From 2ae9907cc495e1f900ae76e5e42bfbffb91766d6 Mon Sep 17 00:00:00 2001
From: "(cdep)illabout" <cdep.illabout@gmail.com>
Date: Mon, 13 Aug 2018 09:25:43 +0900
Subject: virtualbox: Add tests for the VirtualBox Extension Pack.

---
 nixos/tests/virtualbox.nix | 39 ++++++++++++++++++++++++++++++++++-----
 1 file changed, 34 insertions(+), 5 deletions(-)

(limited to 'nixos/tests/virtualbox.nix')

diff --git a/nixos/tests/virtualbox.nix b/nixos/tests/virtualbox.nix
index 008dab8459c..4207112cf16 100644
--- a/nixos/tests/virtualbox.nix
+++ b/nixos/tests/virtualbox.nix
@@ -293,6 +293,11 @@ let
     "--hostonlyadapter2 vboxnet0"
   ];
 
+  # The VirtualBox Oracle Extension Pack lets you use USB 3.0 (xHCI).
+  enableExtensionPackVMFlags = [
+    "--usbxhci on"
+  ];
+
   dhcpScript = pkgs: ''
     ${pkgs.dhcp}/bin/dhclient \
       -lf /run/dhcp.leases \
@@ -323,13 +328,17 @@ let
     headless.services.xserver.enable = false;
   };
 
-  mkVBoxTest = name: testScript: makeTest {
+  vboxVMsWithExtpack = mapAttrs createVM {
+    testExtensionPack.vmFlags = enableExtensionPackVMFlags;
+  };
+
+  mkVBoxTest = useExtensionPack: vms: name: testScript: makeTest {
     name = "virtualbox-${name}";
 
     machine = { lib, config, ... }: {
       imports = let
         mkVMConf = name: val: val.machine // { key = "${name}-config"; };
-        vmConfigs = mapAttrsToList mkVMConf vboxVMs;
+        vmConfigs = mapAttrsToList mkVMConf vms;
       in [ ./common/user-account.nix ./common/x11.nix ] ++ vmConfigs;
       virtualisation.memorySize = 2048;
       virtualisation.virtualbox.host.enable = true;
@@ -337,6 +346,8 @@ let
       users.users.alice.extraGroups = let
         inherit (config.virtualisation.virtualbox.host) enableHardening;
       in lib.mkIf enableHardening (lib.singleton "vboxusers");
+      virtualisation.virtualbox.host.enableExtensionPack = useExtensionPack;
+      nixpkgs.config.allowUnfree = useExtensionPack;
     };
 
     testScript = ''
@@ -353,7 +364,7 @@ let
         return join("\n", grep { $_ !~ /^UUID:/ } split(/\n/, $_[0]))."\n";
       }
 
-      ${concatStrings (mapAttrsToList (_: getAttr "testSubs") vboxVMs)}
+      ${concatStrings (mapAttrsToList (_: getAttr "testSubs") vms)}
 
       $machine->waitForX;
 
@@ -363,11 +374,11 @@ let
     '';
 
     meta = with pkgs.stdenv.lib.maintainers; {
-      maintainers = [ aszlig wkennington ];
+      maintainers = [ aszlig wkennington cdepillabout ];
     };
   };
 
-in mapAttrs mkVBoxTest {
+in mapAttrs (mkVBoxTest false vboxVMs) {
   simple-gui = ''
     createVM_simple;
     $machine->succeed(ru "VirtualBox &");
@@ -473,4 +484,22 @@ in mapAttrs mkVBoxTest {
     destroyVM_test1;
     destroyVM_test2;
   '';
+} // mapAttrs (mkVBoxTest true vboxVMsWithExtpack) {
+  enable-extension-pack = ''
+    createVM_testExtensionPack;
+    vbm("startvm testExtensionPack");
+    waitForStartup_testExtensionPack;
+    $machine->screenshot("cli_started");
+    waitForVMBoot_testExtensionPack;
+    $machine->screenshot("cli_booted");
+
+    $machine->nest("Checking for privilege escalation", sub {
+      $machine->fail("test -e '/root/VirtualBox VMs'");
+      $machine->fail("test -e '/root/.config/VirtualBox'");
+      $machine->succeed("test -e '/home/alice/VirtualBox VMs'");
+    });
+
+    shutdownVM_testExtensionPack;
+    destroyVM_testExtensionPack;
+  '';
 }
-- 
cgit 1.4.1