use systemd_run::{Identity, RunSystem}; #[async_std::test] #[ignore] #[cfg(feature = "systemd_231")] async fn test_root_dynamic_user() { let r = RunSystem::new("/bin/true") .identity(Identity::dynamic()) .start() .await .expect("should be able to start /bin/true") .wait() .await .expect("should be able to get the status of the Run"); assert!( !r.is_failed(), "/bin/true should run successfully with Dynamic Identity" ); } #[async_std::test] #[ignore] async fn test_root_nobody() { let r = RunSystem::new("/bin/true") .identity(Identity::user_group("nobody", "nogroup")) .start() .await .expect("should be able to start /bin/true") .wait() .await .expect("should be able to get the status of the Run"); assert!( !r.is_failed(), "/bin/true should run successfully with nobody Identity" ); } #[async_std::test] #[ignore] #[cfg(feature = "systemd_236")] async fn test_root_dynamic_user_access() { let f = "/run/rust_systemd_run_test_file"; let r = RunSystem::new("/bin/touch") .arg(f) .collect_on_fail() .identity(Identity::dynamic()) .start() .await .expect("should be able to start /bin/true") .wait() .await .expect("should be able to get the status of the Run"); assert!( r.is_failed(), "Dynamic identity should not be able to touch {}", f ); } #[async_std::test] #[ignore] #[cfg(feature = "systemd_236")] async fn test_root_nobody_access() { let f = "/run/rust_systemd_run_test_file"; let r = RunSystem::new("/bin/touch") .arg(f) .collect_on_fail() .identity(Identity::user_group("nobody", "nogroup")) .start() .await .expect("should be able to start /bin/true") .wait() .await .expect("should be able to get the status of the Run"); assert!( r.is_failed(), "nobody Identity should not be able to touch {}", f ); }