aboutsummaryrefslogtreecommitdiff
path: root/tests/linux-sandbox.sh
AgeCommit message (Collapse)Author
2023-06-22Better document build failure exit codesJohn Ericson
- Improved API docs from comment - Exit codes are for `nix-build`, not just `nix-store --release` - Make note in tests so the magic numbers are not surprising Picking up where #8387 left off.
2023-06-20Update tests/linux-sandbox.shGuillaume Maudoux
Co-authored-by: John Ericson <git@JohnEricson.me>
2023-05-23Further refactor linux-sandbox.sh and fix tee usageGuillaume Maudoux
2023-05-22Check exact error codes in linux-sandbox.shGuillaume Maudoux
2023-05-22Add tests for bind mount of SSL certs in sandboxGuillaume Maudoux
2023-03-16Cleanup test skippingJohn Ericson
- Try not to put cryptic "99" in many places Factor out `exit 99` into `skipTest` function - Alows make sure skipping a test is done with a reason `skipTest` takes a mandatory argument - Separate pure conditionals vs side-effectful test skipping. "require daemon" already had this, but "sandbox support" did not.
2023-03-08Harden tests' bashJohn Ericson
Use `set -u` and `set -o pipefail` to catch accidental mistakes and failures more strongly. - `set -u` catches the use of undefined variables - `set -o pipefail` catches failures (like `set -e`) earlier in the pipeline. This makes the tests a bit more robust. It is nice to read code not worrying about these spurious success paths (via uncaught) errors undermining the tests. Indeed, I caught some bugs doing this. There are a few tests where we run a command that should fail, and then search its output to make sure the failure message is one that we expect. Before, since the `grep` was the last command in the pipeline the exit code of those failing programs was silently ignored. Now with `set -o pipefail` it won't be, and we have to do something so the expected failure doesn't accidentally fail the test. To do that we use `expect` and a new `expectStderr` to check for the exact failing exit code. See the comments on each for why. `grep -q` is replaced with `grepQuiet`, see the comments on that function for why. `grep -v` when we just want the exit code is replaced with `grepInverse, see the comments on that function for why. `grep -q -v` together is, surprise surprise, replaced with `grepQuietInverse`, which is both combined. Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-02-14Don't allow writing to /etcYorick van Pelt
2021-07-27Allow running all the tests with the daemonregnat
When `NIX_DAEMON_PACKAGE` is set, make all the tests use the Nix daemon. That way we can test every piece of Nix functionality both with and without the daemon. Tests for which using the daemon isn’t possible or doesn’t make sens can selectively be disabled with `needLocalStore`
2021-03-31tests/*: show when tests are skippedRobert Hensing
2020-12-03Move NAR-related commands to 'nix nar'Eelco Dolstra
2020-04-10Fix nix-build --check -K in sandbox w/o rootBruce Toll
Temporarily add user-write permission to build directory so that it can be moved out of the sandbox to the store with a .check suffix. This is necessary because the build directory has already had its permissions set read-only, but write permission is required to update the directory's parent link to move it out of the sandbox. Updated the related --check "derivation may not be deterministic" messages to consistently use the real store paths. Added test for non-root sandbox nix-build --check -K to demonstrate issue and help prevent regressions.
2019-05-12build: add test for sandboxed --checkDaiderd Jordan
2018-01-13Fix tests using user namespaces on kernels that don't have itTuomas Tynkkynen
Disable various tests if the kernel doesn't support unprivileged user namespaces (e.g. Arch Linux disables them) or disable them via a sysctl (Debian, Ubuntu). Fixes #1521 Fixes #1625
2017-11-20Test: Replace --option with the corresponding flagEelco Dolstra
2017-10-24Allow shorter syntax for chroot storesEelco Dolstra
You can now say '--store /tmp/nix' instead of '--store local?root=/tmp/nix'.
2017-08-31Rename a few configuration optionsEelco Dolstra
In particular, drop the "build-" and "gc-" prefixes which are pointless. So now you can say nix build --no-sandbox instead of nix build --no-build-use-sandbox
2017-05-08Linux sandbox: Fix compatibility with older kernelsEelco Dolstra
2017-05-02Add a test for diverted storesEelco Dolstra