Merge pull request #104727 from chkno/fuse-dot-sshfs
nixos/locate: Fix sshfs exclusion
This commit is contained in:
commit
a7b60e6bdf
3 changed files with 129 additions and 1 deletions
|
@ -73,7 +73,72 @@ in {
|
|||
|
||||
pruneFS = mkOption {
|
||||
type = listOf str;
|
||||
default = ["afs" "anon_inodefs" "auto" "autofs" "bdev" "binfmt" "binfmt_misc" "cgroup" "cifs" "coda" "configfs" "cramfs" "cpuset" "debugfs" "devfs" "devpts" "devtmpfs" "ecryptfs" "eventpollfs" "exofs" "futexfs" "ftpfs" "fuse" "fusectl" "gfs" "gfs2" "hostfs" "hugetlbfs" "inotifyfs" "iso9660" "jffs2" "lustre" "misc" "mqueue" "ncpfs" "nnpfs" "ocfs" "ocfs2" "pipefs" "proc" "ramfs" "rpc_pipefs" "securityfs" "selinuxfs" "sfs" "shfs" "smbfs" "sockfs" "spufs" "nfs" "NFS" "nfs4" "nfsd" "sshfs" "subfs" "supermount" "sysfs" "tmpfs" "ubifs" "udf" "usbfs" "vboxsf" "vperfctrfs" ];
|
||||
default = [
|
||||
"afs"
|
||||
"anon_inodefs"
|
||||
"auto"
|
||||
"autofs"
|
||||
"bdev"
|
||||
"binfmt"
|
||||
"binfmt_misc"
|
||||
"cgroup"
|
||||
"cifs"
|
||||
"coda"
|
||||
"configfs"
|
||||
"cramfs"
|
||||
"cpuset"
|
||||
"debugfs"
|
||||
"devfs"
|
||||
"devpts"
|
||||
"devtmpfs"
|
||||
"ecryptfs"
|
||||
"eventpollfs"
|
||||
"exofs"
|
||||
"futexfs"
|
||||
"ftpfs"
|
||||
"fuse"
|
||||
"fusectl"
|
||||
"fuse.sshfs"
|
||||
"gfs"
|
||||
"gfs2"
|
||||
"hostfs"
|
||||
"hugetlbfs"
|
||||
"inotifyfs"
|
||||
"iso9660"
|
||||
"jffs2"
|
||||
"lustre"
|
||||
"misc"
|
||||
"mqueue"
|
||||
"ncpfs"
|
||||
"nnpfs"
|
||||
"ocfs"
|
||||
"ocfs2"
|
||||
"pipefs"
|
||||
"proc"
|
||||
"ramfs"
|
||||
"rpc_pipefs"
|
||||
"securityfs"
|
||||
"selinuxfs"
|
||||
"sfs"
|
||||
"shfs"
|
||||
"smbfs"
|
||||
"sockfs"
|
||||
"spufs"
|
||||
"nfs"
|
||||
"NFS"
|
||||
"nfs4"
|
||||
"nfsd"
|
||||
"sshfs"
|
||||
"subfs"
|
||||
"supermount"
|
||||
"sysfs"
|
||||
"tmpfs"
|
||||
"ubifs"
|
||||
"udf"
|
||||
"usbfs"
|
||||
"vboxsf"
|
||||
"vperfctrfs"
|
||||
];
|
||||
description = ''
|
||||
Which filesystem types to exclude from indexing
|
||||
'';
|
||||
|
|
|
@ -195,6 +195,7 @@ in
|
|||
lidarr = handleTest ./lidarr.nix {};
|
||||
lightdm = handleTest ./lightdm.nix {};
|
||||
limesurvey = handleTest ./limesurvey.nix {};
|
||||
locate = handleTest ./locate.nix {};
|
||||
login = handleTest ./login.nix {};
|
||||
loki = handleTest ./loki.nix {};
|
||||
lsd = handleTest ./lsd.nix {};
|
||||
|
|
62
nixos/tests/locate.nix
Normal file
62
nixos/tests/locate.nix
Normal file
|
@ -0,0 +1,62 @@
|
|||
import ./make-test-python.nix ({ lib, pkgs, ... }:
|
||||
let inherit (import ./ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey;
|
||||
in {
|
||||
name = "locate";
|
||||
meta.maintainers = with pkgs.stdenv.lib.maintainers; [ chkno ];
|
||||
|
||||
nodes = rec {
|
||||
a = {
|
||||
environment.systemPackages = with pkgs; [ sshfs ];
|
||||
fileSystems = lib.mkVMOverride {
|
||||
"/ssh" = {
|
||||
device = "alice@b:/";
|
||||
fsType = "fuse.sshfs";
|
||||
options = [
|
||||
"allow_other"
|
||||
"IdentityFile=/privkey"
|
||||
"noauto"
|
||||
"StrictHostKeyChecking=no"
|
||||
"UserKnownHostsFile=/dev/null"
|
||||
];
|
||||
};
|
||||
};
|
||||
services.locate = {
|
||||
enable = true;
|
||||
interval = "*:*:0/5";
|
||||
};
|
||||
};
|
||||
b = {
|
||||
services.openssh.enable = true;
|
||||
users.users.alice = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [ snakeOilPublicKey ];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
start_all()
|
||||
|
||||
# Set up sshfs mount
|
||||
a.succeed(
|
||||
"(umask 077; cat ${snakeOilPrivateKey} > /privkey)"
|
||||
)
|
||||
b.succeed("touch /file-on-b-machine")
|
||||
b.wait_for_open_port(22)
|
||||
a.succeed("mkdir /ssh")
|
||||
a.succeed("mount /ssh")
|
||||
|
||||
# Core locatedb functionality
|
||||
a.succeed("touch /file-on-a-machine-1")
|
||||
a.wait_for_file("/var/cache/locatedb")
|
||||
a.wait_until_succeeds("locate file-on-a-machine-1")
|
||||
|
||||
# Wait for a second update to make sure we're using a locatedb from a run
|
||||
# that began after the sshfs mount
|
||||
a.succeed("touch /file-on-a-machine-2")
|
||||
a.wait_until_succeeds("locate file-on-a-machine-2")
|
||||
|
||||
# We shouldn't be able to see files on the other machine
|
||||
a.fail("locate file-on-b-machine")
|
||||
'';
|
||||
})
|
Loading…
Reference in a new issue