[systemd.git] / test / networkd-test.py

#!/usr/bin/env python3
#
# networkd integration test
# This uses temporary configuration in /run and temporary veth devices, and
# does not write anything on disk or change any system configuration;
# but it assumes (and checks at the beginning) that networkd is not currently
# running.
#
# This can be run on a normal installation, in QEMU, nspawn (with
# --private-network), LXD (with "--config raw.lxc=lxc.aa_profile=unconfined"),
# or LXC system containers. You need at least the "ip" tool from the iproute
# package; it is recommended to install dnsmasq too to get full test coverage.
#
# ATTENTION: This uses the *installed* networkd, not the one from the built
# source tree.
#
# (C) 2015 Canonical Ltd.
# Author: Martin Pitt <martin.pitt@ubuntu.com>
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.

# systemd is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with systemd; If not, see <http://www.gnu.org/licenses/>.

import os
import sys
import time
import unittest
import tempfile
import subprocess
import shutil

networkd_active = subprocess.call(['systemctl', 'is-active', '--quiet',
                                   'systemd-networkd']) == 0
have_dnsmasq = shutil.which('dnsmasq')

RESOLV_CONF = '/run/systemd/resolve/resolv.conf'


@unittest.skipIf(networkd_active,
                 'networkd is already active')
class ClientTestBase:
    def setUp(self):
        self.iface = 'test_eth42'
        self.if_router = 'router_eth42'
        self.workdir_obj = tempfile.TemporaryDirectory()
        self.workdir = self.workdir_obj.name
        self.config = '/run/systemd/network/test_eth42.network'
        os.makedirs(os.path.dirname(self.config), exist_ok=True)

        # avoid "Failed to open /dev/tty" errors in containers
        os.environ['SYSTEMD_LOG_TARGET'] = 'journal'

        # determine path to systemd-networkd-wait-online
        for p in ['/usr/lib/systemd/systemd-networkd-wait-online',
                  '/lib/systemd/systemd-networkd-wait-online']:
            if os.path.exists(p):
                self.networkd_wait_online = p
                break
        else:
            self.fail('systemd-networkd-wait-online not found')

        # get current journal cursor
        out = subprocess.check_output(['journalctl', '-b', '--quiet',
                                       '--no-pager', '-n0', '--show-cursor'],
                                      universal_newlines=True)
        self.assertTrue(out.startswith('-- cursor:'))
        self.journal_cursor = out.split()[-1]

    def tearDown(self):
        self.shutdown_iface()
        if os.path.exists(self.config):
            os.unlink(self.config)
        subprocess.call(['systemctl', 'stop', 'systemd-networkd'])

    def show_journal(self, unit):
        '''Show journal of given unit since start of the test'''

        print('---- %s ----' % unit)
        sys.stdout.flush()
        subprocess.call(['journalctl', '-b', '--no-pager', '--quiet',
                         '--cursor', self.journal_cursor, '-u', unit])

    def create_iface(self, ipv6=False):
        '''Create test interface with DHCP server behind it'''

        raise NotImplementedError('must be implemented by a subclass')

    def shutdown_iface(self):
        '''Remove test interface and stop DHCP server'''

        raise NotImplementedError('must be implemented by a subclass')

    def print_server_log(self):
        '''Print DHCP server log for debugging failures'''

        raise NotImplementedError('must be implemented by a subclass')

    def do_test(self, coldplug=True, ipv6=False, extra_opts='',
                online_timeout=10, dhcp_mode='yes'):
        subprocess.check_call(['systemctl', 'start', 'systemd-resolved'])
        with open(self.config, 'w') as f:
            f.write('''[Match]
Name=%s
[Network]
DHCP=%s
%s''' % (self.iface, dhcp_mode, extra_opts))

        if coldplug:
            # create interface first, then start networkd
            self.create_iface(ipv6=ipv6)
            subprocess.check_call(['systemctl', 'start', 'systemd-networkd'])
        else:
            # start networkd first, then create interface
            subprocess.check_call(['systemctl', 'start', 'systemd-networkd'])
            self.create_iface(ipv6=ipv6)

        try:
            subprocess.check_call([self.networkd_wait_online, '--interface',
                                   self.iface, '--timeout=%i' % online_timeout])

            if ipv6:
                # check iface state and IP 6 address; FIXME: we need to wait a bit
                # longer, as the iface is "configured" already with IPv4 *or*
                # IPv6, but we want to wait for both
                for timeout in range(10):
                    out = subprocess.check_output(['ip', 'a', 'show', 'dev', self.iface])
                    if b'state UP' in out and b'inet6 2600' in out and b'inet 192.168' in out:
                        break
                    time.sleep(1)
                else:
                    self.fail('timed out waiting for IPv6 configuration')

                self.assertRegex(out, b'inet6 2600::.* scope global .*dynamic')
                self.assertRegex(out, b'inet6 fe80::.* scope link')
            else:
                # should have link-local address on IPv6 only
                out = subprocess.check_output(['ip', '-6', 'a', 'show', 'dev', self.iface])
                self.assertRegex(out, b'inet6 fe80::.* scope link')
                self.assertNotIn(b'scope global', out)

            # should have IPv4 address
            out = subprocess.check_output(['ip', '-4', 'a', 'show', 'dev', self.iface])
            self.assertIn(b'state UP', out)
            self.assertRegex(out, b'inet 192.168.5.\d+/.* scope global dynamic')

            # check networkctl state
            out = subprocess.check_output(['networkctl'])
            self.assertRegex(out, ('%s\s+ether\s+routable\s+unmanaged' % self.if_router).encode())
            self.assertRegex(out, ('%s\s+ether\s+routable\s+configured' % self.iface).encode())

            out = subprocess.check_output(['networkctl', 'status', self.iface])
            self.assertRegex(out, b'Type:\s+ether')
            self.assertRegex(out, b'State:\s+routable.*configured')
            self.assertRegex(out, b'Address:\s+192.168.5.\d+')
            if ipv6:
                self.assertRegex(out, b'2600::')
            else:
                self.assertNotIn(b'2600::', out)
            self.assertRegex(out, b'fe80::')
            self.assertRegex(out, b'Gateway:\s+192.168.5.1')
            self.assertRegex(out, b'DNS:\s+192.168.5.1')
        except (AssertionError, subprocess.CalledProcessError):
            # show networkd status, journal, and DHCP server log on failure
            with open(self.config) as f:
                print('\n---- %s ----\n%s' % (self.config, f.read()))
            print('---- interface status ----')
            sys.stdout.flush()
            subprocess.call(['ip', 'a', 'show', 'dev', self.iface])
            print('---- networkctl status %s ----' % self.iface)
            sys.stdout.flush()
            subprocess.call(['networkctl', 'status', self.iface])
            self.show_journal('systemd-networkd.service')
            self.print_server_log()
            raise

        for timeout in range(50):
            with open(RESOLV_CONF) as f:
                contents = f.read()
            if 'nameserver 192.168.5.1\n' in contents:
                break
            time.sleep(0.1)
        else:
            self.fail('nameserver 192.168.5.1 not found in ' + RESOLV_CONF)

        if not coldplug:
            # check post-down.d hook
            self.shutdown_iface()

    def test_coldplug_dhcp_yes_ip4(self):
        # we have a 12s timeout on RA, so we need to wait longer
        self.do_test(coldplug=True, ipv6=False, online_timeout=15)

    def test_coldplug_dhcp_yes_ip4_no_ra(self):
        # with disabling RA explicitly things should be fast
        self.do_test(coldplug=True, ipv6=False,
                     extra_opts='IPv6AcceptRA=False')

    def test_coldplug_dhcp_ip4_only(self):
        # we have a 12s timeout on RA, so we need to wait longer
        self.do_test(coldplug=True, ipv6=False, dhcp_mode='ipv4',
                     online_timeout=15)

    def test_coldplug_dhcp_ip4_only_no_ra(self):
        # with disabling RA explicitly things should be fast
        self.do_test(coldplug=True, ipv6=False, dhcp_mode='ipv4',
                     extra_opts='IPv6AcceptRA=False')

    def test_coldplug_dhcp_ip6(self):
        self.do_test(coldplug=True, ipv6=True)

    def test_hotplug_dhcp_ip4(self):
        # With IPv4 only we have a 12s timeout on RA, so we need to wait longer
        self.do_test(coldplug=False, ipv6=False, online_timeout=15)

    def test_hotplug_dhcp_ip6(self):
        self.do_test(coldplug=False, ipv6=True)

    def test_route_only_dns(self):
        with open('/run/systemd/network/myvpn.netdev', 'w') as f:
            f.write('''[NetDev]
Name=dummy0
Kind=dummy
MACAddress=12:34:56:78:9a:bc''')
        with open('/run/systemd/network/myvpn.network', 'w') as f:
            f.write('''[Match]
Name=dummy0
[Network]
Address=192.168.42.100
DNS=192.168.42.1
Domains= ~company''')
        self.addCleanup(os.remove, '/run/systemd/network/myvpn.netdev')
        self.addCleanup(os.remove, '/run/systemd/network/myvpn.network')

        self.do_test(coldplug=True, ipv6=False,
                     extra_opts='IPv6AcceptRouterAdvertisements=False')

        with open(RESOLV_CONF) as f:
            contents = f.read()
            # ~company is not a search domain, only a routing domain
            self.assertNotRegex(contents, 'search.*company')
            # our global server should appear
            self.assertIn('nameserver 192.168.5.1\n', contents)


@unittest.skipUnless(have_dnsmasq, 'dnsmasq not installed')
class DnsmasqClientTest(ClientTestBase, unittest.TestCase):
    '''Test networkd client against dnsmasq'''

    def setUp(self):
        super().setUp()
        self.dnsmasq = None

    def create_iface(self, ipv6=False):
        '''Create test interface with DHCP server behind it'''

        # add veth pair
        subprocess.check_call(['ip', 'link', 'add', 'name', self.iface, 'type',
                               'veth', 'peer', 'name', self.if_router])

        # give our router an IP
        subprocess.check_call(['ip', 'a', 'flush', 'dev', self.if_router])
        subprocess.check_call(['ip', 'a', 'add', '192.168.5.1/24', 'dev', self.if_router])
        if ipv6:
            subprocess.check_call(['ip', 'a', 'add', '2600::1/64', 'dev', self.if_router])
        subprocess.check_call(['ip', 'link', 'set', self.if_router, 'up'])

        # add DHCP server
        self.dnsmasq_log = os.path.join(self.workdir, 'dnsmasq.log')
        lease_file = os.path.join(self.workdir, 'dnsmasq.leases')
        if ipv6:
            extra_opts = ['--enable-ra', '--dhcp-range=2600::10,2600::20']
        else:
            extra_opts = []
        self.dnsmasq = subprocess.Popen(
            ['dnsmasq', '--keep-in-foreground', '--log-queries',
             '--log-facility=' + self.dnsmasq_log, '--conf-file=/dev/null',
             '--dhcp-leasefile=' + lease_file, '--bind-interfaces',
             '--interface=' + self.if_router, '--except-interface=lo',
             '--dhcp-range=192.168.5.10,192.168.5.200'] + extra_opts)

    def shutdown_iface(self):
        '''Remove test interface and stop DHCP server'''

        if self.if_router:
            subprocess.check_call(['ip', 'link', 'del', 'dev', self.if_router])
            self.if_router = None
        if self.dnsmasq:
            self.dnsmasq.kill()
            self.dnsmasq.wait()
            self.dnsmasq = None

    def print_server_log(self):
        '''Print DHCP server log for debugging failures'''

        with open(self.dnsmasq_log) as f:
            sys.stdout.write('\n\n---- dnsmasq log ----\n%s\n------\n\n' % f.read())


class NetworkdClientTest(ClientTestBase, unittest.TestCase):
    '''Test networkd client against networkd server'''

    def setUp(self):
        super().setUp()
        self.dnsmasq = None

    def create_iface(self, ipv6=False):
        '''Create test interface with DHCP server behind it'''

        # run "router-side" networkd in own mount namespace to shield it from
        # "client-side" configuration and networkd
        (fd, script) = tempfile.mkstemp(prefix='networkd-router.sh')
        self.addCleanup(os.remove, script)
        with os.fdopen(fd, 'w+') as f:
            f.write('''#!/bin/sh -eu
mkdir -p /run/systemd/network
mkdir -p /run/systemd/netif
mount -t tmpfs none /run/systemd/network
mount -t tmpfs none /run/systemd/netif
[ ! -e /run/dbus ] || mount -t tmpfs none /run/dbus
# create router/client veth pair
cat << EOF > /run/systemd/network/test.netdev
[NetDev]
Name=%(ifr)s
Kind=veth

[Peer]
Name=%(ifc)s
EOF

cat << EOF > /run/systemd/network/test.network
[Match]
Name=%(ifr)s

[Network]
Address=192.168.5.1/24
%(addr6)s
DHCPServer=yes

[DHCPServer]
PoolOffset=10
PoolSize=50
DNS=192.168.5.1
EOF

# run networkd as in systemd-networkd.service
exec $(systemctl cat systemd-networkd.service | sed -n '/^ExecStart=/ { s/^.*=//; p}')
''' % {'ifr': self.if_router, 'ifc': self.iface, 'addr6': ipv6 and 'Address=2600::1/64' or ''})

            os.fchmod(fd, 0o755)

        subprocess.check_call(['systemd-run', '--unit=networkd-test-router.service',
                               '-p', 'InaccessibleDirectories=-/etc/systemd/network',
                               '-p', 'InaccessibleDirectories=-/run/systemd/network',
                               '-p', 'InaccessibleDirectories=-/run/systemd/netif',
                               '--service-type=notify', script])

        # wait until devices got created
        for timeout in range(50):
            out = subprocess.check_output(['ip', 'a', 'show', 'dev', self.if_router])
            if b'state UP' in out and b'scope global' in out:
                break
            time.sleep(0.1)

    def shutdown_iface(self):
        '''Remove test interface and stop DHCP server'''

        if self.if_router:
            subprocess.check_call(['systemctl', 'stop', 'networkd-test-router.service'])
            # ensure failed transient unit does not stay around
            subprocess.call(['systemctl', 'reset-failed', 'networkd-test-router.service'])
            subprocess.call(['ip', 'link', 'del', 'dev', self.if_router])
            self.if_router = None

    def print_server_log(self):
        '''Print DHCP server log for debugging failures'''

        self.show_journal('networkd-test-router.service')

    @unittest.skip('networkd does not have DHCPv6 server support')
    def test_hotplug_dhcp_ip6(self):
        pass

    @unittest.skip('networkd does not have DHCPv6 server support')
    def test_coldplug_dhcp_ip6(self):
        pass

    def test_search_domains(self):

        # we don't use this interface for this test
        self.if_router = None

        with open('/run/systemd/network/test.netdev', 'w') as f:
            f.write('''[NetDev]
Name=dummy0
Kind=dummy
MACAddress=12:34:56:78:9a:bc''')
        with open('/run/systemd/network/test.network', 'w') as f:
            f.write('''[Match]
Name=dummy0
[Network]
Address=192.168.42.100
DNS=192.168.42.1
Domains= one two three four five six seven eight nine ten''')
        self.addCleanup(os.remove, '/run/systemd/network/test.netdev')
        self.addCleanup(os.remove, '/run/systemd/network/test.network')

        subprocess.check_call(['systemctl', 'start', 'systemd-networkd'])

        for timeout in range(50):
            with open(RESOLV_CONF) as f:
                contents = f.read()
            if ' one' in contents:
                break
            time.sleep(0.1)
        self.assertRegex(contents, 'search .*one two three four')
        self.assertNotIn('seven\n', contents)
        self.assertIn('# Too many search domains configured, remaining ones ignored.\n', contents)

    def test_search_domains_too_long(self):

        # we don't use this interface for this test
        self.if_router = None

        name_prefix = 'a' * 60

        with open('/run/systemd/network/test.netdev', 'w') as f:
            f.write('''[NetDev]
Name=dummy0
Kind=dummy
MACAddress=12:34:56:78:9a:bc''')
        with open('/run/systemd/network/test.network', 'w') as f:
            f.write('''[Match]
Name=dummy0
[Network]
Address=192.168.42.100
DNS=192.168.42.1
Domains=''')
            for i in range(5):
                f.write('%s%i ' % (name_prefix, i))

        self.addCleanup(os.remove, '/run/systemd/network/test.netdev')
        self.addCleanup(os.remove, '/run/systemd/network/test.network')

        subprocess.check_call(['systemctl', 'start', 'systemd-networkd'])

        for timeout in range(50):
            with open(RESOLV_CONF) as f:
                contents = f.read()
            if ' one' in contents:
                break
            time.sleep(0.1)
        self.assertRegex(contents, 'search .*%(p)s0 %(p)s1 %(p)s2' % {'p': name_prefix})
        self.assertIn('# Total length of all search domains is too long, remaining ones ignored.', contents)


if __name__ == '__main__':
    unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout,
                                                     verbosity=2))
Commit	Line	Data
4c89c718 MP	1	#!/usr/bin/env python3
	2	#
	3	# networkd integration test
	4	# This uses temporary configuration in /run and temporary veth devices, and
	5	# does not write anything on disk or change any system configuration;
	6	# but it assumes (and checks at the beginning) that networkd is not currently
	7	# running.
aa27b158 MP	8	#
	9	# This can be run on a normal installation, in QEMU, nspawn (with
	10	# --private-network), LXD (with "--config raw.lxc=lxc.aa_profile=unconfined"),
	11	# or LXC system containers. You need at least the "ip" tool from the iproute
	12	# package; it is recommended to install dnsmasq too to get full test coverage.
	13	#
4c89c718 MP	14	# ATTENTION: This uses the installed networkd, not the one from the built
	15	# source tree.
	16	#
	17	# (C) 2015 Canonical Ltd.
	18	# Author: Martin Pitt <martin.pitt@ubuntu.com>
	19	#
	20	# systemd is free software; you can redistribute it and/or modify it
	21	# under the terms of the GNU Lesser General Public License as published by
	22	# the Free Software Foundation; either version 2.1 of the License, or
	23	# (at your option) any later version.
	24
	25	# systemd is distributed in the hope that it will be useful, but
	26	# WITHOUT ANY WARRANTY; without even the implied warranty of
	27	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	28	# Lesser General Public License for more details.
	29	#
	30	# You should have received a copy of the GNU Lesser General Public License
	31	# along with systemd; If not, see <http://www.gnu.org/licenses/>.
	32
	33	import os
	34	import sys
	35	import time
	36	import unittest
	37	import tempfile
	38	import subprocess
	39	import shutil
	40
	41	networkd_active = subprocess.call(['systemctl', 'is-active', '--quiet',
	42	'systemd-networkd']) == 0
	43	have_dnsmasq = shutil.which('dnsmasq')
	44
5a920b42 MP	45	RESOLV_CONF = '/run/systemd/resolve/resolv.conf'
5a920b42 MP	46
4c89c718 MP	47
	48	@unittest.skipIf(networkd_active,
	49	'networkd is already active')
	50	class ClientTestBase:
	51	def setUp(self):
	52	self.iface = 'test_eth42'
	53	self.if_router = 'router_eth42'
	54	self.workdir_obj = tempfile.TemporaryDirectory()
	55	self.workdir = self.workdir_obj.name
	56	self.config = '/run/systemd/network/test_eth42.network'
	57	os.makedirs(os.path.dirname(self.config), exist_ok=True)
	58
	59	# avoid "Failed to open /dev/tty" errors in containers
	60	os.environ['SYSTEMD_LOG_TARGET'] = 'journal'
	61
	62	# determine path to systemd-networkd-wait-online
	63	for p in ['/usr/lib/systemd/systemd-networkd-wait-online',
	64	'/lib/systemd/systemd-networkd-wait-online']:
	65	if os.path.exists(p):
	66	self.networkd_wait_online = p
	67	break
	68	else:
	69	self.fail('systemd-networkd-wait-online not found')
	70
	71	# get current journal cursor
	72	out = subprocess.check_output(['journalctl', '-b', '--quiet',
	73	'--no-pager', '-n0', '--show-cursor'],
	74	universal_newlines=True)
	75	self.assertTrue(out.startswith('-- cursor:'))
	76	self.journal_cursor = out.split()[-1]
	77
	78	def tearDown(self):
	79	self.shutdown_iface()
	80	if os.path.exists(self.config):
	81	os.unlink(self.config)
	82	subprocess.call(['systemctl', 'stop', 'systemd-networkd'])
	83
	84	def show_journal(self, unit):
	85	'''Show journal of given unit since start of the test'''
	86
	87	print('---- %s ----' % unit)
	88	sys.stdout.flush()
	89	subprocess.call(['journalctl', '-b', '--no-pager', '--quiet',
	90	'--cursor', self.journal_cursor, '-u', unit])
	91
	92	def create_iface(self, ipv6=False):
	93	'''Create test interface with DHCP server behind it'''
	94
	95	raise NotImplementedError('must be implemented by a subclass')
	96
	97	def shutdown_iface(self):
	98	'''Remove test interface and stop DHCP server'''
	99
	100	raise NotImplementedError('must be implemented by a subclass')
	101
	102	def print_server_log(self):
	103	'''Print DHCP server log for debugging failures'''
	104
	105	raise NotImplementedError('must be implemented by a subclass')
	106
	107	def do_test(self, coldplug=True, ipv6=False, extra_opts='',
	108	online_timeout=10, dhcp_mode='yes'):
5a920b42	109	subprocess.check_call(['systemctl', 'start', 'systemd-resolved'])
4c89c718 MP	110	with open(self.config, 'w') as f:
	111	f.write('''[Match]
	112	Name=%s
	113	[Network]
	114	DHCP=%s
	115	%s''' % (self.iface, dhcp_mode, extra_opts))
	116
	117	if coldplug:
	118	# create interface first, then start networkd
	119	self.create_iface(ipv6=ipv6)
	120	subprocess.check_call(['systemctl', 'start', 'systemd-networkd'])
	121	else:
	122	# start networkd first, then create interface
	123	subprocess.check_call(['systemctl', 'start', 'systemd-networkd'])
	124	self.create_iface(ipv6=ipv6)
	125
	126	try:
	127	subprocess.check_call([self.networkd_wait_online, '--interface',
	128	self.iface, '--timeout=%i' % online_timeout])
	129
	130	if ipv6:
	131	# check iface state and IP 6 address; FIXME: we need to wait a bit
	132	# longer, as the iface is "configured" already with IPv4 or
	133	# IPv6, but we want to wait for both
	134	for timeout in range(10):
	135	out = subprocess.check_output(['ip', 'a', 'show', 'dev', self.iface])
	136	if b'state UP' in out and b'inet6 2600' in out and b'inet 192.168' in out:
	137	break
	138	time.sleep(1)
	139	else:
	140	self.fail('timed out waiting for IPv6 configuration')
	141
	142	self.assertRegex(out, b'inet6 2600::.* scope global .*dynamic')
	143	self.assertRegex(out, b'inet6 fe80::.* scope link')
	144	else:
	145	# should have link-local address on IPv6 only
	146	out = subprocess.check_output(['ip', '-6', 'a', 'show', 'dev', self.iface])
	147	self.assertRegex(out, b'inet6 fe80::.* scope link')
	148	self.assertNotIn(b'scope global', out)
	149
	150	# should have IPv4 address
	151	out = subprocess.check_output(['ip', '-4', 'a', 'show', 'dev', self.iface])
	152	self.assertIn(b'state UP', out)
	153	self.assertRegex(out, b'inet 192.168.5.\d+/.* scope global dynamic')
	154
	155	# check networkctl state
	156	out = subprocess.check_output(['networkctl'])
	157	self.assertRegex(out, ('%s\s+ether\s+routable\s+unmanaged' % self.if_router).encode())
	158	self.assertRegex(out, ('%s\s+ether\s+routable\s+configured' % self.iface).encode())
	159
	160	out = subprocess.check_output(['networkctl', 'status', self.iface])
	161	self.assertRegex(out, b'Type:\s+ether')
	162	self.assertRegex(out, b'State:\s+routable.*configured')
	163	self.assertRegex(out, b'Address:\s+192.168.5.\d+')
	164	if ipv6:
	165	self.assertRegex(out, b'2600::')
	166	else:
	167	self.assertNotIn(b'2600::', out)
	168	self.assertRegex(out, b'fe80::')
	169	self.assertRegex(out, b'Gateway:\s+192.168.5.1')
	170	self.assertRegex(out, b'DNS:\s+192.168.5.1')
	171	except (AssertionError, subprocess.CalledProcessError):
	172	# show networkd status, journal, and DHCP server log on failure
	173	with open(self.config) as f:
174	print('\n---- %s ----\n%s' % (self.config, f.read()))
175	print('---- interface status ----')
176	sys.stdout.flush()
177	subprocess.call(['ip', 'a', 'show', 'dev', self.iface])
178	print('---- networkctl status %s ----' % self.iface)
179	sys.stdout.flush()
180	subprocess.call(['networkctl', 'status', self.iface])
181	self.show_journal('systemd-networkd.service')
182	self.print_server_log()
183	raise
184
5a920b42 MP	185	for timeout in range(50):
	186	with open(RESOLV_CONF) as f:
	187	contents = f.read()
	188	if 'nameserver 192.168.5.1\n' in contents:
	189	break
	190	time.sleep(0.1)
	191	else:
	192	self.fail('nameserver 192.168.5.1 not found in ' + RESOLV_CONF)
4c89c718 MP	193
	194	if not coldplug:
	195	# check post-down.d hook
	196	self.shutdown_iface()
	197
	198	def test_coldplug_dhcp_yes_ip4(self):
	199	# we have a 12s timeout on RA, so we need to wait longer
	200	self.do_test(coldplug=True, ipv6=False, online_timeout=15)
	201
	202	def test_coldplug_dhcp_yes_ip4_no_ra(self):
	203	# with disabling RA explicitly things should be fast
	204	self.do_test(coldplug=True, ipv6=False,
5a920b42	205	extra_opts='IPv6AcceptRA=False')
4c89c718 MP	206
	207	def test_coldplug_dhcp_ip4_only(self):
	208	# we have a 12s timeout on RA, so we need to wait longer
	209	self.do_test(coldplug=True, ipv6=False, dhcp_mode='ipv4',
	210	online_timeout=15)
	211
	212	def test_coldplug_dhcp_ip4_only_no_ra(self):
	213	# with disabling RA explicitly things should be fast
	214	self.do_test(coldplug=True, ipv6=False, dhcp_mode='ipv4',
5a920b42	215	extra_opts='IPv6AcceptRA=False')
4c89c718 MP	216
	217	def test_coldplug_dhcp_ip6(self):
	218	self.do_test(coldplug=True, ipv6=True)
	219
	220	def test_hotplug_dhcp_ip4(self):
	221	# With IPv4 only we have a 12s timeout on RA, so we need to wait longer
	222	self.do_test(coldplug=False, ipv6=False, online_timeout=15)
	223
	224	def test_hotplug_dhcp_ip6(self):
	225	self.do_test(coldplug=False, ipv6=True)
	226
5a920b42 MP	227	def test_route_only_dns(self):
	228	with open('/run/systemd/network/myvpn.netdev', 'w') as f:
	229	f.write('''[NetDev]
	230	Name=dummy0
	231	Kind=dummy
	232	MACAddress=12:34:56:78:9a:bc''')
	233	with open('/run/systemd/network/myvpn.network', 'w') as f:
	234	f.write('''[Match]
	235	Name=dummy0
	236	[Network]
	237	Address=192.168.42.100
	238	DNS=192.168.42.1
	239	Domains= ~company''')
	240	self.addCleanup(os.remove, '/run/systemd/network/myvpn.netdev')
	241	self.addCleanup(os.remove, '/run/systemd/network/myvpn.network')
	242
	243	self.do_test(coldplug=True, ipv6=False,
	244	extra_opts='IPv6AcceptRouterAdvertisements=False')
	245
	246	with open(RESOLV_CONF) as f:
	247	contents = f.read()
	248	# ~company is not a search domain, only a routing domain
	249	self.assertNotRegex(contents, 'search.*company')
	250	# our global server should appear
	251	self.assertIn('nameserver 192.168.5.1\n', contents)
	252
4c89c718 MP	253
	254	@unittest.skipUnless(have_dnsmasq, 'dnsmasq not installed')
	255	class DnsmasqClientTest(ClientTestBase, unittest.TestCase):
	256	'''Test networkd client against dnsmasq'''
	257
	258	def setUp(self):
	259	super().setUp()
	260	self.dnsmasq = None
	261
	262	def create_iface(self, ipv6=False):
	263	'''Create test interface with DHCP server behind it'''
	264
	265	# add veth pair
	266	subprocess.check_call(['ip', 'link', 'add', 'name', self.iface, 'type',
	267	'veth', 'peer', 'name', self.if_router])
	268
	269	# give our router an IP
	270	subprocess.check_call(['ip', 'a', 'flush', 'dev', self.if_router])
	271	subprocess.check_call(['ip', 'a', 'add', '192.168.5.1/24', 'dev', self.if_router])
	272	if ipv6:
	273	subprocess.check_call(['ip', 'a', 'add', '2600::1/64', 'dev', self.if_router])
	274	subprocess.check_call(['ip', 'link', 'set', self.if_router, 'up'])
	275
	276	# add DHCP server
	277	self.dnsmasq_log = os.path.join(self.workdir, 'dnsmasq.log')
	278	lease_file = os.path.join(self.workdir, 'dnsmasq.leases')
	279	if ipv6:
	280	extra_opts = ['--enable-ra', '--dhcp-range=2600::10,2600::20']
	281	else:
	282	extra_opts = []
	283	self.dnsmasq = subprocess.Popen(
	284	['dnsmasq', '--keep-in-foreground', '--log-queries',
	285	'--log-facility=' + self.dnsmasq_log, '--conf-file=/dev/null',
	286	'--dhcp-leasefile=' + lease_file, '--bind-interfaces',
	287	'--interface=' + self.if_router, '--except-interface=lo',
	288	'--dhcp-range=192.168.5.10,192.168.5.200'] + extra_opts)
	289
	290	def shutdown_iface(self):
	291	'''Remove test interface and stop DHCP server'''
	292
	293	if self.if_router:
	294	subprocess.check_call(['ip', 'link', 'del', 'dev', self.if_router])
	295	self.if_router = None
	296	if self.dnsmasq:
	297	self.dnsmasq.kill()
	298	self.dnsmasq.wait()
	299	self.dnsmasq = None
	300
	301	def print_server_log(self):
	302	'''Print DHCP server log for debugging failures'''
	303
	304	with open(self.dnsmasq_log) as f:
	305	sys.stdout.write('\n\n---- dnsmasq log ----\n%s\n------\n\n' % f.read())
	306
	307
	308	class NetworkdClientTest(ClientTestBase, unittest.TestCase):
	309	'''Test networkd client against networkd server'''
	310
	311	def setUp(self):
	312	super().setUp()
	313	self.dnsmasq = None
	314
	315	def create_iface(self, ipv6=False):
	316	'''Create test interface with DHCP server behind it'''
317
318	# run "router-side" networkd in own mount namespace to shield it from
319	# "client-side" configuration and networkd
320	(fd, script) = tempfile.mkstemp(prefix='networkd-router.sh')
321	self.addCleanup(os.remove, script)
322	with os.fdopen(fd, 'w+') as f:
323	f.write('''#!/bin/sh -eu
324	mkdir -p /run/systemd/network
325	mkdir -p /run/systemd/netif
326	mount -t tmpfs none /run/systemd/network
327	mount -t tmpfs none /run/systemd/netif
328	[ ! -e /run/dbus ] \|\| mount -t tmpfs none /run/dbus
329	# create router/client veth pair
330	cat << EOF > /run/systemd/network/test.netdev
331	[NetDev]
332	Name=%(ifr)s
333	Kind=veth
334
335	[Peer]
336	Name=%(ifc)s
337	EOF
338
339	cat << EOF > /run/systemd/network/test.network
340	[Match]
341	Name=%(ifr)s
342
343	[Network]
344	Address=192.168.5.1/24
345	%(addr6)s
346	DHCPServer=yes
347
348	[DHCPServer]
349	PoolOffset=10
350	PoolSize=50
351	DNS=192.168.5.1
352	EOF
353
354	# run networkd as in systemd-networkd.service
355	exec $(systemctl cat systemd-networkd.service \| sed -n '/^ExecStart=/ { s/^.*=//; p}')
356	''' % {'ifr': self.if_router, 'ifc': self.iface, 'addr6': ipv6 and 'Address=2600::1/64' or ''})
357
358	os.fchmod(fd, 0o755)
359
360	subprocess.check_call(['systemd-run', '--unit=networkd-test-router.service',
361	'-p', 'InaccessibleDirectories=-/etc/systemd/network',
362	'-p', 'InaccessibleDirectories=-/run/systemd/network',
363	'-p', 'InaccessibleDirectories=-/run/systemd/netif',
364	'--service-type=notify', script])
365
366	# wait until devices got created
367	for timeout in range(50):
368	out = subprocess.check_output(['ip', 'a', 'show', 'dev', self.if_router])
369	if b'state UP' in out and b'scope global' in out:
370	break
371	time.sleep(0.1)
372
373	def shutdown_iface(self):
374	'''Remove test interface and stop DHCP server'''
375
376	if self.if_router:
377	subprocess.check_call(['systemctl', 'stop', 'networkd-test-router.service'])
378	# ensure failed transient unit does not stay around
379	subprocess.call(['systemctl', 'reset-failed', 'networkd-test-router.service'])
380	subprocess.call(['ip', 'link', 'del', 'dev', self.if_router])
381	self.if_router = None
382
383	def print_server_log(self):
384	'''Print DHCP server log for debugging failures'''
385
386	self.show_journal('networkd-test-router.service')
387
388	@unittest.skip('networkd does not have DHCPv6 server support')
389	def test_hotplug_dhcp_ip6(self):
390	pass
391
392	@unittest.skip('networkd does not have DHCPv6 server support')
393	def test_coldplug_dhcp_ip6(self):
394	pass
395
5a920b42 MP	396	def test_search_domains(self):
	397
	398	# we don't use this interface for this test
	399	self.if_router = None
	400
	401	with open('/run/systemd/network/test.netdev', 'w') as f:
	402	f.write('''[NetDev]
	403	Name=dummy0
	404	Kind=dummy
	405	MACAddress=12:34:56:78:9a:bc''')
	406	with open('/run/systemd/network/test.network', 'w') as f:
	407	f.write('''[Match]
	408	Name=dummy0
	409	[Network]
	410	Address=192.168.42.100
	411	DNS=192.168.42.1
	412	Domains= one two three four five six seven eight nine ten''')
	413	self.addCleanup(os.remove, '/run/systemd/network/test.netdev')
	414	self.addCleanup(os.remove, '/run/systemd/network/test.network')
	415
	416	subprocess.check_call(['systemctl', 'start', 'systemd-networkd'])
	417
	418	for timeout in range(50):
	419	with open(RESOLV_CONF) as f:
	420	contents = f.read()
	421	if ' one' in contents:
	422	break
	423	time.sleep(0.1)
	424	self.assertRegex(contents, 'search .*one two three four')
	425	self.assertNotIn('seven\n', contents)
	426	self.assertIn('# Too many search domains configured, remaining ones ignored.\n', contents)
	427
	428	def test_search_domains_too_long(self):
	429
	430	# we don't use this interface for this test
	431	self.if_router = None
	432
	433	name_prefix = 'a' * 60
	434
	435	with open('/run/systemd/network/test.netdev', 'w') as f:
	436	f.write('''[NetDev]
	437	Name=dummy0
	438	Kind=dummy
	439	MACAddress=12:34:56:78:9a:bc''')
	440	with open('/run/systemd/network/test.network', 'w') as f:
	441	f.write('''[Match]
	442	Name=dummy0
	443	[Network]
	444	Address=192.168.42.100
	445	DNS=192.168.42.1
	446	Domains=''')
	447	for i in range(5):
	448	f.write('%s%i ' % (name_prefix, i))
	449
	450	self.addCleanup(os.remove, '/run/systemd/network/test.netdev')
	451	self.addCleanup(os.remove, '/run/systemd/network/test.network')
	452
	453	subprocess.check_call(['systemctl', 'start', 'systemd-networkd'])
	454
	455	for timeout in range(50):
	456	with open(RESOLV_CONF) as f:
	457	contents = f.read()
	458	if ' one' in contents:
	459	break
460	time.sleep(0.1)
461	self.assertRegex(contents, 'search .*%(p)s0 %(p)s1 %(p)s2' % {'p': name_prefix})
462	self.assertIn('# Total length of all search domains is too long, remaining ones ignored.', contents)
463
4c89c718 MP	464
	465	if __name__ == '__main__':
	466	unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout,
	467	verbosity=2))