;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2023 Bruno Victal ;;; Copyright © 2023 Felix Lechner ;;; ;;; This file is part of GNU Guix. ;;; ;;; GNU Guix is free software; you can redistribute it and/or modify it ;;; under the terms of the GNU General Public License as published by ;;; the Free Software Foundation; either version 3 of the License, or (at ;;; your option) any later version. ;;; ;;; GNU Guix is distributed in the hope that it will be useful, but ;;; WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;;; GNU General Public License for more details. ;;; ;;; You should have received a copy of the GNU General Public License ;;; along with GNU Guix. If not, see . (define-module (gnu tests pam) #:use-module (gnu tests) #:use-module (gnu services) #:use-module (gnu services base) #:use-module (gnu system) #:use-module (gnu system pam) #:use-module (gnu system vm) #:use-module (guix gexp) #:use-module (ice-9 format) #:export (%test-pam-limits)) ;;; ;;; pam-limits-service-type ;;; (define pam-limit-entries (list ;; make sure the limits apply to root (uid 0) (pam-limits-entry ":0" 'both 'rtprio 99) ;default is 0 (pam-limits-entry ":0" 'both 'memlock 'unlimited))) ;default is 8192 kbytes (define (run-test-pam-limits config) "Run tests in a os with pam-limits-service-type configured." (define os (marionette-operating-system (simple-operating-system (service pam-limits-service-type config)) #:imported-modules '((gnu services herd)))) (define vm (virtual-machine os)) (define name "pam-limits-service") (define test (with-imported-modules '((gnu build marionette) (guix build syscalls)) #~(begin (use-modules (gnu build marionette) (guix build syscalls) (srfi srfi-64)) (let ((marionette (make-marionette (list #$vm)))) (test-runner-current (system-test-runner #$output)) (test-begin #$name) (test-equal "log in on tty1 and read limits" '(("99") ;real-time priority ("unlimited")) ;max locked memory (begin ;; Wait for tty1. (marionette-eval '(begin (use-modules (gnu services herd)) (start-service 'term-tty1)) marionette) (marionette-control "sendkey ctrl-alt-f1" marionette) ;; Now we can type. (marionette-type "root\n" marionette) (marionette-type "ulimit -r > real-time-priority\n" marionette) (marionette-type "ulimit -l > max-locked-memory\n" marionette) ;; Read the two files. (marionette-eval '(use-modules (rnrs io ports)) marionette) (let ((guest-file (lambda (file) (string-tokenize (wait-for-file file marionette #:read 'get-string-all))))) (list (guest-file "/root/real-time-priority") (guest-file "/root/max-locked-memory"))))) (test-end))))) (gexp->derivation (string-append name "-test") test)) (define %test-pam-limits (system-test (name "pam-limits-service") (description "Test that pam-limits-service actually sets the limits as configured.") (value (run-test-pam-limits pam-limit-entries)))) span>Ludovic Courtès 2021-09-25tests: Adjust to SRFI-64 as found in Guile 3.0.7....In Guile 3.0.7, 'test-runner-current' is set to #f upon 'test-end'. Consequently, the previous strategy, where we'd call 'test-runner-current' after 'test-end', no longer works. Instead, set the test runner in each test right before 'test-begin'. * gnu/build/marionette.scm (system-test-runner): New procedure. * gnu/tests/audio.scm (run-mpd-test): Replace (exit (= ...)) idiom by (test-runner-current (system-test-runner)). * gnu/tests/base.scm (run-basic-test) (run-cleanup-test, run-mcron-test, run-nss-mdns-test): Likewise. * gnu/tests/ci.scm (run-laminar-test): Likewise. * gnu/tests/cups.scm (run-cups-test): Likewise. * gnu/tests/databases.scm (run-memcached-test) (run-postgresql-test, run-mysql-test): Likewise. * gnu/tests/desktop.scm (run-elogind-test): Likewise. * gnu/tests/dict.scm (run-dicod-test): Likewise. * gnu/tests/docker.scm (run-docker-test): Likewise. (run-docker-system-test): Likewise. * gnu/tests/file-sharing.scm (run-transmission-daemon-test): Likewise. * gnu/tests/ganeti.scm (run-ganeti-test): Likewise. * gnu/tests/guix.scm (run-guix-build-coordinator-test): Likewise. (run-guix-data-service-test): Likewise. * gnu/tests/ldap.scm (run-ldap-test): Likewise. * gnu/tests/linux-modules.scm (run-loadable-kernel-modules-test-base): Likewise. * gnu/tests/mail.scm (run-opensmtpd-test) (run-exim-test, run-dovecot-test, run-getmail-test): Likewise. * gnu/tests/messaging.scm (run-xmpp-test) (run-bitlbee-test, run-quassel-test): Likewise. * gnu/tests/monitoring.scm (run-prometheus-node-exporter-server-test) (run-zabbix-server-test): Likewise. * gnu/tests/networking.scm (run-inetd-test, run-openvswitch-test) (run-dhcpd-test, run-tor-test, run-iptables-test, run-ipfs-test): Likewise. * gnu/tests/nfs.scm (run-nfs-test) (run-nfs-server-test, run-nfs-root-fs-test): Likewise. * gnu/tests/package-management.scm (run-nix-test): Likewise. * gnu/tests/reconfigure.scm (run-switch-to-system-test) (run-upgrade-services-test, run-install-bootloader-test): Likewise. * gnu/tests/rsync.scm (run-rsync-test): Likewise. * gnu/tests/security-token.scm (run-pcscd-test): Likewise. * gnu/tests/singularity.scm (run-singularity-test): Likewise. * gnu/tests/ssh.scm (run-ssh-test): Likewise. * gnu/tests/telephony.scm (run-jami-test): Likewise. * gnu/tests/version-control.scm (run-cgit-test): Likewise. (run-git-http-test, run-gitolite-test, run-gitile-test): Likewise. * gnu/tests/virtualization.scm (run-libvirt-test, run-childhurd-test): Likewise. * gnu/tests/web.scm (run-webserver-test, run-php-fpm-test) (run-hpcguix-web-server-test, run-tailon-test, run-patchwork-test): Likewise. Ludovic Courtès