From dd184470550d02ca8f89a0c11b9b20de3ecfa3d1 Mon Sep 17 00:00:00 2001
From: Dan Peebles <pumpkin@me.com>
Date: Sun, 24 Jan 2016 04:06:19 +0000
Subject: [PATCH] grsecurity: add NixOS VM test

---
 nixos/release.nix          |  1 +
 nixos/tests/grsecurity.nix | 19 +++++++++++++++++++
 2 files changed, 20 insertions(+)
 create mode 100644 nixos/tests/grsecurity.nix

diff --git a/nixos/release.nix b/nixos/release.nix
index 3c7cf84c6729..9c15b1ea0746 100644
--- a/nixos/release.nix
+++ b/nixos/release.nix
@@ -230,6 +230,7 @@ in rec {
   #tests.gitlab = callTest tests/gitlab.nix {};
   tests.gnome3 = callTest tests/gnome3.nix {};
   tests.gnome3-gdm = callTest tests/gnome3-gdm.nix {};
+  tests.grsecurity = callTest tests/grsecurity.nix {};
   tests.i3wm = callTest tests/i3wm.nix {};
   tests.installer.grub1 = forAllSystems (system: hydraJob (import tests/installer.nix { inherit system; }).grub1.test);
   tests.installer.lvm = forAllSystems (system: hydraJob (import tests/installer.nix { inherit system; }).lvm.test);
diff --git a/nixos/tests/grsecurity.nix b/nixos/tests/grsecurity.nix
new file mode 100644
index 000000000000..14f1aa9ff885
--- /dev/null
+++ b/nixos/tests/grsecurity.nix
@@ -0,0 +1,19 @@
+# Basic test to make sure grsecurity works
+
+import ./make-test.nix ({ pkgs, ...} : {
+  name = "grsecurity";
+  meta = with pkgs.stdenv.lib.maintainers; {
+    maintainers = [ copumpkin ];
+  };
+
+  machine = { config, pkgs, ... }:
+    { boot.kernelPackages = pkgs.linuxPackages_grsec_testing_server; };
+
+  testScript =
+    ''
+      $machine->succeed("uname -a") =~ /grsec/;
+      # FIXME: this seems to hang the whole test. Unclear why, but let's fix it
+      # $machine->succeed("${pkgs.paxtest}/bin/paxtest blackhat");
+    '';
+})
+