system tests: cleaner, safer use of systemd

First and foremost: use ephemeral (/run, $XDG) directories
for systemd unit files, so as not to vandalize a working system.

Second, refactor common systemd-related functionality into
a new helper file, loaded by the systemd-related tests.
Shared functionality includes:

  * setting $XDG_RUNTIME_DIR if unset and rootless
  * setting $UNIT_DIR for use by tests
  * new systemctl() and journalctl() functions, which
    include "--user" when rootless (why can't systemd
    figure this out on its own?)

Signed-off-by: Ed Santiago <[email protected]>

test/system/250-systemd.bats

@@ -4,17 +4,10 @@
 #
 
 load helpers
+load helpers.systemd
 
 SERVICE_NAME="podman_test_$(random_string)"
 
-SYSTEMCTL="systemctl"
-UNIT_DIR="/usr/lib/systemd/system"
-if is_rootless; then
-    UNIT_DIR="$HOME/.config/systemd/user"
-    mkdir -p $UNIT_DIR
-
-    SYSTEMCTL="$SYSTEMCTL --user"
-fi
 UNIT_FILE="$UNIT_DIR/$SERVICE_NAME.service"
 
 function setup() {
@@ -24,59 +17,47 @@ function setup() {
 }
 
 function teardown() {
-    run '?' $SYSTEMCTL stop "$SERVICE_NAME"
+    run '?' systemctl stop "$SERVICE_NAME"
     rm -f "$UNIT_FILE"
-    $SYSTEMCTL daemon-reload
+    systemctl daemon-reload
     run_podman rmi -a
 
     basic_teardown
 }
 
-# Helper to setup xdg runtime for rootless
-function xdg_rootless() {
-    # podman initializes this if unset, but systemctl doesn't
-    if is_rootless; then
-        if [ -z "$XDG_RUNTIME_DIR" ]; then
-            export XDG_RUNTIME_DIR=/run/user/$(id -u)
-        fi
-    fi
-}
-
 # Helper to start a systemd service running a container
 function service_setup() {
     run_podman generate systemd --new $cname
     echo "$output" > "$UNIT_FILE"
     run_podman rm $cname
 
-    $SYSTEMCTL daemon-reload
+    systemctl daemon-reload
 
-    run $SYSTEMCTL start "$SERVICE_NAME"
+    run systemctl start "$SERVICE_NAME"
     if [ $status -ne 0 ]; then
         die "Error starting systemd unit $SERVICE_NAME, output: $output"
     fi
 
-    run $SYSTEMCTL status "$SERVICE_NAME"
+    run systemctl status "$SERVICE_NAME"
     if [ $status -ne 0 ]; then
         die "Non-zero status of systemd unit $SERVICE_NAME, output: $output"
     fi
 }
 
 # Helper to stop a systemd service running a container
 function service_cleanup() {
-    run $SYSTEMCTL stop "$SERVICE_NAME"
+    run systemctl stop "$SERVICE_NAME"
     if [ $status -ne 0 ]; then
         die "Error stopping systemd unit $SERVICE_NAME, output: $output"
     fi
 
     rm -f "$UNIT_FILE"
-    $SYSTEMCTL daemon-reload
+    systemctl daemon-reload
 }
 
 # These tests can fail in dev. environment because of SELinux.
 # quick fix: chcon -t container_runtime_exec_t ./bin/podman
 @test "podman generate - systemd - basic" {
-    xdg_rootless
-
     cname=$(random_string)
     # See #7407 for --pull=always.
     run_podman create --pull=always --name $cname --label "io.containers.autoupdate=registry" $IMAGE top
@@ -100,8 +81,6 @@ function service_cleanup() {
 }
 
 @test "podman autoupdate local" {
-    xdg_rootless
-
     cname=$(random_string)
     run_podman create --name $cname --label "io.containers.autoupdate=local" $IMAGE top
 
@@ -128,8 +107,6 @@ function service_cleanup() {
 # These tests can fail in dev. environment because of SELinux.
 # quick fix: chcon -t container_runtime_exec_t ./bin/podman
 @test "podman generate systemd - envar" {
-    xdg_rootless
-
     cname=$(random_string)
     FOO=value BAR=%s run_podman create --name $cname --env FOO -e BAR --env MYVAR=myval \
         $IMAGE sh -c 'printenv && sleep 100'

test/system/255-auto-update.bats

@@ -4,32 +4,23 @@
 #
 
 load helpers
+load helpers.systemd
 
-DASHUSER=""
-UNIT_DIR="/run/systemd/system"
 SNAME_FILE=$BATS_TMPDIR/services
 
 function setup() {
     skip_if_remote "systemd tests are meaningless over remote"
-
-    if is_rootless; then
-        test -n "${XDG_RUNTIME_DIR}" || skip "\$XDG_RUNTIME_DIR is unset"
-        UNIT_DIR="${XDG_RUNTIME_DIR}/systemd/user"
-        mkdir -p $UNIT_DIR
-        # Why isn't systemd smart enough to figure this out on its own?
-        DASHUSER="--user"
-    fi
     basic_setup
 }
 
 function teardown() {
     while read line; do
         if [[ "$line" =~ "podman-auto-update" ]]; then
             echo "Stop timer: $line.timer"
-            systemctl $DASHUSER stop $line.timer
-            systemctl $DASHUSER disable $line.timer
+            systemctl stop $line.timer
+            systemctl disable $line.timer
         else
-            systemctl $DASHUSER stop $line
+            systemctl stop $line
         fi
         rm -f $UNIT_DIR/$line.{service,timer}
     done < $SNAME_FILE
@@ -69,9 +60,9 @@ function generate_service() {
     echo "container-$cname" >> $SNAME_FILE
     run_podman rm -f $cname
 
-    systemctl $DASHUSER daemon-reload
-    systemctl $DASHUSER start container-$cname
-    systemctl $DASHUSER status container-$cname
+    systemctl daemon-reload
+    systemctl start container-$cname
+    systemctl status container-$cname
 
     # Original image ID.
     # IMPORTANT: variable 'ori_image' is passed (out of scope) up to caller!
@@ -84,15 +75,15 @@ function _wait_service_ready() {
 
     local timeout=6
     while [[ $timeout -gt 1 ]]; do
-        if systemctl $DASHUSER -q is-active $sname; then
+        if systemctl -q is-active $sname; then
             return
         fi
         sleep 1
         let timeout=$timeout-1
     done
 
     # Print serivce status as debug information before failed the case
-    systemctl $DASHUSER status $sname
+    systemctl status $sname
     die "Timed out waiting for $sname to start"
 }
 
@@ -267,14 +258,14 @@ WantedBy=multi-user.target default.target
 EOF
 
     echo "podman-auto-update-$cname" >> $SNAME_FILE
-    systemctl $DASHUSER enable --now podman-auto-update-$cname.timer
-    systemctl $DASHUSER list-timers --all
+    systemctl enable --now podman-auto-update-$cname.timer
+    systemctl list-timers --all
 
     local expect='Finished Podman auto-update testing service'
     local failed_start=failed
     local count=0
     while [ $count -lt 120 ]; do
-        run journalctl $DASHUSER -n 15 -u podman-auto-update-$cname.service
+        run journalctl -n 15 -u podman-auto-update-$cname.service
         if [[ "$output" =~ $expect ]]; then
             failed_start=
             break

test/system/270-socket-activation.bats

@@ -4,21 +4,12 @@
 #
 
 load helpers
+load helpers.systemd
 
 SERVICE_NAME="podman_test_$(random_string)"
 
-SYSTEMCTL="systemctl"
-UNIT_DIR="/usr/lib/systemd/system"
 SERVICE_SOCK_ADDR="/run/podman/podman.sock"
-
 if is_rootless; then
-    UNIT_DIR="$HOME/.config/systemd/user"
-    mkdir -p $UNIT_DIR
-
-    SYSTEMCTL="$SYSTEMCTL --user"
-    if [ -z "$XDG_RUNTIME_DIR" ]; then
-        export XDG_RUNTIME_DIR=/run/user/$(id -u)
-    fi
     SERVICE_SOCK_ADDR="$XDG_RUNTIME_DIR/podman/podman.sock"
 fi
 
@@ -66,13 +57,13 @@ EOF
             rm -f $pause_pid
         fi
     fi
-    $SYSTEMCTL start "$SERVICE_NAME.socket"
+    systemctl start "$SERVICE_NAME.socket"
 }
 
 function teardown() {
-    $SYSTEMCTL stop "$SERVICE_NAME.socket"
+    systemctl stop "$SERVICE_NAME.socket"
     rm -f "$SERVICE_FILE" "$SOCKET_FILE"
-    $SYSTEMCTL daemon-reload
+    systemctl daemon-reload
     basic_teardown
 }
 

test/system/helpers.systemd.bash

@@ -0,0 +1,30 @@
+# -*- bash -*-
+#
+# BATS helpers for systemd-related functionality
+#
+
+# podman initializes this if unset, but systemctl doesn't
+if [ -z "$XDG_RUNTIME_DIR" ]; then
+    if is_rootless; then
+        export XDG_RUNTIME_DIR=/run/user/$(id -u)
+    fi
+fi
+
+# For tests which write systemd unit files
+UNIT_DIR="/run/systemd/system"
+_DASHUSER=
+if is_rootless; then
+    UNIT_DIR="${XDG_RUNTIME_DIR}/systemd/user"
+    # Why isn't systemd smart enough to figure this out on its own?
+    _DASHUSER="--user"
+fi
+
+mkdir -p $UNIT_DIR
+
+systemctl() {
+    command systemctl $_DASHUSER "$@"
+}
+
+journalctl() {
+    command journalctl $_DASHUSER "$@"
+}