Merge pull request #32540 from DaanDeMeyer/mkosi

mkosi: Enable more integration tests

mkosi.images/minimal-base/mkosi.conf.d/10-arch.conf

@@ -8,3 +8,29 @@ Packages=
         inetutils
         iproute
         openbsd-netcat
+
+RemoveFiles=
+        # Arch Linux doesn't split their gcc-libs package so we manually remove
+        # unneeded stuff here to make sure it doesn't end up in the image.
+        /usr/lib/libgfortran.so*
+        /usr/lib/libgo.so*
+        /usr/lib/libgomp.so*
+        /usr/lib/libgphobos.so*
+        /usr/lib/libobjc.so*
+        /usr/lib/libasan.so*
+        /usr/lib/libtsan.so*
+        /usr/lib/liblsan.so*
+        /usr/lib/libubsan.so*
+        /usr/lib/libstdc++.so*
+        /usr/lib/libgdruntime.so*
+
+        # Remove all files that are only required for development.
+        /usr/lib/*.a
+        /usr/include/*
+
+        /usr/share/i18n/*
+        /usr/share/hwdata/*
+        /usr/share/iana-etc/*
+        /usr/share/locale/*
+        /usr/share/terminfo/*
+        /usr/share/zoneinfo/*

mkosi.images/minimal-base/mkosi.postinst

@@ -0,0 +1,11 @@
+#!/bin/bash
+set -e
+
+# We don't use mkosi.extra because /usr/sbin could be a symlink and cp doesn't handle that properly until
+# coreutils 9.5 or newer.
+cat >"$BUILDROOT/sbin/init" <<EOF
+#!/bin/bash
+echo "Hello from dummy init, beautiful day, innit?"
+ip link
+EOF
+chmod +x "$BUILDROOT/sbin/init"

mkosi.images/system/mkosi.conf

@@ -19,12 +19,14 @@ ExtraTrees=
         %O/minimal-1.root-%a.raw:/usr/share/minimal_1.raw
         %O/minimal-1.root-%a-verity.raw:/usr/share/minimal_1.verity
         %O/minimal-1.root-%a-verity-sig.raw:/usr/share/minimal_1.verity.sig
+        %O/minimal-base:/usr/share/testsuite-13-container-template
 
 Packages=
         acl
         attr
         bash-completion
         coreutils
+        curl
         diffutils
         dnsmasq
         dosfstools

mkosi.images/system/mkosi.conf.d/10-arch/mkosi.build.chroot

@@ -10,12 +10,12 @@ if [ ! -f "pkg/$ID/PKGBUILD" ]; then
     exit 1
 fi
 
-# We can't configure the source or build directory so we use bind mounts instead to make sure they are in the
+# We can't configure the source or build directory so we use symlinks instead to make sure they are in the
 # expected locations.
-mount --mkdir --bind "$SRCDIR" "pkg/$ID/systemd-stable/"
-mount --mkdir --bind "$BUILDDIR" "pkg/$ID/build/"
+ln --symbolic "$SRCDIR" "pkg/$ID/systemd-stable"
+ln --symbolic "$BUILDDIR" "pkg/$ID/build"
 # Because we run with --noextract we are responsible for making sure the source files appear in src/.
-mount --mkdir --rbind "$PWD/pkg/$ID" "pkg/$ID/src/"
+ln --symbolic . "pkg/$ID/src"
 
 # shellcheck source=/dev/null
 . /etc/makepkg.conf

mkosi.images/system/mkosi.conf.d/10-arch/mkosi.conf

@@ -41,6 +41,7 @@ Packages=
         sbsigntools
         shadow
         squashfs-tools
+        tpm2-tools
         tpm2-tss
         vim
 

mkosi.images/system/mkosi.conf.d/10-centos-fedora/mkosi.conf

@@ -26,6 +26,8 @@ Packages=
         dhcp-server
         dnf
         git-core
+        glibc-langpack-de
+        glibc-langpack-en
         gnutls
         integritysetup
         iproute
@@ -50,6 +52,7 @@ Packages=
         rpm-build
         rpmautospec
         squashfs-tools
+        tpm2-tools
         util-linux
         vim-common
 

mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.build.chroot

@@ -13,9 +13,8 @@ fi
 # We transplant the debian/ folder from the deb package sources into the upstream sources.
 mount --mkdir --bind "$SRCDIR/pkg/$ID/debian" "$SRCDIR"/debian
 
-# We hide the patches/ directory by mounting an empty directory on top so they don't get applied.
-TMP=$(mktemp -d)
-mount --bind "$TMP" "$SRCDIR"/debian/patches
+# We remove the patches so they don't get applied.
+rm -rf "$SRCDIR"/debian/patches/*
 
 # While the build directory can be specified through DH_OPTIONS, the default one is hardcoded everywhere so
 # we have to use that. Because it is architecture dependent, we query it using dpkg-architecture first.

mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf

@@ -51,6 +51,7 @@ Packages=
         libcap-ng-utils
         libtss2-rc0
         libtss2-tcti-device0
+        locales
         man-db
         netcat-openbsd
         openssh-client
@@ -62,6 +63,7 @@ Packages=
         quota
         sbsigntool
         squashfs-tools
+        tpm2-tools
         tzdata
         xxd
 

mkosi.images/system/mkosi.conf.d/10-opensuse/mkosi.build.chroot

@@ -63,7 +63,7 @@ build() {
         --define "vendor openSUSE" \
         --define "version_override $VERSION" \
         --define "release_override $RELEASE" \
-        --define "__check_files sh -c '$(rpm --eval %__check_files) | tee /tmp/unpackaged-files'" \
+        --define "__check_files sh -c '$(rpm --define "_topdir /var/tmp" --eval %__check_files) | tee /tmp/unpackaged-files'" \
         --define "build_cflags $(rpm --eval %build_cflags) $EXTRA_CFLAGS" \
         --define "meson_build %{shrink:%{__meson} compile -C %{_vpath_builddir} -j %{_smp_build_ncpus} %{nil}}" \
         --define "meson_install %{shrink:DESTDIR=%{buildroot} %{__meson} install -C %{_vpath_builddir} --no-rebuild --quiet %{nil}}" \
@@ -86,7 +86,7 @@ if ! build; then
     # warnings.
     rm systemd.lang
 
-    cat /tmp/unpackaged-files >>"pkg/$ID/files.systemd"
+    grep -v ".debug" /tmp/unpackaged-files >>"pkg/$ID/files.systemd"
     build --noprep --nocheck
 fi
 

mkosi.images/system/mkosi.conf.d/10-opensuse/mkosi.conf

@@ -63,6 +63,7 @@ Packages=
         shadow
         squashfs
         timezone
+        tpm2.0-tools
         user(bin)
         user(daemon)
         user(games)

test/TEST-09-REBOOT/meson.build

@@ -0,0 +1,5 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+test_params = test_params + {
+        'storage': 'persistent',
+}

test/TEST-13-NSPAWN/test.sh

@@ -5,13 +5,15 @@ set -e
 TEST_DESCRIPTION="systemd-nspawn tests"
 IMAGE_NAME="nspawn"
 TEST_NO_NSPAWN=1
+IMAGE_ADDITIONAL_ROOT_SIZE=500
+TEST_FORCE_NEWIMAGE=1
 
 # shellcheck source=test/test-functions
 . "${TEST_BASE_DIR:?}/test-functions"
 
 test_append_files() {
     local workspace="${1:?}"
-    local container="$workspace/testsuite-13-container-template"
+    local container="$workspace/usr/share/testsuite-13-container-template"
 
     # For virtual wlan interface.
     instmods mac80211_hwsim

test/integration-test-wrapper.py

@@ -47,6 +47,7 @@ def main():
     parser.add_argument('--meson-build-dir', required=True, type=Path)
     parser.add_argument('--test-name', required=True)
     parser.add_argument('--test-number', required=True)
+    parser.add_argument('--storage', required=True)
     parser.add_argument('mkosi_args', nargs="*")
     args = parser.parse_args()
 
@@ -93,9 +94,6 @@ def main():
                 f"systemd.extra-unit.emergency-exit.service={shlex.quote(EMERGENCY_EXIT_SERVICE)}",
                 '--credential',
                 f"systemd.unit-dropin.emergency.target={shlex.quote(EMERGENCY_EXIT_DROPIN)}",
-                '--kernel-command-line-extra=systemd.mask=serial-getty@.service systemd.show_status=no systemd.crash_shell=0 systemd.crash_reboot',
-                # Custom firmware variables allow bypassing the EFI auto-enrollment reboot so we only reboot on crash
-                '--qemu-firmware-variables=custom',
             ]
             if not sys.stderr.isatty()
             else []
@@ -103,17 +101,28 @@ def main():
         '--credential',
         f"systemd.unit-dropin.{test_unit}={shlex.quote(dropin)}",
         '--runtime-network=none',
+        '--runtime-scratch=no',
         '--append',
         '--kernel-command-line-extra',
         ' '.join([
             'systemd.hostname=H',
             f"SYSTEMD_UNIT_PATH=/usr/lib/systemd/tests/testdata/testsuite-{args.test_number}.units:/usr/lib/systemd/tests/testdata/units:",
             f"systemd.unit={test_unit}",
+            'systemd.mask=systemd-networkd-wait-online.service',
+            *(
+                [
+                    "systemd.mask=serial-getty@.service",
+                    "systemd.show_status=no",
+                    "systemd.crash_shell=0",
+                    "systemd.crash_action=poweroff",
+                ]
+                if not sys.stderr.isatty()
+                else []
+            ),
         ]),
-        '--credential', f"journal.storage={'persistent' if sys.stderr.isatty() else 'runtime'}" ,
+        '--credential', f"journal.storage={'persistent' if sys.stderr.isatty() else args.storage}" ,
         *args.mkosi_args,
         'qemu',
-        *(['-no-reboot'] if not sys.stderr.isatty() else [])
     ]
 
     result = subprocess.run(cmd)

test/meson.build

@@ -339,42 +339,72 @@ integration_tests = {
         '01': 'TEST-01-BASIC',
         '02': 'TEST-02-UNITTESTS',
         '03': 'TEST-03-JOBS',
+        # '04': 'TEST-04-JOURNAL', # Extremely flaky
         '05': 'TEST-05-RLIMITS',
+        # '06': 'TEST-06-SELINUX',
+        # '07': 'TEST-07-PID1',
+        # '08': 'TEST-08-INITRD',
+        '09': 'TEST-09-REBOOT',
+        '13': 'TEST-13-NSPAWN',
+        '15': 'TEST-15-DROPIN',
         '16': 'TEST-16-EXTEND-TIMEOUT',
         '17': 'TEST-17-UDEV', # Can be flaky when overloaded if timeout abort test is slow
+        '18': 'TEST-18-FAILUREACTION',
         '19': 'TEST-19-CGROUP',
+        # '21': 'TEST-21-DFUZZER',
+        '22': 'TEST-22-TMPFILES',
+        # '23': 'TEST-23-UNIT-FILE',
+        # '24': 'TEST-24-CRYPTSETUP',
         '25': 'TEST-25-IMPORT',
         '26': 'TEST-26-SYSTEMCTL',
         '29': 'TEST-29-PORTABLE',
         '30': 'TEST-30-ONCLOCKCHANGE',
+        # '31': 'TEST-31-DEVICE-ENUMERATION',
         '32': 'TEST-32-OOMPOLICY',
         '34': 'TEST-34-DYNAMICUSERMIGRATE',
+        '35': 'TEST-35-LOGIN',
         '36': 'TEST-36-NUMAPOLICY',
         '38': 'TEST-38-FREEZER',
         '43': 'TEST-43-PRIVATEUSER-UNPRIV',
         '44': 'TEST-44-LOG-NAMESPACE',
         '45': 'TEST-45-TIMEDATE',
+        # '46': 'TEST-46-HOMED',
         '50': 'TEST-50-DISSECT',
+        # '52': 'TEST-52-HONORFIRSTSHUTDOWN',
+        # '53': 'TEST-53-ISSUE-16347',
+        # '54': 'TEST-54-CREDS',
+        # '55': 'TEST-55-OOMD',
+        # '58': 'TEST-58-REPART',
         # Can be flaky when overloaded if daemon-reload is too slow to be rate-limited
         '59': 'TEST-59-RELOADING-RESTART',
         '60': 'TEST-60-MOUNT-RATELIMIT',
         '62': 'TEST-62-RESTRICT-IFACES',
         '63': 'TEST-63-PATH',
+        # '64': 'TEST-54-UDEV-STORAGE',
+        '65': 'TEST-65-ANALYZE',
         '66': 'TEST-66-DEVICE-ISOLATION',
         '67': 'TEST-67-INTEGRITY',
         '68': 'TEST-68-PROPAGATE-EXIT-STATUS',
+        '70': 'TEST-70-TPM2',
+        '71': 'TEST-71-HOSTNAME',
         '72': 'TEST-72-SYSUPDATE',
+        # '73': 'TEST-73-LOCALE',
+        # '74': 'TEST-74-AUX-UTILS',
+        # '75': 'TEST-75-RESOLVED',
         '76': 'TEST-76-SYSCTL',
         '78': 'TEST-78-SIGQUEUE',
         '79': 'TEST-79-MEMPRESS',
         '80': 'TEST-80-NOTIFYACCESS',
         '81': 'TEST-81-GENERATORS',
+        # '82': 'TEST-82-SOFTREBOOT',
+        '83': 'TEST-83-BTRFS',
         '84': 'TEST-84-STORAGETM',
 }
 foreach test_number, dirname : integration_tests
         test_params = {
                 'mkosi_args' : [],
-                'timeout' : 600,
+                'timeout' : 1800,
+                'storage': 'volatile',
         }
 
         # TODO: This fs.exists call isn't included in rebuild logic
@@ -389,6 +419,7 @@ foreach test_number, dirname : integration_tests
                 '--meson-build-dir', meson.project_build_root(),
                 '--test-name', dirname,
                 '--test-number', test_number,
+                '--storage', test_params['storage'],
                 '--',
         ] + test_params['mkosi_args']
 

test/test-functions

@@ -476,8 +476,7 @@ run_qemu() {
 
     local CONSOLE=ttyS0
 
-    # Reset the boot counter, if present
-    rm -f "${initdir:?}/var/tmp/.systemd_reboot_count"
+    find "${initdir:?}/var/tmp" -mindepth 1 -delete
     rm -f "$initdir"/{testok,failed,skipped}
     # make sure the initdir is not mounted to avoid concurrent access
     cleanup_initdir
@@ -651,8 +650,7 @@ run_qemu() {
 # success), or 1 if nspawn is not available.
 run_nspawn() {
     [[ -d /run/systemd/system ]] || return 1
-    # Reset the boot counter, if present
-    rm -f "${initdir:?}/var/tmp/.systemd_reboot_count"
+    find "${initdir:?}/var/tmp" -mindepth 1 -delete
     rm -f "${initdir:?}"/{testok,failed,skipped}
 
     local nspawn_cmd=()

test/testsuite-04.units/delegated-cgroup-filtering.service

@@ -2,7 +2,7 @@
 Description=Test service for delegated logs filtering
 
 [Service]
-Type=simple
+Type=oneshot
 ExecStart=/usr/lib/systemd/tests/testdata/units/delegated_cgroup_filtering_payload.sh
 Delegate=yes
 SyslogLevel=notice

test/testsuite-04.units/logs-filtering.service

@@ -2,5 +2,6 @@
 Description=Log filtering unit
 
 [Service]
-ExecStart=sh -c 'while true; do echo "Logging from the service, and ~more~ foo bar"; sleep .25; done'
+Type=oneshot
+ExecStart=sh -c 'echo "Logging from the service, and ~more~ foo bar" && sleep 2'
 SyslogLevel=notice

test/units/delegated_cgroup_filtering_payload.sh

@@ -2,11 +2,8 @@
 # SPDX-License-Identifier: LGPL-2.1-or-later
 
 mkdir /sys/fs/cgroup/system.slice/delegated-cgroup-filtering.service/the_child
-/bin/sh /usr/lib/systemd/tests/testdata/units/delegated_cgroup_filtering_payload_child.sh &
+/bin/sh /usr/lib/systemd/tests/testdata/units/delegated_cgroup_filtering_payload_child.sh
 
-while true
-do
-	echo "parent_process: hello, world!"
-	echo "parent_process: hello, people!"
-    sleep .15
-done
+echo "parent_process: hello, world!"
+echo "parent_process: hello, people!"
+sleep .15

test/units/delegated_cgroup_filtering_payload_child.sh

@@ -3,9 +3,6 @@
 
 echo $$ >/sys/fs/cgroup/system.slice/delegated-cgroup-filtering.service/the_child/cgroup.procs
 
-while true
-do
-	echo "child_process: hello, world!"
-	echo "child_process: hello, people!"
-    sleep .15
-done
+echo "child_process: hello, world!"
+echo "child_process: hello, people!"
+sleep .15

test/units/testsuite-04.LogFilterPatterns.sh

@@ -18,16 +18,12 @@ add_logs_filtering_override() {
 
 run_service_and_fetch_logs() {
     local unit="${1:?}"
-    local start end
+    local start
 
     start="$(date '+%Y-%m-%d %T.%6N')"
-    systemctl restart "$unit"
-    sleep .5
+    systemctl start "$unit"
     journalctl --sync
-    end="$(date '+%Y-%m-%d %T.%6N')"
-
-    journalctl -q -u "$unit" -S "$start" -U "$end" -p notice
-    systemctl stop "$unit"
+    journalctl -q -u "$unit" -S "$start" -p notice
 }
 
 if cgroupfs_supports_user_xattrs; then

test/units/testsuite-09.journal.sh

@@ -84,7 +84,7 @@ verify_seqnum() {
 
     journalctl --system --header
 
-    (! journalctl --system -q -o short-monotonic -u systemd-journald.service --grep 'rotating')
+    (! journalctl --system -q -o short-monotonic -u systemd-journald.service --grep 'Journal file uses a different sequence number ID, rotating')
 
     set +x
     previous_seqnum=0

test/units/testsuite-13.machinectl.sh

@@ -23,9 +23,9 @@ trap at_exit EXIT
 systemctl service-log-level systemd-machined debug
 systemctl service-log-level systemd-importd debug
 
-# Mount tmpfs over /var/lib/machines to not pollute the image
+# Mount temporary directory over /var/lib/machines to not pollute the image
 mkdir -p /var/lib/machines
-mount -t tmpfs tmpfs /var/lib/machines
+mount --bind "$(mktemp --tmpdir=/var/tmp -d)" /var/lib/machines
 
 # Create a couple of containers we can refer to in tests
 for i in {0..4}; do
@@ -154,37 +154,37 @@ test ! -d /var/lib/machines/.hidden1
 
 # Prepare a simple raw container
 mkdir -p /tmp/mnt
-dd if=/dev/zero of=/tmp/container.raw bs=1M count=64
-mkfs.ext4 /tmp/container.raw
-mount -o loop /tmp/container.raw /tmp/mnt
+dd if=/dev/zero of=/var/tmp/container.raw bs=1M count=256
+mkfs.ext4 /var/tmp/container.raw
+mount -o loop /var/tmp/container.raw /tmp/mnt
 cp -r /var/lib/machines/container1/* /tmp/mnt
 umount /tmp/mnt
 # Try to import it, run it, export it, and re-import it
-machinectl import-raw /tmp/container.raw container-raw
+machinectl import-raw /var/tmp/container.raw container-raw
 [[ "$(machinectl show-image --property=Type --value container-raw)" == "raw" ]]
 machinectl start container-raw
-machinectl export-raw container-raw /tmp/container-export.raw
-machinectl import-raw /tmp/container-export.raw container-raw-reimport
+machinectl export-raw container-raw /var/tmp/container-export.raw
+machinectl import-raw /var/tmp/container-export.raw container-raw-reimport
 [[ "$(machinectl show-image --property=Type --value container-raw-reimport)" == "raw" ]]
-rm -f /tmp/container{,-export}.raw
+rm -f /var/tmp/container{,-export}.raw
 
 # Prepare a simple tar.gz container
-tar -pczf /tmp/container.tar.gz -C /var/lib/machines/container1 .
+tar -pczf /var/tmp/container.tar.gz -C /var/lib/machines/container1 .
 # Try to import it, run it, export it, and re-import it
-machinectl import-tar /tmp/container.tar.gz container-tar
-[[ "$(machinectl show-image --property=Type --value container-tar)" == "directory" ]]
+machinectl import-tar /var/tmp/container.tar.gz container-tar
+[[ "$(machinectl show-image --property=Type --value container-tar)" =~ directory|subvolume ]]
 machinectl start container-tar
-machinectl export-tar container-tar /tmp/container-export.tar.gz
-machinectl import-tar /tmp/container-export.tar.gz container-tar-reimport
-[[ "$(machinectl show-image --property=Type --value container-tar-reimport)" == "directory" ]]
-rm -f /tmp/container{,-export}.tar.gz
+machinectl export-tar container-tar /var/tmp/container-export.tar.gz
+machinectl import-tar /var/tmp/container-export.tar.gz container-tar-reimport
+[[ "$(machinectl show-image --property=Type --value container-tar-reimport)" =~ directory|subvolume ]]
+rm -f /var/tmp/container{,-export}.tar.gz
 
 # Try to import a container directory & run it
-cp -r /var/lib/machines/container1 /tmp/container.dir
-machinectl import-fs /tmp/container.dir container-dir
-[[ "$(machinectl show-image --property=Type --value container-dir)" == "directory" ]]
+cp -r /var/lib/machines/container1 /var/tmp/container.dir
+machinectl import-fs /var/tmp/container.dir container-dir
+[[ "$(machinectl show-image --property=Type --value container-dir)" =~ directory|subvolume ]]
 machinectl start container-dir
-rm -fr /tmp/container.dir
+rm -fr /var/tmp/container.dir
 
 timeout 10 bash -c "until machinectl clean --all; do sleep .5; done"
 

test/units/testsuite-13.nspawn-oci.sh

@@ -23,9 +23,9 @@ at_exit() {
 
 trap at_exit EXIT
 
-# Mount tmpfs over /var/lib/machines to not pollute the image
+# Mount temporary directory over /var/lib/machines to not pollute the image
 mkdir -p /var/lib/machines
-mount -t tmpfs tmpfs /var/lib/machines
+mount --bind "$(mktemp --tmpdir=/var/tmp -d)" /var/lib/machines
 
 # Setup a couple of dirs/devices for the OCI containers
 DEV="$(mktemp -u /dev/oci-dev-XXX)"

test/units/testsuite-13.nspawn.sh

@@ -71,9 +71,9 @@ if unshare -U bash -c :; then
     IS_USERNS_SUPPORTED=yes
 fi
 
-# Mount tmpfs over /var/lib/machines to not pollute the image
+# Mount temporary directory over /var/lib/machines to not pollute the image
 mkdir -p /var/lib/machines
-mount -t tmpfs tmpfs /var/lib/machines
+mount --bind "$(mktemp --tmpdir=/var/tmp -d)" /var/lib/machines
 
 testcase_sanity() {
     local template root image uuid tmpdir
@@ -83,7 +83,7 @@ testcase_sanity() {
     create_dummy_container "$template"
     # Create a simple image from the just created container template
     image="$(mktemp /var/lib/machines/testsuite-13.image-XXX.img)"
-    dd if=/dev/zero of="$image" bs=1M count=64
+    dd if=/dev/zero of="$image" bs=1M count=256
     mkfs.ext4 "$image"
     mkdir -p /mnt
     mount -o loop "$image" /mnt

test/units/testsuite-13.nss-mymachines.sh

@@ -17,8 +17,9 @@ at_exit() {
 
 trap at_exit EXIT
 
+# Mount temporary directory over /var/lib/machines to not pollute the image
 mkdir -p /var/lib/machines
-mount -t tmpfs tmpfs /var/lib/machines
+mount --bind "$(mktemp --tmpdir=/var/tmp -d)" /var/lib/machines
 
 # Create a bunch of containers that:
 # 1) Have no IP addresses assigned

test/units/testsuite-13.sh

@@ -3,6 +3,13 @@
 set -eux
 set -o pipefail
 
+FSTYPE="$(stat --file-system --format "%T" /)"
+
+if [[ "$FSTYPE" == "fuseblk" ]]; then
+    echo "Root filesystem is virtiofs, skipping"
+    exit 77
+fi
+
 # shellcheck source=test/units/test-control.sh
 . "$(dirname "$0")"/test-control.sh
 

test/units/testsuite-15.sh

@@ -8,10 +8,6 @@ set -o pipefail
 # shellcheck source=test/units/util.sh
 . "$(dirname "$0")"/util.sh
 
-# Needed to write units to /usr/lib/systemd/system to test /etc and /run overrides.
-maybe_mount_usr_overlay
-trap 'maybe_umount_usr_overlay' EXIT
-
 clear_unit() {
     local unit_name="${1:?}"
     local base suffix

test/units/testsuite-18.sh

@@ -11,7 +11,7 @@ if ! test -f /firstphase ; then
     systemd-run --wait -p SuccessAction=reboot true
 else
     echo OK >/testok
-    systemd-run --wait -p FailureAction=poweroff false
+    systemd-run --wait -p FailureAction=exit -p FailureActionExitStatus=123 false
 fi
 
 sleep infinity

test/units/testsuite-25.sh

@@ -3,11 +3,6 @@
 set -eux
 set -o pipefail
 
-if ! command -v importctl >/dev/null; then
-    echo "importctl is not available to be chain-loaded from machinectl, skipping" >>/skipped
-    exit 77
-fi
-
 export SYSTEMD_PAGER=cat
 
 dd if=/dev/urandom of=/var/tmp/testimage.raw bs=$((1024*1024+7)) count=5

test/units/testsuite-26.sh

@@ -12,16 +12,10 @@ at_exit() {
         rm -fvr "/usr/lib/systemd/system/$UNIT_NAME" "/etc/systemd/system/$UNIT_NAME.d" "+4"
     fi
 
-    maybe_umount_usr_overlay
-
     rm -f /etc/init.d/issue-24990
     return 0
 }
 
-# Needed for /usr/lib/systemd/system/$UNIT_NAME to test overrides in /etc and /run
-maybe_mount_usr_overlay
-trap at_exit EXIT
-
 # Create a simple unit file for testing
 # Note: the service file is created under /usr on purpose to test
 #       the 'revert' verb as well

test/units/testsuite-35.sh

@@ -390,7 +390,7 @@ testcase_sanity_check() {
 
     # We're not in the same session scope, so in this case we need to specify
     # the session ID explicitly
-    session=$(loginctl --no-legend | awk '$3 == "logind-test-user" { print $1; exit; }')
+    session=$(loginctl --no-legend | grep -v manager | awk '$3 == "logind-test-user" { print $1; exit; }')
     loginctl kill-session --signal=SIGCONT "$session"
     # FIXME(?)
     #loginctl kill-session --signal=SIGCONT --kill-whom=leader "$session"
@@ -524,11 +524,15 @@ EOF
     # least one session, so minimum of 2 "Lock" signals must have been sent.
     timeout 35 bash -c "while [[ \"\$(journalctl -b -u systemd-logind.service --since=$ts | grep -c 'Sent message type=signal .* member=Lock')\" -lt 1 ]]; do sleep 1; done"
 
+    # We need to know that a new message was sent after waking up,
+    # so we must track how many happened before sleeping to check we have extra.
+    locks="$(journalctl -b -u systemd-logind.service --since="$ts" | grep -c 'Sent message type=signal .* member=Lock')"
+
     # Wakeup
     touch /dev/tty2
 
     # Wait again
-    timeout 35 bash -c "while [[ \"\$(journalctl -b -u systemd-logind.service --since=$ts | grep -c 'Sent message type=signal .* member=Lock')\" -lt 2 ]]; do sleep 1; done"
+    timeout 35 bash -c "while [[ \"\$(journalctl -b -u systemd-logind.service --since=$ts | grep -c 'Sent message type=signal .* member=Lock')\" -lt $((locks + 1)) ]]; do sleep 1; done"
 
     if [[ "$(journalctl -b -u systemd-logind.service --since="$ts" | grep -c 'System idle. Will be locked now.')" -lt 2 ]]; then
         echo >&2 "System haven't entered idle state at least 2 times."

test/units/testsuite-46.sh

@@ -511,7 +511,11 @@ if command -v ssh &>/dev/null && command -v sshd &>/dev/null && ! [[ -v ASAN_OPT
         rm -f /tmp/homed.id_ecdsa /run/systemd/system/mysshserver{@.service,.socket}
         systemctl daemon-reload
         homectl remove homedsshtest
-        mv /etc/pam.d/sshd.bak /etc/pam.d/sshd
+        for dir in /etc /usr/lib; do
+            if [[ -f "$dir/pam.d/sshd.bak" ]]; then
+                mv "$dir/pam.d/sshd.bak" "$dir/pam.d/sshd"
+            fi
+        done
     }
 
     trap at_exit EXIT
@@ -538,8 +542,10 @@ if command -v ssh &>/dev/null && command -v sshd &>/dev/null && ! [[ -v ASAN_OPT
     # are aware of distros use
     mkdir -p /usr/share/empty.sshd /var/empty /var/empty/sshd /run/sshd
 
-    mv /etc/pam.d/sshd /etc/pam.d/sshd.bak
-    cat >/etc/pam.d/sshd <<EOF
+    for dir in /etc /usr/lib; do
+        if [[ -f "$dir/pam.d/sshd" ]]; then
+            mv "$dir/pam.d/sshd" "$dir/pam.d/sshd.bak"
+            cat >"$dir/pam.d/sshd" <<EOF
 auth    sufficient pam_unix.so nullok
 auth    sufficient pam_systemd_home.so debug
 auth    required   pam_deny.so
@@ -550,6 +556,9 @@ session optional   pam_systemd_home.so debug
 session optional   pam_systemd.so
 session required   pam_unix.so
 EOF
+            break
+        fi
+    done
 
     mkdir -p /etc/sshd/
     cat >/etc/ssh/sshd_config <<EOF

test/units/testsuite-60.sh

@@ -6,10 +6,6 @@ set -o pipefail
 # shellcheck source=test/units/util.sh
 . "$(dirname "$0")"/util.sh
 
-# Needed to create mount.mytmpfs helper
-maybe_mount_usr_overlay
-trap 'maybe_umount_usr_overlay' EXIT
-
 teardown_test_dependencies() (
     set +eux
 

test/units/testsuite-71.sh

@@ -63,7 +63,8 @@ get_chassis() (
 
 stop_hostnamed() {
     systemctl stop systemd-hostnamed.service
-    systemctl reset-failed systemd-hostnamed # reset trigger limit
+    # Reset trigger limit. This might fail if the unit was unloaded already, so ignore any errors.
+    systemctl reset-failed systemd-hostnamed || :
 }
 
 testcase_chassis() {

test/units/testsuite-73.sh

@@ -9,10 +9,6 @@ set -o pipefail
 # shellcheck source=test/units/util.sh
 . "$(dirname "$0")"/util.sh
 
-# Needed to generate test locales in /usr/lib
-maybe_mount_usr_overlay
-trap 'maybe_umount_usr_overlay' EXIT
-
 enable_debug() {
     mkdir -p /run/systemd/system/systemd-localed.service.d
     cat >>/run/systemd/system/systemd-localed.service.d/override.conf <<EOF

test/units/testsuite-82.sh

@@ -251,4 +251,4 @@ fi
 systemd-analyze log-level info
 
 touch /testok
-systemctl --no-block poweroff
+systemctl --no-block exit 123

test/units/testsuite-83.sh

@@ -3,6 +3,13 @@
 set -eux
 set -o pipefail
 
+FSTYPE="$(stat --file-system --format "%T" /)"
+
+if [[ "$FSTYPE" != "btrfs" ]]; then
+    echo "Root filesystem is $FSTYPE instead of btrfs, skipping"
+    exit 77
+fi
+
 TEST_BTRFS_OFFSET=/usr/lib/systemd/tests/unit-tests/manual/test-btrfs-physical-offset
 
 SWAPFILE=/var/tmp/swapfile

test/units/util.sh

@@ -156,13 +156,13 @@ coverage_create_nspawn_dropin() {
 create_dummy_container() {
     local root="${1:?}"
 
-    if [[ ! -d /testsuite-13-container-template ]]; then
+    if [[ ! -d /usr/share/testsuite-13-container-template ]]; then
         echo >&2 "Missing container template, probably not running in TEST-13-NSPAWN?"
         exit 1
     fi
 
     mkdir -p "$root"
-    cp -a /testsuite-13-container-template/* "$root"
+    cp -a /usr/share/testsuite-13-container-template/* "$root"
     coverage_create_nspawn_dropin "$root"
 }
 
@@ -226,22 +226,6 @@ kernel_supports_lsm() {
     return 1
 }
 
-MOUNTED_USR_OVERLAY=false
-
-maybe_mount_usr_overlay() {
-    if [[ ! -w /usr ]]; then
-        mkdir -p /tmp/usr-overlay/{upperdir,workdir}
-        mount -t overlay -o lowerdir=/usr,upperdir=/tmp/usr-overlay/upperdir,workdir=/tmp/usr-overlay/workdir overlay /usr
-        MOUNTED_USR_OVERLAY=true
-    fi
-}
-
-maybe_umount_usr_overlay() {
-    if "$MOUNTED_USR_OVERLAY"; then
-        umount -l /usr
-    fi
-}
-
 install_extension_images() {
         local os_release
         os_release="$(test -e /etc/os-release && echo /etc/os-release || echo /usr/lib/os-release)"