morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 08:25:20 +09:00
Code Issues Packages Projects Releases Wiki Activity

test: add test case for verity deferred removal without sharing

Browse Source 
I recently found out (the hard way) that on an older version
there was a bug when the verity sharing is disabled: the
deferred close flag was not set correctly, so verity devices
were leaked.

This is not an issue in main currently, but add a test case
to cover it just in case, to avoid future regressions.
This commit is contained in:
Luca Boccassi
2025-10-31 16:46:49 +00:00
committed by Yu Watanabe
parent 7517e41a49
commit 10fc43e504
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
test/units/TEST-50-DISSECT.dissect.sh
View File

@@ -78,6 +78,17 @@ fi
systemd-dissect --umount "$IMAGE_DIR/mount"
systemd-dissect --umount "$IMAGE_DIR/mount2"
# Ensure the deferred close flag is set up correctly and we don't leak verity devices
# when sharing is disabled
set +o pipefail
# The devices are named 'loopXYZ-verity' when sharing is disabled
n_before=$(dmsetup ls | grep loop | grep -c verity || true)
SYSTEMD_VERITY_SHARING=0 systemd-dissect --mount "$MINIMAL_IMAGE.raw" "$IMAGE_DIR/mount"
test $((n_before + 1)) -eq "$(dmsetup ls | grep loop | grep -c verity || true)"
umount -R "$IMAGE_DIR/mount"
test "$n_before" -eq "$(dmsetup ls | grep loop | grep -c verity || true)"
set -o pipefail
# Test BindLogSockets=
systemd-run --wait -p RootImage="$MINIMAL_IMAGE.raw" mountpoint /run/systemd/journal/socket
(! systemd-run --wait -p RootImage="$MINIMAL_IMAGE.raw" -p BindLogSockets=no ls /run/systemd/journal/socket)