Unverified Commit c6978e8a authored by Maximilian Bosch's avatar Maximilian Bosch
Browse files

nixos/test-driver: exit early if /dev/vhost-vsock isn't available 

Right now it wrongly seems as if you can set
`sshBackdoor.enable = true;` for each test and not only for debugging
purposes.

This is wrong however since you'd need to pass /dev/vhost-vsock into the
sandbox for this (which is also a prerequisite for #392117).

To make that clear, two things were changed:

* add a warning to the manual to communicate this.
* exit both interactive and non-interactive driver early if
  /dev/vhost-vsock is missing and the ssh backdoor is enabled.

  If that's the case, we pass a CLI flag to the driver already in the
  interactive case. This change also sets the flag for the
  non-interactive case.

  That way we also get a better error if somebody tries to enable this
  on a system that doesn't support that.
parent 079ead62

nixos/doc/manual/development/running-nixos-tests-interactively.section.md

+10 −1
Original line number Diff line number Diff line
@@ -71,10 +71,19 @@ An SSH-based backdoor to log into machines can be enabled with 
{

  name = "…";

  nodes.machines = { /* … */ };

  sshBackdoor.enable = true;

  interactive.sshBackdoor.enable = true;

}

```



::: {.warning}

Make sure to only enable the backdoor for interactive tests

(i.e. by using `interactive.sshBackdoor.enable`)! This is the only

supported configuration.



Running a test in a sandbox with this will fail because `/dev/vhost-vsock` isn't available

in the sandbox.

:::



This creates a [vsock socket](https://man7.org/linux/man-pages/man7/vsock.7.html)

for each VM to log in with SSH. This configures root login with an empty password.

nixos/lib/testing/run.nix

+18 −15
Original line number Diff line number Diff line
@@ -43,7 +43,10 @@ in 
  };



  config = {

    rawTestDerivation = hostPkgs.stdenv.mkDerivation {

    rawTestDerivation =

      assert lib.assertMsg (!config.sshBackdoor.enable)

        "The SSH backdoor is currently not supported for non-interactive testing! Please make sure to only set `interactive.sshBackdoor.enable = true;`!";

      hostPkgs.stdenv.mkDerivation {

        name = "vm-test-run-${config.name}";



        requiredSystemFeatures =