From e0d27cfb310d0a0c24eab004b5284668f7df1381 Mon Sep 17 00:00:00 2001 From: Scott Worley Date: Sun, 22 Nov 2020 21:52:17 -0800 Subject: [PATCH 1/3] nixos/locate: Whitespace: One pruneFS default per line This makes merging less painful. This is nixfmt's preferred format. --- nixos/modules/misc/locate.nix | 66 ++++++++++++++++++++++++++++++++++- 1 file changed, 65 insertions(+), 1 deletion(-) diff --git a/nixos/modules/misc/locate.nix b/nixos/modules/misc/locate.nix index 92aa3be0a36..411f5e05835 100644 --- a/nixos/modules/misc/locate.nix +++ b/nixos/modules/misc/locate.nix @@ -73,7 +73,71 @@ in { pruneFS = mkOption { type = listOf str; - default = ["afs" "anon_inodefs" "auto" "autofs" "bdev" "binfmt" "binfmt_misc" "cgroup" "cifs" "coda" "configfs" "cramfs" "cpuset" "debugfs" "devfs" "devpts" "devtmpfs" "ecryptfs" "eventpollfs" "exofs" "futexfs" "ftpfs" "fuse" "fusectl" "gfs" "gfs2" "hostfs" "hugetlbfs" "inotifyfs" "iso9660" "jffs2" "lustre" "misc" "mqueue" "ncpfs" "nnpfs" "ocfs" "ocfs2" "pipefs" "proc" "ramfs" "rpc_pipefs" "securityfs" "selinuxfs" "sfs" "shfs" "smbfs" "sockfs" "spufs" "nfs" "NFS" "nfs4" "nfsd" "sshfs" "subfs" "supermount" "sysfs" "tmpfs" "ubifs" "udf" "usbfs" "vboxsf" "vperfctrfs" ]; + default = [ + "afs" + "anon_inodefs" + "auto" + "autofs" + "bdev" + "binfmt" + "binfmt_misc" + "cgroup" + "cifs" + "coda" + "configfs" + "cramfs" + "cpuset" + "debugfs" + "devfs" + "devpts" + "devtmpfs" + "ecryptfs" + "eventpollfs" + "exofs" + "futexfs" + "ftpfs" + "fuse" + "fusectl" + "gfs" + "gfs2" + "hostfs" + "hugetlbfs" + "inotifyfs" + "iso9660" + "jffs2" + "lustre" + "misc" + "mqueue" + "ncpfs" + "nnpfs" + "ocfs" + "ocfs2" + "pipefs" + "proc" + "ramfs" + "rpc_pipefs" + "securityfs" + "selinuxfs" + "sfs" + "shfs" + "smbfs" + "sockfs" + "spufs" + "nfs" + "NFS" + "nfs4" + "nfsd" + "sshfs" + "subfs" + "supermount" + "sysfs" + "tmpfs" + "ubifs" + "udf" + "usbfs" + "vboxsf" + "vperfctrfs" + ]; description = '' Which filesystem types to exclude from indexing ''; From e0e08a186dbec9ccaaace0c0b939e901c3893aa7 Mon Sep 17 00:00:00 2001 From: Scott Worley Date: Mon, 23 Nov 2020 17:53:21 -0800 Subject: [PATCH 2/3] nixos/locate: Add a test --- nixos/tests/all-tests.nix | 1 + nixos/tests/locate.nix | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 nixos/tests/locate.nix diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 640cc84c803..feb5c98f3d2 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -190,6 +190,7 @@ in lidarr = handleTest ./lidarr.nix {}; lightdm = handleTest ./lightdm.nix {}; limesurvey = handleTest ./limesurvey.nix {}; + locate = handleTest ./locate.nix {}; login = handleTest ./login.nix {}; loki = handleTest ./loki.nix {}; lxd = handleTest ./lxd.nix {}; diff --git a/nixos/tests/locate.nix b/nixos/tests/locate.nix new file mode 100644 index 00000000000..d351410be30 --- /dev/null +++ b/nixos/tests/locate.nix @@ -0,0 +1,21 @@ +import ./make-test-python.nix ({ lib, pkgs, ... }: + let inherit (import ./ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey; + in { + name = "locate"; + meta.maintainers = with pkgs.stdenv.lib.maintainers; [ chkno ]; + + nodes = rec { + a = { + services.locate = { + enable = true; + interval = "*:*:0/5"; + }; + }; + }; + + testScript = '' + a.succeed("touch /file-on-a-machine-1") + a.wait_for_file("/var/cache/locatedb") + a.wait_until_succeeds("locate file-on-a-machine-1") + ''; + }) From 86f0dc221f7a0291e87d3b311393a018a92cfbda Mon Sep 17 00:00:00 2001 From: Scott Worley Date: Sun, 22 Nov 2020 21:57:00 -0800 Subject: [PATCH 3/3] nixos/locate: Exclude fuse.sshfs The "fuse" and "sshfs" entries already present are not keeping this find invocation out of sshfs mounts, which present as fstype "fuse.sshfs" --- nixos/modules/misc/locate.nix | 1 + nixos/tests/locate.nix | 41 +++++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+) diff --git a/nixos/modules/misc/locate.nix b/nixos/modules/misc/locate.nix index 411f5e05835..426281c9412 100644 --- a/nixos/modules/misc/locate.nix +++ b/nixos/modules/misc/locate.nix @@ -98,6 +98,7 @@ in { "ftpfs" "fuse" "fusectl" + "fuse.sshfs" "gfs" "gfs2" "hostfs" diff --git a/nixos/tests/locate.nix b/nixos/tests/locate.nix index d351410be30..8818607f955 100644 --- a/nixos/tests/locate.nix +++ b/nixos/tests/locate.nix @@ -6,16 +6,57 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: nodes = rec { a = { + environment.systemPackages = with pkgs; [ sshfs ]; + fileSystems = lib.mkVMOverride { + "/ssh" = { + device = "alice@b:/"; + fsType = "fuse.sshfs"; + options = [ + "allow_other" + "IdentityFile=/privkey" + "noauto" + "StrictHostKeyChecking=no" + "UserKnownHostsFile=/dev/null" + ]; + }; + }; services.locate = { enable = true; interval = "*:*:0/5"; }; }; + b = { + services.openssh.enable = true; + users.users.alice = { + isNormalUser = true; + openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; + }; + }; }; testScript = '' + start_all() + + # Set up sshfs mount + a.succeed( + "(umask 077; cat ${snakeOilPrivateKey} > /privkey)" + ) + b.succeed("touch /file-on-b-machine") + b.wait_for_open_port(22) + a.succeed("mkdir /ssh") + a.succeed("mount /ssh") + + # Core locatedb functionality a.succeed("touch /file-on-a-machine-1") a.wait_for_file("/var/cache/locatedb") a.wait_until_succeeds("locate file-on-a-machine-1") + + # Wait for a second update to make sure we're using a locatedb from a run + # that began after the sshfs mount + a.succeed("touch /file-on-a-machine-2") + a.wait_until_succeeds("locate file-on-a-machine-2") + + # We shouldn't be able to see files on the other machine + a.fail("locate file-on-b-machine") ''; })