movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-14 14:10:33 +03:00
Code Activity

nixos/public-inbox: test confinement

Browse source
This commit is contained in:
Julien Moutinho 2025-01-24 11:27:27 +01:00 committed by Alyssa Ross
parent 69b606d103
commit bbb68bef2e
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
nixos/tests/public-inbox.nix
View file

@ -183,6 +183,12 @@ import ./make-test-python.nix (
testScript = ''
start_all()
# The threshold and/or hardening may have to be changed with new features/checks
with subtest("systemd hardening thresholds"):
print(machine.succeed("systemd-analyze security public-inbox-httpd.service --threshold=5 --no-pager"))
print(machine.succeed("systemd-analyze security public-inbox-imapd.service --threshold=5 --no-pager"))
print(machine.succeed("systemd-analyze security public-inbox-nntpd.service --threshold=4 --no-pager"))
machine.wait_for_unit("multi-user.target")
machine.wait_for_unit("public-inbox-init.service")