movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-11 12:15:34 +03:00
Code Issues Projects Releases Packages Wiki Activity

nixos/tests/systemd-journal: test audit behaviour

Browse source 
This also tests the presence of an upstream bug
This commit is contained in:
Arian van Putten 2025-02-07 14:10:48 +01:00
parent ff78e34e0b
commit bf3a70020c
1 changed files with 39 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

41
nixos/tests/systemd-journal.nix
View file

@ -7,12 +7,49 @@ import ./make-test-python.nix (
maintainers = [ lewo ];
};
nodes.machine = { };
nodes.machine = {
environment.systemPackages = [ pkgs.audit ];
};
nodes.auditd = {
security.auditd.enable = true;
environment.systemPackages = [ pkgs.audit ];
};
nodes.journaldAudit = {
services.journald.audit = true;
environment.systemPackages = [ pkgs.audit ];
};
testScript = ''
machine.wait_for_unit("multi-user.target")
machine.succeed("journalctl --grep=systemd")
with subtest("no audit messages"):
machine.fail("journalctl _TRANSPORT=audit --grep 'unit=systemd-journald'")
machine.fail("journalctl _TRANSPORT=kernel --grep 'unit=systemd-journald'")
with subtest("auditd enabled"):
auditd.wait_for_unit("multi-user.target")
# logs should end up in the journald
auditd.succeed("journalctl _TRANSPORT=audit --grep 'unit=systemd-journald'")
# logs should end up in the auditd audit log
auditd.succeed("grep 'unit=systemd-journald' /var/log/audit/audit.log")
# logs should not end up in kmesg
machine.fail("journalctl _TRANSPORT=kernel --grep 'unit=systemd-journald'")
with subtest("journald audit"):
journaldAudit.wait_for_unit("multi-user.target")
# logs should end up in the journald
journaldAudit.succeed("journalctl _TRANSPORT=audit --grep 'unit=systemd-journald'")
# logs should NOT end up in audit log
journaldAudit.fail("grep 'unit=systemd-journald' /var/log/audit/audit.log")
# FIXME: If systemd fixes #15324 this test will start failing.
# You can fix this text by removing the below line.
# logs ideally should NOT end up in kmesg, but they do due to
# https://github.com/systemd/systemd/issues/15324
journaldAudit.succeed("journalctl _TRANSPORT=kernel --grep 'unit=systemd-journald'")
'';
}
)