mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-01-27 07:14:52 +00:00
4f0dadbf38
After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-builda08b3a4d19
.tar.gz \ --argstr baseRevb32a094368
result/bin/apply-formatting $NIXPKGS_PATH
152 lines
5.1 KiB
Nix
152 lines
5.1 KiB
Nix
import ./make-test-python.nix (
|
|
{ pkgs, ... }:
|
|
let
|
|
# build a getent that itself doesn't see anything in /etc/hosts and
|
|
# /etc/nsswitch.conf, by using libredirect to steer its own requests to
|
|
# /dev/null.
|
|
# This means is /has/ to go via nscd to actuallly resolve any of the
|
|
# additionally configured hosts.
|
|
getent' = pkgs.writeScript "getent-without-etc-hosts" ''
|
|
export NIX_REDIRECTS=/etc/hosts=/dev/null:/etc/nsswitch.conf=/dev/null
|
|
export LD_PRELOAD=${pkgs.libredirect}/lib/libredirect.so
|
|
exec getent $@
|
|
'';
|
|
in
|
|
{
|
|
name = "nscd";
|
|
|
|
nodes.machine =
|
|
{ pkgs, ... }:
|
|
{
|
|
imports = [ common/user-account.nix ];
|
|
networking.extraHosts = ''
|
|
2001:db8::1 somehost.test
|
|
192.0.2.1 somehost.test
|
|
'';
|
|
|
|
systemd.services.sockdump = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
path = [
|
|
# necessary for bcc to unpack kernel headers and invoke modprobe
|
|
pkgs.gnutar
|
|
pkgs.xz.bin
|
|
pkgs.kmod
|
|
];
|
|
environment.PYTHONUNBUFFERED = "1";
|
|
|
|
serviceConfig = {
|
|
ExecStart = "${pkgs.sockdump}/bin/sockdump /var/run/nscd/socket";
|
|
Restart = "on-failure";
|
|
RestartSec = "1";
|
|
Type = "simple";
|
|
};
|
|
};
|
|
|
|
specialisation = {
|
|
withGlibcNscd.configuration =
|
|
{ ... }:
|
|
{
|
|
services.nscd.enableNsncd = false;
|
|
};
|
|
withUnscd.configuration =
|
|
{ ... }:
|
|
{
|
|
services.nscd.enableNsncd = false;
|
|
services.nscd.package = pkgs.unscd;
|
|
};
|
|
};
|
|
};
|
|
|
|
testScript =
|
|
{ nodes, ... }:
|
|
let
|
|
specialisations = "${nodes.machine.system.build.toplevel}/specialisation";
|
|
in
|
|
''
|
|
# Regression test for https://github.com/NixOS/nixpkgs/issues/50273
|
|
def test_dynamic_user():
|
|
with subtest("DynamicUser actually allocates a user"):
|
|
assert "iamatest" in machine.succeed(
|
|
"systemd-run --pty --property=Type=oneshot --property=DynamicUser=yes --property=User=iamatest whoami"
|
|
)
|
|
|
|
# Test resolution of somehost.test with getent', to make sure we go via
|
|
# nscd protocol
|
|
def test_host_lookups():
|
|
with subtest("host lookups via nscd protocol"):
|
|
# ahosts
|
|
output = machine.succeed("${getent'} ahosts somehost.test")
|
|
assert "192.0.2.1" in output
|
|
assert "2001:db8::1" in output
|
|
|
|
# ahostsv4
|
|
output = machine.succeed("${getent'} ahostsv4 somehost.test")
|
|
assert "192.0.2.1" in output
|
|
assert "2001:db8::1" not in output
|
|
|
|
# ahostsv6
|
|
output = machine.succeed("${getent'} ahostsv6 somehost.test")
|
|
assert "192.0.2.1" not in output
|
|
assert "2001:db8::1" in output
|
|
|
|
# reverse lookups (hosts)
|
|
assert "somehost.test" in machine.succeed("${getent'} hosts 2001:db8::1")
|
|
assert "somehost.test" in machine.succeed("${getent'} hosts 192.0.2.1")
|
|
|
|
|
|
# Test host resolution via nss modules works
|
|
# We rely on nss-myhostname in this case, which resolves *.localhost and
|
|
# _gateway.
|
|
# We don't need to use getent' here, as non-glibc nss modules can only be
|
|
# discovered via nscd.
|
|
def test_nss_myhostname():
|
|
with subtest("nss-myhostname provides hostnames (ahosts)"):
|
|
# ahosts
|
|
output = machine.succeed("getent ahosts foobar.localhost")
|
|
assert "::1" in output
|
|
assert "127.0.0.1" in output
|
|
|
|
# ahostsv4
|
|
output = machine.succeed("getent ahostsv4 foobar.localhost")
|
|
assert "::1" not in output
|
|
assert "127.0.0.1" in output
|
|
|
|
# ahostsv6
|
|
output = machine.succeed("getent ahostsv6 foobar.localhost")
|
|
assert "::1" in output
|
|
assert "127.0.0.1" not in output
|
|
|
|
start_all()
|
|
machine.wait_for_unit("default.target")
|
|
|
|
# give sockdump some time to finish attaching.
|
|
machine.sleep(5)
|
|
|
|
# Test all tests with glibc-nscd.
|
|
test_dynamic_user()
|
|
test_host_lookups()
|
|
test_nss_myhostname()
|
|
|
|
with subtest("glibc-nscd"):
|
|
machine.succeed('${specialisations}/withGlibcNscd/bin/switch-to-configuration test')
|
|
machine.wait_for_unit("default.target")
|
|
|
|
test_dynamic_user()
|
|
test_host_lookups()
|
|
test_nss_myhostname()
|
|
|
|
with subtest("unscd"):
|
|
machine.succeed('${specialisations}/withUnscd/bin/switch-to-configuration test')
|
|
machine.wait_for_unit("default.target")
|
|
|
|
# known to fail, unscd doesn't load external NSS modules
|
|
# test_dynamic_user()
|
|
|
|
test_host_lookups()
|
|
|
|
# known to fail, unscd doesn't load external NSS modules
|
|
# test_nss_myhostname()
|
|
'';
|
|
}
|
|
)
|