me/guix
Archived
1
0
Fork 0
Code Activity
This repository has been archived on 2024-08-07. You can view files and clone it, but cannot push or open issues or pull requests.
guix/gnu/tests/virtualization.scm
Ludovic Courtès 917c17c052
tests: childhurd: Test SSH connection with a non-root user. 
* gnu/tests/virtualization.scm (%childhurd-os): Remove ‘services’ and
add ‘users’ to the GNU/Hurd ‘operating-system’ declaration.
(run-childhurd-test)[run-command-over-ssh]: Log in as “test” instead of
“root”.
2023-10-05 23:14:55 +02:00

417 lines
14 KiB
Scheme
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2017 Christopher Baines <mail@cbaines.net>
;;; Copyright © 2020-2023 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
;;; Copyright © 2021 Pierre Langlois <pierre.langlois@gmx.com>
;;; Copyright © 2022 Marius Bakke <marius@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu tests virtualization)
#:use-module (gnu tests)
#:use-module (gnu image)
#:use-module (gnu system)
#:use-module (gnu system accounts)
#:use-module (gnu system file-systems)
#:use-module (gnu system image)
#:use-module (gnu system images hurd)
#:use-module ((gnu system shadow) #:select (%base-user-accounts))
#:use-module (gnu system vm)
#:use-module (gnu services)
#:use-module (gnu services dbus)
#:use-module (gnu services networking)
#:use-module (gnu services virtualization)
#:use-module (gnu packages ssh)
#:use-module (gnu packages virtualization)
#:use-module (guix gexp)
#:use-module (guix records)
#:use-module (guix store)
#:use-module (guix modules)
#:export (%test-libvirt
%test-qemu-guest-agent
%test-childhurd))
;;;
;;; Libvirt.
;;;
(define %libvirt-os
(simple-operating-system
(service dhcp-client-service-type)
(service dbus-root-service-type)
(service polkit-service-type)
(service libvirt-service-type)))
(define (run-libvirt-test)
"Run tests in %LIBVIRT-OS."
(define os
(marionette-operating-system
%libvirt-os
#:imported-modules '((gnu services herd)
(guix combinators))))
(define vm
(virtual-machine
(operating-system os)
(port-forwardings '())))
(define test
(with-imported-modules '((gnu build marionette))
#~(begin
(use-modules (srfi srfi-11) (srfi srfi-64)
(gnu build marionette))
(define marionette
(make-marionette (list #$vm)))
(test-runner-current (system-test-runner #$output))
(test-begin "libvirt")
(test-assert "service running"
(marionette-eval
'(begin
(use-modules (gnu services herd))
(match (start-service 'libvirtd)
(#f #f)
(('service response-parts ...)
(match (assq-ref response-parts 'running)
((pid) (number? pid))))))
marionette))
(test-eq "fetch version"
0
(marionette-eval
`(begin
(chdir "/tmp")
(system* ,(string-append #$libvirt "/bin/virsh")
"-c" "qemu:///system" "version"))
marionette))
(test-eq "connect"
0
(marionette-eval
`(begin
(chdir "/tmp")
(system* ,(string-append #$libvirt "/bin/virsh")
"-c" "qemu:///system" "connect"))
marionette))
(test-eq "create default network"
0
(marionette-eval
'(begin
(chdir "/tmp")
(system* #$(file-append libvirt "/bin/virsh")
"-c" "qemu:///system" "net-define"
#$(file-append libvirt
"/etc/libvirt/qemu/networks/default.xml")))
marionette))
(test-eq "start default network"
0
(marionette-eval
'(begin
(chdir "/tmp")
(system* #$(file-append libvirt "/bin/virsh")
"-c" "qemu:///system" "net-start" "default"))
marionette))
(test-end))))
(gexp->derivation "libvirt-test" test))
(define %test-libvirt
(system-test
(name "libvirt")
(description "Connect to the running LIBVIRT service.")
(value (run-libvirt-test))))
;;;
;;; QEMU Guest Agent service.
;;;
(define %qemu-guest-agent-os
(simple-operating-system
(service qemu-guest-agent-service-type)))
(define (run-qemu-guest-agent-test)
"Run tests in %QEMU-GUEST-AGENT-OS."
(define os
(marionette-operating-system
%qemu-guest-agent-os
#:imported-modules '((gnu services herd))))
(define vm
(virtual-machine
(operating-system os)
(port-forwardings '())))
(define test
(with-imported-modules '((gnu build marionette))
#~(begin
(use-modules (gnu build marionette)
(ice-9 rdelim)
(srfi srfi-64))
(define marionette
;; Ensure we look for the socket in the correct place below.
(make-marionette (list #$vm) #:socket-directory "/tmp"))
(define* (try-read port #:optional (attempts 10))
;; Try reading from a port several times before giving up.
(cond ((char-ready? port)
(let ((response (read-line port)))
(close-port port)
response))
((> attempts 1)
(sleep 1)
(try-read port (- attempts 1)))
(else "")))
(define (run command)
;; Run a QEMU guest agent command and return the response.
(let ((s (socket PF_UNIX SOCK_STREAM 0)))
(connect s AF_UNIX "/tmp/qemu-ga")
(display command s)
(try-read s)))
(test-runner-current (system-test-runner #$output))
(test-begin "qemu-guest-agent")
(test-assert "service running"
(marionette-eval
'(begin
(use-modules (gnu services herd))
(match (start-service 'qemu-guest-agent)
(#f #f)
(('service response-parts ...)
(match (assq-ref response-parts 'running)
((pid) (number? pid))))))
marionette))
(test-equal "ping guest"
"{\"return\": {}}"
(run "{\"execute\": \"guest-ping\"}"))
(test-assert "get network interfaces"
(string-contains
(run "{\"execute\": \"guest-network-get-interfaces\"}")
"127.0.0.1"))
(test-end))))
(gexp->derivation "qemu-guest-agent-test" test))
(define %test-qemu-guest-agent
(system-test
(name "qemu-guest-agent")
(description "Run commands in a virtual machine using QEMU guest agent.")
(value (run-qemu-guest-agent-test))))
;;;
;;; GNU/Hurd virtual machines, aka. childhurds.
;;;
(define %childhurd-os
(simple-operating-system
(service dhcp-client-service-type)
(service hurd-vm-service-type
(hurd-vm-configuration
(os (operating-system
(inherit %hurd-vm-operating-system)
(users (cons (user-account
(name "test")
(group "users")
(password "")) ;empty password
%base-user-accounts))))))))
(define (run-childhurd-test)
(define (import-module? module)
;; This module is optional and depends on Guile-Gcrypt, do skip it.
(and (guix-module-name? module)
(not (equal? module '(guix store deduplication)))))
(define os
(marionette-operating-system
%childhurd-os
#:imported-modules (source-module-closure
'((gnu services herd)
(guix combinators)
(gnu build install))
#:select? import-module?)))
(define vm
(virtual-machine
(operating-system os)
(memory-size (* 1024 3))))
(define (run-command-over-ssh . command)
;; Program that runs COMMAND over SSH and prints the result on standard
;; output.
(let ()
(define run
(with-extensions (list guile-ssh)
#~(begin
(use-modules (ssh session)
(ssh auth)
(ssh popen)
(ice-9 match)
(ice-9 textual-ports))
(let ((session (make-session #:user "test"
#:port 10022
#:host "localhost"
#:log-verbosity 'rare)))
(match (connect! session)
('ok
(userauth-password! session "")
(display
(get-string-all
(open-remote-input-pipe* session #$@command))))
(status
(error "could not connect to childhurd over SSH"
session status)))))))
(program-file "run-command-over-ssh" run)))
(define test
(with-imported-modules '((gnu build marionette))
#~(begin
(use-modules (gnu build marionette)
(srfi srfi-64)
(ice-9 match))
(define marionette
;; Emulate the host CPU so that KVM is available inside as well
;; ("nested KVM"), provided
;; /sys/module/kvm_intel/parameters/nested (or similar) allows it.
(make-marionette (list #$vm "-cpu" "host")))
(test-runner-current (system-test-runner #$output))
(test-begin "childhurd")
(test-assert "service running"
(marionette-eval
'(begin
(use-modules (gnu services herd)
(ice-9 match))
(match (start-service 'childhurd)
(#f #f)
(('service response-parts ...)
(match (assq-ref response-parts 'running)
((pid) (number? pid))))))
marionette))
(test-equal "childhurd SSH server replies"
"SSH"
;; Check from within the guest whether its childhurd's SSH
;; server is reachable. Do that from the guest: port forwarding
;; to the host won't work because QEMU listens on 127.0.0.1.
(marionette-eval
'(begin
(use-modules (ice-9 match)
(ice-9 textual-ports))
(let loop ((n 60))
(if (zero? n)
'all-attempts-failed
(let ((s (socket PF_INET SOCK_STREAM 0))
(a (make-socket-address AF_INET
INADDR_LOOPBACK
10022)))
(format #t "connecting to childhurd SSH server...~%")
(connect s a)
(match (get-string-n s 3)
((? eof-object?)
(close-port s)
(sleep 1)
(loop (- n 1)))
(str
(close-port s)
str))))))
marionette))
(test-equal "SSH up and running"
"childhurd GNU\n"
;; Connect from the guest to the chidhurd over SSH and run the
;; 'uname' command.
(marionette-eval
'(begin
(use-modules (ice-9 popen))
(get-string-all
(open-input-pipe #$(run-command-over-ssh "uname" "-on"))))
marionette))
(test-assert "guix-daemon up and running"
(let ((drv (marionette-eval
'(begin
(use-modules (ice-9 popen))
(get-string-all
(open-input-pipe
#$(run-command-over-ssh "guix" "build" "coreutils"
"--no-grafts" "-d"))))
marionette)))
;; We cannot compare the .drv with (raw-derivation-file
;; coreutils) on the host: they may differ due to fixed-output
;; derivations and changes introduced compared to the 'guix'
;; package snapshot.
(and (string-suffix? ".drv"
(pk 'drv (string-trim-right drv)))
drv)))
(test-assert "copy-on-write store"
;; Set up a writable store. The root partition is already an
;; overlayfs, which is not suitable as the bottom part of this
;; additional overlayfs; thus, create a tmpfs for the backing
;; store.
;; TODO: Remove this when <virtual-machine> creates a writable
;; store.
(marionette-eval
'(begin
(use-modules (gnu build install)
(guix build syscalls))
(mkdir "/run/writable-store")
(mount "none" "/run/writable-store" "tmpfs")
(mount-cow-store "/run/writable-store" "/backing-store")
(system* "df" "-hT"))
marionette))
(test-equal "offloading"
0
(marionette-eval
'(and (file-exists? "/etc/guix/machines.scm")
(system* "guix" "offload" "test"))
marionette))
(test-end))))
(gexp->derivation "childhurd-test" test))
(define %test-childhurd
(system-test
(name "childhurd")
(description
"Connect to the GNU/Hurd virtual machine service, aka. a childhurd, making
sure that the childhurd boots and runs its SSH server.")
(value (run-childhurd-test))))
View git blame Copy permalink