From nobody Sun May 10 15:56:28 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gD6sn4ZY8z6d2df for ; Sun, 10 May 2026 15:56:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gD6sn0MfTz44dn for ; Sun, 10 May 2026 15:56:29 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1778428589; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=t1mlQB0ptcVJDPD+czd6Ho0sZ4gxCAnIs7cXYrqH1pw=; b=qJERSlTP0wztW2pulHNFwpRiw8FkJxlu9fm67h0QLLZ/8WY4k/vWjE3XZZiHAq3HvoIWbV 2HMnm0IV8qOWbTVZVQzrpfv9GnC2TTgtnssrE64urfxm0LvTmFzu7vSJM67XsHvlPkKU8t 3V+GaBMARwKStGjYS3xZWpZmCoPqVyGU4C8jhqZumxDj/4YcRkEljZ+Jh9fJ4wku1wfbtD omee8SuxTYOfWc/NXm15O1qTqLWJCfApMHCd5m3BO5DWzUp5mvK6QjZk4NGcs/LsdzseWO p2RPw6ER10bCzCTKcqiwQGP0ZiZCNRi/A3IZcZproHNlbD9K5uFSxWGG6/VdBA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1778428589; a=rsa-sha256; cv=none; b=boxmFNwvsz/Gulyo82hNzIc3ognhcjWJQC2gMPNITsus58sGL5Hw2hXrHxMqG+A+SIaUxQ 9nYmv6ISks095XPx2qUk/9vBRMZ7VxfgnaJsG/CzbQ2rQL6Hr4lKOhhFCUaV2cqzIr7oK9 lekuDyP5AutIaEd6gKUYD0+1EQ1yVKhbGpnEwBrEUhF04I5nY2Ll8Wgs5LM3Viww7+bOV1 fwX8R13DYNKx6Uhxi1xvMY2lIFW049qnXfGWYKlDCfVlz8voYFmiHtRtB9RKF55c4rzf/g 1r8KeQ7f/BC9g9qaOXzg98nGHf93IKL+OpouI88OadAR4c35rTy2ojlniYIXBw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1778428589; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=t1mlQB0ptcVJDPD+czd6Ho0sZ4gxCAnIs7cXYrqH1pw=; b=Il9zJXLESmmsI9IDE6zisRJx+pBD4cHRbB/1ex1hjMpbca+COs4fC1zDYOoOMDnqADTXpt xGTt+JvD13TsNcMjUkQlsqSkNHACH9DG9YBjkf/iukDW6GAtLSN+KgMo/vMCLiaMyd9aiX VNywt+rgTcfcaht8S97vCElIbDPLaZSXqLZ0RCOQ/FKzSF940G56YH20XlwZNeENzkfjRY hVpx495PZS6UkEH3/uYE9DHK6qUndCt4EtZho/DndtZ4GFRdh13aRMBAZp0NLScj/Yx2N6 IvwW3AZF/fJyi/izUsmWfibbmFgdZNv+R7rEPNoVVUIGQRZCizctiu72He55Eg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gD6sm5xVXzcqR for ; Sun, 10 May 2026 15:56:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 36919 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Sun, 10 May 2026 15:56:28 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Baptiste Daroussin Subject: git: 0f92bee2b3e0 - main - nuageinit: add adddoas tests List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bapt X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 0f92bee2b3e08ffa34720a2eeffbce01af3f19f9 Auto-Submitted: auto-generated Date: Sun, 10 May 2026 15:56:28 +0000 Message-Id: <6a00aaac.36919.48a21cc3@gitrepo.freebsd.org> The branch main has been updated by bapt: URL: https://cgit.FreeBSD.org/src/commit/?id=0f92bee2b3e08ffa34720a2eeffbce01af3f19f9 commit 0f92bee2b3e08ffa34720a2eeffbce01af3f19f9 Author: Baptiste Daroussin AuthorDate: 2026-05-10 15:54:48 +0000 Commit: Baptiste Daroussin CommitDate: 2026-05-10 15:54:48 +0000 nuageinit: add adddoas tests --- libexec/nuageinit/tests/Makefile | 1 + libexec/nuageinit/tests/adddoas.lua | 64 +++++++++++++++++++++++++++++++++++++ libexec/nuageinit/tests/nuage.sh | 7 ++++ 3 files changed, 72 insertions(+) diff --git a/libexec/nuageinit/tests/Makefile b/libexec/nuageinit/tests/Makefile index d13ad14f1d8f..4c99f8e31ce3 100644 --- a/libexec/nuageinit/tests/Makefile +++ b/libexec/nuageinit/tests/Makefile @@ -20,5 +20,6 @@ ${PACKAGE}FILES+= warn.lua ${PACKAGE}FILES+= addfile.lua ${PACKAGE}FILES+= decode_base64.lua ${PACKAGE}FILES+= addsudo.lua +${PACKAGE}FILES+= adddoas.lua .include diff --git a/libexec/nuageinit/tests/adddoas.lua b/libexec/nuageinit/tests/adddoas.lua new file mode 100644 index 000000000000..d4bab41ecc3d --- /dev/null +++ b/libexec/nuageinit/tests/adddoas.lua @@ -0,0 +1,64 @@ +#!/usr/libexec/flua +--- +-- SPDX-License-Identifier: BSD-2-Clause +-- +-- Copyright (c) 2026 Baptiste Daroussin + +local n = require("nuage") + +local root = os.getenv("NUAGE_FAKE_ROOTDIR") +if not root then + root = "" +end + +local function get_localbase() + local f = io.popen("sysctl -in user.localbase 2> /dev/null") + local lb = f:read("*l") + f:close() + if lb == nil or lb:len() == 0 then + lb = "/usr/local" + end + return lb +end + +local function read_doasconf() + local path = root .. get_localbase() .. "/etc/doas.conf" + local f = io.open(path, "r") + if not f then + return nil + end + local content = f:read("*a") + f:close() + return content +end + +-- test with a single string rule with %u substitution +n.adddoas({ name = "testuser", doas = "permit persist %u as root" }) +local content = read_doasconf() +if not content then + n.err("doas.conf not created") +end +if content ~= "permit persist testuser as root\n" then + n.err("unexpected doas.conf content with %u: '" .. content .. "'") +end + +-- remove file for next test +os.remove(root .. get_localbase() .. "/etc/doas.conf") + +-- test with a table of rules +n.adddoas({ + name = "testuser", + doas = { + "deny %u as foobar", + "permit persist %u as root cmd whoami" + } +}) +content = read_doasconf() +if not content then + n.err("doas.conf not created for table") +end +if content ~= "deny testuser as foobar\npermit persist testuser as root cmd whoami\n" then + n.err("unexpected doas.conf content for table: '" .. content .. "'") +end + +os.exit(0) diff --git a/libexec/nuageinit/tests/nuage.sh b/libexec/nuageinit/tests/nuage.sh index 9e3442281c15..01c4612eb8ec 100644 --- a/libexec/nuageinit/tests/nuage.sh +++ b/libexec/nuageinit/tests/nuage.sh @@ -16,6 +16,7 @@ atf_test_case addgroup atf_test_case addfile atf_test_case decode_base64 atf_test_case addsudo +atf_test_case adddoas settimezone_body() { @@ -103,6 +104,11 @@ addsudo_body() atf_check /usr/libexec/flua $(atf_get_srcdir)/addsudo.lua } +adddoas_body() +{ + atf_check /usr/libexec/flua $(atf_get_srcdir)/adddoas.lua +} + atf_init_test_cases() { atf_add_test_case sethostname @@ -113,4 +119,5 @@ atf_init_test_cases() atf_add_test_case addfile atf_add_test_case decode_base64 atf_add_test_case addsudo + atf_add_test_case adddoas }