Skip to content

Commit

Permalink
test: chown option
Browse files Browse the repository at this point in the history 
Signed-off-by: Cole Stowell <[email protected]>
  • Loading branch information
@costowell
costowell committed Jan 2, 2025
1 parent d7d599b commit e453e31
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions tests/from-nixos.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,10 @@
start_all()
installer.succeed("mkdir -p /tmp/extra-files/var/lib/secrets")
installer.succeed("echo value > /tmp/extra-files/var/lib/secrets/key")
installer.succeed("mkdir -p /tmp/extra-files/home/user/.ssh")
installer.succeed("echo secretkey > /tmp/extra-files/home/user/.ssh/id_ed25519")
installer.succeed("echo publickey > /tmp/extra-files/home/user/.ssh/id_ed25519.pub")
installer.succeed("chmod 600 /tmp/extra-files/home/user/.ssh/id_ed25519")
ssh_key_path = "/etc/ssh/ssh_host_ed25519_key.pub"
ssh_key_output = installer.wait_until_succeeds(f"""
ssh -i /root/.ssh/install_key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \
Expand All @@ -46,6 +50,7 @@
--kexec /etc/nixos-anywhere/kexec-installer \
--extra-files /tmp/extra-files \
--store-paths /etc/nixos-anywhere/disko /etc/nixos-anywhere/system-to-install \
--chown /home/user 1000:100 \
--copy-host-keys \
root@installed >&2
""")
Expand All @@ -62,6 +67,10 @@
assert "value" == content, f"secret does not have expected value: {content}"
ssh_key_content = new_machine.succeed(f"cat {ssh_key_path}").strip()
assert ssh_key_content in ssh_key_output, "SSH host identity changed"
priv_key_perms = new_machine.succeed("stat -c %a /home/user/.ssh/").strip()
assert priv_key_perms == "600", f"unexpected permissions for private key: {priv_key_perms}"
user_dir_ownership = new_machine.succeed("stat -c %u:%g /home/user").strip()
assert user_dir_ownership == "1000:100", f"unexpected user home dir permissions: {user_dir_ownership}"
'';
}
)

0 comments on commit e453e31

Please sign in to comment.