diff --git a/test/TEST-58-REPART/test.sh b/test/TEST-58-REPART/test.sh index 063ce9425d..c2920f9c22 100755 --- a/test/TEST-58-REPART/test.sh +++ b/test/TEST-58-REPART/test.sh @@ -10,7 +10,6 @@ TEST_DESCRIPTION="test systemd-repart" test_append_files() { if ! get_bool "${TEST_NO_QEMU:=}"; then install_dmevent - image_install jq instmods dm_verity =md generate_module_dependencies fi diff --git a/test/test-functions b/test/test-functions index b292f0e41b..fa3ad9fbdc 100644 --- a/test/test-functions +++ b/test/test-functions @@ -179,6 +179,7 @@ BASICTOOLS=( head ionice ip + jq killall ldd ln diff --git a/test/units/testsuite-75.sh b/test/units/testsuite-75.sh index 26ad109538..ba91284a73 100755 --- a/test/units/testsuite-75.sh +++ b/test/units/testsuite-75.sh @@ -11,10 +11,71 @@ RUN_OUT="$(mktemp)" NOTIFICATION_SUBSCRIPTION_SCRIPT="/tmp/subscribe.sh" NOTIFICATION_LOGS="/tmp/notifications.txt" +at_exit() { + set +e + cat "$NOTIFICATION_LOGS" +} + +trap at_exit EXIT + run() { "$@" |& tee "$RUN_OUT" } +run_retry() { + local ntries="${1:?}" + local i + + shift + + for ((i = 0; i < ntries; i++)); do + "$@" && return 0 + sleep .5 + done + + return 1 +} + +notification_check_host() { + local host="${1:?}" + local address="${2:?}" + + # Attempt to parse the notification JSON returned over varlink and check + # if it contains the requested record. As this is an async operation, let's + # retry it a couple of times in case it fails. + # + # Example JSON: + # { + # "parameters": { + # "addresses": [ + # { + # "ifindex": 2, + # "family": 2, + # "address": [ + # 10, + # 0, + # 0, + # 121 + # ], + # "type": "A" + # } + # ], + # "name": "untrusted.test" + # }, + # "continues": true + # } + # + # Note: we need to do some post-processing of the $NOTIFICATION_LOGS file, + # since the JSON objects are concatenated with \0 instead of a newline + # shellcheck disable=SC2016 + run_retry 10 jq --slurp \ + --exit-status \ + --arg host "$host" \ + --arg address "$address" \ + '.[] | select(.parameters.name == $host) | .parameters.addresses[] | select(.address | join(".") == $address) | true' \ + <(tr '\0' '\n' <"$NOTIFICATION_LOGS") +} + ### SETUP ### # Configure network hostnamectl hostname ns1.unsigned.test @@ -120,7 +181,7 @@ knotc reload # Sanity check run getent -s resolve hosts ns1.unsigned.test grep -qE "^10\.0\.0\.1\s+ns1\.unsigned\.test" "$RUN_OUT" -grep -aF "ns1.unsigned.test" $NOTIFICATION_LOGS | grep -qF "[10,0,0,1]" +notification_check_host "ns1.unsigned.test" "10.0.0.1" # Issue: https://github.com/systemd/systemd/issues/18812 # PR: https://github.com/systemd/systemd/pull/18896 @@ -213,7 +274,7 @@ grep -qF "; fully validated" "$RUN_OUT" run resolvectl query -t A cname-chain.signed.test grep -qF "follow14.final.signed.test IN A 10.0.0.14" "$RUN_OUT" grep -qF "authenticated: yes" "$RUN_OUT" -grep -aF "cname-chain.signed.test" $NOTIFICATION_LOGS | grep -qF "[10,0,0,14]" +notification_check_host "cname-chain.signed.test" "10.0.0.14" # Non-existing RR + CNAME chain run dig +dnssec AAAA cname-chain.signed.test grep -qF "status: NOERROR" "$RUN_OUT" @@ -252,7 +313,7 @@ grep -qF "authenticated: yes" "$RUN_OUT" # Resolve via dbus method run busctl call org.freedesktop.resolve1 /org/freedesktop/resolve1 org.freedesktop.resolve1.Manager ResolveHostname 'isit' 0 secondsub.onlinesign.test 0 0 grep -qF '10 0 0 134 "secondsub.onlinesign.test"' "$RUN_OUT" -grep -aF "secondsub.onlinesign.test" $NOTIFICATION_LOGS | grep -qF "[10,0,0,134]" +notification_check_host "secondsub.onlinesign.test" "10.0.0.134" : "--- ZONE: untrusted.test (DNSSEC without propagated DS records) ---" run dig +short untrusted.test @@ -271,7 +332,5 @@ grep -qF "authenticated: no" "$RUN_OUT" #run dig +dnssec this.does.not.exist.untrusted.test #grep -qF "status: NXDOMAIN" "$RUN_OUT" -cat $NOTIFICATION_LOGS - touch /testok rm /failed