mirror of
https://github.com/NixOS/nix.git
synced 2025-12-17 14:31:06 +01:00
57 lines
1.7 KiB
Nix
57 lines
1.7 KiB
Nix
with import ./config.nix;
|
|
|
|
{
|
|
# Test basic network functionality with a fixed-output derivation
|
|
testNetworkAccess = mkDerivation {
|
|
name = "test-network-access";
|
|
builder = builtins.toFile "builder.sh" ''
|
|
${bash}/bin/bash -c '
|
|
# Test basic network connectivity
|
|
# Try to resolve a hostname
|
|
if getent hosts localhost >/dev/null 2>&1; then
|
|
echo "DNS resolution works"
|
|
else
|
|
echo "DNS resolution failed"
|
|
exit 1
|
|
fi
|
|
|
|
# Test if we can see network interfaces
|
|
if ${coreutils}/bin/test -e /sys/class/net/eth0; then
|
|
echo "Network interface eth0 exists"
|
|
else
|
|
echo "Network interface eth0 missing"
|
|
exit 1
|
|
fi
|
|
|
|
# Create output
|
|
echo "Network test passed" > $out
|
|
'
|
|
'';
|
|
outputHashMode = "flat";
|
|
outputHashAlgo = "sha256";
|
|
outputHash = "sha256-YCa7ssqLHbdFkPJEG4REJJbsZF9g3w1i+Eg21nUYCCk=";
|
|
};
|
|
|
|
# Test that non-fixed-output derivations cannot access the network
|
|
testNoNetworkAccess = mkDerivation {
|
|
name = "test-no-network-access";
|
|
builder = builtins.toFile "builder.sh" ''
|
|
${bash}/bin/bash -c '
|
|
# This should fail because non-fixed-output derivations
|
|
# should not have network access
|
|
if getent hosts localhost >/dev/null 2>&1; then
|
|
echo "ERROR: DNS resolution works but should not!"
|
|
exit 1
|
|
fi
|
|
|
|
# There should be no network interfaces
|
|
if ${coreutils}/bin/test -e /sys/class/net/eth0; then
|
|
echo "ERROR: Network interface exists but should not!"
|
|
exit 1
|
|
fi
|
|
|
|
echo "Network properly isolated" > $out
|
|
'
|
|
'';
|
|
};
|
|
}
|