nathan/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2026-06-05 21:03:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

nixosTests.labgrid: Add systemd hardening test

Browse Source 
to prevent unnoticed degradation.

The limit '11' matches the current exposure level '1.1'.
This commit is contained in:
Burfeind, Jan-Niklas
2026-03-02 11:52:16 +01:00
parent 336b6be147
commit ad603b16de
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
nixos/tests/labgrid.nix
View File

@@ -57,5 +57,10 @@
coordinator.wait_for_open_port(20408)
out = client.succeed("labgrid-client places")
assert_contains(out, "testplace")
with subtest("Check systemd hardening does not degrade unnoticed"):
exact_threshold = 11
out = coordinator.fail(f"systemd-analyze security labgrid-coordinator.service --threshold={exact_threshold-1}")
out = coordinator.succeed(f"systemd-analyze security labgrid-coordinator.service --threshold={exact_threshold}")
'';
}