nixos/systemd-stage-1: follow systemd /run propagation (#405687) (2d03d70e) · Commits · nix / nixpkgs

nixos/modules/system/boot/systemd/initrd.nix

+1 −1

Original line number	Diff line number	Diff line
		@@ -642,7 +642,7 @@ in
		{
		where = "/sysroot/run";
		what = "/run";
		options = "bind";
		options = "rbind";
		unitConfig = {
		# See the comment on the mount unit for /run/etc-metadata
		DefaultDependencies = false;

+1 −0

Original line number	Diff line number	Diff line
		@@ -1302,6 +1302,7 @@ in
		systemd-escaping = runTest ./systemd-escaping.nix;
		systemd-initrd-bridge = runTest ./systemd-initrd-bridge.nix;
		systemd-initrd-btrfs-raid = runTest ./systemd-initrd-btrfs-raid.nix;
		systemd-initrd-credentials = runTest ./systemd-initrd-credentials.nix;
		systemd-initrd-luks-fido2 = runTest ./systemd-initrd-luks-fido2.nix;
		systemd-initrd-luks-keyfile = runTest ./systemd-initrd-luks-keyfile.nix;
		systemd-initrd-luks-empty-passphrase = runTest {

0 → 100644

+32 −0

Original line number	Diff line number	Diff line
		{ lib, pkgs, ... }:
		{
		name = "systemd-initrd-credentials";

		nodes.machine =
		{ pkgs, ... }:
		{
		virtualisation = {
		qemu.options = [
		"-smbios type=11,value=io.systemd.credential:cred-smbios=secret-smbios"
		];
		};

		boot.initrd.availableKernelModules = [ "dmi_sysfs" ];

		boot.kernelParams = [ "systemd.set_credential=cred-cmdline:secret-cmdline" ];

		boot.initrd.systemd = {
		enable = true;
		};
		};

		testScript = ''
		machine.wait_for_unit("multi-user.target")

		# Check credential passed via kernel command line
		assert "secret-cmdline" in machine.succeed("systemd-creds --system cat cred-cmdline")

		# Check credential passed via SMBIOS
		assert "secret-smbios" in machine.succeed("systemd-creds --system cat cred-smbios")
		'';
		}