[systemd-devel] [PATCH 1/2] test: add basic seccomp tests

Dave Reisner d at falconindy.com
Thu Feb 13 07:25:24 PST 2014 

On Thu, Feb 13, 2014 at 09:58:53AM +0100, Ronny Chevalier wrote:
> 2014-02-13 3:34 GMT+01:00 Dave Reisner <d at falconindy.com>:
> > On Thu, Jan 23, 2014 at 01:34:57AM +0100, Ronny Chevalier wrote:
> >> ---
> >>  test/TEST-04-SECCOMP/Makefile               |  1 +
> >>  test/TEST-04-SECCOMP/test-seccomp.sh        | 11 ++++
> >>  test/TEST-04-SECCOMP/test.sh                | 79 +++++++++++++++++++++++++++++
> >>  test/TEST-04-SECCOMP/will-fail.service      |  6 +++
> >>  test/TEST-04-SECCOMP/will-not-fail.service  |  6 +++
> >>  test/TEST-04-SECCOMP/will-not-fail2.service |  6 +++
> >>  6 files changed, 109 insertions(+)
> >>  create mode 120000 test/TEST-04-SECCOMP/Makefile
> >>  create mode 100755 test/TEST-04-SECCOMP/test-seccomp.sh
> >>  create mode 100755 test/TEST-04-SECCOMP/test.sh
> >>  create mode 100644 test/TEST-04-SECCOMP/will-fail.service
> >>  create mode 100644 test/TEST-04-SECCOMP/will-not-fail.service
> >>  create mode 100644 test/TEST-04-SECCOMP/will-not-fail2.service
> >>
> >> diff --git a/test/TEST-04-SECCOMP/Makefile b/test/TEST-04-SECCOMP/Makefile
> >> new file mode 120000
> >> index 0000000..e9f93b1
> >> --- /dev/null
> >> +++ b/test/TEST-04-SECCOMP/Makefile
> >> @@ -0,0 +1 @@
> >> +../TEST-01-BASIC/Makefile
> >> \ No newline at end of file
> >> diff --git a/test/TEST-04-SECCOMP/test-seccomp.sh b/test/TEST-04-SECCOMP/test-seccomp.sh
> >> new file mode 100755
> >> index 0000000..fef334e
> >> --- /dev/null
> >> +++ b/test/TEST-04-SECCOMP/test-seccomp.sh
> >> @@ -0,0 +1,11 @@
> >> +#!/bin/bash -x
> >> +
> >> +systemctl start will-fail.service
> >> +systemctl start will-not-fail.service
> >> +systemctl start will-not-fail2.service
> >> +systemctl is-failed will-fail.service | grep failed || exit 1
> >> +systemctl is-failed will-not-fail.service | grep failed && exit 1
> >> +systemctl is-failed will-not-fail2.service | grep failed && exit 1
> >
> > This is weird. You should be able to rely on the exit code rather than
> > parsing the output, but it seems this was broken in e3e0314b.
> >
> Yes, this is why I did this.

Should be fixed by 5a1aece58.

More information about the systemd-devel mailing list