#!/bin/sh
set -eu

kver="$(uname -r)"
if linux-version compare "$kver" lt 6.5; then
    echo "I: This kernel version ($kver) is too old"
    exit 77
fi

. debian/tests/test-common

# Configure export
export_dir=/srv/server.internal
mkdir -p "$export_dir"
rm -f "$export_dir"/*
cat >/etc/exports <<EOF
$export_dir localhost(no_root_squash,rw,xprtsec=mtls)
EOF
exportfs -a

# Try to mount
mount_dir=/media/server.internal
mkdir -p "$mount_dir"
! mountpoint "$mount_dir" || umount "$mount_dir"
mount -t nfs -o nodev,nosuid,xprtsec=mtls \
      "server.internal:$export_dir" "$mount_dir"

# Check that mTLS is used
printf 'I: Mounted as: %s\n' "$(grep '^server\.internal:' /proc/mounts)"
if grep '^server\.internal:' /proc/mounts | grep -qv '\bxprtsec=mtls\b'; then
    echo >&2 "E: Missing xprtsec=mtls"
fi

# Check that it's really working
touch "$export_dir/server"
touch "$mount_dir/client"
if ! [ -f "$mount_dir/server" ]; then
    echo >&2 "E: Failing to see server changes on client"
fi
if ! [ -f "$export_dir/client" ]; then
    echo >&2 "E: Failing to see client changes on server"
fi
