summaryrefslogtreecommitdiff
path: root/src/test/test-condition.c
Commit message (Collapse)AuthorAgeFilesLines
* id128: introduce ERRNO_IS_MACHINE_ID_UNSET() helper macroLennart Poettering2023-02-011-1/+1
|
* sd-id128: make id128_read() or friends return -ENOPKG when the file contents ↵Yu Watanabe2022-12-121-1/+1
| | | | | | | | | is "uninitialized" Then, this drops ID128_PLAIN_OR_UNINIT. Also, this renames Id128Format -> Id128FormatFlag, and make it bitfield. Fixes #25634.
* nulstr-util: Declare NULSTR_FOREACH() iterator inlineDaan De Meyer2022-11-111-1/+0
|
* test-condition: skip test if machine-id is missingLuca Boccassi2022-10-251-1/+5
| | | | When building in a chroot there might not be any machine-id
* test: extend ConditionFirmware testsDaniel Braunwarth2022-09-031-2/+69
|
* condition: change operator logic to use $= instead of =$ for glob comparisonsLennart Poettering2022-09-011-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | So this is a bit of a bikeshedding thing. But I think we should do this nonetheless, before this is released. Playing around with the glob matches I realized that "=$" is really hard to grep for, since in shell code it's an often seen construct. Also, when reading code I often found myself thinking first that the "$" belongs to the rvalue instead of the operator, in a variable expansion scheme. If we move the $ character to the left hand, I think we are on the safer side, since usually lvalues are much more restricted in character sets than rvalues (at least most programming languages do enforce limits on the character set for identifiers). It makes it much easier to grep for the new operator, and easier to read too. Example: before: ConditionOSRelease=ID=$fedora-* after: ConditionOSRelease=ID$=fedora-*
* condition: allow fnmatch compares for ConditionOSRelease=Lennart Poettering2022-09-011-2/+2
| | | | | We support this for smbios matches, hence do so for /etc/os-release matches too.
* test: don't mistake error for successLennart Poettering2022-09-011-9/+9
| | | | Follow-up for acd3c8662465c1f36c0c0fc974584694928d9234
* test: don't accept failure as succesLennart Poettering2022-08-261-7/+7
|
* pid1: extend "ConditionFirmware=" for checking SMBIOS system identification ↵Daniel Braunwarth2022-08-251-1/+145
| | | | information
* pid1: add mechanism for conditionalizing units/network/netdev/link based on ↵Lennart Poettering2022-07-151-0/+59
| | | | | | | credentials passed in This is useful when provisioning systems via nspawn/qemu and running specific services only if specific data is passed into the system.
* shared/condition: accept size suffixes for ConditionMemoryZbigniew Jędrzejewski-Szmek2022-06-101-0/+21
| | | | Fixes #23697.
* tree-wide: use 'Architecture' type consistently across the treeLennart Poettering2022-04-051-1/+1
| | | | | | | Some parts of our tree used 'Architecture' for storing architectures, others used ints. Let's unify on the former. Inspired by #22952's rework of the 'Virtualization' enum.
* util: move on_ac_power() from util.c -> udev-util.cYu Watanabe2022-01-061-0/+1
|
* core: add Condition[Memory/CPU/IO]PressureLuca Boccassi2021-12-011-0/+155
| | | | | | | | | | By default checks PSI on /proc/pressure, and causes a unit to be skipped if the threshold is above the given configuration for the avg300 measurement. Also allow to pass a custom timespan, and a particular slice unit to check under. Fixes #20139
* test: Use TEST macroJan Janssen2021-11-251-44/+19
| | | | | | | | | This converts to TEST macro where it is trivial. Some additional notable changes: - simplify HAVE_LIBIDN #ifdef in test-dns-domain.c - use saved_argc/saved_argv in test-copy.c, test-path-util.c, test-tmpfiles.c and test-unit-file.c
* shared: split out UID allocation range stuff from user-record.hLennart Poettering2021-11-131-1/+1
| | | | | | | | user-record.[ch] are about the UserRecord JSON stuff, and the UID allocation range stuff (i.e. login.defs handling) is a very different thing, and complex enough on its own, let's give it its own c/h files. No code changes, just some splitting out of code.
* test: use assert_se() instead of assert()Yu Watanabe2021-10-121-2/+2
|
* tree-wide: port everything over to new sd-id128 compund literal blissLennart Poettering2021-08-201-7/+3
|
* core: add ConditionOSRelease= directiveLuca Boccassi2021-06-241-0/+146
|
* virt: detect Amazon EC2 Nitro instanceBertrand Jacquin2021-04-301-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Amazon EC2 Nitro hypervisor is technically based on KVM[1], which systemd-detect-virt identify propely from CPUID. However the lack of CPUID on aarch64 (A1, T4 instance type) prevents a correct identification, impacting hostnamectl and systemd-random-seed. Instead it's possible to identify virtualization from DMI vendor ID. Prior to this commit: # hostnamectl Static hostname: n/a Transient hostname: ip-10-97-8-12 Icon name: computer Machine ID: 8e3772fbcfa3dd6f330a12ff5df5a63b Boot ID: b7b7e2fe0079448db664839df59f9817 Operating System: Gentoo/Linux Kernel: Linux 5.4.69-longterm Architecture: arm64 After this commit: # hostnamectl Static hostname: n/a Transient hostname: ip-10-97-8-12 Icon name: computer-vm Chassis: vm Machine ID: 8e3772fbcfa3dd6f330a12ff5df5a63b Boot ID: bd04da57084e41078f20541101867113 Virtualization: amazon Operating System: Gentoo/Linux Kernel: Linux 5.4.69-longterm Architecture: arm64 [1] https://aws.amazon.com/ec2/faqs/
* test: skip tests if cgroup isn't mountedDan Streetman2021-02-251-2/+8
| | | | | | Debian builds in a chroot without cgroup mounted, so tests expecting to access cgroup will fail with ENOMEDIUM, so skip the tests in that situation.
* shared/condition: add ConditionControlGroupController=v1|v2Zbigniew Jędrzejewski-Szmek2021-02-231-2/+19
| | | | | | | | | | Before, we only allowed conditionalizing on controllers, not the hierarchy. This commit extends this to allow a simple check for v1 (i.e. classic or hybrid), and v2 (full unified). An alternative approach would be to add a separate Condition for this, but I'm not too keen on that, considering that v1 is already being deprecrecated (c.f. 82f3063218).
* condition: add CPUFeatureGiedrius Statkevičius2021-02-171-0/+24
| | | | | | | | | | | | | | | | | | | | | | | Taking a stab at implementing #14479. Add {Condition,Assert}CPUFeature to `systemd-analyze` & friends. Implement it by executing the CPUID instruction. Add tables for common x86/i386 features. Tested via unit tests + checked that commands such as: ```bash systemd-analyze condition 'AssertCPUFeature = rdrand' ``` Succeed as expected and that commands such as ```bash systemd-analyze condition 'AssertCPUFeature = foobar' ``` Fail as expected. Finally, I have amended the `systemd.unit` manual page with the new condition and the list of all currently supported flags.
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* Move {uid,gid}_is_*() from basic to sharedZbigniew Jędrzejewski-Szmek2020-09-251-0/+1
| | | | | Those are functions that express policy, and nothing in basic/ uses (or should use) them.
* core: remove support for ConditionNull=Lennart Poettering2020-08-201-15/+0
| | | | | | | | | | The concept is flawed, and mostly useless. Let's finally remove it. It has been deprecated since 90a2ec10f2d43a8530aae856013518eb567c4039 (6 years ago) and we started to warn since 55dadc5c57ef1379dbc984938d124508a454be55 (1.5 years ago). Let's get rid of it altogether.
* condition: add ConditionEnvironment=Lennart Poettering2020-05-151-91/+120
| | | | | | | Prompted by the discussions in #15180. This is a bit more complex than I hoped, since for PID 1 we need to pass in the synethetic environment block in we generate on demand.
* condition: add ConditionPathIsEncrypted=Lennart Poettering2020-05-151-0/+5
| | | | | | | It's easy to add, and should be pretty useful, in particular as in AssertPathIsEncrypted= as it can be used for checking that some path is encrypted before some service is invoked that might want to place secure material there.
* tests: various small fixes for strict systemsTopi Miettinen2020-04-261-1/+8
| | | | | | | | | | | | | | | | | | | | | | Don't assume that 4MB can be allocated from stack since there could be smaller DefaultLimitSTACK= in force, so let's use malloc(). NUL terminate the huge strings by hand, also ensure termination in test_lz4_decompress_partial() and optimize the memset() for the string. Some items in /proc and /etc may not be accessible to poor unprivileged users due to e.g. SELinux, BOFH or both, so check for EACCES and EPERM. /var/tmp may be a symlink to /tmp and then path_compare() will always fail, so let's stick to /tmp like elsewhere. /tmp may be mounted with noexec option and then trying to execute scripts from there would fail. Detect and warn if seccomp is already in use, which could make seccomp test fail if the syscalls are already blocked. Unset $TMPDIR so it will not break specifier tests where %T is assumed to be /tmp and %V /var/tmp.
* test-condition: fix group check conditionFelipe Sateler2019-12-261-1/+1
| | | | We were checking the uid, whereas we should have checked the gid
* util-lib: split shared/efivars into basic/efivars and shared/efi-loaderZbigniew Jędrzejewski-Szmek2019-09-161-1/+1
| | | | | | I want to use efivars.[ch] in proc-cmdline.c, but most of the efivars stuff is not needed in basic/. Move the file from shared/ to basic/, but then move back most of the higher-level functions to the new shared/efi-loader.c file.
* basic/cgroup-util: let cgroup_unified_flush() return the detected hierarchyZbigniew Jędrzejewski-Szmek2019-09-161-1/+1
| | | | | | | This avoid the use of the global variable. Also rename cgroup_unified_update() to cgroup_unified_cached() and cgroup_unified_flush() to cgroup_unified() to better reflect their new roles.
* test-condition: do not accidentally treat error as passing conditionZbigniew Jędrzejewski-Szmek2019-06-291-51/+51
| | | | condition_test returns 0, 1, or error.
* Treat kernel version condition as a list of quoted checksZbigniew Jędrzejewski-Szmek2019-06-291-1/+23
| | | | | | | | | | Before only one comparison was allowed. Let's make this more flexible: ConditionKernelVersion = ">=4.0" "<=4.5" Fixes #12881. This also fixes expressions like "ConditionKernelVersion=>" which would evaluate as true.
* Move cpus_in_affinity_mask() to cpu-set-util.[ch]Zbigniew Jędrzejewski-Szmek2019-05-291-0/+1
| | | | | It just seems to fit better there and it's always better to have things in shared/ rather than basic/.
* tests: add tests for ConditionMemory= + ConditionCPUsLennart Poettering2019-03-191-0/+125
|
* util: split out nulstr related stuff to nulstr-util.[ch]Lennart Poettering2019-03-141-2/+2
|
* tests: use a helper function to parse environment and open loggingZbigniew Jędrzejewski-Szmek2018-09-141-3/+2
| | | | | The advantages are that we save a few lines, and that we can override logging using environment variables in more test executables.
* test-condition: make function return voidZbigniew Jędrzejewski-Szmek2018-09-141-4/+2
| | | | We don't look at the result anyway.
* test-condition: extend tests to all ConditionSecurity= valuesZbigniew Jędrzejewski-Szmek2018-06-201-4/+29
| | | | Also print out what we detect, for manual verification.
* tree-wide: drop copyright headers from frequent contributorsZbigniew Jędrzejewski-Szmek2018-06-201-3/+0
| | | | | | | | Fixes #9320. for p in Shapovalov Chevalier Rozhkov Sievers Mack Herrmann Schmidt Rudenberg Sahani Landden Andersen Watanabe; do git grep -e 'Copyright.*'$p -l|xargs perl -i -0pe 's|/([*][*])?[*]\s+([*#]\s+)?Copyright[^\n]*'$p'[^\n]*\s*[*]([*][*])?/\n*|\n|gms; s|\s+([*#]\s+)?Copyright[^\n]*'$p'[^\n]*\n*|\n|gms' done
* tree-wide: beautify remaining copyright statementsLennart Poettering2018-06-141-1/+1
| | | | | | Let's unify an beautify our remaining copyright statements, with a unicode ©. This means our copyright statements are now always formatted the same way. Yay.
* tree-wide: drop 'This file is part of systemd' blurbLennart Poettering2018-06-141-2/+0
| | | | | | | | | | | | | | | | This part of the copyright blurb stems from the GPL use recommendations: https://www.gnu.org/licenses/gpl-howto.en.html The concept appears to originate in times where version control was per file, instead of per tree, and was a way to glue the files together. Ultimately, we nowadays don't live in that world anymore, and this information is entirely useless anyway, as people are very welcome to copy these files into any projects they like, and they shouldn't have to change bits that are part of our copyright header for that. hence, let's just get rid of this old cruft, and shorten our codebase a bit.
* tree-wide: use newa() rather than alloca() where we canLennart Poettering2018-04-271-1/+1
|
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-061-13/+0
| | | | | | | | | | Files which are installed as-is (any .service and other unit files, .conf files, .policy files, etc), are left as is. My assumption is that SPDX identifiers are not yet that well known, so it's better to retain the extended header to avoid any doubt. I also kept any copyright lines. We can probably remove them, but it'd nice to obtain explicit acks from all involved authors before doing that.
* test: fix condition test if there are no controllersLennart Poettering2018-01-051-3/+3
| | | | | As an optimization cg_mask_to_string() returns NULL if there are no controllers available. We need to handle that.
* condition: extend ConditionKernelVersion= with relative version checksLennart Poettering2017-12-261-0/+85
| | | | | Now that we have str_verscmp() in our source tree anyway, let's make it generic and reuse it for ConditionKernelVersion=.
* core,udev,networkd: add ConditionKernelVersion=Lennart Poettering2017-12-261-2/+40
| | | | | | | | | | This adds a simple condition/assert/match to the service manager, to udev's .link handling and to networkd, for matching the kernel version string. In this version we only do fnmatch() based globbing, but we might want to extend that to version comparisons later on, if we like, by slightly extending the syntax with ">=", "<=", ">", "<" and "==" expressions.
* condition: Create AssertControlGroupController (#7630)Chris Down2017-12-181-0/+74
| | | | | | | | | | | | | | | | | | Up until now, the behaviour in systemd has (mostly) been to silently ignore failures to action unit directives that refer to an unavailble controller. The addition of AssertControlGroupController and its conditional counterpart allow explicit specification of the desired behaviour when such a situation occurs. As for how this can happen, it is possible that a particular controller is not available in the cgroup hierarchy. One possible reason for this is that, in the running kernel, the controller simply doesn't exist -- for example, the CPU controller in cgroup v2 has only recently been merged and was out of tree until then. Another possibility is that the controller exists, but has been forcibly disabled by `cgroup_disable=` on the kernel command line. In future this will also support whatever comes out of issue #7624, `DefaultXAccounting=never`, or similar.
View Lorry Controller Status