mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-19 12:11:28 +00:00
Code Issues Wiki Activity

Merge pull request #40801 from xeji/test/dnscrypt-proxy

Browse source 
nixos/dnscrypt-proxy: fix apparmor profile and test
This commit is contained in:
Samuel Leathers 2018-05-19 21:11:17 -04:00 committed by GitHub
parent f4ec18aaac 8dbd8f4d69
commit fef6b9ac0c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
nixos/modules/services/networking/dnscrypt-proxy.nix
View file

@ -192,6 +192,7 @@ in
security.apparmor.profiles = singleton (pkgs.writeText "apparmor-dnscrypt-proxy" ''
${pkgs.dnscrypt-proxy}/bin/dnscrypt-proxy {
/dev/null rw,
/dev/random r,
/dev/urandom r,
/etc/passwd r,
@ -211,6 +212,9 @@ in
${getLib pkgs.gcc.cc}/lib/libssp.so.* mr,
${getLib pkgs.libsodium}/lib/libsodium.so.* mr,
${getLib pkgs.systemd}/lib/libsystemd.so.* mr,
${getLib pkgs.utillinuxMinimal.out}/lib/libmount.so.* mr,
${getLib pkgs.utillinuxMinimal.out}/lib/libblkid.so.* mr,
${getLib pkgs.utillinuxMinimal.out}/lib/libuuid.so.* mr,
${getLib pkgs.xz}/lib/liblzma.so.* mr,
${getLib pkgs.libgcrypt}/lib/libgcrypt.so.* mr,
${getLib pkgs.libgpgerror}/lib/libgpg-error.so.* mr,

3
nixos/tests/dnscrypt-proxy.nix
View file

@ -26,7 +26,8 @@ import ./make-test.nix ({ pkgs, ... }: {
$client->waitForUnit("dnsmasq");
# The daemon is socket activated; sending a single ping should activate it.
$client->fail("systemctl is-active dnscrypt-proxy");
$client->execute("${pkgs.iputils}/bin/ping -c1 example.com");
$client->succeed("systemctl is-active dnscrypt-proxy");
$client->waitUntilSucceeds("systemctl is-active dnscrypt-proxy");
'';
})