summary refs log tree commit diff
diff options
context:
space:
mode:
authorScott Worley <scottworley@scottworley.com>2020-11-22 21:57:00 -0800
committerChuck <chuck@intelligence.org>2020-12-10 12:59:13 -0800
commit86f0dc221f7a0291e87d3b311393a018a92cfbda (patch)
treebb167ceed0a6513de90f5ece9e1ec9c5ff84bdf8
parente0e08a186dbec9ccaaace0c0b939e901c3893aa7 (diff)
downloadnixpkgs-86f0dc221f7a0291e87d3b311393a018a92cfbda.tar
nixpkgs-86f0dc221f7a0291e87d3b311393a018a92cfbda.tar.gz
nixpkgs-86f0dc221f7a0291e87d3b311393a018a92cfbda.tar.bz2
nixpkgs-86f0dc221f7a0291e87d3b311393a018a92cfbda.tar.lz
nixpkgs-86f0dc221f7a0291e87d3b311393a018a92cfbda.tar.xz
nixpkgs-86f0dc221f7a0291e87d3b311393a018a92cfbda.tar.zst
nixpkgs-86f0dc221f7a0291e87d3b311393a018a92cfbda.zip
nixos/locate: Exclude fuse.sshfs
The "fuse" and "sshfs" entries already present are not keeping this find
invocation out of sshfs mounts, which present as fstype "fuse.sshfs"
Diffstat
-rw-r--r--nixos/modules/misc/locate.nix1
-rw-r--r--nixos/tests/locate.nix41
2 files changed, 42 insertions, 0 deletions
diff --git a/nixos/modules/misc/locate.nix b/nixos/modules/misc/locate.nix
index 411f5e05835..426281c9412 100644
--- a/nixos/modules/misc/locate.nix
+++ b/nixos/modules/misc/locate.nix
@@ -98,6 +98,7 @@ in {
         "ftpfs"
         "fuse"
         "fusectl"
+        "fuse.sshfs"
         "gfs"
         "gfs2"
         "hostfs"
diff --git a/nixos/tests/locate.nix b/nixos/tests/locate.nix
index d351410be30..8818607f955 100644
--- a/nixos/tests/locate.nix
+++ b/nixos/tests/locate.nix
@@ -6,16 +6,57 @@ import ./make-test-python.nix ({ lib, pkgs, ... }:
 
     nodes = rec {
       a = {
+        environment.systemPackages = with pkgs; [ sshfs ];
+        fileSystems = lib.mkVMOverride {
+          "/ssh" = {
+            device = "alice@b:/";
+            fsType = "fuse.sshfs";
+            options = [
+              "allow_other"
+              "IdentityFile=/privkey"
+              "noauto"
+              "StrictHostKeyChecking=no"
+              "UserKnownHostsFile=/dev/null"
+            ];
+          };
+        };
         services.locate = {
           enable = true;
           interval = "*:*:0/5";
         };
       };
+      b = {
+        services.openssh.enable = true;
+        users.users.alice = {
+          isNormalUser = true;
+          openssh.authorizedKeys.keys = [ snakeOilPublicKey ];
+        };
+      };
     };
 
     testScript = ''
+      start_all()
+
+      # Set up sshfs mount
+      a.succeed(
+          "(umask 077; cat ${snakeOilPrivateKey} > /privkey)"
+      )
+      b.succeed("touch /file-on-b-machine")
+      b.wait_for_open_port(22)
+      a.succeed("mkdir /ssh")
+      a.succeed("mount /ssh")
+
+      # Core locatedb functionality
       a.succeed("touch /file-on-a-machine-1")
       a.wait_for_file("/var/cache/locatedb")
       a.wait_until_succeeds("locate file-on-a-machine-1")
+
+      # Wait for a second update to make sure we're using a locatedb from a run
+      # that began after the sshfs mount
+      a.succeed("touch /file-on-a-machine-2")
+      a.wait_until_succeeds("locate file-on-a-machine-2")
+
+      # We shouldn't be able to see files on the other machine
+      a.fail("locate file-on-b-machine")
     '';
   })
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-19 17:17:18 +0000