github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
869dcfa02ff24f2e77fc01ee50d4c1f4def9582d
firezone/scripts/tests/linux-group.sh
Reactor Scram 7081c71c10 chore(linux-client): allow custom token path (#4666) 
```[tasklist]
# Before merging
- [x] Remove file extension `.txt`
- [x] Wait for `linux-group` test to go green on `main` (#4692)
- [x] *all* compatibility tests must be green on this branch
```

Closes #4664 
Closes #4665 

~~The compatibility tests are expected to fail until the next release is
cut, for the same reasons as in #4686~~

The compatibility test must be handled somehow, otherwise it'll turn
main red.
`linux-group` was moved out of integration / compatibility testing, but
the DNS tests do need the whole Docker + portal setup, so that one can't
move.

---------

Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
2024-04-19 18:50:24 +00:00

37 lines
1.2 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# The integration tests call this to test security for Linux IPC.
# Only users in the `firezone` group should be able to control the privileged tunnel process.
source "./scripts/tests/lib.sh"
BINARY_NAME=firezone-linux-client
FZ_GROUP="firezone"
SERVICE_NAME=firezone-client
export RUST_LOG=info
# Copy the Linux Client out of the build dir
ls . ./rust ./rust/target ./rust/target/debug
sudo cp "rust/target/debug/firezone-headless-client" "/usr/bin/$BINARY_NAME"
sudo cp "scripts/tests/systemd/$SERVICE_NAME.service" /usr/lib/systemd/system/
# The firezone group must exist before the daemon starts
sudo groupadd "$FZ_GROUP"
sudo systemctl start "$SERVICE_NAME"
# Add ourselves to the firezone group
sudo gpasswd --add "$USER" "$FZ_GROUP"
echo "# Expect Firezone to accept our commands if we run with 'su --login'"
sudo su --login "$USER" --command RUST_LOG="$RUST_LOG" "$BINARY_NAME" stub-ipc-client
echo "# Expect Firezone to reject our command if we run without 'su --login'"
"$BINARY_NAME" stub-ipc-client && exit 1
# Stop the service in case other tests run on the same VM
sudo systemctl stop "$SERVICE_NAME"
# Explicitly exiting is needed when we're intentionally having commands fail
exit 0
Reference in New Issue View Git Blame Copy Permalink