkgs.dockerTools.mergeImages [
|
||||
bash
|
||||
layeredImageWithFakeRootCommands
|
||||
|
|
Loading…
Reference in a new issue