summary: Check basic core20 and later system functionality details: | Verify some basic functionalities in ubuntu core (>=20): system snaps are present, the system is fully seeded, install a simple snap, check boot configuration, symlinks in /var/lib/snapd/snaps, snap recovery, loop devices and apparmor after a reboot works properly systems: - ubuntu-core-20-* - ubuntu-core-22-* execute: | case "$SPREAD_SYSTEM" in ubuntu-core-22-*) base_snap=core22 ;; ubuntu-core-20-*) base_snap=core20 ;; esac echo "Check that the system snaps are there" snap list "${base_snap}" snap list snapd if snap list core; then echo "The old core snap is installed but should not" exit 1 fi echo "Ensure that the system is fully seeded" snap changes | MATCH "Done.*Initialize system state" echo "Check that a simple shell snap" if os.query is-core22; then snap install --edge "test-snapd-sh-${base_snap}" else snap install "test-snapd-sh-${base_snap}" fi "test-snapd-sh-${base_snap}.sh" -c 'echo hello' | MATCH hello if python3 -m json.tool < /var/lib/snapd/system-key | grep '"build-id": ""'; then echo "The build-id of snapd must not be empty." exit 1 fi echo "Ensure passwd/group is available for snaps" "test-snapd-sh-${base_snap}.sh" -c 'cat /var/lib/extrausers/passwd' | MATCH test # rpi devices don't use grub if ( os.query is-core20 || os.query is-core22 ) && not snap list pi-kernel &>/dev/null; then echo "Ensure extracted kernel.efi exists" kernel_name="$(snaps.name kernel)" test -e /boot/grub/"$kernel_name"*/kernel.efi echo "Ensure kernel.efi is a symlink" test -L /boot/grub/kernel.efi echo "Ensure we are using managed boot assets" MATCH '# Snapd-Boot-Config-Edition: [0-9]+' < /boot/grub/grub.cfg MATCH '# Snapd-Boot-Config-Edition: [0-9]+' < /run/mnt/ubuntu-seed/EFI/ubuntu/grub.cfg else echo "Ensure extracted {kernel,initrd}.img exists" test -e /run/mnt/ubuntu-seed/systems/*/kernel/kernel.img test -e /run/mnt/ubuntu-seed/systems/*/kernel/initrd.img fi echo "Ensure that model was written to ubuntu-boot" test -e /run/mnt/ubuntu-boot/device/model # ensure that our the-tool (and thus our snap-bootstrap ran) # for external backend the initramfs is not rebuilt echo "Check that we booted with the rebuilt initramfs in the kernel snap" if [ "$SPREAD_BACKEND" != "external" ] && [ "$SPREAD_BACKEND" != "testflinger" ]; then test -e /writable/system-data/the-tool-ran fi # ensure we handled cloud-init, either we have: # a) cloud init is disabled # b) there was a cloud.cfg.d override (e.g. MAAS), then we must have more # files in writable than in the core20 snap. The core20 content and the # extra config will be merged test -e /writable/system-data/etc/cloud/cloud-init.disabled || [ "$(find /writable/system-data/etc/cloud/cloud.cfg.d/ | wc -l)" -gt "$(find /snap/"${base_snap}"/current/etc/cloud/cloud.cfg.d/ | wc -l)" ] # ensure that we have no symlinks from /var/lib/snapd/snaps to # /var/lib/snapd/seed for sn in /var/lib/snapd/snaps/*.snap ; do if [[ -L $sn ]]; then echo "snap $sn is a symlink but should not be" exit 1 fi done # ensure that disk-mapping.json is created - we check the format of this # file in unit tests and in uc20-create-partitions so we don't check # anything here, just that the file exists test -e /var/lib/snapd/device/disk-mapping.json # ubuntu-save has it too test -e /run/mnt/ubuntu-save/device/disk-mapping.json # ensure the "snap recovery" command works MODEL="$(snap model --verbose | grep '^model' | awk '{ print $2 }')" BRAND_ID="$(snap model --verbose | grep '^brand-id:' | awk '{print $2}')" if [ "$(snap known account "username=$BRAND_ID" | grep '^validation:' | awk '{print $2}')" != "unproven" ]; then BRAND_ID="$BRAND_ID\*\*" fi snap recovery --unicode=never | MATCH "[0-9]+ +$BRAND_ID +$MODEL +current" # check that we have a boot-flags file test -f /run/snapd/boot-flags # make sure that loop devices created by snap-bootstrap initramfs-mounts for snaps are readonly for mount in /run/mnt/base /run/mnt/kernel; do mountpoint "${mount}" loop="$(findmnt -o source "${mount}" -n)" echo "${loop}" | MATCH "/dev/loop[0-9]+" losetup -O ro -n --raw "${loop}" | MATCH "1" done # ensure apparmor works, see LP: 2024637 systemctl status apparmor.service # reboot to double check that apparmor still works after the reboot # (LP: 2024637) if [ "$SPREAD_REBOOT" = 0 ]; then REBOOT fi