diff options
| author | Craig Jennings <c@cjennings.net> | 2026-06-25 03:33:59 -0400 |
|---|---|---|
| committer | Craig Jennings <c@cjennings.net> | 2026-06-25 03:33:59 -0400 |
| commit | 2d63802e77617e4840c81baceb709260341c251a (patch) | |
| tree | 9002fa58f5d00dd0838411828c625d5f1a1870b2 /scripts/testing/tests/test_config_applied.py | |
| parent | 08844e730f9acd0874f596bb9906f1f264824eba (diff) | |
| download | archsetup-2d63802e77617e4840c81baceb709260341c251a.tar.gz archsetup-2d63802e77617e4840c81baceb709260341c251a.zip | |
test(archsetup): expand validation coverage + fix ParallelDownloads (P4)
Add post-install checks beyond the original shell sweep, validated against a
live VM: test_hardening (sshd prohibit-password, quiet-printk sysctl, emptied
/etc/issue, console font, EFI mount perms), test_config_applied (pacman
ParallelDownloads/Color/multilib, makepkg flags, NetworkManager drop-ins,
fail2ban jail, reflector), and test_backups (the .archsetup.bak files
backup_system_file leaves behind — end-to-end proof of that feature).
The new tests caught a real bug: ParallelDownloads stayed at Arch's default 5
because the sed only matched a commented "#ParallelDownloads", but current Arch
ships it uncommented. Match both (^#?ParallelDownloads) so the intended 10 takes
effect.
Verified against a kept VM: 95 passed, 10 skipped (the one remaining failure was
the pre-fix ParallelDownloads on the already-built VM, which the sed fix
resolves on the next fresh install).
Diffstat (limited to 'scripts/testing/tests/test_config_applied.py')
| -rw-r--r-- | scripts/testing/tests/test_config_applied.py | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/scripts/testing/tests/test_config_applied.py b/scripts/testing/tests/test_config_applied.py new file mode 100644 index 0000000..00c410e --- /dev/null +++ b/scripts/testing/tests/test_config_applied.py @@ -0,0 +1,55 @@ +# SPDX-License-Identifier: GPL-3.0-or-later +"""Post-install checks: archsetup's in-place config edits actually took effect. + +Expansion coverage (P4). These assert the *content* archsetup writes, not just +that a service is enabled — catching cases where a sed silently no-ops (e.g. +ParallelDownloads, which current Arch ships uncommented so a "^#"-only match +left it at 5). +""" + +import pytest + + +@pytest.mark.attribution("archsetup") +def test_pacman_parallel_downloads(host): + line = host.run("grep -E '^ParallelDownloads' /etc/pacman.conf").stdout + assert "ParallelDownloads = 10" in line, "ParallelDownloads not set to 10 (got: %r)" % line + + +@pytest.mark.attribution("archsetup") +def test_pacman_color_enabled(host): + assert host.run("grep -qx Color /etc/pacman.conf").rc == 0 + + +@pytest.mark.attribution("archsetup") +def test_pacman_multilib_enabled(host): + # -F: [multilib] is a literal section header, not a regex character class. + assert host.run("grep -Fxq '[multilib]' /etc/pacman.conf").rc == 0 + + +@pytest.mark.attribution("archsetup") +def test_makepkg_parallel_make(host): + line = host.run("grep -E '^MAKEFLAGS' /etc/makepkg.conf").stdout + assert "-j" in line, "MAKEFLAGS not configured for parallel make (got: %r)" % line + + +@pytest.mark.attribution("archsetup") +def test_makepkg_options_trimmed(host): + opts = host.run("grep -E '^OPTIONS' /etc/makepkg.conf").stdout + assert "!debug" in opts and "purge" in opts, "makepkg OPTIONS not customized" + + +@pytest.mark.attribution("archsetup") +@pytest.mark.parametrize("rel", ["dns.conf", "wifi-privacy.conf"]) +def test_networkmanager_dropin(host, rel): + assert host.file("/etc/NetworkManager/conf.d/%s" % rel).exists + + +@pytest.mark.attribution("archsetup") +def test_fail2ban_jail_local(host): + assert host.file("/etc/fail2ban/jail.local").exists + + +@pytest.mark.attribution("archsetup") +def test_reflector_config(host): + assert host.file("/etc/xdg/reflector/reflector.conf").exists |