Loading nixos/tests/all-tests.nix +1 −0 Original line number Diff line number Diff line Loading @@ -345,6 +345,7 @@ in cinnamon = runTest ./cinnamon.nix; cinnamon-wayland = runTest ./cinnamon-wayland.nix; cjdns = runTest ./cjdns.nix; clamav = runTest ./clamav.nix; clatd = runTest ./clatd.nix; clickhouse = import ./clickhouse { inherit runTest; Loading nixos/tests/clamav.nix 0 → 100644 +45 −0 Original line number Diff line number Diff line # Test ClamAV. { lib, pkgs, ... }: { name = "clamav"; nodes = { machine = { services.clamav = { daemon.enable = true; clamonacc.enable = true; daemon.settings = { OnAccessPrevention = true; OnAccessIncludePath = "/opt"; }; }; # Add the definition for our test file. # We cannot download definitions from Internet using freshclam in sandboxed test. systemd.tmpfiles.settings."10-eicar"."/var/lib/clamav/test.hdb".L.argument = "${pkgs.runCommand "test.hdb" { } '' echo CLAMAVTEST > testfile ${lib.getExe' pkgs.clamav "sigtool"} --sha256 testfile > $out '' }"; # Test using /opt as the ClamAV on-access scanner-protected directory. systemd.tmpfiles.settings."10-testdir"."/opt".d = { }; }; }; testScript = '' start_all() machine.wait_for_unit("default.target") # Write test file into the test directory. # This won't trigger ClamAV as it scans on file open. machine.succeed("echo CLAMAVTEST > /opt/testfile") machine.fail("cat /opt/testfile") ''; } Loading
nixos/tests/all-tests.nix +1 −0 Original line number Diff line number Diff line Loading @@ -345,6 +345,7 @@ in cinnamon = runTest ./cinnamon.nix; cinnamon-wayland = runTest ./cinnamon-wayland.nix; cjdns = runTest ./cjdns.nix; clamav = runTest ./clamav.nix; clatd = runTest ./clatd.nix; clickhouse = import ./clickhouse { inherit runTest; Loading
nixos/tests/clamav.nix 0 → 100644 +45 −0 Original line number Diff line number Diff line # Test ClamAV. { lib, pkgs, ... }: { name = "clamav"; nodes = { machine = { services.clamav = { daemon.enable = true; clamonacc.enable = true; daemon.settings = { OnAccessPrevention = true; OnAccessIncludePath = "/opt"; }; }; # Add the definition for our test file. # We cannot download definitions from Internet using freshclam in sandboxed test. systemd.tmpfiles.settings."10-eicar"."/var/lib/clamav/test.hdb".L.argument = "${pkgs.runCommand "test.hdb" { } '' echo CLAMAVTEST > testfile ${lib.getExe' pkgs.clamav "sigtool"} --sha256 testfile > $out '' }"; # Test using /opt as the ClamAV on-access scanner-protected directory. systemd.tmpfiles.settings."10-testdir"."/opt".d = { }; }; }; testScript = '' start_all() machine.wait_for_unit("default.target") # Write test file into the test directory. # This won't trigger ClamAV as it scans on file open. machine.succeed("echo CLAMAVTEST > /opt/testfile") machine.fail("cat /opt/testfile") ''; }
