From 1f21bbecade2c74a02ec8e2d5ebc8757752ea7b2 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 8 Jan 2025 10:25:05 +0100
Subject: [PATCH 01/22] fmf: Don't fail if we can't put selinux in permissive
mode
The tests might be running unprivileged or in an environment without
selinux so let's not fail if we can't put it in permissive mode.
(cherry picked from commit 0250db0139b159cb9e6c1a87ad91ffdd03e80236)
---
test/fmf/integration-tests/test.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/test/fmf/integration-tests/test.sh b/test/fmf/integration-tests/test.sh
index 4984fb119b571..fe139567bdf06 100755
--- a/test/fmf/integration-tests/test.sh
+++ b/test/fmf/integration-tests/test.sh
@@ -4,8 +4,8 @@
set -eux
set -o pipefail
-# Switch SELinux to permissive, since the tests don't set proper contexts
-setenforce 0
+# Switch SELinux to permissive if possible, since the tests don't set proper contexts
+setenforce 0 || true
# Allow running the integration tests downstream in dist-git with something like
# the following snippet which makes the dist-git sources available in $TMT_SOURCE_DIR:
From 006ff34ef7d27aa10fd7343dacd1663f25561799 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 8 Jan 2025 10:25:50 +0100
Subject: [PATCH 02/22] fmf: Fix dist-git example
All that's needed is dist-git-source: true so remove the other settings
that aren't required.
(cherry picked from commit 0a85b3757968a2750286119760244e017c990263)
---
test/fmf/integration-tests/test.sh | 3 ---
1 file changed, 3 deletions(-)
diff --git a/test/fmf/integration-tests/test.sh b/test/fmf/integration-tests/test.sh
index fe139567bdf06..73771d4237207 100755
--- a/test/fmf/integration-tests/test.sh
+++ b/test/fmf/integration-tests/test.sh
@@ -13,9 +13,6 @@ setenforce 0 || true
# summary: systemd Fedora test suite
# discover:
# how: fmf
-# url: https://github.com/systemd/systemd
-# ref: main
-# path: test/fmf
# dist-git-source: true
# dist-git-install-builddeps: false
# prepare:
From fc5028ef24af77c9bf0965bb9e3518cdc1041797 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 8 Jan 2025 10:38:21 +0100
Subject: [PATCH 03/22] fmf: Fix glob
Globs inside quotes aren't expanded and we need the glob to be more
specific to avoid matching multiple entries inside the tmt source
directory.
(cherry picked from commit fc1b08dee2ccf706580fa448e66831d1e853d054)
---
test/fmf/integration-tests/test.sh | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/test/fmf/integration-tests/test.sh b/test/fmf/integration-tests/test.sh
index 73771d4237207..0a1595fa97268 100755
--- a/test/fmf/integration-tests/test.sh
+++ b/test/fmf/integration-tests/test.sh
@@ -23,8 +23,11 @@ setenforce 0 || true
# execute:
# how: tmt
+shopt -s extglob
+
if [[ -n "${TMT_SOURCE_DIR:-}" ]]; then
- pushd "$TMT_SOURCE_DIR/*/"
+ # Match either directories ending with branch names (e.g. systemd-fmf) or releases (e.g systemd-257.1).
+ pushd "$TMT_SOURCE_DIR"/systemd-+([0-9a-z.~])/
elif [[ -n "${PACKIT_TARGET_URL:-}" ]]; then
# Prepare systemd source tree
git clone "$PACKIT_TARGET_URL" systemd --branch "$PACKIT_TARGET_BRANCH"
From bff09b9634e0160bd33302eec1c25438cdba2af5 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 8 Jan 2025 12:12:15 +0100
Subject: [PATCH 04/22] fmf: Only mess with /etc/yum.repos.d when running
within testing farm
If running tmt locally to debug the test script, make sure we don't
mess with /etc/yum.repos.d.
(cherry picked from commit 8e3347f3bd3d9a01b8f39b0858eab74084ecf20a)
---
test/fmf/integration-tests/test.sh | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/test/fmf/integration-tests/test.sh b/test/fmf/integration-tests/test.sh
index 0a1595fa97268..347cd219a458a 100755
--- a/test/fmf/integration-tests/test.sh
+++ b/test/fmf/integration-tests/test.sh
@@ -63,6 +63,11 @@ Release=${VERSION_ID:-rawhide}
[Build]
ToolsTreeDistribution=$ID
ToolsTreeRelease=${VERSION_ID:-rawhide}
+EOF
+
+if [[ -n "${TESTING_FARM_REQUEST_ID:-}" ]]; then
+ tee --append mkosi.local.conf <<EOF
+[Build]
ToolsTreeSandboxTrees=
/etc/yum.repos.d/:/etc/yum.repos.d/
/var/share/test-artifacts/:/var/share/test-artifacts/
@@ -72,14 +77,15 @@ SandboxTrees=
Environment=NO_BUILD=1
EOF
-cat /etc/dnf/dnf.conf
-cat /etc/yum.repos.d/*
+ cat /etc/dnf/dnf.conf
+ cat /etc/yum.repos.d/*
-# Ensure packages built for this test have highest priority
-echo -e "\npriority=1" >> /etc/yum.repos.d/copr_build*
+ # Ensure packages built for this test have highest priority
+ echo -e "\npriority=1" >> /etc/yum.repos.d/copr_build*
-# Disable mkosi's own repository logic
-touch /etc/yum.repos.d/mkosi.repo
+ # Disable mkosi's own repository logic
+ touch /etc/yum.repos.d/mkosi.repo
+fi
# TODO: drop once BTRFS regression is fixed in kernel 6.13
sed -i "s/Format=btrfs/Format=ext4/" mkosi.repart/10-root.conf
From d0b9af0f2bb5f8891eb4def4ec201bf527fe2096 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 8 Jan 2025 16:41:46 +0100
Subject: [PATCH 05/22] fmf: Dump CPU and memory information
(cherry picked from commit 44368f84d7ddbec7a50648a65c27cb6a31090a29)
---
test/fmf/integration-tests/test.sh | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/test/fmf/integration-tests/test.sh b/test/fmf/integration-tests/test.sh
index 347cd219a458a..4545090c3c1ab 100755
--- a/test/fmf/integration-tests/test.sh
+++ b/test/fmf/integration-tests/test.sh
@@ -7,6 +7,10 @@ set -o pipefail
# Switch SELinux to permissive if possible, since the tests don't set proper contexts
setenforce 0 || true
+echo "CPU and Memory information:"
+lscpu
+lsmem
+
# Allow running the integration tests downstream in dist-git with something like
# the following snippet which makes the dist-git sources available in $TMT_SOURCE_DIR:
#
From c8cd705e5ed0a1f1fe642772a7605b36f30215a1 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 8 Jan 2025 13:31:11 +0100
Subject: [PATCH 06/22] TEST-06-SELINUX: Add knob to allow checking for AVCs
When running the integration tests downstream, it's useful to be
able to test that a new systemd version doesn't introduce any AVC
denials, so let's add a knob to make that possible.
(cherry picked from commit de19520ec979902fd457515d1a795210fdaedf93)
---
test/README.testsuite | 10 ++++++++++
test/fmf/integration-tests/test.sh | 7 +++++++
test/units/TEST-06-SELINUX.sh | 4 ++++
3 files changed, 21 insertions(+)
diff --git a/test/README.testsuite b/test/README.testsuite
index da2d17a6dba7c..6b367aa6738fa 100644
--- a/test/README.testsuite
+++ b/test/README.testsuite
@@ -151,6 +151,16 @@ that make use of `run_testcases`.
`TEST_SKIP_TESTCASE=testcase`: takes a space separated list of testcases to skip.
+### SELinux AVCs
+
+To have `TEST-06-SELINUX` check for SELinux denials, write the following to
+mkosi.local.conf:
+
+```conf
+[Runtime]
+KernelCommandLineExtra=systemd.setenv=TEST_SELINUX_CHECK_AVCS=1
+```
+
## Ubuntu CI
New PRs submitted to the project are run through regression tests, and one set
diff --git a/test/fmf/integration-tests/test.sh b/test/fmf/integration-tests/test.sh
index 4545090c3c1ab..fccfa15c72821 100755
--- a/test/fmf/integration-tests/test.sh
+++ b/test/fmf/integration-tests/test.sh
@@ -69,6 +69,13 @@ ToolsTreeDistribution=$ID
ToolsTreeRelease=${VERSION_ID:-rawhide}
EOF
+if [[ -n "${TEST_SELINUX_CHECK_AVCS:-}" ]]; then
+ tee --append mkosi.local.conf <<EOF
+[Runtime]
+KernelCommandLineExtra=systemd.setenv=TEST_SELINUX_CHECK_AVCS=$TEST_SELINUX_CHECK_AVCS
+EOF
+fi
+
if [[ -n "${TESTING_FARM_REQUEST_ID:-}" ]]; then
tee --append mkosi.local.conf <<EOF
[Build]
diff --git a/test/units/TEST-06-SELINUX.sh b/test/units/TEST-06-SELINUX.sh
index 937a04005ad8d..4ab9224a9ea30 100755
--- a/test/units/TEST-06-SELINUX.sh
+++ b/test/units/TEST-06-SELINUX.sh
@@ -46,4 +46,8 @@ NSPAWN_ARGS=(systemd-nspawn -q --volatile=yes --directory=/ --bind-ro=/etc --ina
[[ "$("${NSPAWN_ARGS[@]}" --selinux-apifs-context="$CONTEXT" stat --printf %C /run)" == "$CONTEXT" ]]
[[ "$("${NSPAWN_ARGS[@]}" --selinux-apifs-context="$CONTEXT" --tmpfs=/tmp stat --printf %C /tmp)" == "$CONTEXT" ]]
+if [[ -n "${TEST_SELINUX_CHECK_AVCS:-}" ]] && ((TEST_SELINUX_CHECK_AVCS)); then
+ (! journalctl -t audit -g AVC -o cat)
+fi
+
touch /testok
From f58b341580a6b4dcd0ede92c38fc5452e29929d5 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 8 Jan 2025 16:03:06 +0100
Subject: [PATCH 07/22] fmf: Force SELinux relabel when running within testing
farm
We expect to run as root within testing farm and to have permissions
to do selinux relabelling so let's enable it explicitly.
(cherry picked from commit e1c883bf32f3922bfc977701062e353c0a0a4ac5)
---
test/fmf/integration-tests/test.sh | 3 +++
1 file changed, 3 insertions(+)
diff --git a/test/fmf/integration-tests/test.sh b/test/fmf/integration-tests/test.sh
index fccfa15c72821..8cea79cf30274 100755
--- a/test/fmf/integration-tests/test.sh
+++ b/test/fmf/integration-tests/test.sh
@@ -78,6 +78,9 @@ fi
if [[ -n "${TESTING_FARM_REQUEST_ID:-}" ]]; then
tee --append mkosi.local.conf <<EOF
+[Content]
+SELinuxRelabel=yes
+
[Build]
ToolsTreeSandboxTrees=
/etc/yum.repos.d/:/etc/yum.repos.d/
From 02cad97ca31722efeca560231b2e7ef96af40b56 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Thu, 9 Jan 2025 11:27:51 +0100
Subject: [PATCH 08/22] test: Drop set -x from integration-test-setup.sh
(cherry picked from commit 90538ede55ac9d40dc513f64f052c687672cae89)
---
test/integration-test-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/integration-test-setup.sh b/test/integration-test-setup.sh
index d7c384a97cf48..c67f938acf26f 100755
--- a/test/integration-test-setup.sh
+++ b/test/integration-test-setup.sh
@@ -1,6 +1,6 @@
#!/usr/bin/env bash
# SPDX-License-Identifier: LGPL-2.1-or-later
-set -eux
+set -eu
set -o pipefail
case "$1" in
From 9f6617a1a086ecbdd4abb29d4a5b4eada05eb9c4 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Thu, 9 Jan 2025 11:28:15 +0100
Subject: [PATCH 09/22] test: Only plug in integration-test-setup.sh in
interactive mode
If we're not running interactively, there's no point in the features
from integration-test-setup.sh which are intended for interactive
development and debugging so lets skip adding it in that case.
(cherry picked from commit 794d456cf402a35290d6562c21f0ff846511026c)
---
test/integration-test-wrapper.py | 9 +++++++++
test/test.service.in | 2 --
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/test/integration-test-wrapper.py b/test/integration-test-wrapper.py
index ef6df8840f50d..5fa0325b889e5 100755
--- a/test/integration-test-wrapper.py
+++ b/test/integration-test-wrapper.py
@@ -459,6 +459,15 @@ def main() -> None:
"""
)
+ if sys.stderr.isatty():
+ dropin += textwrap.dedent(
+ """
+ [Service]
+ ExecStartPre=/usr/lib/systemd/tests/testdata/integration-test-setup.sh setup
+ ExecStopPost=/usr/lib/systemd/tests/testdata/integration-test-setup.sh finalize
+ """
+ )
+
cmd = [
args.mkosi,
'--directory', os.fspath(args.meson_source_dir),
diff --git a/test/test.service.in b/test/test.service.in
index 6400be0700288..75f703698f687 100644
--- a/test/test.service.in
+++ b/test/test.service.in
@@ -7,9 +7,7 @@ Before=getty-pre.target
[Service]
ExecStartPre=rm -f /failed /testok
-ExecStartPre=/usr/lib/systemd/tests/testdata/integration-test-setup.sh setup
ExecStart=@command@
-ExecStopPost=/usr/lib/systemd/tests/testdata/integration-test-setup.sh finalize
Type=oneshot
MemoryAccounting=@memory-accounting@
StateDirectory=%N
From 2aa2a0c9d166fd7a77c027852255bf248fe63aa0 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 7 Jan 2025 15:01:02 +0100
Subject: [PATCH 10/22] mkosi: Re-enable TEST-21-DFUZZER when running with
sanitizers
Similar to how CentOS CI did it previously, let's only run
TEST-21-DFUZZER when built with sanitizers for maximum effect.
(cherry picked from commit 103e92810a4bd3f01d2a49d85ef9575d60a8d244)
---
.github/workflows/mkosi.yml | 8 ++++++++
test/TEST-21-DFUZZER/meson.build | 1 -
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/mkosi.yml b/.github/workflows/mkosi.yml
index a043022ce05a1..592ed41051458 100644
--- a/.github/workflows/mkosi.yml
+++ b/.github/workflows/mkosi.yml
@@ -61,6 +61,7 @@ jobs:
cflags: "-O2 -D_FORTIFY_SOURCE=3"
relabel: no
vm: 1
+ skip: TEST-21-DFUZZER
- distro: debian
release: testing
sanitizers: ""
@@ -68,6 +69,7 @@ jobs:
cflags: "-Og"
relabel: no
vm: 0
+ skip: TEST-21-DFUZZER
- distro: ubuntu
release: noble
sanitizers: ""
@@ -75,6 +77,7 @@ jobs:
cflags: "-Og"
relabel: no
vm: 0
+ skip: TEST-21-DFUZZER
- distro: fedora
release: "41"
sanitizers: ""
@@ -82,6 +85,7 @@ jobs:
cflags: "-Og"
relabel: yes
vm: 0
+ skip: TEST-21-DFUZZER
- distro: fedora
release: rawhide
sanitizers: address,undefined
@@ -96,6 +100,7 @@ jobs:
cflags: "-Og"
relabel: no
vm: 0
+ skip: TEST-21-DFUZZER
- distro: centos
release: "9"
sanitizers: ""
@@ -103,6 +108,7 @@ jobs:
cflags: "-Og"
relabel: yes
vm: 0
+ skip: TEST-21-DFUZZER
- distro: centos
release: "10"
sanitizers: ""
@@ -110,6 +116,7 @@ jobs:
cflags: "-Og"
relabel: yes
vm: 0
+ skip: TEST-21-DFUZZER
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
@@ -195,6 +202,7 @@ jobs:
mkosi sandbox \
env \
TEST_PREFER_QEMU=${{ matrix.vm }} \
+ TEST_SKIP=${{ matrix.skip }} \
meson test \
-C build \
--no-rebuild \
diff --git a/test/TEST-21-DFUZZER/meson.build b/test/TEST-21-DFUZZER/meson.build
index f57be63380222..932f0c5f0e407 100644
--- a/test/TEST-21-DFUZZER/meson.build
+++ b/test/TEST-21-DFUZZER/meson.build
@@ -6,6 +6,5 @@ integration_tests += [
'timeout' : 3600,
'priority' : 50,
'vm' : true,
- 'enabled' : false,
},
]
From 0d6306c37144494e8b029a5f73aec40372587203 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Thu, 9 Jan 2025 15:13:18 +0100
Subject: [PATCH 11/22] fmf: Move meson logs and failed test journals to test
artifacts dir
(cherry picked from commit 0e444c948e7d8ddbdec83116b68af7d876e2d2f6)
---
test/fmf/integration-tests/test.sh | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/test/fmf/integration-tests/test.sh b/test/fmf/integration-tests/test.sh
index 8cea79cf30274..762016f2a5c1c 100755
--- a/test/fmf/integration-tests/test.sh
+++ b/test/fmf/integration-tests/test.sh
@@ -125,6 +125,11 @@ mkosi -f sandbox \
--suite integration-tests \
--print-errorlogs \
--no-stdsplit \
- --num-processes "$(($(nproc) - 1))"
+ --num-processes "$(($(nproc) - 1))" && EC=0 || EC=$?
+
+find build/meson-logs -type f -exec mv {} "$TMT_TEST_DATA" \;
+find build/test/journal -type f -exec mv {} "$TMT_TEST_DATA" \;
popd
+
+exit "$EC"
From 80d2d53b0d8573b69597a37f6ced38df97ad2746 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Thu, 9 Jan 2025 15:24:51 +0100
Subject: [PATCH 12/22] fmf: Log clock source
(cherry picked from commit 6e761c5a93278fc719a66f7c984af9608b836991)
---
test/fmf/integration-tests/test.sh | 2 ++
1 file changed, 2 insertions(+)
diff --git a/test/fmf/integration-tests/test.sh b/test/fmf/integration-tests/test.sh
index 762016f2a5c1c..d1e43b1d7dbc9 100755
--- a/test/fmf/integration-tests/test.sh
+++ b/test/fmf/integration-tests/test.sh
@@ -11,6 +11,8 @@ echo "CPU and Memory information:"
lscpu
lsmem
+echo "Clock source: $(cat /sys/devices/system/clocksource/clocksource0/current_clocksource)"
+
# Allow running the integration tests downstream in dist-git with something like
# the following snippet which makes the dist-git sources available in $TMT_SOURCE_DIR:
#
From 0584ff62f23838d2a85d48ce22a56aeb61e6f3e7 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Thu, 9 Jan 2025 16:24:22 +0100
Subject: [PATCH 13/22] tree-wide: Fix python formatting
The new release of ruff formats a few more things which causes linter
failures in CI so let's fix those formatting nits.
(cherry picked from commit 96403d5121d93dd47dbe9dab5b90ff973e664ac3)
---
src/ukify/ukify.py | 6 +++---
test/integration-test-wrapper.py | 6 +++---
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/ukify/ukify.py b/src/ukify/ukify.py
index 3f36aa7af6b08..be4e30eb8e36e 100755
--- a/src/ukify/ukify.py
+++ b/src/ukify/ukify.py
@@ -763,7 +763,7 @@ def call_systemd_measure(uki: UKI, opts: UkifyConfig, profile_start: int = 0) ->
cmd = [
measure_tool,
'calculate',
- *(f"--{s.name.removeprefix('.')}={s.content}" for s in to_measure.values()),
+ *(f'--{s.name.removeprefix(".")}={s.content}' for s in to_measure.values()),
*(f'--bank={bank}' for bank in banks),
# For measurement, the keys are not relevant, so we can lump all the phase paths
# into one call to systemd-measure calculate.
@@ -786,7 +786,7 @@ def call_systemd_measure(uki: UKI, opts: UkifyConfig, profile_start: int = 0) ->
cmd = [
measure_tool,
'sign',
- *(f"--{s.name.removeprefix('.')}={s.content}" for s in to_measure.values()),
+ *(f'--{s.name.removeprefix(".")}={s.content}' for s in to_measure.values()),
*(f'--bank={bank}' for bank in banks),
]
@@ -1284,7 +1284,7 @@ def make_uki(opts: UkifyConfig) -> None:
os.umask(umask := os.umask(0))
os.chmod(opts.output, 0o777 & ~umask)
- print(f"Wrote {'signed' if sign_args_present else 'unsigned'} {opts.output}")
+ print(f'Wrote {"signed" if sign_args_present else "unsigned"} {opts.output}')
@contextlib.contextmanager
diff --git a/test/integration-test-wrapper.py b/test/integration-test-wrapper.py
index 5fa0325b889e5..d9d92fcba3b0e 100755
--- a/test/integration-test-wrapper.py
+++ b/test/integration-test-wrapper.py
@@ -429,7 +429,7 @@ def main() -> None:
dropin += textwrap.dedent(
f"""
[Service]
- Environment=TEST_MATCH_SUBTEST={os.environ["TEST_MATCH_SUBTEST"]}
+ Environment=TEST_MATCH_SUBTEST={os.environ['TEST_MATCH_SUBTEST']}
"""
)
@@ -437,7 +437,7 @@ def main() -> None:
dropin += textwrap.dedent(
f"""
[Service]
- Environment=TEST_MATCH_TESTCASE={os.environ["TEST_MATCH_TESTCASE"]}
+ Environment=TEST_MATCH_TESTCASE={os.environ['TEST_MATCH_TESTCASE']}
"""
)
@@ -568,7 +568,7 @@ def main() -> None:
ops += [f'journalctl --file {journal_file} --no-hostname -o short-monotonic -u {args.unit} -p info']
- print("Test failed, relevant logs can be viewed with: \n\n" f"{(' && '.join(ops))}\n", file=sys.stderr)
+ print(f'Test failed, relevant logs can be viewed with: \n\n{(" && ".join(ops))}\n', file=sys.stderr)
# 0 also means we failed so translate that to a non-zero exit code to mark the test as failed.
exit(result.returncode or 1)
From eb15a87fb0ba3d37b58e0b74f6c796f6d632c273 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Fri, 10 Jan 2025 14:27:33 +0100
Subject: [PATCH 14/22] test: Add option to save in progress test journals to
/tmp
The journal isn't the best at being fast, especially when writing
to disk and not to memory, which can cause integration tests to
grind to a halt on beefy systems due to all the systemd-journal-remote
instances not being able to write journal entries to disk fast enough.
Let's introduce an option to allow writing in progress test journals
to use /tmp which can be used on beefy systems with lots of memory to
speed things up.
(cherry picked from commit e49fdecd161b3d391e55311652fda3220d851fa1)
---
test/README.testsuite | 4 ++++
test/integration-test-wrapper.py | 12 +++++++++++-
2 files changed, 15 insertions(+), 1 deletion(-)
diff --git a/test/README.testsuite b/test/README.testsuite
index 6b367aa6738fa..e33c08f33a20e 100644
--- a/test/README.testsuite
+++ b/test/README.testsuite
@@ -151,6 +151,10 @@ that make use of `run_testcases`.
`TEST_SKIP_TESTCASE=testcase`: takes a space separated list of testcases to skip.
+`TEST_JOURNAL_USE_TMP=1`: Write test journal to `/tmp` while the test is in
+progress and only move the journal to its final location in the build directory
+(`$BUILD_DIR/test/journal`) when the test is finished.
+
### SELinux AVCs
To have `TEST-06-SELINUX` check for SELinux denials, write the following to
diff --git a/test/integration-test-wrapper.py b/test/integration-test-wrapper.py
index d9d92fcba3b0e..1c28cf3776e80 100755
--- a/test/integration-test-wrapper.py
+++ b/test/integration-test-wrapper.py
@@ -10,6 +10,7 @@
import os
import re
import shlex
+import shutil
import subprocess
import sys
import tempfile
@@ -441,7 +442,11 @@ def main() -> None:
"""
)
- journal_file = (args.meson_build_dir / (f'test/journal/{name}.journal')).absolute()
+ if os.getenv('TEST_JOURNAL_USE_TMP', '0') == '1':
+ journal_file = Path(f'/tmp/systemd-integration-tests/journal/{name.journal}')
+ else:
+ journal_file = (args.meson_build_dir / f'test/journal/{name}.journal').absolute()
+
journal_file.unlink(missing_ok=True)
if not sys.stderr.isatty():
@@ -551,6 +556,11 @@ def main() -> None:
):
journal_file.unlink(missing_ok=True)
+ if os.getenv('TEST_JOURNAL_USE_TMP', '0') == '1':
+ dst = args.meson_build_dir / f'test/journal/{name}.journal'
+ dst.parent.mkdir(parents=True, exist_ok=True)
+ shutil.move(journal_file, dst)
+
if shell or (result.returncode in (args.exit_code, 77) and not coredumps and not sanitizer):
exit(0 if shell or result.returncode == args.exit_code else 77)
From ce86b8086e92c84e33385fb48467384abe74ca6d Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Fri, 10 Jan 2025 14:29:58 +0100
Subject: [PATCH 15/22] test: Don't register machines with machined unless
we're in interactive mode
(cherry picked from commit 84b30442d257102a9a39122f9a537fa48fb0bfda)
---
test/integration-test-wrapper.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/integration-test-wrapper.py b/test/integration-test-wrapper.py
index 1c28cf3776e80..94904cfbc4c05 100755
--- a/test/integration-test-wrapper.py
+++ b/test/integration-test-wrapper.py
@@ -516,7 +516,7 @@ def main() -> None:
]
),
'--credential', f"journal.storage={'persistent' if sys.stderr.isatty() else args.storage}",
- *(['--runtime-build-sources=no'] if not sys.stderr.isatty() else []),
+ *(['--runtime-build-sources=no', '--register=no'] if not sys.stderr.isatty() else []),
'vm' if args.vm or os.getuid() != 0 or os.getenv('TEST_PREFER_QEMU', '0') == '1' else 'boot',
] # fmt: skip
From 504eee6eb099c80b48d8bf7e82ca9e0d6549e076 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Fri, 10 Jan 2025 14:51:24 +0100
Subject: [PATCH 16/22] test: Move StateDirectory= directive into dropin
The integration-test-setup calls require StateDirectory= but some
tests override the test unit used which then won't have StateDirectory=
so let's move StateDirectory= into the dropin as well to avoid this
issue.
(cherry picked from commit 1f17ec0ed419627a686ee6e719ac7f55cf082ada)
---
test/integration-test-wrapper.py | 1 +
test/test.service.in | 1 -
2 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/integration-test-wrapper.py b/test/integration-test-wrapper.py
index 94904cfbc4c05..610c34c903425 100755
--- a/test/integration-test-wrapper.py
+++ b/test/integration-test-wrapper.py
@@ -470,6 +470,7 @@ def main() -> None:
[Service]
ExecStartPre=/usr/lib/systemd/tests/testdata/integration-test-setup.sh setup
ExecStopPost=/usr/lib/systemd/tests/testdata/integration-test-setup.sh finalize
+ StateDirectory=%N
"""
)
diff --git a/test/test.service.in b/test/test.service.in
index 75f703698f687..790c513da4338 100644
--- a/test/test.service.in
+++ b/test/test.service.in
@@ -10,4 +10,3 @@ ExecStartPre=rm -f /failed /testok
ExecStart=@command@
Type=oneshot
MemoryAccounting=@memory-accounting@
-StateDirectory=%N
From 4fc1059282f5e39b3385fe175d377de96461f68b Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Fri, 10 Jan 2025 15:26:37 +0100
Subject: [PATCH 17/22] fmf: Bump inotify limits to avoid systemd-nspawn
failures
(cherry picked from commit c32a8cdaa0f03ae29e9edade1213cc2001b28000)
---
test/fmf/integration-tests/test.sh | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/test/fmf/integration-tests/test.sh b/test/fmf/integration-tests/test.sh
index d1e43b1d7dbc9..34bf1abfa8943 100755
--- a/test/fmf/integration-tests/test.sh
+++ b/test/fmf/integration-tests/test.sh
@@ -13,6 +13,10 @@ lsmem
echo "Clock source: $(cat /sys/devices/system/clocksource/clocksource0/current_clocksource)"
+# Bump inotify limits so nspawn containers don't run out of inotify file descriptors.
+sysctl fs.inotify.max_user_watches=65536
+sysctl fs.inotify.max_user_instances=1024
+
# Allow running the integration tests downstream in dist-git with something like
# the following snippet which makes the dist-git sources available in $TMT_SOURCE_DIR:
#
From 7f3639f9a0ead8ea70f2d975de4271bb7d8ab05b Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Fri, 10 Jan 2025 15:26:54 +0100
Subject: [PATCH 18/22] fmf: Use different heuristic on beefy systems
If we save journals in /tmp, we can run a larger number of tests in
parallel so let's make use of the larger number of CPUs if the tests
run on a beefy machine.
(cherry picked from commit 53546c71fe0a1b30ee296df84bb8c3577f5675a4)
---
test/fmf/integration-tests/test.sh | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/test/fmf/integration-tests/test.sh b/test/fmf/integration-tests/test.sh
index 34bf1abfa8943..06a98bfd7a0be 100755
--- a/test/fmf/integration-tests/test.sh
+++ b/test/fmf/integration-tests/test.sh
@@ -116,6 +116,14 @@ if [[ ! -e /dev/kvm ]]; then
export TEST_NO_QEMU=1
fi
+NPROC="$(nproc)"
+if [[ "$NPROC" -ge 10 ]]; then
+ export TEST_JOURNAL_USE_TMP=1
+ NPROC="$((NPROC / 3))"
+else
+ NPROC="$((NPROC - 1))"
+fi
+
# Create missing mountpoint for mkosi sandbox.
mkdir -p /etc/pacman.d/gnupg
@@ -131,7 +139,7 @@ mkosi -f sandbox \
--suite integration-tests \
--print-errorlogs \
--no-stdsplit \
- --num-processes "$(($(nproc) - 1))" && EC=0 || EC=$?
+ --num-processes "$NPROC" && EC=0 || EC=$?
find build/meson-logs -type f -exec mv {} "$TMT_TEST_DATA" \;
find build/test/journal -type f -exec mv {} "$TMT_TEST_DATA" \;
From 3661dcc1cbf43dca2a9a77c3dffe50cbe1a7ea18 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Fri, 10 Jan 2025 15:29:28 +0100
Subject: [PATCH 19/22] fmf: Skip TEST-21-DFUZZER
Similar to Github Actions, since we don't build with sanitizers in
the packit job, let's skip TEST-21-DFUZZER.
(cherry picked from commit e0c2fd6a3345d26afdf4159406c38cd9101d2e0d)
---
test/fmf/integration-tests/test.sh | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/test/fmf/integration-tests/test.sh b/test/fmf/integration-tests/test.sh
index 06a98bfd7a0be..f82961f9599d0 100755
--- a/test/fmf/integration-tests/test.sh
+++ b/test/fmf/integration-tests/test.sh
@@ -124,6 +124,10 @@ else
NPROC="$((NPROC - 1))"
fi
+# This test is only really useful if we're building with sanitizers and takes a long time, so let's skip it
+# for now.
+export TEST_SKIP="TEST-21-DFUZZER"
+
# Create missing mountpoint for mkosi sandbox.
mkdir -p /etc/pacman.d/gnupg
From 25c8ee9dc089b593940cefefb2dba7660768a7a8 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Mon, 13 Jan 2025 10:33:20 +0100
Subject: [PATCH 20/22] test: Fix bug in integration test wrapper
(cherry picked from commit 79ac78e3680a425d86c7a90e6846c630c9583b48)
---
test/integration-test-wrapper.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/integration-test-wrapper.py b/test/integration-test-wrapper.py
index 610c34c903425..5321faef57818 100755
--- a/test/integration-test-wrapper.py
+++ b/test/integration-test-wrapper.py
@@ -443,7 +443,7 @@ def main() -> None:
)
if os.getenv('TEST_JOURNAL_USE_TMP', '0') == '1':
- journal_file = Path(f'/tmp/systemd-integration-tests/journal/{name.journal}')
+ journal_file = Path(f'/tmp/systemd-integration-tests/journal/{name}.journal')
else:
journal_file = (args.meson_build_dir / f'test/journal/{name}.journal').absolute()
From 051ad7661f7cf29b6cbf99c70a6a504f777bc240 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 14 Jan 2025 09:52:40 +0100
Subject: [PATCH 21/22] test: Only move journal file if we didn't just unlink
it
(cherry picked from commit 1d77ac19cfa1c9b194d7e9805430ab6fd38ba97e)
---
test/integration-test-wrapper.py | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/test/integration-test-wrapper.py b/test/integration-test-wrapper.py
index 5321faef57818..a7bf5ea6060d4 100755
--- a/test/integration-test-wrapper.py
+++ b/test/integration-test-wrapper.py
@@ -556,8 +556,7 @@ def main() -> None:
and not sanitizer
):
journal_file.unlink(missing_ok=True)
-
- if os.getenv('TEST_JOURNAL_USE_TMP', '0') == '1':
+ elif os.getenv('TEST_JOURNAL_USE_TMP', '0') == '1':
dst = args.meson_build_dir / f'test/journal/{name}.journal'
dst.parent.mkdir(parents=True, exist_ok=True)
shutil.move(journal_file, dst)
From 6cd2c87e4ef1379520c98316ac5d6bcf21ef1bd1 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 14 Jan 2025 11:41:17 +0100
Subject: [PATCH 22/22] fmf: Only move logs if corresponding directory exists
Otherwise find fails with an error.
(cherry picked from commit 3c2fa8e0501f9f39b3b7ca0506a7d548a39af928)
---
test/fmf/integration-tests/test.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/test/fmf/integration-tests/test.sh b/test/fmf/integration-tests/test.sh
index f82961f9599d0..aff79340f79fe 100755
--- a/test/fmf/integration-tests/test.sh
+++ b/test/fmf/integration-tests/test.sh
@@ -145,8 +145,8 @@ mkosi -f sandbox \
--no-stdsplit \
--num-processes "$NPROC" && EC=0 || EC=$?
-find build/meson-logs -type f -exec mv {} "$TMT_TEST_DATA" \;
-find build/test/journal -type f -exec mv {} "$TMT_TEST_DATA" \;
+[[ -d build/meson-logs ]] && find build/meson-logs -type f -exec mv {} "$TMT_TEST_DATA" \;
+[[ -d build/test/journal ]] && find build/test/journal -type f -exec mv {} "$TMT_TEST_DATA" \;
popd