import ./make-test-python.nix ( { lib, pkgs, ... }: let inherit (import ./ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey; in { name = "locate"; meta.maintainers = with pkgs.lib.maintainers; [ chkno ]; nodes = rec { a = { environment.systemPackages = with pkgs; [ sshfs ]; virtualisation.fileSystems = { "/ssh" = { device = "alice@b:/"; fsType = "fuse.sshfs"; options = [ "allow_other" "IdentityFile=/privkey" "noauto" "StrictHostKeyChecking=no" "UserKnownHostsFile=/dev/null" ]; }; }; services.locate = { enable = true; interval = "*:*:0/5"; }; }; b = { services.openssh.enable = true; users.users.alice = { isNormalUser = true; openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; }; }; }; testScript = '' start_all() # Set up sshfs mount a.succeed( "(umask 077; cat ${snakeOilPrivateKey} > /privkey)" ) b.succeed("touch /file-on-b-machine") b.wait_for_open_port(22) a.succeed("mkdir /ssh") a.succeed("mount /ssh") # Core locatedb functionality a.succeed("touch /file-on-a-machine-1") a.wait_for_file("/var/cache/locatedb") a.wait_until_succeeds("locate file-on-a-machine-1") # Wait for a second update to make sure we're using a locatedb from a run # that began after the sshfs mount a.succeed("touch /file-on-a-machine-2") a.wait_until_succeeds("locate file-on-a-machine-2") # We shouldn't be able to see files on the other machine a.fail("locate file-on-b-machine") ''; } )