forked from sig_core/toolkit
update some functional tests
This commit is contained in:
parent
3251a7bc30
commit
6914d651c4
@ -28,9 +28,11 @@ How to Run
|
|||||||
There are two ways to run through the tests:
|
There are two ways to run through the tests:
|
||||||
|
|
||||||
* By running `/bin/bash runtests.sh`
|
* By running `/bin/bash runtests.sh`
|
||||||
* Runs all tests
|
* Runs all core tests
|
||||||
|
* By running `/bin/bash stacktests.sh`
|
||||||
|
* Runs all stack tests (eg, lamp, ipa)
|
||||||
* By running `/bin/bash monotests.sh`
|
* By running `/bin/bash monotests.sh`
|
||||||
* Runs all tests one by one to help identify failures as they happen
|
* Supposed to runs all tests one by one to help identify failures as they happen (not functional)
|
||||||
|
|
||||||
Adding Tests
|
Adding Tests
|
||||||
------------
|
------------
|
||||||
@ -316,6 +318,9 @@ Current Tree
|
|||||||
│ │ ├── 00-install-lsof.sh
|
│ │ ├── 00-install-lsof.sh
|
||||||
│ │ ├── 10-test-lsof.sh
|
│ │ ├── 10-test-lsof.sh
|
||||||
│ │ └── README.md
|
│ │ └── README.md
|
||||||
|
│ ├── pkg_mdadm
|
||||||
|
│ │ ├── 00-install-mdadm.sh
|
||||||
|
│ │ └── 01-test-mdadm.sh
|
||||||
│ ├── pkg_network
|
│ ├── pkg_network
|
||||||
│ │ ├── 00-install-packages.sh
|
│ │ ├── 00-install-packages.sh
|
||||||
│ │ ├── 10-tracepath.sh
|
│ │ ├── 10-tracepath.sh
|
||||||
@ -348,6 +353,13 @@ Current Tree
|
|||||||
│ │ ├── 30-postfix-sasl.sh
|
│ │ ├── 30-postfix-sasl.sh
|
||||||
│ │ ├── 40-postfix-tls.sh
|
│ │ ├── 40-postfix-tls.sh
|
||||||
│ │ └── README.md
|
│ │ └── README.md
|
||||||
|
│ ├── pkg_postgresql
|
||||||
|
│ │ ├── 00-install-postgresql.sh
|
||||||
|
│ │ ├── 01-configure-postgresql.sh
|
||||||
|
│ │ ├── 10-create-db.sh
|
||||||
|
│ │ ├── 11-create-user.sh
|
||||||
|
│ │ ├── 20-drop-db.sh
|
||||||
|
│ │ └── 21-drop-user.sh
|
||||||
│ ├── pkg_python
|
│ ├── pkg_python
|
||||||
│ │ ├── 00-install-python.sh
|
│ │ ├── 00-install-python.sh
|
||||||
│ │ ├── 10-test-python3.sh
|
│ │ ├── 10-test-python3.sh
|
||||||
@ -423,6 +435,11 @@ Current Tree
|
|||||||
│ ├── pkg_telnet
|
│ ├── pkg_telnet
|
||||||
│ │ ├── 00-install-telnet.sh
|
│ │ ├── 00-install-telnet.sh
|
||||||
│ │ └── 10-test-telnet.sh
|
│ │ └── 10-test-telnet.sh
|
||||||
|
│ ├── pkg_tftp-server
|
||||||
|
│ │ ├── 00-install-tftp.sh
|
||||||
|
│ │ ├── 01-configure-tftp.sh
|
||||||
|
│ │ ├── 10-get-test.sh
|
||||||
|
│ │ └── 11-put-test.sh
|
||||||
│ ├── pkg_vsftpd
|
│ ├── pkg_vsftpd
|
||||||
│ │ ├── 00-install-vsftpd.sh
|
│ │ ├── 00-install-vsftpd.sh
|
||||||
│ │ ├── 10-anonymous-vsftpd.sh
|
│ │ ├── 10-anonymous-vsftpd.sh
|
||||||
@ -447,20 +464,21 @@ Current Tree
|
|||||||
├── README.md
|
├── README.md
|
||||||
├── runtests.sh
|
├── runtests.sh
|
||||||
├── skip.list
|
├── skip.list
|
||||||
└── stacks
|
├── stacks
|
||||||
├── ipa
|
│ ├── ipa
|
||||||
│ ├── 00-ipa-pregame.sh
|
│ │ ├── 00-ipa-pregame.sh
|
||||||
│ ├── 10-install-ipa.sh
|
│ │ ├── 10-install-ipa.sh
|
||||||
│ ├── 11-configure-ipa.sh
|
│ │ ├── 11-configure-ipa.sh
|
||||||
│ ├── 12-verify-ipa.sh
|
│ │ ├── 12-verify-ipa.sh
|
||||||
│ ├── 20-ipa-user.sh
|
│ │ ├── 20-ipa-user.sh
|
||||||
│ ├── 21-ipa-service.sh
|
│ │ ├── 21-ipa-service.sh
|
||||||
│ ├── 22-ipa-dns.sh
|
│ │ ├── 22-ipa-dns.sh
|
||||||
│ ├── 23-ipa-sudo.sh
|
│ │ ├── 23-ipa-sudo.sh
|
||||||
│ ├── 50-cleanup-ipa.sh
|
│ │ ├── 50-cleanup-ipa.sh
|
||||||
│ └── README.md
|
│ │ └── README.md
|
||||||
└── lamp
|
│ └── lamp
|
||||||
├── 00-install-lamp.sh
|
│ ├── 00-install-lamp.sh
|
||||||
├── 01-verification.sh
|
│ ├── 01-verification.sh
|
||||||
└── 10-test-lamp.sh
|
│ └── 10-test-lamp.sh
|
||||||
|
└── stacks.sh
|
||||||
```
|
```
|
||||||
|
@ -9,7 +9,7 @@ fi
|
|||||||
|
|
||||||
COUNTS="$(grep -c rockylinux.org $FIREPATH)"
|
COUNTS="$(grep -c rockylinux.org $FIREPATH)"
|
||||||
|
|
||||||
if [ "$COUNTS" -eq 2 ]; then
|
if [ "$COUNTS" -ge 2 ]; then
|
||||||
r_checkExitStatus 0
|
r_checkExitStatus 0
|
||||||
else
|
else
|
||||||
r_checkExitStatus 1
|
r_checkExitStatus 1
|
||||||
|
3
func/core/pkg_mdadm/00-install-mdadm.sh
Executable file
3
func/core/pkg_mdadm/00-install-mdadm.sh
Executable file
@ -0,0 +1,3 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
r_log "mdadm" "Install mdadm"
|
||||||
|
p_installPackageNormal mdadm
|
13
func/core/pkg_mdadm/01-test-mdadm.sh
Executable file
13
func/core/pkg_mdadm/01-test-mdadm.sh
Executable file
@ -0,0 +1,13 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
r_log "mdadm" "Check that mdadm will operate and return the right exit codes"
|
||||||
|
[ ${EUID} -eq 0 ] || { r_log "mdadm" "Not running as root. Skipping." ; exit "$PASS"; }
|
||||||
|
MDADM=$(which mdadm)
|
||||||
|
|
||||||
|
[ -z "${MDADM}" ] && { r_log "mdadm" "which reported the binary but it doesn't exist, why?"; exit "$FAIL"; }
|
||||||
|
|
||||||
|
${MDADM} --detail --scan &> /dev/null
|
||||||
|
ret_val=$?
|
||||||
|
|
||||||
|
[ "$ret_val" -eq 0 ] || { r_log "mdadm" "There was a non-zero exit. This is likely fatal."; exit "$FAIL"; }
|
||||||
|
|
||||||
|
r_checkExitStatus $ret_val
|
3
func/core/pkg_postgresql/00-install-postgresql.sh
Executable file
3
func/core/pkg_postgresql/00-install-postgresql.sh
Executable file
@ -0,0 +1,3 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
r_log "postgresql" "Installing postgresql"
|
||||||
|
p_installPackageNormal postgresql-server postgresql
|
5
func/core/pkg_postgresql/01-configure-postgresql.sh
Executable file
5
func/core/pkg_postgresql/01-configure-postgresql.sh
Executable file
@ -0,0 +1,5 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
r_log "postgresql" "Initialize postgresql"
|
||||||
|
postgresql-setup --initdb
|
||||||
|
m_serviceCycler postgresql-server cycle
|
||||||
|
sleep 15
|
4
func/core/pkg_postgresql/10-create-db.sh
Executable file
4
func/core/pkg_postgresql/10-create-db.sh
Executable file
@ -0,0 +1,4 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
r_log "postgresql" "Creating db"
|
||||||
|
su - postgres -c 'createdb pg_test'
|
||||||
|
r_checkExitStatus $?
|
4
func/core/pkg_postgresql/11-create-user.sh
Executable file
4
func/core/pkg_postgresql/11-create-user.sh
Executable file
@ -0,0 +1,4 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
r_log "postgresql" "Creating user"
|
||||||
|
su - postgres -c 'createuser -S -R -D testuser' > /dev/null 2>&1
|
||||||
|
r_checkExitStatus $?
|
4
func/core/pkg_postgresql/20-drop-db.sh
Executable file
4
func/core/pkg_postgresql/20-drop-db.sh
Executable file
@ -0,0 +1,4 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
r_log "postgresql" "Dropping database"
|
||||||
|
su - postgres -c 'dropdb pg_test' > /dev/null 2>&1
|
||||||
|
r_checkExitStatus $?
|
4
func/core/pkg_postgresql/21-drop-user.sh
Executable file
4
func/core/pkg_postgresql/21-drop-user.sh
Executable file
@ -0,0 +1,4 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
r_log "postgresql" "Dropping user"
|
||||||
|
su - postgres -c 'dropuser testuser' > /dev/null 2>&1
|
||||||
|
r_checkExitStatus $?
|
@ -4,10 +4,10 @@ r_log "rocky" "Check /etc/os-release stuff"
|
|||||||
r_log "rocky" "Verify support directives"
|
r_log "rocky" "Verify support directives"
|
||||||
for s in NAME=\"Rocky\ Linux\" \
|
for s in NAME=\"Rocky\ Linux\" \
|
||||||
ID=\"rocky\" \
|
ID=\"rocky\" \
|
||||||
ROCKY_SUPPORT_PRODUCT=\"Rocky\ Linux\" \
|
ROCKY_SUPPORT_PRODUCT=\"Rocky-Linux-$RL_VER\" \
|
||||||
ROCKY_SUPPORT_PRODUCT_VERSION=\"$RL_VER\"; do
|
ROCKY_SUPPORT_PRODUCT_VERSION=\"$RL_VER\"; do
|
||||||
if ! grep -q "$s" /etc/os-release; then
|
if ! grep -q "$s" /etc/os-release; then
|
||||||
r_log "rocky" "Missing string in /etc/os-release"
|
r_log "rocky" "Missing string ($s) in /etc/os-release"
|
||||||
r_checkExitStatus 1
|
r_checkExitStatus 1
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
3
func/core/pkg_tftp-server/00-install-tftp.sh
Executable file
3
func/core/pkg_tftp-server/00-install-tftp.sh
Executable file
@ -0,0 +1,3 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
r_log "tftp" "Installing packages"
|
||||||
|
p_installPackageNormal tftp-server tftp
|
20
func/core/pkg_tftp-server/01-configure-tftp.sh
Executable file
20
func/core/pkg_tftp-server/01-configure-tftp.sh
Executable file
@ -0,0 +1,20 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
r_log "tftp" "Configure tftp"
|
||||||
|
|
||||||
|
cat <<EOF > /etc/xinetd.d/tftp
|
||||||
|
service tftp
|
||||||
|
{
|
||||||
|
socket_type = dgram
|
||||||
|
protocol = udp
|
||||||
|
wait = yes
|
||||||
|
user = root
|
||||||
|
server = /usr/sbin/in.tftpd
|
||||||
|
server_args = -s /var/lib/tftpboot
|
||||||
|
disable = no
|
||||||
|
per_source = 11
|
||||||
|
cps = 100 2
|
||||||
|
flags = IPv4
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
|
||||||
|
m_serviceCycler tftp.socket start
|
10
func/core/pkg_tftp-server/10-get-test.sh
Executable file
10
func/core/pkg_tftp-server/10-get-test.sh
Executable file
@ -0,0 +1,10 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
r_log "tftp" "Getting a file from tftp"
|
||||||
|
|
||||||
|
chmod 777 /var/lib/tftpboot
|
||||||
|
echo "rocky func" > /var/lib/tftpboot/tftptest
|
||||||
|
tftp 127.0.0.1 -c get tftptest
|
||||||
|
|
||||||
|
grep -q "rocky func" tftptest
|
||||||
|
r_checkExitStatus
|
||||||
|
/bin/rm tftptest
|
14
func/core/pkg_tftp-server/11-put-test.sh
Executable file
14
func/core/pkg_tftp-server/11-put-test.sh
Executable file
@ -0,0 +1,14 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
r_log "tftp" "Testing anon write"
|
||||||
|
TFTPDIR=/var/lib/tftpboot
|
||||||
|
setsebool tftp_anon_write 1
|
||||||
|
chmod 777 $TFTPDIR
|
||||||
|
echo "rocky func" > puttest
|
||||||
|
touch $TFTPDIR > $TFTPDIR/puttest
|
||||||
|
chmod 666 $TFTPDIR/puttest
|
||||||
|
tftp 127.0.0.1 -c put puttest
|
||||||
|
sleep 2
|
||||||
|
grep -q 'rocky func' $TFTPDIR/puttest
|
||||||
|
r_checkExitStatus $?
|
||||||
|
/bin/rm puttest
|
||||||
|
/bin/rm $TFTPDIR/puttest
|
59
func/stacks.sh
Normal file
59
func/stacks.sh
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# Release Engineering Core Functionality Testing
|
||||||
|
# Louis Abel <label@rockylinux.org> @nazunalika
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# Settings and variables
|
||||||
|
|
||||||
|
# Exits on any non-zero exit status - Disabled for now.
|
||||||
|
#set -e
|
||||||
|
# Undefined variables will cause an exit
|
||||||
|
set -u
|
||||||
|
|
||||||
|
COMMON_EXPORTS='./common/exports.sh'
|
||||||
|
COMMON_IMPORTS='./common/imports.sh'
|
||||||
|
SELINUX=$(getenforce)
|
||||||
|
|
||||||
|
# End
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
# shellcheck source=/dev/null disable=SC2015
|
||||||
|
[ -f $COMMON_EXPORTS ] && source $COMMON_EXPORTS || { echo -e "\n[-] $(date): Variables cannot be sourced."; exit 1; }
|
||||||
|
# shellcheck source=/dev/null disable=SC2015
|
||||||
|
[ -f $COMMON_IMPORTS ] && source $COMMON_IMPORTS || { echo -e "\n[-] $(date): Functions cannot be sourced."; exit 1; }
|
||||||
|
# Init log
|
||||||
|
# shellcheck disable=SC2015
|
||||||
|
[ -e "$LOGFILE" ] && m_recycleLog || touch "$LOGFILE"
|
||||||
|
# SELinux check
|
||||||
|
if [ "$SELINUX" != "Enforcing" ]; then
|
||||||
|
echo -e "\n[-] $(date): SELinux is not enforcing."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
r_log "internal" "Starting Release Engineering Core Tests"
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# Script Work
|
||||||
|
|
||||||
|
# Skip tests in a list - some tests are already -x, so it won't be an issue
|
||||||
|
if [ -e skip.list ]; then
|
||||||
|
r_log "internal" "Disabling tests"
|
||||||
|
# shellcheck disable=SC2162
|
||||||
|
grep -E "^${RL_VER}" skip.list | while read line; do
|
||||||
|
# shellcheck disable=SC2086
|
||||||
|
testFile="$(echo $line | cut -d '|' -f 2)"
|
||||||
|
r_log "internal" "SKIP ${testFile}"
|
||||||
|
chmod -x "${testFile}"
|
||||||
|
done
|
||||||
|
r_log "internal" "WARNING: Tests above were disabled."
|
||||||
|
fi
|
||||||
|
|
||||||
|
# TODO: should we let $1 judge what directory is ran?
|
||||||
|
# TODO: get some stacks and lib in there
|
||||||
|
|
||||||
|
#r_processor <(/usr/bin/find ./core -type f | sort -t'/')
|
||||||
|
#r_processor <(/usr/bin/find ./lib -type f | sort -t'/')
|
||||||
|
r_processor <(/usr/bin/find ./stacks -type f | sort -t'/')
|
||||||
|
|
||||||
|
r_log "internal" "Core Tests completed"
|
||||||
|
exit 0
|
@ -9,5 +9,6 @@ fi
|
|||||||
# going to be the same thing or not so this check is there just in case.
|
# going to be the same thing or not so this check is there just in case.
|
||||||
if [ "$RL_VER" -eq 8 ]; then
|
if [ "$RL_VER" -eq 8 ]; then
|
||||||
p_enableModule idm:DL1/{client,common,dns,server}
|
p_enableModule idm:DL1/{client,common,dns,server}
|
||||||
p_installPackageNormal ipa-server ipa-server-dns
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
p_installPackageNormal ipa-server ipa-server-dns
|
||||||
|
@ -4,8 +4,77 @@ if m_getArch aarch64 | grep -qE 'aarch64'; then
|
|||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$IPAINSTALLED" -eq 1 ]; then
|
if [ "$IPAINSTALLED" -eq 1 ]; then
|
||||||
r_log "ipa" "IPA was not successfully installed. Aborting."
|
r_log "ipa" "IPA was not successfully installed. Aborting."
|
||||||
r_checkExitStatus 1
|
r_checkExitStatus 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
kdestroy &> /dev/null
|
||||||
|
klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
expect -f - <<EOF
|
||||||
|
set send_human {.1 .3 1 .05 2}
|
||||||
|
spawn kinit admin
|
||||||
|
sleep 1
|
||||||
|
expect "Password for admin@RLIPA.LOCAL:"
|
||||||
|
send -h "b1U3OnyX!\r"
|
||||||
|
sleep 5
|
||||||
|
close
|
||||||
|
EOF
|
||||||
|
|
||||||
|
klist | grep "admin@RLIPA.LOCAL" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
r_log "ipa" "Test adding a user"
|
||||||
|
userDetails="$(ipa user-add --first=test --last=user --random ipatestuser)"
|
||||||
|
echo "$userDetails" | grep -q 'Added user "ipatestuser"'
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
echo "$userDetails" | grep -q 'First name: test'
|
||||||
|
r_checkExitStatus $?
|
||||||
|
echo "$userDetails" | grep -q 'Last name: user'
|
||||||
|
r_checkExitStatus $?
|
||||||
|
echo "$userDetails" | grep -q 'Full name: test user'
|
||||||
|
r_checkExitStatus $?
|
||||||
|
echo "$userDetails" | grep -q 'Home directory: /home/ipatestuser'
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
r_log "ipa" "Changing password of the user"
|
||||||
|
kdestroy &> /dev/null
|
||||||
|
|
||||||
|
expect -f - <<EOF
|
||||||
|
set send_human {.1 .3 1 .05 2}
|
||||||
|
spawn kinit ipatestuser
|
||||||
|
sleep 1
|
||||||
|
expect "Password for ipatestuser@RLIPA.LOCAL: "
|
||||||
|
send -h -- "$(echo "$userDetails" | awk '$0 ~ /Random password/ {print $3}')\r"
|
||||||
|
sleep 1
|
||||||
|
expect "Enter new password: "
|
||||||
|
send -h -- "gr@YAm3thy5st!\r"
|
||||||
|
sleep 1
|
||||||
|
expect "Enter it again: "
|
||||||
|
send -h -- "gr@YAm3thy5st!\r"
|
||||||
|
sleep 5
|
||||||
|
close
|
||||||
|
EOF
|
||||||
|
|
||||||
|
r_log "ipa" "Re-doing a kinit"
|
||||||
|
expect -f - <<EOF
|
||||||
|
set send_human {.1 .3 1 .05 2}
|
||||||
|
spawn kinit ipatestuser
|
||||||
|
sleep 1
|
||||||
|
expect "Password for ipatestuser@C6IPA.LOCAL:"
|
||||||
|
send -h "gr@YAm3thy5st!\r"
|
||||||
|
sleep 1
|
||||||
|
close
|
||||||
|
EOF
|
||||||
|
|
||||||
|
klist | grep "ipatestuser@RLIPA.LOCAL" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
kdestroy &> /dev/null
|
||||||
|
|
||||||
|
r_log "ipa" "Testing for user in getent"
|
||||||
|
getent passwd ipatestuser &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
if m_getArch aarch64 | grep -qE 'aarch64'; then
|
if m_getArch aarch64 | grep -qE 'aarch64'; then
|
||||||
r_log "ipa -bash" "Skipping for aarch64"
|
r_log "ipa" "Skipping for aarch64"
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -9,3 +9,61 @@ if [ "$IPAINSTALLED" -eq 1 ]; then
|
|||||||
r_checkExitStatus 1
|
r_checkExitStatus 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
kdestroy &> /dev/null
|
||||||
|
klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
expect -f - <<EOF
|
||||||
|
set send_human {.1 .3 1 .05 2}
|
||||||
|
spawn kinit admin
|
||||||
|
sleep 1
|
||||||
|
expect "Password for admin@RLIPA.LOCAL:"
|
||||||
|
send -h "b1U3OnyX!\r"
|
||||||
|
sleep 5
|
||||||
|
close
|
||||||
|
EOF
|
||||||
|
|
||||||
|
klist | grep "admin@RLIPA.LOCAL" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
r_log "ipa" "Adding test service"
|
||||||
|
ipa service-add testservice/rltest.rlipa.local &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
r_log "ipa" "Getting keytab for service"
|
||||||
|
ipa-getkeytab -s rltest.rlipa.local -p testservice/rltest.rlipa.local -k /tmp/testservice.keytab &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
r_log "ipa" "Getting a certificate for service"
|
||||||
|
ipa-getcert request -K testservice/rltest.rlipa.local -D rltest.rlipa.local -f /etc/pki/tls/certs/testservice.crt -k /etc/pki/tls/private/testservice.key &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
while true; do
|
||||||
|
entry="$(ipa-getcert list -r | sed -n '/Request ID/,/auto-renew: yes/p')"
|
||||||
|
if [[ $entry =~ "status:" ]] && [[ $entry =~ "CA_REJECTED" ]]; then
|
||||||
|
r_checkExitStatus 1
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
if [[ $entry =~ "" ]]; then
|
||||||
|
r_checkExitStatus 0
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
sleep 1
|
||||||
|
done
|
||||||
|
|
||||||
|
while ! stat /etc/pki/tls/certs/testservice.crt &> /dev/null; do
|
||||||
|
sync
|
||||||
|
sleep 1
|
||||||
|
done
|
||||||
|
|
||||||
|
r_log "ipa" "Verifying keytab"
|
||||||
|
klist -k /tmp/testservice.keytab | grep "testservice/rltest.rlipa.local" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
r_log "ipa" "Verifying key matches the certificate"
|
||||||
|
diff <(openssl x509 -in /etc/pki/tls/certs/testservice.crt -noout -modulus 2>&1 ) <(openssl rsa -in /etc/pki/tls/private/testservice.key -noout -modulus 2>&1 )
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
r_log "ipa" "Verifying the certificate against our CA"
|
||||||
|
openssl verify -CAfile /etc/ipa/ca.crt /etc/pki/tls/certs/testservice.crt | grep "/etc/pki/tls/certs/testservice.crt: OK" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
@ -9,3 +9,46 @@ if [ "$IPAINSTALLED" -eq 1 ]; then
|
|||||||
r_checkExitStatus 1
|
r_checkExitStatus 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
kdestroy &> /dev/null
|
||||||
|
klist 2>&1 | grep -qE "(No credentials|Credentials cache .* not found)" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
expect -f - <<EOF
|
||||||
|
set send_human {.1 .3 1 .05 2}
|
||||||
|
spawn kinit admin
|
||||||
|
sleep 1
|
||||||
|
expect "Password for admin@RLIPA.LOCAL:"
|
||||||
|
send -h "b1U3OnyX!\r"
|
||||||
|
sleep 5
|
||||||
|
close
|
||||||
|
EOF
|
||||||
|
|
||||||
|
klist | grep "admin@RLIPA.LOCAL" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
r_log "ipa" "Adding testzone subdomain"
|
||||||
|
ipa dnszone-add --name-server=rltest.rlipa.local. --admin-email=hostmaster.testzone.rlipa.local. testzone.rlipa.local &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
sleep 5
|
||||||
|
|
||||||
|
r_log "ipa" "Get SOA from testzone subdomain"
|
||||||
|
dig @localhost SOA testzone.rlipa.local | grep -q "status: NOERROR" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
r_log "ipa" "Adding a CNAME record to the primary domain"
|
||||||
|
ipa dnsrecord-add rlipa.local testrecord --cname-hostname=rltest &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
sleep 5
|
||||||
|
|
||||||
|
r_log "ipa" "Retrieving CNAME record"
|
||||||
|
dig @localhost CNAME testrecord.rlipa.local | grep -q "status: NOERROR" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
r_log "ipa" "Adding a CNAME to subdomain"
|
||||||
|
ipa dnsrecord-add testzone.rlipa.local testrecord --cname-hostname=rltest.rlipa.local. &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
sleep 5
|
||||||
|
|
||||||
|
r_log "ipa" "Testing can retrieve record from subdomain"
|
||||||
|
dig @localhost CNAME testrecord.testzone.rlipa.local | grep -q "status: NOERROR" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
@ -9,3 +9,19 @@ if [ "$IPAINSTALLED" -eq 1 ]; then
|
|||||||
r_checkExitStatus 1
|
r_checkExitStatus 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
kdestroy &> /dev/null
|
||||||
|
klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
|
||||||
|
expect -f - <<EOF
|
||||||
|
set send_human {.1 .3 1 .05 2}
|
||||||
|
spawn kinit admin
|
||||||
|
sleep 1
|
||||||
|
expect "Password for admin@RLIPA.LOCAL:"
|
||||||
|
send -h "b1U3OnyX!\r"
|
||||||
|
sleep 5
|
||||||
|
close
|
||||||
|
EOF
|
||||||
|
|
||||||
|
klist | grep "admin@RLIPA.LOCAL" &> /dev/null
|
||||||
|
r_checkExitStatus $?
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
if m_getArch aarch64 | grep -qE 'aarch64'; then
|
if m_getArch aarch64 | grep -qE 'aarch64'; then
|
||||||
r_log "ipa -bash" "Skipping for aarch64"
|
r_log "ipa" "Skipping for aarch64"
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -56,6 +56,10 @@
|
|||||||
images:
|
images:
|
||||||
- dvd
|
- dvd
|
||||||
- minimal
|
- minimal
|
||||||
|
lorax_variants:
|
||||||
|
- dvd
|
||||||
|
- minimal
|
||||||
|
- BaseOS
|
||||||
repos:
|
repos:
|
||||||
- 'BaseOS'
|
- 'BaseOS'
|
||||||
- 'AppStream'
|
- 'AppStream'
|
||||||
|
@ -56,6 +56,10 @@
|
|||||||
images:
|
images:
|
||||||
- dvd
|
- dvd
|
||||||
- minimal
|
- minimal
|
||||||
|
lorax_variants:
|
||||||
|
- dvd
|
||||||
|
- minimal
|
||||||
|
- BaseOS
|
||||||
repos:
|
repos:
|
||||||
- 'BaseOS'
|
- 'BaseOS'
|
||||||
- 'AppStream'
|
- 'AppStream'
|
||||||
|
@ -56,6 +56,10 @@
|
|||||||
images:
|
images:
|
||||||
- dvd
|
- dvd
|
||||||
- minimal
|
- minimal
|
||||||
|
lorax_variants:
|
||||||
|
- dvd
|
||||||
|
- minimal
|
||||||
|
- BaseOS
|
||||||
repos:
|
repos:
|
||||||
- 'BaseOS'
|
- 'BaseOS'
|
||||||
- 'AppStream'
|
- 'AppStream'
|
||||||
|
@ -406,7 +406,7 @@ class IsoBuild:
|
|||||||
self.log.info(
|
self.log.info(
|
||||||
'Copying base lorax for ' + Color.BOLD + arch + Color.END
|
'Copying base lorax for ' + Color.BOLD + arch + Color.END
|
||||||
)
|
)
|
||||||
for variant in self.iso_map['images']:
|
for variant in self.iso_map['lorax_variants']:
|
||||||
self._copy_lorax_to_variant(self.force_unpack, arch, variant)
|
self._copy_lorax_to_variant(self.force_unpack, arch, variant)
|
||||||
|
|
||||||
self.log.info(
|
self.log.info(
|
||||||
@ -576,7 +576,10 @@ class IsoBuild:
|
|||||||
return
|
return
|
||||||
|
|
||||||
self.log.info('Copying base lorax to %s directory...' % image)
|
self.log.info('Copying base lorax to %s directory...' % image)
|
||||||
shutil.copytree(src_to_image, path_to_image)
|
try:
|
||||||
|
shutil.copytree(src_to_image, path_to_image, copy_function=shutil.copy2)
|
||||||
|
except:
|
||||||
|
self.log.error('%s already exists??' % image)
|
||||||
|
|
||||||
def run_boot_sync(self):
|
def run_boot_sync(self):
|
||||||
"""
|
"""
|
||||||
@ -596,14 +599,14 @@ class IsoBuild:
|
|||||||
unpack_single_arch = True
|
unpack_single_arch = True
|
||||||
arches_to_unpack = [self.arch]
|
arches_to_unpack = [self.arch]
|
||||||
|
|
||||||
self.sync_boot(force_unpack=self.force_unpack, arch=self.arch)
|
self._sync_boot(force_unpack=self.force_unpack, arch=self.arch)
|
||||||
self.treeinfo_write(arch=self.arch)
|
self.treeinfo_write(arch=self.arch)
|
||||||
|
|
||||||
def _sync_boot(self, force_unpack, arch, variant):
|
def _sync_boot(self, force_unpack, arch, image):
|
||||||
"""
|
"""
|
||||||
Syncs whatever
|
Syncs whatever
|
||||||
"""
|
"""
|
||||||
self.log.info('Copying lorax to %s directory...' % variant)
|
self.log.info('Copying lorax to %s directory...' % image)
|
||||||
# checks here, report that it already exists
|
# checks here, report that it already exists
|
||||||
|
|
||||||
def treeinfo_write(self, arch):
|
def treeinfo_write(self, arch):
|
||||||
@ -616,7 +619,7 @@ class IsoBuild:
|
|||||||
"""
|
"""
|
||||||
Fixes lorax treeinfo
|
Fixes lorax treeinfo
|
||||||
"""
|
"""
|
||||||
self.log.info('Fixing up lorax treeinfo...')
|
self.log.info('Fixing up lorax treeinfo for %s ...' % )
|
||||||
|
|
||||||
def discinfo_write(self):
|
def discinfo_write(self):
|
||||||
"""
|
"""
|
||||||
@ -651,7 +654,7 @@ class IsoBuild:
|
|||||||
"""
|
"""
|
||||||
print()
|
print()
|
||||||
|
|
||||||
def generate_graft_points(self):
|
def _generate_graft_points(self):
|
||||||
"""
|
"""
|
||||||
Get a list of packages for an extras ISO. This should NOT be called
|
Get a list of packages for an extras ISO. This should NOT be called
|
||||||
during the usual run() section.
|
during the usual run() section.
|
||||||
|
Loading…
Reference in New Issue
Block a user