nix: verify silent output when not running with -v

This checks behaviour of fmsg and seccomp. Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-01-25 13:38:18 +09:00 · 2025-01-25 13:38:18 +09:00 · 34272672b1
commit 34272672b1
parent 7b96cd6ded
1 changed files with 7 additions and 2 deletions
--- a/test.nix
+++ b/test.nix
@ -237,8 +237,8 @@ nixosTest {
    machine.succeed("rm -rf /tmp/src && cp -a '${self.packages.${system}.fortify.src}' /tmp/src")
    machine.succeed("fortify-fhs -c '(cd /tmp/src && go generate ./... && go test ./... && touch /tmp/success-gotest)' &> /tmp/gotest &")
-    # To check sway's version:
+    # To check fortify's version:
-    print(machine.succeed("sway --version"))
+    print(machine.succeed("sudo -u alice -i fortify version"))
    # Wait for Sway to complete startup:
    machine.wait_for_file("/run/user/1000/wayland-1")
@ -254,6 +254,11 @@ nixosTest {
    print(machine.succeed("sudo -u alice -i fortify -v run -a 0 touch /tmp/success-bare"))
    machine.wait_for_file("/tmp/fortify.1000/tmpdir/0/success-bare")
    # Verify silent output permissive defaults:
    output = machine.succeed("sudo -u alice -i fortify run -a 0 true &>/dev/stdout")
    if output != "":
        raise Exception(f"unexpected output\n{output}")
    # Start fortify permissive defaults within Wayland session:
    fortify('-v run --wayland --dbus notify-send -a "NixOS Tests" "Test notification" "Notification from within sandbox." && touch /tmp/dbus-done')
    machine.wait_for_file("/tmp/dbus-done")