50a34e55b2
This patch is heavily inspired by bd0d8ed807
which added
a setcap wrapper for `mtr` in order to allow running `mtr` without
`sudo`. The need for the capability `cap_net_raw` that can be registered using
`setcap` has been documented in the Arch Wiki: https://wiki.archlinux.org/index.php/Capabilities#iftop
A simple testcase has been added which starts two machines, one with a
setcap wrapper for `iftop`, one without. Both testcases monitor the
bandwidth usage of the machine using the options `-t -s 1` once, the
machine with setcap wrapper is expected to succeed, the `iftop` on the
machine without setcap wrapper is expected to return a non-zero exit
code.
30 lines
655 B
Nix
30 lines
655 B
Nix
import ./make-test.nix ({ pkgs, lib, ... }:
|
|
|
|
with lib;
|
|
|
|
{
|
|
name = "iftop";
|
|
meta.maintainers = with pkgs.stdenv.lib.maintainers; [ ma27 ];
|
|
|
|
nodes = {
|
|
withIftop = {
|
|
imports = [ ./common/user-account.nix ];
|
|
|
|
programs.iftop.enable = true;
|
|
};
|
|
withoutIftop = {
|
|
imports = [ ./common/user-account.nix ];
|
|
};
|
|
};
|
|
|
|
testScript = ''
|
|
subtest "machine with iftop enabled", sub {
|
|
$withIftop->start;
|
|
$withIftop->succeed("su -l alice -c 'iftop -t -s 1'");
|
|
};
|
|
subtest "machine without iftop", sub {
|
|
$withoutIftop->start;
|
|
$withoutIftop->mustFail("su -l alice -c 'iftop -t -s 1'");
|
|
};
|
|
'';
|
|
})
|