diff --git a/README.md b/README.md index 5c7951c..2e6b538 100644 --- a/README.md +++ b/README.md @@ -14,10 +14,9 @@ What does this have? * analyze -> Analysis utilities (such as download stats) * chat -> mattermost related utilities -* func -> (mostly defunct) testing scripts and tools to test base functionality * iso -> Contains `empanadas`, which provides ISO, Compose, and Sync related utilities. * mangle -> Manglers and other misc stuff -* sync -> Sync tools, primarily for Rocky Linux 8 and will eventually be deprecated +* sync -> Sync tools, used to sync from compose directories to mirror for Rocky Linux How can I help? --------------- @@ -37,9 +36,3 @@ PR's against the main branch will be closed. PR's are preferred at the [RESF Git Service](https://git.resf.org). -Will some of this be moved into separate repositories? ------------------------------------------------------- - -There may be some things that will be moved to its own repository in the near -future. From a SIG/Core standpoint, we believe a good chunk of this should stay -here as it makes it easier for us to maintain and manage. diff --git a/func/.gitignore b/func/.gitignore deleted file mode 100644 index 54c0a31..0000000 --- a/func/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -log/*.log -log/*.log.* -clone_again/ -cloned/ -tftptest diff --git a/func/README.md b/func/README.md deleted file mode 100644 index 785423f..0000000 --- a/func/README.md +++ /dev/null @@ -1,489 +0,0 @@ -Release Engineering Core Functionality Testing -============================================== - -These are a set of scripts that are designed to test the core functionality -of a Rocky Linux system. They are designed to work on current versions of -Rocky and are used to test a system as a Release Engineering self-QA but -can be used by others for their own personal testing (under the assumption -that you just want to see what happens, we don't judge. - -These tests *must* pass for a X.0 release to be considered "Core Validated". - -* common -> Functions that our scripts and tests may or may not use. Templates - and other files should come here too under common/files and - scripts that use them should reference them as `./common/files/...` -* core -> Core functionality and testing. For example, packages and service - functionality. -* lib -> Library tests (these may be done elsewhere, such as openqa) -* log -> Log output. This repository has example logs of running on Rocky - Linux. -* modules -> Tests for module streams and their basic tests -* stacks -> Software stacks, think like LAMP (may be done elsewhere, such as openqa) - -How to Run ----------- - -There are two ways to run through the tests: - -* By running `/bin/bash runtests.sh` - * Runs all core tests -* By running `/bin/bash stacktests.sh` - * Runs all stack tests (eg, lamp, ipa) -* By running `/bin/bash monotests.sh` - * Supposed to runs all tests one by one to help identify failures as they happen (not functional) - -Adding Tests ------------- - -So you want to add a few tests. Great! Before you add them, I want you to ask -yourself the following questions: - -* Are my test(s) brand new? -* Are my test(s) actually for the "core" functionality of the system? -* Will my test(s) be going through a shellcheck? -* Were my tests running with SELinux enforcing? - -If you've answered no to any of the above, the test may not be valid for this -project. If you are planning on changing a test or fixing a test to look or -work better, then a PR is more than welcome. Some things could definitely -use some touching up or improvements. - -When creating tests, the below should be followed (at a minimum): - -* Use functions from `./common/imports.sh` -* Global variables should be in `./common/exports.sh` -* Reusable files should be in `./common/files` -* Logging is enforced; use `r_log` where ever necessary -* Exits and status checks should be against `r_checkExitStatus` -* Place comments where `r_log` won't be descriptive enough -* With some exceptions, keep lines to a maximum of 80 characters -* Use fullpath to binaries when necessary -* Use shellcheck to verify the scripts are valid and compliant (some stuff that - shellcheck reports could be false - Just use a comment to turn off that test - for that particular line, but you need to ensure it's a false positive.) -* All filenames should start with a number and end with `.sh` (eg `00-foo.sh`) -* The executable bit should be set (except for scripts that are sourced) - -**Note**: that if tests should be skipped, they should be placed into the -`skip.list` file so that way they won't run during the test phase. The file will -get a -x placed on it. Note that this is generally OK, since this repo will just -be cloned when being used anyway and won't be committed back. It is just -expected that all scripts are +x to begin with unless there's a valid reason. -There are a few tests we already have disabled because they're either not done -or they are acting strangely. - -**Note**: If a package required additional modification (eg, dotnet) and it -it has a `.rocky` on the release tag, then it should be noted in the mods.list. -The same thing goes for the debrand list. Additionally, if certain patches -can change the output, it would be good to test for this (see `core/pkg_httpd`) -for an example. - -Core Functionality ------------------- - -Everyone has their own idea of "core functionality." In the case of Release -Engineering, core functionality is simply us saying that with a basic -installation of Rocky Linux, we can run basic commands that any system admin, -developer, or casual user would run and expect to work on a regular basis. - -Think about the software you probably use fairly regularly on any Linux system -that you've installed, ran, or are currently running. Now think about the -commands that you run day in, and day out. Now consider that what you're -running isn't niche and it's highly likely others use them too. If something -goes wrong with the build of your distribution, your tools might not work as -expected. Which is why the idea of doing basic testing of most, if not all of -the common stuff is a good thing to do. - -While writing this, the things that come to mind are: - -* archiving: zip, tar, gzip, etc -* file: head, tail, less, cat, diff, find, grep, vim, git -* network: ping, ip, ssh, wget, curl -* packaging: rpm, dnf -* system utilities: systemctl, top, sudo, ps -* web (packaging): httpd - -Those are just off the top of my head. There's obviously a lot more, but with -that in mind, you now have the idea of what we're trying to accomplish with -this set of tests. - -With that being said, there are obviously other tests being employed for things -that people may or may not use (LAMP stacks for example). It's not a core -function by any means, but it at least validates that a common thing or set of -things works as intended without extending the system or fixing the baseline -set of packages. - -FAQ ---- - -### How do I know what some of these scripts do? -You can view the script and look at the various `r_log` lines or the comments -if they happen to be there. If you don't see a comment, look for an `r_log`. - -### How do I disable a test? -A test can be disabled by running `chmod -x` on any given test. It's also -recommended to add it to `skip.list` - -### Won't some of the tests have to change on (insert major release here)? -Yes and no. There are some tests will have to be altered to deal with it, but -the only way to really find out is to run the tests on a new major release -and see what happens. - -### A test failed, what do I do? -Run a test manually to get the error. (Most) errors are not sent to the logs -as the logs are mainly to say if something was "PASSED", "FAILED", or "SKIPPED". - -### A test isn't descriptive enough on r_log or comments, can I PR for that? -Absolutely - If you feel there is a gap, please fork and change what you feel -needs more information! - -### Do I really need SELinux enforcing to run/add tests? -Yes. - -### Why though? -Ensuring the tests work and operate under default conditions (firewall and -selinux are up) helps those who use our distribution in environments where -security is important, actually work and function correctly. - -With that said, There is no reason to disable integral security layers on your -system. - -### Should EPEL be enabled? -No. The point is to test Rocky packages, not EPEL. There are also package -differences that will break (eg: nc -> nmap-ncat vs netcat). - -### What about CRB or extras? -It may say it's a failure, but it will continue anyway. - -Current Tree ------------- -``` -. -├── common -│   ├── exports.sh -│   ├── files -│   │   ├── correct-passwd -│   │   ├── correct-shadow -│   │   ├── dovecot-test-sasl -│   │   ├── hello.c -│   │   ├── hello.cpp -│   │   ├── incorrect-passwd -│   │   ├── incorrect-shadow -│   │   ├── lamp-sql -│   │   ├── lamp-sql-php -│   │   ├── malform-group -│   │   ├── malform-gshadow -│   │   ├── openssl-answers -│   │   ├── postfix-test-sasl -│   │   ├── postfix-test-tls -│   │   └── smb.conf -│   └── imports.sh -├── core -│   ├── pkg_acl -│   │   ├── 00-install-acl.sh -│   │   ├── 10-test-acl-functions.sh -│   │   └── README.md -│   ├── pkg_archive -│   │   ├── 00-install-formats.sh -│   │   ├── 10-bzip.sh -│   │   ├── 20-gzip-bin-test.sh -│   │   ├── 21-gzip-test.sh -│   │   ├── 22-gzexe.sh -│   │   ├── 23-zcmp-zdiff.sh -│   │   ├── 24-zforce.sh -│   │   ├── 25-zgrep.sh -│   │   ├── 25-zless.sh -│   │   ├── 26-zmore.sh -│   │   ├── 27-znew.sh -│   │   ├── 30-tar.sh -│   │   ├── 40-xzcmp-xzdiff.sh -│   │   ├── 40-zip.sh -│   │   ├── 50-lzop.sh -│   │   └── README.md -│   ├── pkg_attr -│   │   ├── 00-install-attr.sh -│   │   ├── 10-check-attr.sh -│   │   └── README.md -│   ├── pkg_auditd -│   │   ├── 00-install-auditd.sh -│   │   ├── 10-auditd-logs.sh -│   │   ├── 11-generate-events.sh -│   │   └── README.md -│   ├── pkg_bash -│   │   ├── 00-bash-version.sh -│   │   └── README.md -│   ├── pkg_bc -│   │   ├── 00-install-bc.sh -│   │   ├── 10-test-calculation.sh -│   │   └── README.md -│   ├── pkg_bind -│   │   ├── 00-install-bind.sh -│   │   ├── 10-test-lookup.sh -│   │   └── README.md -│   ├── pkg_coreutils -│   │   ├── 00-install-coreutils.sh -│   │   ├── 10-arch.sh -│   │   ├── 11-basename.sh -│   │   ├── 12-cat.sh -│   │   ├── 13-cut.sh -│   │   ├── 14-bool.sh -│   │   ├── 15-heads-tails.sh -│   │   ├── 16-pathchk.sh -│   │   ├── 17-readlink.sh -│   │   ├── 18-seq.sh -│   │   ├── 19-timeout.sh -│   │   ├── 20-hash.sh -│   │   ├── 21-touch-ls.sh -│   │   ├── 22-uniq.sh -│   │   ├── 23-wc.sh -│   │   ├── 24-yes.sh -│   │   └── README.md -│   ├── pkg_cpio -│   │   ├── 00-install-cpio.sh -│   │   ├── 10-cpio.sh -│   │   └── README.md -│   ├── pkg_cracklib -│   │   ├── 00-install-cracklib.sh -│   │   ├── 10-test-passwords.sh -│   │   └── README.md -│   ├── pkg_cron -│   │   ├── 00-install-cron.sh -│   │   ├── 10-dot-cron.sh -│   │   └── README.md -│   ├── pkg_curl -│   │   ├── 00-install-curl.sh -│   │   ├── 10-test-curl.sh -│   │   └── README.md -│   ├── pkg_diffutils -│   │   ├── 00-install-diff.sh -│   │   └── README.md -│   ├── pkg_dnf -│   │   ├── 10-remove-package.sh -│   │   └── README.md -│   ├── pkg_dovecot -│   │   ├── 00-install-dovecot.sh -│   │   ├── 01-configure-dovecot.sh -│   │   ├── 10-pop3-test.sh -│   │   ├── 11-imap-test.sh -│   │   ├── 12-dovecot-clean.sh -│   │   └── README.md -│   ├── pkg_file -│   │   ├── 00-install-file.sh -│   │   ├── 10-mime-check.sh -│   │   ├── 20-mime-image.sh -│   │   ├── 30-mime-symlink.sh -│   │   └── README.md -│   ├── pkg_findutils -│   │   ├── 00-install-findutils.sh -│   │   ├── 10-find.sh -│   │   └── README.md -│   ├── pkg_firefox -│   │   ├── 00-install-firefox.sh -│   │   ├── 10-check-firefox-start-page.sh -│   │   └── README.md -│   ├── pkg_firewalld -│   │   ├── 00-install-firewalld.sh -│   │   ├── 10-firewalld-check-rule.sh -│   │   └── README.md -│   ├── pkg_freeradius -│   │   ├── 00-install-freeradius.sh -│   │   ├── 10-test-freeradius.sh -│   │   └── README.md -│   ├── pkg_gcc -│   │   ├── 00-install-gcc.sh -│   │   ├── 10-gcc-build-simple.sh -│   │   ├── 11-gcc-build-cpp.sh -│   │   ├── 20-annobin-test-gcc.sh -│   │   ├── 21-annobin-test-gplusplus.sh -│   │   └── README.md -│   ├── pkg_git -│   │   ├── 00-install-git.sh -│   │   ├── 10-test-git.sh -│   │   ├── 11-test-clone-log.sh -│   │   └── README.md -│   ├── pkg_httpd -│   │   ├── 00-install-httpd.sh -│   │   ├── 10-httpd-branding.sh -│   │   ├── 20-test-basic-http.sh -│   │   ├── 21-test-basic-https.sh -│   │   ├── 30-test-basic-auth.sh -│   │   ├── 40-test-basic-vhost.sh -│   │   ├── 50-test-basic-php.sh -│   │   └── README.md -│   ├── pkg_kernel -│   │   ├── 10-test-kernel-keyring.sh -│   │   ├── 11-test-secure-boot.sh -│   │   ├── 12-test-debrand.sh -│   │   └── README.md -│   ├── pkg_lsb -│   │   ├── 00-install-lsb.sh -│   │   ├── 10-test-branding.sh -│   │   └── README.md -│   ├── pkg_lsof -│   │   ├── 00-install-lsof.sh -│   │   ├── 10-test-lsof.sh -│   │   └── README.md -│   ├── pkg_mdadm -│   │   ├── 00-install-mdadm.sh -│   │   └── 01-test-mdadm.sh -│   ├── pkg_network -│   │   ├── 00-install-packages.sh -│   │   ├── 10-tracepath.sh -│   │   ├── 11-traceroute.sh -│   │   ├── 12-mtr.sh -│   │   ├── 13-iptraf.sh -│   │   ├── 20-configure-bridge.sh -│   │   ├── 30-test-arpwatch.sh -│   │   ├── imports.sh -│   │   └── README.md -│   ├── pkg_nfs -│   │   ├── 00-install-nfs.sh -│   │   ├── 10-prepare-nfs-ro.sh -│   │   ├── 11-prepare-nfs-rw.sh -│   │   ├── 12-prepare-autofs.sh -│   │   └── README.md -│   ├── pkg_openssl -│   │   ├── 00-install-openssl.sh -│   │   ├── 10-test-openssl.sh -│   │   └── README.md -│   ├── pkg_perl -│   │   ├── 00-install-perl.sh -│   │   ├── 10-test-perl.sh -│   │   ├── 11-test-perl-script.sh -│   │   └── README.md -│   ├── pkg_postfix -│   │   ├── 00-install-postfix.sh -│   │   ├── 10-test-helo.sh -│   │   ├── 20-mta.sh -│   │   ├── 30-postfix-sasl.sh -│   │   ├── 40-postfix-tls.sh -│   │   └── README.md -│   ├── pkg_postgresql -│   │   ├── 00-install-postgresql.sh -│   │   ├── 01-configure-postgresql.sh -│   │   ├── 10-create-db.sh -│   │   ├── 11-create-user.sh -│   │   ├── 20-drop-db.sh -│   │   └── 21-drop-user.sh -│   ├── pkg_python -│   │   ├── 00-install-python.sh -│   │   ├── 10-test-python3.sh -│   │   └── README.md -│   ├── pkg_release -│   │   ├── 00-install-file.sh -│   │   ├── 10-name-sanity-check.sh -│   │   ├── 20-check-gpg-keys.sh -│   │   ├── 30-os-release.sh -│   │   ├── 40-system-release.sh -│   │   └── README.md -│   ├── pkg_rootfiles -│   │   ├── 00-install-rootfiles.sh -│   │   └── 10-test-rootfiles.sh -│   ├── pkg_rsyslog -│   │   ├── 00-install-rsyslog.sh -│   │   ├── 10-test-syslog.sh -│   │   └── README.md -│   ├── pkg_samba -│   │   ├── 00-install-samba.sh -│   │   ├── 10-test-samba.sh -│   │   └── README.md -│   ├── pkg_secureboot -│   │   ├── 10-test-grub-secureboot.sh -│   │   ├── 11-test-shim-certs.sh -│   │   └── README.md -│   ├── pkg_selinux -│   │   ├── 00-install-selinux-tools.sh -│   │   ├── 10-check-alerts.sh -│   │   └── 20-check-policy-mismatch.sh -│   ├── pkg_setup -│   │   ├── 00-test-shells.sh -│   │   ├── 10-test-group-file.sh -│   │   ├── 20-test-passwd-file.sh -│   │   └── README.md -│   ├── pkg_shadow-utils -│   │   ├── 00-install.sh -│   │   ├── 10-files-verify.sh -│   │   ├── 20-user-tests.sh -│   │   ├── 30-group-tests.sh -│   │   ├── 40-pw.sh -│   │   ├── 90-clean.sh -│   │   └── README.md -│   ├── pkg_snmp -│   │   ├── 00-install-snmp.sh -│   │   ├── 10-test-snmp-1.sh -│   │   ├── 11-test-snmp-2.sh -│   │   ├── 12-test-snmp-3.sh -│   │   └── README.md -│   ├── pkg_sqlite -│   │   ├── 00-install-sqlite.sh -│   │   ├── 10-sqlite-tables.sh -│   │   ├── 20-sqlite-dump.sh -│   │   └── README.md -│   ├── pkg_strace -│   │   ├── 00-install-strace.sh -│   │   ├── 10-test-strace.sh -│   │   └── README.md -│   ├── pkg_sysstat -│   │   ├── 00-install-sysstat.sh -│   │   ├── 10-iostat.sh -│   │   ├── 11-cpu.sh -│   │   ├── 12-cpu-io.sh -│   │   └── README.md -│   ├── pkg_systemd -│   │   ├── 00-systemd-list-services.sh -│   │   ├── 10-systemd-list-non-native-sevices.sh -│   │   ├── 11-systemd-service-status.sh -│   │   ├── 20-systemd-journald.sh -│   │   └── README.md -│   ├── pkg_tcpdump -│   │   └── README.md -│   ├── pkg_telnet -│   │   ├── 00-install-telnet.sh -│   │   └── 10-test-telnet.sh -│   ├── pkg_tftp-server -│   │   ├── 00-install-tftp.sh -│   │   ├── 01-configure-tftp.sh -│   │   ├── 10-get-test.sh -│   │   └── 11-put-test.sh -│   ├── pkg_vsftpd -│   │   ├── 00-install-vsftpd.sh -│   │   ├── 10-anonymous-vsftpd.sh -│   │   ├── 20-local-login.sh -│   │   ├── 30-cleanup.sh -│   │   └── README.md -│   ├── pkg_wget -│   │   ├── 00-install-wget.sh -│   │   ├── 10-test-wget.sh -│   │   └── README.md -│   └── pkg_which -│   ├── 00-install-which.sh -│   ├── 10-test-which.sh -│   └── README.md -├── debrand.list -├── lib -├── log -│   └── README.md -├── mods.list -├── modules -├── monotests.sh -├── README.md -├── runtests.sh -├── skip.list -├── stacks -│   ├── ipa -│   │   ├── 00-ipa-pregame.sh -│   │   ├── 10-install-ipa.sh -│   │   ├── 11-configure-ipa.sh -│   │   ├── 12-verify-ipa.sh -│   │   ├── 20-ipa-user.sh -│   │   ├── 21-ipa-service.sh -│   │   ├── 22-ipa-dns.sh -│   │   ├── 23-ipa-sudo.sh -│   │   ├── 50-cleanup-ipa.sh -│   │   └── README.md -│   └── lamp -│   ├── 00-install-lamp.sh -│   ├── 01-verification.sh -│   └── 10-test-lamp.sh -└── stacks.sh -``` diff --git a/func/common/exports.sh b/func/common/exports.sh deleted file mode 100644 index 2bb991f..0000000 --- a/func/common/exports.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash -# Common Variables -export DNFDEBUG=0 -export readonly PASS=0 -export readonly FAIL=1 -RL_VER=$(rpm --eval %rhel) -export readonly RL_VER -export readonly PRE_RELEASE=0 -# This should be either: rocky, redhat, centos -export readonly RELEASE_NAME=rocky -# A 0 means it was successful. It can be changed to 1 on failure. -export IPAINSTALLED=0 - -LOGFILE="$(pwd)/log/$(date +'%m-%d-%Y')-tests.log" -export LOGFILE diff --git a/func/common/files/correct-passwd b/func/common/files/correct-passwd deleted file mode 100644 index 35ad268..0000000 --- a/func/common/files/correct-passwd +++ /dev/null @@ -1 +0,0 @@ -obsidian:x:9999:9999::/home/obsidian:/bin/bash diff --git a/func/common/files/correct-shadow b/func/common/files/correct-shadow deleted file mode 100644 index 23e861a..0000000 --- a/func/common/files/correct-shadow +++ /dev/null @@ -1 +0,0 @@ -obsidian:$6$p/uYvJM34LitE94s$gQsL3.ytkx5MpU0jGOH8XaymvvqxuuUEiZPyazju3vH34tslLjRqUlKebGx8X2lx2nTJdvcC/H4BdUZvLUyGF1:18780:0:99999:7::: diff --git a/func/common/files/dovecot-test-sasl b/func/common/files/dovecot-test-sasl deleted file mode 100644 index ceb24ea..0000000 --- a/func/common/files/dovecot-test-sasl +++ /dev/null @@ -1,7 +0,0 @@ -service auth { - unix_listener /var/spool/postfix/private/auth { - mode = 0660 - user = postfix - group = postfix - } -} diff --git a/func/common/files/hello.c b/func/common/files/hello.c deleted file mode 100644 index 2e0e0e4..0000000 --- a/func/common/files/hello.c +++ /dev/null @@ -1,5 +0,0 @@ -#include -int main() { - printf("Hello!\n"); - return 0; -} diff --git a/func/common/files/hello.cpp b/func/common/files/hello.cpp deleted file mode 100644 index 08c19cf..0000000 --- a/func/common/files/hello.cpp +++ /dev/null @@ -1,5 +0,0 @@ -#include -int main() { - std::cout << "Hello!\n"; - return 0; -} diff --git a/func/common/files/incorrect-passwd b/func/common/files/incorrect-passwd deleted file mode 100644 index f138abf..0000000 --- a/func/common/files/incorrect-passwd +++ /dev/null @@ -1 +0,0 @@ -:obsidian:x:9999:9999:::/home/obsidian:/bin/bash: diff --git a/func/common/files/incorrect-shadow b/func/common/files/incorrect-shadow deleted file mode 100644 index 23e861a..0000000 --- a/func/common/files/incorrect-shadow +++ /dev/null @@ -1 +0,0 @@ -obsidian:$6$p/uYvJM34LitE94s$gQsL3.ytkx5MpU0jGOH8XaymvvqxuuUEiZPyazju3vH34tslLjRqUlKebGx8X2lx2nTJdvcC/H4BdUZvLUyGF1:18780:0:99999:7::: diff --git a/func/common/files/lamp-sql b/func/common/files/lamp-sql deleted file mode 100644 index f1ba732..0000000 --- a/func/common/files/lamp-sql +++ /dev/null @@ -1,5 +0,0 @@ -create database obsidiancore; -use obsidiancore; -create table tests (name varchar(20)) ; -grant all on obsidiancore.* to 'rocky'@'localhost' identified by 'onyx'; -flush privileges; diff --git a/func/common/files/lamp-sql-php b/func/common/files/lamp-sql-php deleted file mode 100644 index b632fb5..0000000 --- a/func/common/files/lamp-sql-php +++ /dev/null @@ -1,11 +0,0 @@ - diff --git a/func/common/files/malform-group b/func/common/files/malform-group deleted file mode 100644 index 588928f..0000000 --- a/func/common/files/malform-group +++ /dev/null @@ -1 +0,0 @@ -:test:x:9999:: diff --git a/func/common/files/malform-gshadow b/func/common/files/malform-gshadow deleted file mode 100644 index 46f7ee1..0000000 --- a/func/common/files/malform-gshadow +++ /dev/null @@ -1 +0,0 @@ -test:x:: diff --git a/func/common/files/openssl-answers b/func/common/files/openssl-answers deleted file mode 100644 index 490fcbd..0000000 --- a/func/common/files/openssl-answers +++ /dev/null @@ -1,15 +0,0 @@ -[ req ] -default_bits = 4096 -distinguished_name = req_distinguished_name -string_mask = nombstr -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = US -stateOrProvinceName = State or Province Name (full name) -stateOrProvinceName_default = Arizona -localityName = Locality Name (eg, city) -localityName_default = Phoenix -0.organizationName = Organization Name (eg, company) -0.organizationName_default = RESF -organizationalUnitName = Organizational Unit Name (eg, section) -organizationalUnitName_default = Rocky diff --git a/func/common/files/postfix-test-sasl b/func/common/files/postfix-test-sasl deleted file mode 100644 index 2b0bd83..0000000 --- a/func/common/files/postfix-test-sasl +++ /dev/null @@ -1,6 +0,0 @@ -smtpd_sasl_auth_enable = yes -smtpd_sasl_type = dovecot -smtpd_sasl_path = private/auth -smtpd_sasl_security_options = noanonymous -smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination -broken_sasl_auth_clients = yes diff --git a/func/common/files/postfix-test-tls b/func/common/files/postfix-test-tls deleted file mode 100644 index 32f0abe..0000000 --- a/func/common/files/postfix-test-tls +++ /dev/null @@ -1,15 +0,0 @@ -smtpd_sasl_auth_enable = yes -smtpd_sasl_type = dovecot -smtpd_sasl_path = private/auth -smtpd_sasl_security_options = noanonymous -smtpd_tls_security_level = may -smtpd_tls_key_file = /etc/pki/tls/private/mail.key -smtpd_tls_cert_file = /etc/pki/tls/certs/mail.crt -# smtpd_tls_CAfile = /etc/pki/tls/root.crt -smtpd_tls_loglevel = 1 -smtpd_tls_session_cache_timeout = 3600s -smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache -tls_random_source = dev:/dev/urandom -smtpd_tls_auth_only = yes -broken_sasl_auth_clients = yes -smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination diff --git a/func/common/files/smb.conf b/func/common/files/smb.conf deleted file mode 100644 index ac17107..0000000 --- a/func/common/files/smb.conf +++ /dev/null @@ -1,11 +0,0 @@ -[global] -workgroup = wrkgrp -netbios name = smbsrv -security = user -map to guest = Bad User - -[rocky] -comment = Rocky Share -path = /srv/smb -read only = yes -guest only = yes diff --git a/func/common/imports.sh b/func/common/imports.sh deleted file mode 100644 index b70ac9b..0000000 --- a/func/common/imports.sh +++ /dev/null @@ -1,254 +0,0 @@ -#!/bin/bash -# Common functions and imports to use across all scripts -# Louis Abel @nazunalika - -################################################################################ -# Functions that (r)eturn things -function r_log() { - SCR=$1 - MESSAGE=$2 - printf "[-] %s %s: %s\n" "$(date +'%m-%d-%Y %T')" "$SCR" "$MESSAGE" >> "$LOGFILE" -} - -# Always call this at the end of scripts to check for exit status. This will -# report "PASS" or "FAIL" depending on the exit and it will show up in the log. -# Args: $1 will be whatever you want checked -function r_checkExitStatus() { - [ "$1" -eq 0 ] && r_log "result" "PASSED" && return "$PASS" - r_log "status" "FAILED" - exit "$FAIL" -} - -# Processes a list of folders containing the tests. This ignores files that -# start with a dot (.), an underscore (_) or contain README in the name. -# This is done because we cannot guarantee that whoever adds in tests or -# writes additional "find" commands won't negate these lookups. - -# Additionally, we should look at the file's executable status. I considered -# just having the files named differently, but that seemed more annoying than -# just setting +x -function r_processor() { - # shellcheck disable=SC2068 - exec 8< $@ - # shellcheck disable=SC2162 - while read -u 8 file; do - # shellcheck disable=SC2086 - if [[ "$(basename ${file})" =~ README|^\.|^_ ]]; then - continue - fi - [ -x "${file}" ] && echo "Begin processing script: ${file}" && "${file}" - done - return 0 -} - -function r_checkEPELEnabled() { - /usr/bin/dnf repolist | grep -q '^epel' - return $? -} - -function r_checkTmpNoExec() { - grep 'tmp' /etc/fstab | grep -q noexec - tmpexec=$? - - if [ "$tmpexec" -eq "0" ]; then - r_log "internal" "WARN: noexec is set for temporary directories. Some tests may fail." - fi -} - -################################################################################ -# Functions that deal with (p)ackages - -# Installs packages normally (including weak dependencies) -# Args: Any number of $1..X -function p_installPackageNormal() { - r_log "internal" "Attempting install: $*" - # shellcheck disable=SC2086 - /usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} install "$@" - r_checkExitStatus $? -} - -# Installs packages excluding weak dependencies - There are some cases where -# you would need to do this. -# Args: Any number of $1..X -function p_installPackageNoWeaks() { - r_log "internal" "Attempting install: $*" - # shellcheck disable=SC2086 - /usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} --setopt install_weak_deps=0 install "$@" - r_checkExitStatus $? -} - -# Removes packages -# Args: Any number of $1..X -function p_removePackage() { - r_log "internal" "Attempting uninstall: $*" - # shellcheck disable=SC2086 - /usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} remove "$@" - r_checkExitStatus $? -} - -# Enables dnf modules -# Args: Any number of $1..X -function p_enableModule() { - r_log "internal" "Enabling module: $*" - # shellcheck disable=SC2086 - /usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} module enable "$@" - r_checkExitStatus $? -} - -# Resets modules (since you can't "disable" technically) -# Args: Any number of $1..X -function p_resetModule() { - r_log "internal" "Resetting module: $*" - # shellcheck disable=SC2086 - /usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} module reset "$@" - r_checkExitStatus $? -} - -function p_getPackageRelease() { - rpm -q --queryformat '%{RELEASE}' "$1" -} - -function p_getPackageArch() { - rpm -q --queryformat '%{ARCH}' "$1" -} - -function p_getDist() { - rpm -q --whatprovides redhat-release --queryformat '%{version}\n' | cut -d'.' -f1 -} - -function p_getMinorVersion() { - rpm -q --whatprovides redhat-release --queryformat '%{version}\n' | cut -d'.' -f2 -} - -################################################################################ -# Functions that that are considered (m)isc - -# Service cycler, basically a way of handling services and also being able to -# prevent potential race conditions. -function m_serviceCycler() { - if [ "$2" = "cycle" ]; then - # shellcheck disable=SC2086 - /bin/systemctl stop $1 - sleep 3 - # shellcheck disable=SC2086 - /bin/systemctl start $1 - else - # shellcheck disable=SC2086 - /bin/systemctl $2 $1 - fi - sleep 3 -} - -function m_checkForPort() { - while true; do - sleep 1 - # shellcheck disable=SC2086 - if echo > /dev/tcp/localhost/$1 >/dev/null 2>&1; then - r_log "internal" "Waiting for TCP port $1 to start listening" - break - fi - done -} - -function m_assertCleanExit() { - "$@" > /dev/null 2>&1 - r_checkExitStatus $? -} - -function m_assertEquals() { - [ "$1" -eq "$2" ] - r_checkExitStatus $? -} - -function m_skipReleaseEqual() { - if [ "$(rpm --eval %rhel)" -eq "$1" ]; then - r_log "$2" "Skipped test for $1 release" - exit 0 - fi -} - -function m_skipReleaseNotEqual() { - if [ "$(rpm --eval %rhel)" -ne "$1" ]; then - r_log "$2" "Skipped test" - exit 0 - fi -} - -function m_skipReleaseGreaterThan() { - if [ "$(rpm --eval %rhel)" -gt "$1" ]; then - r_log "$2" "Skipped test" - exit 0 - fi -} - -function m_skipReleaseLessThan() { - if [ "$(rpm --eval %rhel)" -lt "$1" ]; then - r_log "$2" "Skipped test" - exit 0 - fi -} - -function m_selectAlternative() { - primaryName=$1 - searchRegex=$2 - option=$(/bin/echo | /usr/sbin/alternatives --config "$primaryName" | /bin/grep -E "$searchRegex" | /usr/bin/head -n1 | sed 's/ .*//g;s/[^0-9]//g') - if [ -z "$option" ]; then - r_log "alternatives" "Option not found for alternative $searchRegex of $primaryName" - r_checkExitStatus 1 - fi - r_log "alternatives" "Selecting alternative $option for $primaryName $searchRegex" - /bin/echo "$option" | /usr/sbin/alternatives --config "$primaryName" > /dev/null 2>&1 -} - -function m_getArch() { - /usr/bin/uname -m -} - -function m_recycleLog() { - num=0 - rotFile="${LOGFILE}.$num" - while [ -e "$rotFile" ]; do - num=$(( num + 1 )) - rotFile="${LOGFILE}.$num" - done - mv "$LOGFILE" "$rotFile" -} - -################################################################################ -# export all functions below - -# When this is sourced, the functions are typically already available and ready -# to be used. But it does not hurt to have them below. - -rl_ver=$(p_getDist) -rl_arch=$(m_getArch) -rl_minor_ver=$(p_getMinorVersion) -export rl_ver -export rl_arch -export rl_minor_ver - -export -f r_log -export -f r_checkExitStatus -export -f r_processor -export -f r_checkEPELEnabled -export -f r_checkTmpNoExec -export -f p_installPackageNormal -export -f p_installPackageNoWeaks -export -f p_removePackage -export -f p_enableModule -export -f p_resetModule -export -f p_getPackageRelease -export -f p_getPackageArch -export -f p_getDist -export -f p_getMinorVersion -export -f m_serviceCycler -export -f m_checkForPort -export -f m_assertCleanExit -export -f m_assertEquals -export -f m_skipReleaseEqual -export -f m_skipReleaseNotEqual -export -f m_skipReleaseGreaterThan -export -f m_skipReleaseLessThan -export -f m_selectAlternative -export -f m_getArch -export -f m_recycleLog diff --git a/func/core/o_basic/README.md b/func/core/o_basic/README.md deleted file mode 100644 index 34e2a26..0000000 --- a/func/core/o_basic/README.md +++ /dev/null @@ -1 +0,0 @@ -Basic tests, such as repos diff --git a/func/core/o_basic/repos.py b/func/core/o_basic/repos.py deleted file mode 100755 index 6078a74..0000000 --- a/func/core/o_basic/repos.py +++ /dev/null @@ -1,56 +0,0 @@ -#!/usr/bin/env python3 -# label -import datetime -import sys -import dnf -import dnf.exceptions - -# pylint: disable=unnecessary-lambda-assignment -now = datetime.datetime.today().strftime("%m-%d-%Y %T") - -class DnfQuiet(dnf.Base): - """ - DNF object - - This is in the event we need special functions - """ - def __init__(self): - dnf.Base.__init__(self) - -def main(): - """ - Main run - """ - dnfobj = DnfQuiet() - releasever = dnfobj.conf.releasever - try: - dnfobj.read_all_repos() - # pylint: disable=bare-except - except: - print(f'[-] {now} -> Could not read repos', file=sys.stderr) - sys.exit(1) - - rocky_default_repos = { - '8': ['baseos', 'appstream', 'extras'], - '9': ['baseos', 'appstream', 'extras'] - }.get(releasever, None) - - if not rocky_default_repos: - print(f'[-] {now} -> Not a Rocky Linux system') - sys.exit(1) - - print(f'[-] {now} -> Checking if non-default repo is enabled') - _not_allowed=False - for repo in list(dnfobj.repos.iter_enabled()): - if not repo.id in rocky_default_repos: - print(f'[-] {now} -> {repo.id} is enabled and should be disabled') - _not_allowed=True - if _not_allowed: - print(f'[-] {now} -> FAIL - There are extra repos enabled') - sys.exit(1) - - print(f'[-] {now} -> PASS') - sys.exit(0) - -if __name__ == "__main__": - main() diff --git a/func/core/pkg_acl/00-install-acl.sh b/func/core/pkg_acl/00-install-acl.sh deleted file mode 100755 index 18b2349..0000000 --- a/func/core/pkg_acl/00-install-acl.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -r_log "acl" "Install the acl package" -p_installPackageNormal acl -p_installPackageNormal attr -# This normally is not needed. -#r_log "acl" "Remount filesystems with ACL support" -#mount -o remount,acl / -sleep 3 diff --git a/func/core/pkg_acl/10-test-acl-functions.sh b/func/core/pkg_acl/10-test-acl-functions.sh deleted file mode 100755 index 340f81c..0000000 --- a/func/core/pkg_acl/10-test-acl-functions.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash -ACLFILE=/tmp/testfile_acl -r_log "acl" "Test that the acl get and set functions work" -touch "${ACLFILE}" -trap '/bin/rm -f ${ACLFILE}' EXIT - -# Use setfacl for readonly -r_log "acl" "Set readonly ACL for the user nobody" -setfacl -m user:nobody:r "${ACLFILE}" - -# Use getfacl to verify readonly -r_log "acl" "Verifying that the nobody user is set to read only" -getfacl "${ACLFILE}" | grep -q 'user:nobody:r--' - -r_checkExitStatus $? diff --git a/func/core/pkg_acl/11-test-acl-xattr.sh b/func/core/pkg_acl/11-test-acl-xattr.sh deleted file mode 100755 index 266473a..0000000 --- a/func/core/pkg_acl/11-test-acl-xattr.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash -ACLIMG=/tmp/testacl.img -r_log "acl" "Test the use of xattr" -touch "${ACLIMG}" -trap '/bin/rm -f ${ACLIMG}' EXIT - -# Use setfacl for readonly -r_log "acl" "Create image" -dd if=/dev/zero of=${ACLIMG} bs=1024000 count=100 -echo -e 'y\n' | mkfs.ext3 "${ACLIMG}" -mkdir /mnt/xattr -mount -t ext3 -o loop,user_xattr "${ACLIMG}" /mnt/xattr -touch /mnt/xattr/testfile - -r_log "acl" "Apply attrs as needed" -setfattr -n user.nobody /mnt/xattr/testfile -getfattr /mnt/xattr/testfile | grep -q 'user.nobody' -final_status=$? - -umount /mnt/xattr - -r_checkExitStatus $final_status diff --git a/func/core/pkg_acl/README.md b/func/core/pkg_acl/README.md deleted file mode 100644 index a994a81..0000000 --- a/func/core/pkg_acl/README.md +++ /dev/null @@ -1 +0,0 @@ -Test the acl packge diff --git a/func/core/pkg_archive/00-install-formats.sh b/func/core/pkg_archive/00-install-formats.sh deleted file mode 100755 index f7c8d77..0000000 --- a/func/core/pkg_archive/00-install-formats.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -r_log "archive" "Installing appropriate archive formats" - -# We might need expect for zmore - does anyone actually use zmore? -p_installPackageNormal bzip2 diffutils gzip less tar unzip util-linux-ng zip lzop diff --git a/func/core/pkg_archive/10-bzip.sh b/func/core/pkg_archive/10-bzip.sh deleted file mode 100755 index e7b7108..0000000 --- a/func/core/pkg_archive/10-bzip.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -r_log "archive" "Test bzip/bzcat/bunzip" -FILE=/var/tmp/bziptest.txt -trap '/bin/rm -f ${FILE}' EXIT - -cat > "$FILE" < /dev/null || r_checkExitStatus 1 -done - -echo - -r_checkExitStatus 0 diff --git a/func/core/pkg_archive/21-gzip-test.sh b/func/core/pkg_archive/21-gzip-test.sh deleted file mode 100755 index fb60351..0000000 --- a/func/core/pkg_archive/21-gzip-test.sh +++ /dev/null @@ -1,112 +0,0 @@ -#!/bin/bash -r_log "archive" "Test gzip/zcat/gunzip" - -FILE=/var/tmp/gzip-test.txt -MD5HASH=e6331c582fbad6653832860f469f7d1b - -# clean up -trap '/bin/rm $FILE* &> /dev/null && /bin/rm -rf /var/tmp/gziptest &> /dev/null' EXIT - -# Double check that stuff is cleared out -/bin/rm $FILE* &> /dev/null -/bin/rm -rf /var/tmp/gziptest &> /dev/null - -# Make our test file -cat > $FILE < /dev/null -[ $? -ne 2 ] && r_checkExitStatus 1 - -echo | gzip $FILE &> /dev/null -[ $? -ne 2 ] && r_checkExitStatus 1 - -# force overwrite -r_log "archive" "Check that files can be forcefully overwritten" -gunzip -f $FILE.gz || r_checkExitStatus 1 -touch $FILE.gz -gzip -f $FILE || r_checkExitStatus 1 - -# -a should be ignored -# Hopefully this behavior does NOT change in 9 -r_log "archive" "Check that -a is ignored" -gunzip -a $FILE.gz 2>&1 | head -n 1 | grep -q 'gzip: option --ascii ignored on this system' || r_checkExitStatus 1 - -# -c should write to stdout -r_log "archive" "Check that -c outputs to stdout" -gzip -c $FILE | gunzip | grep -q 'Green Obsidian' || r_checkExitStatus 1 - -# Expected hash is: e6331c582fbad6653832860f469f7d1b -# check -l -r_log "archive" "Check that the md5 matches" -gzip $FILE -md5check=$(gzip -l $FILE.gz | md5sum | cut -d' ' -f1) -[ "$md5check" == "$MD5HASH" ] || r_checkExitStatus 1 - -# Check that -v gives us some good info -r_log "archive" "Check that -v increases verbosity" -gzip -lv $FILE.gz | grep -q "e0e1ed1a" || r_checkExitStatus 1 -gunzip $FILE.gz - -# custom suffix -r_log "archive" "Check that a custom suffix can be used" -gzip -S .rl $FILE -[ -e $FILE.rl ] || r_checkExitStatus 1 -gunzip -S .rl $FILE || r_checkExitStatus 1 - -# check -r -r_log "archive" "Check that -r functions" -mkdir /var/tmp/gziptest -touch /var/tmp/gziptest/{a,b} -gzip -r /var/tmp/gziptest -[ "$(find /var/tmp/gziptest/*.gz | wc -l)" -eq "2" ] || r_checkExitStatus 1 - -# check different compression levels -r_log "archive" "Check compression levels" -cp $FILE $FILE.1 -gzip -1 $FILE -gzip -9 $FILE.1 -[ "$(stat -c %s $FILE.gz)" -ne "$(stat -c %s $FILE.1.gz)" ] || r_checkExitStatus 1 - -# check multiple input files -r_log "archive" "Check multiple input files" -gunzip $FILE.gz $FILE.1.gz || r_checkExitStatus 1 - -# don't specify an extension -r_log "archive" "Don't specify file extensions" -gzip $FILE $FILE.1 || r_checkExitStatus 1 - -# check that .Z can be handled -r_log "archive" "Verify that .Z files can be handled" -gunzip $FILE.gz -ls -l /var/tmp >> $FILE -if [ "$RL_VER" -eq 8 ]; then - compress $FILE || r_checkExitStatus 1 - gunzip $FILE.Z || r_checkExitStatus 1 -else - r_log "archive" "Skipping for 9" -fi - -# handle some zip files -r_log "archive" "Verify that .zip files can be handled" -zip $FILE.zip $FILE &> /dev/null || r_checkExitStatus 1 -gunzip -f -S .zip $FILE.zip || r_checkExitStatus 1 - -# handle some tgz files -r_log "archive" "Verify that .tgz files can be handled" -tar -czf $FILE.tgz $FILE &> /dev/null -gunzip $FILE.tgz -[ -e $FILE.tar ] -r_checkExitStatus $? diff --git a/func/core/pkg_archive/22-gzexe.sh b/func/core/pkg_archive/22-gzexe.sh deleted file mode 100755 index 8aa1e14..0000000 --- a/func/core/pkg_archive/22-gzexe.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash -r_log "archive" "Checking gzexe" -r_log "archive" "Creating archive" -FILE=/var/tmp/gzexe-test-script -trap '/bin/rm -f $FILE* 2>/dev/null' EXIT - -/bin/rm -f $FILE* &>/dev/null - -cat > $FILE </dev/null || r_checkExitStatus 1 - -r_log "archive" "Check that it actually runs" -$FILE | grep -q "Hello!" -r_checkExitStatus $? diff --git a/func/core/pkg_archive/23-zcmp-zdiff.sh b/func/core/pkg_archive/23-zcmp-zdiff.sh deleted file mode 100755 index 378bbe9..0000000 --- a/func/core/pkg_archive/23-zcmp-zdiff.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -r_log "archive" "Check zcmp and zdiff" -BASEFILE="/var/tmp/gziptest" -trap '/bin/rm -f ${BASEFILE}*' EXIT -/bin/rm -f ${BASEFILE} - -cat > ${BASEFILE}.1 </dev/null - -cat > $BASEFILE < /dev/null - -cat > $BASEFILE < /var/tmp/gziptest.gz -zless -F /var/tmp/gziptest.gz | grep -q 'Rocky Linux' -r_checkExitStatus $? diff --git a/func/core/pkg_archive/26-zmore.sh b/func/core/pkg_archive/26-zmore.sh deleted file mode 100644 index a9bf588..0000000 --- a/func/core/pkg_archive/26-zmore.sh +++ /dev/null @@ -1 +0,0 @@ -#!/bin/bash diff --git a/func/core/pkg_archive/27-znew.sh b/func/core/pkg_archive/27-znew.sh deleted file mode 100644 index a4ed246..0000000 --- a/func/core/pkg_archive/27-znew.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -r_log "archive" "Testing znew" - -TESTFILE=/var/tmp/znew.txt -/bin/rm $TESTFILE* &>/dev/null - -ls -l /usr/bin > $TESTFILE -compress $TESTFILE - -znew $TESTFILE.Z -r_checkExitStatus $? diff --git a/func/core/pkg_archive/30-tar.sh b/func/core/pkg_archive/30-tar.sh deleted file mode 100755 index 2f87657..0000000 --- a/func/core/pkg_archive/30-tar.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -r_log "archive" "Test tar create and extract" - -TARDIR="/var/tmp/tartest" -FILE1="$TARDIR/test.1.txt" -FILE2="$TARDIR/test.2.txt" -trap '/bin/rm -rf /var/tmp/tarfile.tar $TARDIR' EXIT - -mkdir -p $TARDIR -cat > $FILE1 < $FILE2 < /dev/null 2>&1 -/bin/rm -rf $TARDIR -if [ -e "$TARDIR" ]; then - r_log "archive" "We couldn't delete $TARDIR" - exit -fi - -tar -C / -xf /var/tmp/tarfile.tar -grep -q 'First file' $FILE1 -RES1=$? -grep -q 'Second file' $FILE2 -RES2=$? - -if [ $RES1 == 0 ] && [ $RES2 == 0 ]; then - ret_val=0 -fi - -r_checkExitStatus $ret_val diff --git a/func/core/pkg_archive/40-xzcmp-xzdiff.sh b/func/core/pkg_archive/40-xzcmp-xzdiff.sh deleted file mode 100755 index c99c4ec..0000000 --- a/func/core/pkg_archive/40-xzcmp-xzdiff.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -r_log "archive" "Check xzcmp and xzdiff" -BASEFILE="/var/tmp/xztest" -trap '/bin/rm -f ${BASEFILE}*' EXIT -/bin/rm -f ${BASEFILE} - -cat > ${BASEFILE}.1 < $FILE1 < $FILE2 < ${LZOFILE} - -# running compression -lzop -9 ${LZOFILE} -o ${LZOFILE}.lzo -/bin/rm ${LZOFILE} - -lzop -d ${LZOFILE}.lzo -o ${LZOFILE} -/bin/rm ${LZOFILE}.lzo - -grep -q 'Green Obsidian' ${LZOFILE} -ret_val="$?" -r_checkExitStatus "$ret_val" diff --git a/func/core/pkg_archive/README.md b/func/core/pkg_archive/README.md deleted file mode 100644 index 677e4e4..0000000 --- a/func/core/pkg_archive/README.md +++ /dev/null @@ -1,3 +0,0 @@ -Tests archive formats and archive accessories - -TODO: Add xz diff --git a/func/core/pkg_attr/00-install-attr.sh b/func/core/pkg_attr/00-install-attr.sh deleted file mode 100755 index f762e84..0000000 --- a/func/core/pkg_attr/00-install-attr.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "attr" "Installing the attr package" -p_installPackageNormal attr diff --git a/func/core/pkg_attr/10-check-attr.sh b/func/core/pkg_attr/10-check-attr.sh deleted file mode 100755 index eef6996..0000000 --- a/func/core/pkg_attr/10-check-attr.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -ATTRTEST="/var/tmp/attrtest.img" -ATTRMNT="/mnt/attrtest" - -trap 'umount /mnt/attrtest ; /bin/rm -f ${ATTRTEST} ; /bin/rm -rf ${ATTRMNT}' EXIT - -r_log "attr" "Checking that *attr works" -dd if=/dev/zero of="${ATTRTEST}" bs=1024000 count=100 &>/dev/null -r_checkExitStatus $? - -mkdir "${ATTRMNT}" -echo -e 'y\n' | mkfs.ext3 "${ATTRTEST}" > /dev/null 2>&1 -mount -t ext3 -o loop,user_xattr "${ATTRTEST}" "${ATTRMNT}" -touch "${ATTRMNT}/testfile" -setfattr -n user.test "${ATTRMNT}/testfile" -getfattr "${ATTRMNT}/testfile" | grep -oq "user.test" - -r_checkExitStatus $? diff --git a/func/core/pkg_attr/README.md b/func/core/pkg_attr/README.md deleted file mode 100644 index df46daf..0000000 --- a/func/core/pkg_attr/README.md +++ /dev/null @@ -1 +0,0 @@ -Test attr diff --git a/func/core/pkg_auditd/00-install-auditd.sh b/func/core/pkg_auditd/00-install-auditd.sh deleted file mode 100755 index f78c5df..0000000 --- a/func/core/pkg_auditd/00-install-auditd.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -r_log "auditd" "Install auditd (this should be available during minimal)" -p_installPackageNormal audit -r_log "auditd" "Ensure auditd is running and enabled" -# Ignore service cycler, auditd refuses manual stop -/usr/sbin/service auditd restart -sleep 2 -/usr/bin/systemctl status auditd.service | grep -q "active" -r_checkExitStatus $? diff --git a/func/core/pkg_auditd/10-auditd-logs.sh b/func/core/pkg_auditd/10-auditd-logs.sh deleted file mode 100755 index 716133a..0000000 --- a/func/core/pkg_auditd/10-auditd-logs.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "auditd" "Check if the audit logs are not empty" -[[ -s /var/log/audit/audit.log ]] -r_checkExitStatus $? diff --git a/func/core/pkg_auditd/11-generate-events.sh b/func/core/pkg_auditd/11-generate-events.sh deleted file mode 100755 index 132bea1..0000000 --- a/func/core/pkg_auditd/11-generate-events.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -r_log "auditd" "Generate events for audit log" - -r_log "auditd" "Add test user" -useradd relengauditd -grep "ADD_USER" /var/log/audit/audit.log | grep -q 'acct="relengauditd"' -r_checkExitStatus $? - -r_log "auditd" "Delete test user" -userdel relengauditd -grep "DEL_USER" /var/log/audit/audit.log | grep -q 'ID="relengauditd"' -r_checkExitStatus $? diff --git a/func/core/pkg_auditd/README.md b/func/core/pkg_auditd/README.md deleted file mode 100644 index 6cf013e..0000000 --- a/func/core/pkg_auditd/README.md +++ /dev/null @@ -1 +0,0 @@ -Test auditd diff --git a/func/core/pkg_bash/00-bash-version.sh b/func/core/pkg_bash/00-bash-version.sh deleted file mode 100755 index 4d0332f..0000000 --- a/func/core/pkg_bash/00-bash-version.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash - -# Bash is default installed on minimal -r_log "bash" "Check that the bash version is valid" - -bash --version | grep -qE "(x86_64|aarch64|powerpc64le)-redhat-linux-gnu" - -r_checkExitStatus $? diff --git a/func/core/pkg_bash/README.md b/func/core/pkg_bash/README.md deleted file mode 100644 index da34936..0000000 --- a/func/core/pkg_bash/README.md +++ /dev/null @@ -1 +0,0 @@ -Test bash diff --git a/func/core/pkg_bc/00-install-bc.sh b/func/core/pkg_bc/00-install-bc.sh deleted file mode 100755 index 24caec9..0000000 --- a/func/core/pkg_bc/00-install-bc.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -r_log "bc" "Install bc" -p_installPackageNormal bc -r_checkExitStatus $? - -r_log "bc" "Check bc version" -bc --version -r_checkExitStatus $? diff --git a/func/core/pkg_bc/10-test-calculation.sh b/func/core/pkg_bc/10-test-calculation.sh deleted file mode 100755 index a57f2b3..0000000 --- a/func/core/pkg_bc/10-test-calculation.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "bc" "Testing simple calculations" -test "$(echo "8 + 5 * 2 / 10 - 1" | bc)" -eq "8" -r_checkExitStatus $? diff --git a/func/core/pkg_bc/README.md b/func/core/pkg_bc/README.md deleted file mode 100644 index ada1326..0000000 --- a/func/core/pkg_bc/README.md +++ /dev/null @@ -1 +0,0 @@ -Test bc. diff --git a/func/core/pkg_bind/00-install-bind.sh b/func/core/pkg_bind/00-install-bind.sh deleted file mode 100755 index a2f3f09..0000000 --- a/func/core/pkg_bind/00-install-bind.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "bind" "Installing bind" -p_installPackageNormal bind bind-utils -m_serviceCycler named start diff --git a/func/core/pkg_bind/10-test-lookup.sh b/func/core/pkg_bind/10-test-lookup.sh deleted file mode 100755 index 1e5a0b2..0000000 --- a/func/core/pkg_bind/10-test-lookup.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "bind" "Testing bind lookups work" -dig +timeout=5 +short @127.0.0.1 localhost | grep -q "127.0.0.1" -r_checkExitStatus $? diff --git a/func/core/pkg_bind/README.md b/func/core/pkg_bind/README.md deleted file mode 100644 index 30f7981..0000000 --- a/func/core/pkg_bind/README.md +++ /dev/null @@ -1 +0,0 @@ -Test the bind package diff --git a/func/core/pkg_coreutils/00-install-coreutils.sh b/func/core/pkg_coreutils/00-install-coreutils.sh deleted file mode 100755 index 9ee642b..0000000 --- a/func/core/pkg_coreutils/00-install-coreutils.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -# coreutils should already be there, but just in case I guess. -r_log "coreutils" "Install coreutils" -p_installPackageNormal coreutils diff --git a/func/core/pkg_coreutils/10-arch.sh b/func/core/pkg_coreutils/10-arch.sh deleted file mode 100755 index d051157..0000000 --- a/func/core/pkg_coreutils/10-arch.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "coreutils" "Check that the architecture matches" -uname -a | grep -q "$(arch)" -r_checkExitStatus $? diff --git a/func/core/pkg_coreutils/11-basename.sh b/func/core/pkg_coreutils/11-basename.sh deleted file mode 100755 index 66d70ac..0000000 --- a/func/core/pkg_coreutils/11-basename.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -r_log "coreutils" "Testing basename" - -# Doing two tests for validation -basename ./core/pkg_coreutils/11-basename.sh | grep -q 11-basename.sh -r_checkExitStatus $? - -basename /etc/hosts | grep -q hosts -r_checkExitStatus $? diff --git a/func/core/pkg_coreutils/12-cat.sh b/func/core/pkg_coreutils/12-cat.sh deleted file mode 100755 index 816c901..0000000 --- a/func/core/pkg_coreutils/12-cat.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -r_log "coreutils" "Testing cat" -trap "/bin/rm /var/tmp/cattest" EXIT - -cat > /var/tmp/cattest <" 2> /dev/null -# shellcheck disable=SC2181 -[ $? -eq 1 ] && pathchk /var/tmp/fakePathAndFile -# shellcheck disable=SC2181 -[ $? -eq 0 ] && pathchk /var/tmp -r_checkExitStatus $? diff --git a/func/core/pkg_coreutils/17-readlink.sh b/func/core/pkg_coreutils/17-readlink.sh deleted file mode 100755 index d23463c..0000000 --- a/func/core/pkg_coreutils/17-readlink.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash -r_log "coreutils" "Testing readlink" -trap "/bin/rm /var/tmp/listen" EXIT -ln -s /var/tmp/talk /var/tmp/listen -readlink /var/tmp/listen | grep -q "/var/tmp/talk" -r_checkExitStatus $? diff --git a/func/core/pkg_coreutils/18-seq.sh b/func/core/pkg_coreutils/18-seq.sh deleted file mode 100755 index 91db3f0..0000000 --- a/func/core/pkg_coreutils/18-seq.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash -r_log "coreutils" "Testing seq" -seq -s " " 6 | grep -q "1 2 3 4 5 6" && \ -seq -s " " 3 5 | grep -q "3 4 5" && \ -seq -s " " 3 3 9 | grep -q "3 6 9" -r_checkExitStatus $? diff --git a/func/core/pkg_coreutils/19-timeout.sh b/func/core/pkg_coreutils/19-timeout.sh deleted file mode 100755 index a82eec7..0000000 --- a/func/core/pkg_coreutils/19-timeout.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -r_log "coreutils" "Testing timeout and sleep" -timeout 1 sleep 1 -[ $? -eq 124 ] && timeout 2 sleep 2 -[ $? -eq 124 ] && r_checkExitStatus $? diff --git a/func/core/pkg_coreutils/20-hash.sh b/func/core/pkg_coreutils/20-hash.sh deleted file mode 100755 index 03e5c34..0000000 --- a/func/core/pkg_coreutils/20-hash.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -r_log "coreutils" "Test hash sum tools" -trap '/bin/rm ${HASHFILE}' EXIT - -HASHFILE=/var/tmp/obsidian -echo "Green Obsidian is our release name" > ${HASHFILE} - -r_log "coreutils" "Test md5sum" -/usr/bin/md5sum ${HASHFILE} | grep -q 7ee0df0c24cd8fbf747bbeaec2afb935 -r_checkExitStatus $? -r_log "coreutils" "Test sha1sum" -/usr/bin/sha1sum ${HASHFILE} | grep -q d9dc0c244c60e6488ebca1733d8072217a2e53d9 -r_checkExitStatus $? -r_log "coreutils" "Test sha224sum" -/usr/bin/sha224sum ${HASHFILE} | grep -q 5b7a29dcee3d895e21877d08da1e1408bbd6b09426887cdbfb583753 -r_checkExitStatus $? -r_log "coreutils" "Test sha256sum" -/usr/bin/sha256sum ${HASHFILE} | grep -q 38ee9bbdd83f1f1dd4506b061141d956496ab01dd187e24db35e024b37f47110 -r_checkExitStatus $? -r_log "coreutils" "Test sha384sum" -/usr/bin/sha384sum ${HASHFILE} | grep -q 5002b880f8b05ab66ead70ea828e3869114fe6a85bffc84fc2199c7d10fee39a69c0b523562e7bb208e7922b0d291916 -r_checkExitStatus $? -r_log "coreutils" "Test sha512sum" -/usr/bin/sha512sum ${HASHFILE} | grep -q e50554c29a5cb7bd04279d3c0918e486024c79c4b305a2e360a97d4021dacf56ce0d17fa6e6a0e81ad03d5fb74fbe2d50cce6081c2c277f22b958cdae978a2f5 -r_checkExitStatus $? diff --git a/func/core/pkg_coreutils/21-touch-ls.sh b/func/core/pkg_coreutils/21-touch-ls.sh deleted file mode 100755 index d3a5519..0000000 --- a/func/core/pkg_coreutils/21-touch-ls.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -r_log "coreutils" "Testing touch and ls" -trap '/bin/rm /tmp/touch-?' EXIT - -r_log "coreutils" "Touch files with specific dates" -touch -t 199104230420 /tmp/touch-1 -touch -t 199104240420 /tmp/touch-2 - -r_log "coreutils" "Verify that the oldest file is last" -# shellcheck disable=SC2012 -ls -lt /tmp/touch-? | tail -n 1 | grep -q 'touch-1' - -r_checkExitStatus $? diff --git a/func/core/pkg_coreutils/22-uniq.sh b/func/core/pkg_coreutils/22-uniq.sh deleted file mode 100755 index 70af6a9..0000000 --- a/func/core/pkg_coreutils/22-uniq.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash -r_log "coreutils" "Ensure uniq works as expected" -trap '/bin/rm /var/tmp/uniq' EXIT - -cat > /var/tmp/uniq < /var/tmp/wc < $(mktemp) -# shellcheck disable=2012 -find /tmp -type f | cpio -o > "$OUTTER"/cpio.out 2> /dev/null -r_checkExitStatus $? - -r_log "cpio" "Test basic copy in" -pushd "$INNER" || exit 1 - cpio -i < "$OUTTER"/cpio.out - r_checkExitStatus $? -popd || exit 1 - -r_log "cpio" "Test basic passthrough" -pushd "$INNER" || exit 1 -find . | cpio -pd "$PASSER" -r_checkExitStatus $? -popd || exit 1 - -r_log "cpio" "Checking that the directories (pass and in) are the same" -diff "$PASSER" "$INNER" &> /dev/null -r_checkExitStatus $? diff --git a/func/core/pkg_cpio/README.md b/func/core/pkg_cpio/README.md deleted file mode 100644 index 30b755a..0000000 --- a/func/core/pkg_cpio/README.md +++ /dev/null @@ -1 +0,0 @@ -Test cpio diff --git a/func/core/pkg_cracklib/00-install-cracklib.sh b/func/core/pkg_cracklib/00-install-cracklib.sh deleted file mode 100755 index 0b2c38d..0000000 --- a/func/core/pkg_cracklib/00-install-cracklib.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "cracklib" "Install the cracklib package" -p_installPackageNormal cracklib diff --git a/func/core/pkg_cracklib/10-test-passwords.sh b/func/core/pkg_cracklib/10-test-passwords.sh deleted file mode 100755 index 3b3d4ea..0000000 --- a/func/core/pkg_cracklib/10-test-passwords.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -r_log "cracklib" "Test that cracklib can check passwords" - -r_log "cracklib" "Test a very simple password" -echo -e "test" | cracklib-check | grep -q "too short" -r_checkExitStatus $? - -r_log "cracklib" "Test a simple/dictionary password" -echo -e "testing" | cracklib-check | grep -q "dictionary" -r_checkExitStatus $? - -r_log "cracklib" "Testing simplistic password" -echo -e "1234_abc" | cracklib-check | grep -q 'simplistic' -r_checkExitStatus $? - -r_log "cracklib" "Testing a complicated password" -echo -e "2948_Obaym-" | cracklib-check | grep -q "OK" -r_checkExitStatus $? diff --git a/func/core/pkg_cracklib/README.md b/func/core/pkg_cracklib/README.md deleted file mode 100644 index 3eb5629..0000000 --- a/func/core/pkg_cracklib/README.md +++ /dev/null @@ -1 +0,0 @@ -Testing cracklib and cracklib accessories diff --git a/func/core/pkg_cron/00-install-cron.sh b/func/core/pkg_cron/00-install-cron.sh deleted file mode 100755 index b7b1517..0000000 --- a/func/core/pkg_cron/00-install-cron.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "cron" "Installing crond" -p_installPackageNormal cronie -m_serviceCycler crond cycle diff --git a/func/core/pkg_cron/10-dot-cron.sh b/func/core/pkg_cron/10-dot-cron.sh deleted file mode 100755 index 6ff50ba..0000000 --- a/func/core/pkg_cron/10-dot-cron.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -r_log "cron" "Testing hourly cron jobs" - -trap '/bin/rm /etc/cron.{weekly,daily,hourly}/rocky.sh' EXIT - -cat > /etc/cron.hourly/rocky.sh < /etc/cron.daily/rocky.sh < /etc/cron.weekly/rocky.sh < /etc/dovecot/conf.d/11-rocky.conf << EOF -mail_location = mbox:~/mail:INBOX=/var/mail/%u -mail_privileged_group = mail -EOF - -m_serviceCycler dovecot restart diff --git a/func/core/pkg_dovecot/10-pop3-test.sh b/func/core/pkg_dovecot/10-pop3-test.sh deleted file mode 100755 index 0df043f..0000000 --- a/func/core/pkg_dovecot/10-pop3-test.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -r_log "dovecot" "Testing basic POP3 (does anyone still use this?)" - -# Note that nmap-nc appears to be the default, even in fedora -NC_OPTS="-w 5 -d 3" - -r_log "dovecot" "Add poptest user and maildir" -if ! id poptest > /dev/null 2>&1; then - useradd poptest - echo pop3test | passwd --stdin poptest -fi - -# shellcheck disable=SC2174 -mkdir -m 700 -p /home/poptest/mail/.imap/INBOX -chown -R poptest:poptest /home/poptest/mail - -r_log "dovecot" "Test basic POP3 login" - - -# shellcheck disable=SC2086 -echo -e "user poptest\npass pop3test\n" | nc ${NC_OPTS} localhost 110 | grep -q "+OK Logged in." -ret_val=$? - -if [ "$ret_val" -ne 0 ]; then - tail /var/log/secure - tail /var/log/maillog -fi - -r_checkExitStatus $ret_val - -userdel -rf poptest diff --git a/func/core/pkg_dovecot/11-imap-test.sh b/func/core/pkg_dovecot/11-imap-test.sh deleted file mode 100755 index ee09929..0000000 --- a/func/core/pkg_dovecot/11-imap-test.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -r_log "dovecot" "Testing basic IMAP" - -# Note that nmap-nc appears to be the default, even in fedora -NC_OPTS="-w 5 -d 3" - -r_log "dovecot" "Add imapper user and maildir" -if ! id imapper > /dev/null 2>&1; then - useradd imapper - echo imaptest | passwd --stdin imapper -fi - -# shellcheck disable=SC2174 -mkdir -m 700 -p /home/imapper/mail/.imap/INBOX -chown -R imapper:imapper /home/imapper/mail - -r_log "dovecot" "Test basic IMAP login" - - -# shellcheck disable=SC2086 -echo -e "01 LOGIN imapper imaptest\n" | nc ${NC_OPTS} localhost 143 | grep -q "Logged in." -ret_val=$? - -if [ "$ret_val" -ne 0 ]; then - tail /var/log/secure - tail /var/log/maillog -fi - -r_checkExitStatus $ret_val - -userdel -rf imapper diff --git a/func/core/pkg_dovecot/12-dovecot-clean.sh b/func/core/pkg_dovecot/12-dovecot-clean.sh deleted file mode 100755 index c47c647..0000000 --- a/func/core/pkg_dovecot/12-dovecot-clean.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -rm -f /etc/dovecot/conf.d/11-rocky.conf -m_serviceCycler dovecot restart diff --git a/func/core/pkg_dovecot/README.md b/func/core/pkg_dovecot/README.md deleted file mode 100644 index d9be8b6..0000000 --- a/func/core/pkg_dovecot/README.md +++ /dev/null @@ -1 +0,0 @@ -Testing dovecot diff --git a/func/core/pkg_file/00-install-file.sh b/func/core/pkg_file/00-install-file.sh deleted file mode 100755 index 3fff0f1..0000000 --- a/func/core/pkg_file/00-install-file.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "file" "Install the file package" -# At one point it was installed in an earlier test (or it's default) -m_assertCleanExit rpm -q file diff --git a/func/core/pkg_file/10-mime-check.sh b/func/core/pkg_file/10-mime-check.sh deleted file mode 100755 index f3e57a6..0000000 --- a/func/core/pkg_file/10-mime-check.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash -r_log "file" "Check mimetype of bash" - -# Add additional versions here when ready -case "$RL_VER" in - 8) - MIME="application/x-sharedlib" - ;; - *) - # This is from fedora, 9 may or may not be this - MIME="application/x-pie-executable" - ;; -esac - -file -i /bin/bash | grep -q "${MIME}" -r_checkExitStatus $? diff --git a/func/core/pkg_file/20-mime-image.sh b/func/core/pkg_file/20-mime-image.sh deleted file mode 100755 index 233392e..0000000 --- a/func/core/pkg_file/20-mime-image.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -r_log "file" "Check image mimetype" -pngFile="$(find /usr/share -type f -name '*.png' -print -quit)" - -if [ -z "$pngFile" ]; then - r_log "file" "No png files were found. SKIP" - exit 0 -fi - -file -i "$pngFile" | grep -q 'image/png' -r_checkExitStatus $? diff --git a/func/core/pkg_file/30-mime-symlink.sh b/func/core/pkg_file/30-mime-symlink.sh deleted file mode 100755 index 5305f37..0000000 --- a/func/core/pkg_file/30-mime-symlink.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -r_log "file" "Check that we can see a symlink" -FILE_PATH=/var/tmp/linktest -trap '/bin/rm ${FILE_PATH}' EXIT -MIME="inode/symlink" -ln -s /etc/issue $FILE_PATH -file -i $FILE_PATH | grep -q "${MIME}" -r_checkExitStatus $? diff --git a/func/core/pkg_file/README.md b/func/core/pkg_file/README.md deleted file mode 100644 index ad86735..0000000 --- a/func/core/pkg_file/README.md +++ /dev/null @@ -1 +0,0 @@ -File tests diff --git a/func/core/pkg_findutils/00-install-findutils.sh b/func/core/pkg_findutils/00-install-findutils.sh deleted file mode 100755 index cf8c3ce..0000000 --- a/func/core/pkg_findutils/00-install-findutils.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "findutils" "Install findutils" -p_installPackageNormal findutils diff --git a/func/core/pkg_findutils/10-find.sh b/func/core/pkg_findutils/10-find.sh deleted file mode 100755 index 57c6c87..0000000 --- a/func/core/pkg_findutils/10-find.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -r_log "findutils" "Testing basic find stuff" - -TMPDIR=/var/tmp/find -trap '/bin/rm -rf $TMPDIR' EXIT - -[ -e $TMPDIR ] && rm -rf "$TMPDIR" - -mkdir -p "$TMPDIR" || { r_log "findutils" "Can't create $TMPDIR"; exit "$FAIL"; } -touch "$TMPDIR/file1" -touch "$TMPDIR/file with a space" -r_log "findutils" "Check that find just works(tm)" -find "$TMPDIR" &> /dev/null -r_checkExitStatus $? - -r_log "findutils" "Check that find fails for something that doesn't exist" -find "$TMPDIR/doesntexit" &> /dev/null -if [ $? -ne 1 ]; then - r_log "findutils" "Something wrong happened. Was the file there?" -else - r_checkExitStatus 0 -fi - -r_log "findutils" "Prepare for xargs test" -LINES=$(find "$TMPDIR" -print0 | wc -l) - -if [ "$LINES" -eq 0 ]; then - r_checkExitStatus 0 -else - r_checkExitStatus 1 -fi - -r_log "findutils" "Perform for xargs test" -find "$TMPDIR" -type f -print0 | xargs -0 ls &> /dev/null -r_checkExitStatus $? - -r_log "findutils" "Perform for xargs test: fails with spaces in the name" -# shellcheck disable=SC2038 -find "$TMPDIR" -type f | xargs ls &> /dev/null && { r_log "findutils" "Why did this get a 0 exit?"; exit "$FAIL"; } -ret_val=$? -if [ "$ret_val" -ne "0" ]; then - r_checkExitStatus 0 -else - r_checkExitStatus 1 -fi diff --git a/func/core/pkg_findutils/README.md b/func/core/pkg_findutils/README.md deleted file mode 100644 index 831dcc3..0000000 --- a/func/core/pkg_findutils/README.md +++ /dev/null @@ -1 +0,0 @@ -Test the find utility diff --git a/func/core/pkg_firefox/00-install-firefox.sh b/func/core/pkg_firefox/00-install-firefox.sh deleted file mode 100755 index 53565d3..0000000 --- a/func/core/pkg_firefox/00-install-firefox.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "firefox" "Install firefox" -p_installPackageNormal firefox diff --git a/func/core/pkg_firefox/10-check-firefox-start-page.sh b/func/core/pkg_firefox/10-check-firefox-start-page.sh deleted file mode 100755 index 3963fa1..0000000 --- a/func/core/pkg_firefox/10-check-firefox-start-page.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash -r_log "firefox" "Check that the firefox startup page is correct" - -if p_getPackageArch firefox | grep -q x86_64; then - FIREPATH='/usr/lib64/firefox/defaults/preferences/all-redhat.js' -else - FIREPATH='/usr/lib/firefox/defaults/preferences/all-redhat.js' -fi - -COUNTS="$(grep -c rockylinux.org $FIREPATH)" - -if [ "$COUNTS" -ge 2 ]; then - r_checkExitStatus 0 -else - r_checkExitStatus 1 -fi diff --git a/func/core/pkg_firefox/README.md b/func/core/pkg_firefox/README.md deleted file mode 100644 index aeb7090..0000000 --- a/func/core/pkg_firefox/README.md +++ /dev/null @@ -1 +0,0 @@ -Test firefox diff --git a/func/core/pkg_firewalld/00-install-firewalld.sh b/func/core/pkg_firewalld/00-install-firewalld.sh deleted file mode 100755 index bb29440..0000000 --- a/func/core/pkg_firewalld/00-install-firewalld.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "firewalld" "Install firewalld (should already be installed)" -p_installPackageNormal firewalld diff --git a/func/core/pkg_firewalld/10-firewalld-check-rule.sh b/func/core/pkg_firewalld/10-firewalld-check-rule.sh deleted file mode 100755 index a4bc9c4..0000000 --- a/func/core/pkg_firewalld/10-firewalld-check-rule.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -r_log "firewalld" "Check that the default zone is public" -firewall-cmd --get-active-zones | grep -q public -r_checkExitStatus $? - -r_log "firewalld" "Check that a default service is open" -firewall-cmd --list-services | grep -q ssh -r_checkExitStatus $? diff --git a/func/core/pkg_firewalld/README.md b/func/core/pkg_firewalld/README.md deleted file mode 100644 index b5dd52e..0000000 --- a/func/core/pkg_firewalld/README.md +++ /dev/null @@ -1,3 +0,0 @@ -Tests firewalld - -TODO: Add some more tests perhaps. diff --git a/func/core/pkg_freeradius/00-install-freeradius.sh b/func/core/pkg_freeradius/00-install-freeradius.sh deleted file mode 100755 index 10e5a54..0000000 --- a/func/core/pkg_freeradius/00-install-freeradius.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "freeradius" "Install freeradius" -p_installPackageNormal freeradius freeradius-utils diff --git a/func/core/pkg_freeradius/10-test-freeradius.sh b/func/core/pkg_freeradius/10-test-freeradius.sh deleted file mode 100755 index 39e29c8..0000000 --- a/func/core/pkg_freeradius/10-test-freeradius.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash -function cleanup() { - cp /etc/raddb/users.backup /etc/raddb/users - rm -rf /etc/raddb/users.backup - systemctl stop radiusd.service -} - -r_log "freeradius" "Test basic freeradius functionality" -r_log "freeradius" "Configure freeradius" -trap cleanup EXIT - -cp /etc/raddb/users /etc/raddb/users.backup -cat >> /etc/raddb/users << EOF -rocky Cleartext-Password := "rocky" - Service-Type = Framed-User -EOF - -r_log "freeradius" "Testing..." -systemctl start radiusd.service -sleep 1 -echo "User-Name=rocky,User-Password=rocky " | radclient -x localhost:1812 auth testing123 | grep -q 'Access-Accept' -r_checkExitStatus $? diff --git a/func/core/pkg_freeradius/README.md b/func/core/pkg_freeradius/README.md deleted file mode 100644 index eb056d2..0000000 --- a/func/core/pkg_freeradius/README.md +++ /dev/null @@ -1 +0,0 @@ -Test freeradius diff --git a/func/core/pkg_gcc/00-install-gcc.sh b/func/core/pkg_gcc/00-install-gcc.sh deleted file mode 100755 index bc6b57c..0000000 --- a/func/core/pkg_gcc/00-install-gcc.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "annobin" "Install gcc/annobin packages and accessories" -p_installPackageNormal gcc gcc-c++ annobin redhat-rpm-config diff --git a/func/core/pkg_gcc/10-gcc-build-simple.sh b/func/core/pkg_gcc/10-gcc-build-simple.sh deleted file mode 100755 index 98ef7cd..0000000 --- a/func/core/pkg_gcc/10-gcc-build-simple.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -r_log "gcc" "Ensure gcc can build a simple program" -OUTPUTPROG=$(mktemp) - -gcc ./common/files/hello.c -o "$OUTPUTPROG" -"$OUTPUTPROG" | grep -q "Hello!" -r_checkExitStatus $? - -rm "$OUTPUTPROG" diff --git a/func/core/pkg_gcc/11-gcc-build-cpp.sh b/func/core/pkg_gcc/11-gcc-build-cpp.sh deleted file mode 100755 index 01f9be5..0000000 --- a/func/core/pkg_gcc/11-gcc-build-cpp.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -r_log "gcc" "Ensure g++ can build a simple program" -OUTPUTPROG=$(mktemp) - -g++ -x c++ ./common/files/hello.cpp -o "$OUTPUTPROG" -"$OUTPUTPROG" | grep -q "Hello!" -r_checkExitStatus $? - -rm "$OUTPUTPROG" diff --git a/func/core/pkg_gcc/20-annobin-test-gcc.sh b/func/core/pkg_gcc/20-annobin-test-gcc.sh deleted file mode 100755 index e66df37..0000000 --- a/func/core/pkg_gcc/20-annobin-test-gcc.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash -r_log "annobin" "Ensure a simple program builds with gcc annobin" -OUTPUTPROG=$(mktemp) - -r_log "annobin" "Build program with gcc" -gcc -x c -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 \ - -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 \ - -o "${OUTPUTPROG}" ./common/files/hello.c - -# Must match exactly -r_log "annobin" "Verify the program works" -"${OUTPUTPROG}" | grep -q "Hello!" -r_checkExitStatus $? - -/bin/rm -f "${OUTPUTPROG}" diff --git a/func/core/pkg_gcc/21-annobin-test-gplusplus.sh b/func/core/pkg_gcc/21-annobin-test-gplusplus.sh deleted file mode 100755 index 1ad3c71..0000000 --- a/func/core/pkg_gcc/21-annobin-test-gplusplus.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash -r_log "annobin" "Ensure a simple program builds with g++ annobin" -OUTPUTPROG=$(mktemp) - -r_log "annobin" "Build program with g++" -g++ -x c++ -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 \ - -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 \ - -o "${OUTPUTPROG}" ./common/files/hello.cpp - -# Must match exactly -r_log "annobin" "Verify the program works" -"${OUTPUTPROG}" | grep -q "Hello!" -r_checkExitStatus $? - -/bin/rm -f "${OUTPUTPROG}" diff --git a/func/core/pkg_gcc/README.md b/func/core/pkg_gcc/README.md deleted file mode 100644 index a5015a8..0000000 --- a/func/core/pkg_gcc/README.md +++ /dev/null @@ -1 +0,0 @@ -Test annobin and annobin accessories diff --git a/func/core/pkg_git/00-install-git.sh b/func/core/pkg_git/00-install-git.sh deleted file mode 100755 index b1e594e..0000000 --- a/func/core/pkg_git/00-install-git.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "git" "Install git" -p_installPackageNormal git diff --git a/func/core/pkg_git/10-test-git.sh b/func/core/pkg_git/10-test-git.sh deleted file mode 100755 index 029c59d..0000000 --- a/func/core/pkg_git/10-test-git.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "git" "Check git installation" -git --version -r_checkExitStatus $? diff --git a/func/core/pkg_git/11-test-clone-log.sh b/func/core/pkg_git/11-test-clone-log.sh deleted file mode 100755 index ce02584..0000000 --- a/func/core/pkg_git/11-test-clone-log.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash -r_log "git" "Test basic git clones" -trap 'rm -rf $TMPREPO' EXIT - -WORKDIR=$(pwd) -TMPREPO=/var/tmp/repo -SHA1=$(echo "Obsidian" | git hash-object --stdin) - -r_log "git" "Create bare git repo" -mkdir -p $TMPREPO -# shellcheck disable=SC2164 -pushd $TMPREPO -git init . --bare -# shellcheck disable=SC2164 -popd - -r_log "git" "Clone out" -git clone $TMPREPO cloned - -r_log "git" "Configure git user" -# shellcheck disable=SC2164 -pushd cloned -git config user.email "obsidian.club@rockylinux.org" -git config user.name "Obsidian Club" - -r_log "git" "Add a file and push" -echo "Obsidian" > obsidian -git add obsidian -git commit -m "Obsidian Commit" -git push origin master -# shellcheck disable=SC2164 -popd - -r_log "git" "Clone out again" -git clone $TMPREPO clone_again -# shellcheck disable=SC2164 -pushd clone_again -# shellcheck disable=SC2002 -SHA2=$(cat obsidian | git hash-object --stdin) -[ "$SHA1" == "$SHA2" ] -r_checkExitStatus $? - -git log --grep="Obsidian Commit" 2>&1 -r_checkExitStatus $? - -# shellcheck disable=SC2164 -popd -# shellcheck disable=SC2086,SC2164 -cd $WORKDIR diff --git a/func/core/pkg_git/README.md b/func/core/pkg_git/README.md deleted file mode 100644 index 568a4cf..0000000 --- a/func/core/pkg_git/README.md +++ /dev/null @@ -1 +0,0 @@ -Git tests diff --git a/func/core/pkg_httpd/00-install-httpd.sh b/func/core/pkg_httpd/00-install-httpd.sh deleted file mode 100755 index edfbc46..0000000 --- a/func/core/pkg_httpd/00-install-httpd.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -r_log "httpd" "Install httpd" - -p_installPackageNormal curl httpd mod_ssl php-mysqlnd php -m_serviceCycler httpd cycle diff --git a/func/core/pkg_httpd/10-httpd-branding.sh b/func/core/pkg_httpd/10-httpd-branding.sh deleted file mode 100755 index cbfe6ca..0000000 --- a/func/core/pkg_httpd/10-httpd-branding.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -r_log "httpd" "Verify httpd branding" - -r_log "httpd" "Token" -curl -sI http://localhost/ | grep -i "Server:\ Apache.*\ (Rocky Linux)" > /dev/null 2>&1 -r_checkExitStatus $? - -r_log "httpd" "index" -curl -sI http://localhost/ | grep -i "Rocky" > /dev/null 2>&1 -r_checkExitStatus $? diff --git a/func/core/pkg_httpd/20-test-basic-http.sh b/func/core/pkg_httpd/20-test-basic-http.sh deleted file mode 100755 index aaca1f6..0000000 --- a/func/core/pkg_httpd/20-test-basic-http.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "httpd" "Test basic http functionality" -curl -H 'Accept-Language: en' -s http://localhost/ | grep "Test Page" > /dev/null 2>&1 -r_checkExitStatus $? diff --git a/func/core/pkg_httpd/21-test-basic-https.sh b/func/core/pkg_httpd/21-test-basic-https.sh deleted file mode 100755 index cce602d..0000000 --- a/func/core/pkg_httpd/21-test-basic-https.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "httpd" "Test basic https functionality" -curl -H 'Accept-Language: en' -ks https://localhost/ | grep "Test Page" > /dev/null 2>&1 -r_checkExitStatus $? diff --git a/func/core/pkg_httpd/30-test-basic-auth.sh b/func/core/pkg_httpd/30-test-basic-auth.sh deleted file mode 100755 index 5b29ef9..0000000 --- a/func/core/pkg_httpd/30-test-basic-auth.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -r_log "httpd" "Test basic authentication functionality" -trap "rm /etc/httpd/conf.d/test-basic-auth.conf ; m_serviceCycler httpd reload" EXIT - -cat > /etc/httpd/conf.d/test-basic-auth.conf < - AuthType Basic - AuthName "Test" - AuthUserFile /etc/httpd/htpasswd - require user tester - -EOF - -htpasswd -c -b /etc/httpd/htpasswd tester tester -mkdir -p /var/www/html/basic_auth -echo "Basic Auth Test" > /var/www/html/basic_auth/index.html -# This isn't normally needed, it should just work -restorecon -R /var/www/html -m_serviceCycler httpd cycle -curl -s -u tester:tester http://localhost/basic_auth/ | grep -q 'Basic Auth Test' > /dev/null 2>&1 -r_checkExitStatus $? diff --git a/func/core/pkg_httpd/40-test-basic-vhost.sh b/func/core/pkg_httpd/40-test-basic-vhost.sh deleted file mode 100755 index 1870993..0000000 --- a/func/core/pkg_httpd/40-test-basic-vhost.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -function cleanup() { - rm /etc/httpd/conf.d/vhost.conf - sed -i '/127.0.0.1 coretest/d' /etc/hosts - m_serviceCycler httpd reload -} - -r_log "httpd" "Test basic vhost functionality" -trap cleanup EXIT - -echo "127.0.0.1 coretest" >> /etc/hosts -cat > /etc/httpd/conf.d/vhost.conf << EOF -## Core vhost test -NameVirtualHost *:80 - - ServerName coretest - ServerAdmin root@localhost - DocumentRoot /var/www/vhost/coretest - -EOF - -mkdir -p /var/www/vhost/coretest -echo "core vhost test page" > /var/www/vhost/coretest/index.html -# This isn't normally needed, it should just work -restorecon -R /var/www/vhost -m_serviceCycler httpd cycle - -curl -s http://coretest/ | grep -q 'core vhost test page' > /dev/null 2>&1 - -r_checkExitStatus $? diff --git a/func/core/pkg_httpd/50-test-basic-php.sh b/func/core/pkg_httpd/50-test-basic-php.sh deleted file mode 100755 index 20ceb59..0000000 --- a/func/core/pkg_httpd/50-test-basic-php.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -r_log "httpd" "Test basic php" - -echo "" > /var/www/html/test.php -# This isn't normally needed, it should just work -restorecon -R /var/www/html -curl -s http://localhost/test.php | grep -q 'PHP Version' > /dev/null 2>&1 - -r_checkExitStatus $? diff --git a/func/core/pkg_httpd/README.md b/func/core/pkg_httpd/README.md deleted file mode 100644 index 0f3356c..0000000 --- a/func/core/pkg_httpd/README.md +++ /dev/null @@ -1 +0,0 @@ -Test httpd diff --git a/func/core/pkg_kernel/10-test-kernel-keyring.sh b/func/core/pkg_kernel/10-test-kernel-keyring.sh deleted file mode 100644 index 9c71043..0000000 --- a/func/core/pkg_kernel/10-test-kernel-keyring.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -r_log "kernel" "Testing the kernel keyring (GPG)" - -ARCH=$(uname -m) -#KERNEL=$(uname -r | cut -d'-' -f1) - -if [ "${ARCH}" == "aarch64" ] || [ "${ARCH}" == "ppc64le" ] || [ "${ARCH}" == "s390x" ]; then - r_log "kernel" "Architecture not tested: $ARCH" - exit 0 -fi - -if [ "$RL_VER" -ge 8 ]; then - ring=.builtin_trusted_keys - for id in kpatch "Driver update" kernel; do - r_log "kernel" "Verifying x.509 Rocky ${id}" - keyctl list %:$ring | grep -i "REPLACE_ME" > /dev/null 2>&1 - r_checkExitStatus $? - done -fi diff --git a/func/core/pkg_kernel/11-test-secure-boot.sh b/func/core/pkg_kernel/11-test-secure-boot.sh deleted file mode 100644 index 9852f33..0000000 --- a/func/core/pkg_kernel/11-test-secure-boot.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -r_log "kernel" "Install pesign" -p_installPackageNormal pesign -ARCH=$(uname -m) - -if [ "$ARCH" == "x86_64" ]; then - for k in $(rpm -q kernel --qf "%{version}-%{release}.%{arch}\n"); do - r_log "kernel" "Validating kernel $k" - pesign --show-signature --in "/boot/vmlinuz-${k}" | grep -Eq 'Rocky Linux Secure Boot Signing' - r_checkExitStatus $? - done -fi diff --git a/func/core/pkg_kernel/12-test-debrand.sh b/func/core/pkg_kernel/12-test-debrand.sh deleted file mode 100755 index c3438c7..0000000 --- a/func/core/pkg_kernel/12-test-debrand.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -r_log "kernel" "Testing debrand" - -strings "/boot/vmlinuz-$(uname -r)" | grep -qi rhel -ret_val=$? - -if [ "$ret_val" -eq "0" ]; then - r_log "kernel" "Kernel does not appear to be debranded" - r_checkExitStatus 1 -else - r_checkExitStatus 0 -fi diff --git a/func/core/pkg_kernel/README.md b/func/core/pkg_kernel/README.md deleted file mode 100644 index 64d2cf4..0000000 --- a/func/core/pkg_kernel/README.md +++ /dev/null @@ -1 +0,0 @@ -Testing kernel stuff diff --git a/func/core/pkg_lsb/00-install-lsb.sh b/func/core/pkg_lsb/00-install-lsb.sh deleted file mode 100755 index 3733c79..0000000 --- a/func/core/pkg_lsb/00-install-lsb.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -r_log "lsb" "Install LSB package" -if [ "$RL_VER" -ge 8 ]; then - r_log "lsb" "redhat-lsb is not in EL9" - exit $PASS -fi - -p_installPackageNormal redhat-lsb diff --git a/func/core/pkg_lsb/10-test-branding.sh b/func/core/pkg_lsb/10-test-branding.sh deleted file mode 100755 index 229fbcb..0000000 --- a/func/core/pkg_lsb/10-test-branding.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -r_log "lsb" "Test LSB branding" -if [ "$RL_VER" -ge 8 ]; then - r_log "lsb" "redhat-lsb is not in EL9" - exit $PASS -fi - -lsb_release -i | grep -q "Rocky" -r_checkExitStatus $? -lsb_release -d | grep -q "Rocky" -r_checkExitStatus $? diff --git a/func/core/pkg_lsb/README.md b/func/core/pkg_lsb/README.md deleted file mode 100644 index a3810a5..0000000 --- a/func/core/pkg_lsb/README.md +++ /dev/null @@ -1 +0,0 @@ -Basic LSB tests diff --git a/func/core/pkg_lsof/00-install-lsof.sh b/func/core/pkg_lsof/00-install-lsof.sh deleted file mode 100755 index ca5f9e9..0000000 --- a/func/core/pkg_lsof/00-install-lsof.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "lsof" "Install lsof" -p_installPackageNormal lsof diff --git a/func/core/pkg_lsof/10-test-lsof.sh b/func/core/pkg_lsof/10-test-lsof.sh deleted file mode 100755 index 9d64e9f..0000000 --- a/func/core/pkg_lsof/10-test-lsof.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -r_log "lsof" "Test basic lsof functions" - -r_log "lsof" "lsof against sshd" -sshd_port_listen=$(lsof -i:22 | grep LISTEN) -if [ "$sshd_port_listen" ]; then - r_log "lsof" "SSH is listening." - ret_val=0 -else - r_log "lsof" "SSH is NOT listening." - ret_val=1 -fi - -r_checkExitStatus $ret_val diff --git a/func/core/pkg_lsof/README.md b/func/core/pkg_lsof/README.md deleted file mode 100644 index 4d11e8f..0000000 --- a/func/core/pkg_lsof/README.md +++ /dev/null @@ -1 +0,0 @@ -Test lsof diff --git a/func/core/pkg_mdadm/00-install-mdadm.sh b/func/core/pkg_mdadm/00-install-mdadm.sh deleted file mode 100755 index eba00b5..0000000 --- a/func/core/pkg_mdadm/00-install-mdadm.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "mdadm" "Install mdadm" -p_installPackageNormal mdadm diff --git a/func/core/pkg_mdadm/01-test-mdadm.sh b/func/core/pkg_mdadm/01-test-mdadm.sh deleted file mode 100755 index c8e0be3..0000000 --- a/func/core/pkg_mdadm/01-test-mdadm.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -r_log "mdadm" "Check that mdadm will operate and return the right exit codes" -[ ${EUID} -eq 0 ] || { r_log "mdadm" "Not running as root. Skipping." ; exit "$PASS"; } -MDADM=$(which mdadm) - -[ -z "${MDADM}" ] && { r_log "mdadm" "which reported the binary but it doesn't exist, why?"; exit "$FAIL"; } - -${MDADM} --detail --scan &> /dev/null -ret_val=$? - -[ "$ret_val" -eq 0 ] || { r_log "mdadm" "There was a non-zero exit. This is likely fatal."; exit "$FAIL"; } - -r_checkExitStatus $ret_val diff --git a/func/core/pkg_network/00-install-packages.sh b/func/core/pkg_network/00-install-packages.sh deleted file mode 100755 index df109be..0000000 --- a/func/core/pkg_network/00-install-packages.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -r_log "network" "Install necessary network packages and utilities" -pkgs=(traceroute iputils iproute mtr psmisc net-tools which iptraf) -if [ "$RL_VER" -eq 8 ]; then - pkgs+=( arpwatch ) -fi -p_installPackageNormal "${pkgs[@]}" diff --git a/func/core/pkg_network/10-tracepath.sh b/func/core/pkg_network/10-tracepath.sh deleted file mode 100644 index e9d7e84..0000000 --- a/func/core/pkg_network/10-tracepath.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -r_log "network" "Test tracepath" diff --git a/func/core/pkg_network/11-traceroute.sh b/func/core/pkg_network/11-traceroute.sh deleted file mode 100644 index e7320b6..0000000 --- a/func/core/pkg_network/11-traceroute.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -r_log "network" "Test traceroute" diff --git a/func/core/pkg_network/12-mtr.sh b/func/core/pkg_network/12-mtr.sh deleted file mode 100644 index b0581d4..0000000 --- a/func/core/pkg_network/12-mtr.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -r_log "network" "Test mtr" diff --git a/func/core/pkg_network/13-iptraf.sh b/func/core/pkg_network/13-iptraf.sh deleted file mode 100755 index 6aee057..0000000 --- a/func/core/pkg_network/13-iptraf.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash -r_log "network" "Checking that iptraf runs and returns non-zero" - -TMPFILE=/var/tmp/iptraf - -[ -e ${TMPFILE} ] && rm ${TMPFILE} -[ ${EUID} -eq 0 ] || { r_log "network" "SKIP: Not running as root."; exit "$PASS"; } - -mkdir -p ${TMPFILE} - -IPTRAF=$(which iptraf-ng) -PING=$(which iptraf-ng) -KILL=$(which iptraf-ng) -STAT=$(which iptraf-ng) - -for x in $IPTRAF $PING $KILL $STAT; do - [ ! -f "$x" ] && { r_log "network" "$x not found. This is likely a problem."; exit "$FAIL"; } -done - -r_log "network" "Run iptraf on all available interfaces" -${IPTRAF} -i all -B -t 1 -L ${TMPFILE} &> /dev/null - -r_log "network" "Do a simple ping for iptraf" -${PING} -c 6 127.0.0.12 &> /dev/null - -LOGSIZE=$(stat -c '%s' ${TMPFILE}) -# shellcheck disable=SC2086 -kill -USR2 "$(pidof $IPTRAF)" - -r_log "network" "Verifying that iptraf log has data" -if [ "${LOGSIZE}" -gt 0 ]; then - r_checkExitStatus 0 -else - r_log "network" "Network traffic wasn't logged. Verify your builds." - r_checkExitStatus 1 -fi diff --git a/func/core/pkg_network/20-configure-bridge.sh b/func/core/pkg_network/20-configure-bridge.sh deleted file mode 100755 index ac3e79f..0000000 --- a/func/core/pkg_network/20-configure-bridge.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -r_log "network" "Test bridging functionality (non-network manager)" - -bridge=dummybr0 -# shellcheck disable=SC1091,1090 -. "$(dirname "$0")"/imports.sh - -r_log "network" "Add a dummy bridge $bridge" -ret_val=$(iproute_add_bridge $bridge) -r_checkExitStatus "$ret_val" - -r_log "network" "Clean up/Remove bridge" -ret_val=$(iproute_del_bridge $bridge) -r_checkExitStatus "$ret_val" diff --git a/func/core/pkg_network/30-test-arpwatch.sh b/func/core/pkg_network/30-test-arpwatch.sh deleted file mode 100644 index 56a6906..0000000 --- a/func/core/pkg_network/30-test-arpwatch.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash - -# defaults -defaultGW=$(ip route | awk '/^default via/ { print $3 }') -arpdat="/var/lib/arpwatch/arp.dat" - -if [ -z "${defaultGW}" ]; then - r_log "arpwatch" "There is no default gateway set." - exit -fi - -arpwatch -sleep 5 -arp -d "${defaultGW}" -sleep 5 -ping -i 1 -q -c 5 "${defaultGW}" -killall arpwatch -sleep 3 -grep -q "${defaultGW}" "${arpdat}" - -r_checkExitStatus $? - -cat /dev/null > "${arpdat}" diff --git a/func/core/pkg_network/README.md b/func/core/pkg_network/README.md deleted file mode 100644 index 86f31d7..0000000 --- a/func/core/pkg_network/README.md +++ /dev/null @@ -1 +0,0 @@ -All tests that are network utility related diff --git a/func/core/pkg_network/imports.sh b/func/core/pkg_network/imports.sh deleted file mode 100644 index d4638b8..0000000 --- a/func/core/pkg_network/imports.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -function iproute_add_bridge() { - BRIDGE=$1 - PRESENCE=$(grep "$BRIDGE" /proc/net/dev) - if ! [ "${PRESENCE}" ]; then - ip link add name "$BRIDGE" type bridge - PRESENCE=$(grep "$BRIDGE" /proc/net/dev) - if [ "${PRESENCE}" ]; then - ret_val=0 - else - echo "$BRIDGE was not created" - ret_val=1 - fi - else - ret_val=0 - fi - echo "$ret_val" -} - -function iproute_del_bridge() { - BRIDGE=$1 - PRESENCE=$(grep "$BRIDGE" /proc/net/dev) - if ! [ "${PRESENCE}" ]; then - echo "$BRIDGE doesn't exist" - ret_val=1 - else - ip link del "$BRIDGE" type bridge - PRESENCE=$(grep "$BRIDGE" /proc/net/dev) - if [ "${PRESENCE}" ]; then - echo "Bridge was not be deleted" - ret_val=1 - else - ret_val=0 - fi - fi - echo "$ret_val" -} diff --git a/func/core/pkg_nfs/00-install-nfs.sh b/func/core/pkg_nfs/00-install-nfs.sh deleted file mode 100755 index a6c3ea0..0000000 --- a/func/core/pkg_nfs/00-install-nfs.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "nfs" "Install nfs and autofs utilities" -p_installPackageNormal autofs nfs-utils rpcbind diff --git a/func/core/pkg_nfs/10-prepare-nfs-ro.sh b/func/core/pkg_nfs/10-prepare-nfs-ro.sh deleted file mode 100755 index 6ad3799..0000000 --- a/func/core/pkg_nfs/10-prepare-nfs-ro.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash -r_log "nfs" "Setup (ro) NFS share" -mkdir -p /export/rotest -touch /export/rotest/nfsfile -echo '/export/rotest/ 127.0.0.1(ro)' >> /etc/exports -/usr/sbin/exportfs -ar -m_serviceCycler rpcbind restart -m_serviceCycler nfs-server restart - -r_log "nfs" "Mount NFS share" -mount -t nfs 127.0.0.1:/export/rotest /mnt -find /mnt | grep -q "nfsfile" -r_checkExitStatus $? - -umount /mnt -/usr/bin/sed -i '/rotest/d' /etc/exports diff --git a/func/core/pkg_nfs/11-prepare-nfs-rw.sh b/func/core/pkg_nfs/11-prepare-nfs-rw.sh deleted file mode 100755 index 5c587d5..0000000 --- a/func/core/pkg_nfs/11-prepare-nfs-rw.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -r_log "nfs" "Setup (rw) NFS share" -mkdir -p /export/rwtest -touch /export/rwtest/nfsfile -echo '/export/rwtest/ 127.0.0.1(rw,sync,no_root_squash)' >> /etc/exports -/usr/sbin/exportfs -ar - -m_serviceCycler rpcbind restart -m_serviceCycler nfs-server restart - -r_log "nfs" "Mount NFS share" -mount -t nfs 127.0.0.1:/export/rwtest /mnt -find /mnt | grep -q "nfsfile" -r_checkExitStatus $? - -r_log "nfs" "Test that the NFS share is writeable" -echo 'releng test file' > /mnt/nfsfile - -(grep -q 'releng test file' /mnt/nfsfile) && \ -(grep -q 'releng test file' /export/rwtest/nfsfile) -ret_val=$? -r_checkExitStatus $ret_val - -umount /mnt -/usr/bin/sed -i '/rwtest/d' /etc/exports diff --git a/func/core/pkg_nfs/12-prepare-autofs.sh b/func/core/pkg_nfs/12-prepare-autofs.sh deleted file mode 100644 index b323c86..0000000 --- a/func/core/pkg_nfs/12-prepare-autofs.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# autofs acts like it mounts but then it doesn't. this is disabled. - -r_log "nfs" "Prepare autofs configuration" - -mkdir -p /export/autotest -touch /export/autotest/autofile -echo '/export/autotest/ 127.0.0.1(ro)' >> /etc/exports -/usr/sbin/exportfs -ar - -echo '/mnt/autofs /etc/auto.export' > /etc/auto.master.d/export.autofs -echo 'nfs -fstype=nfs 127.0.0.1:/export/autotest' > /etc/auto.export - -m_serviceCycler nfs-server restart -m_serviceCycler rpcbind restart -m_serviceCycler autofs restart -r_log "nfs" "Attempt to access /export/autotest via autofs" -find /mnt/autofs | grep -q autofile -r_checkExitStatus $? - -# Remove unneeded configuration -/bin/rm /etc/auto.master.d/export.autofs /etc/auto.export -/usr/bin/sed -i '/autotest/d' /etc/exports -m_serviceCycler autofs stop -m_serviceCycler nfs-server stop -m_serviceCycler rpcbind stop diff --git a/func/core/pkg_nfs/README.md b/func/core/pkg_nfs/README.md deleted file mode 100644 index 33b7f5c..0000000 --- a/func/core/pkg_nfs/README.md +++ /dev/null @@ -1 +0,0 @@ -Test autofs diff --git a/func/core/pkg_openssh/00-install-openssh.sh b/func/core/pkg_openssh/00-install-openssh.sh deleted file mode 100755 index e6ab5b3..0000000 --- a/func/core/pkg_openssh/00-install-openssh.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "openssh" "Install openssh" -p_installPackageNormal openssh-clients openssh-server sshpass diff --git a/func/core/pkg_openssh/01-test-ssh-listen.sh b/func/core/pkg_openssh/01-test-ssh-listen.sh deleted file mode 100755 index 5bd1212..0000000 --- a/func/core/pkg_openssh/01-test-ssh-listen.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -r_log "openssh" "Ensure ssh is listening" - -echo "" > /dev/tcp/localhost/22 -r_checkExitStatus $? diff --git a/func/core/pkg_openssh/10-test-login.sh b/func/core/pkg_openssh/10-test-login.sh deleted file mode 100755 index d52722d..0000000 --- a/func/core/pkg_openssh/10-test-login.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash -r_log "openssh" "Testing basic login (using sshpass)" -trap 'userdel -rf sshpasstest; unset SSHPASS' EXIT - -if sshd -T | grep -q "passwordauthentication yes"; then - r_log "openssh" "Creating test user" - export SSHPASS="Blu30nyx!" - useradd sshpasstest - echo "${SSHPASS}" | passwd --stdin sshpasstest - r_log "openssh" "Testing login" - sshpass -e ssh sshpasstest@localhost echo 'hello' - r_checkExitStatus $? -else - r_log "openssh" "Skipping test" - exit 0 -fi diff --git a/func/core/pkg_openssh/11-test-key.sh b/func/core/pkg_openssh/11-test-key.sh deleted file mode 100755 index 61c0d52..0000000 --- a/func/core/pkg_openssh/11-test-key.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -r_log "openssh" "Testing key login (using sshpass)" - -case $RL_VER in - 8) - KEYTYPES="rsa ecdsa ed25519" - ;; - 9) - KEYTYPES="rsa ecdsa ed25519" - ;; - *) - KEYTYPES="ed25519" - ;; -esac - -r_log "openssh" "Creating test user" -useradd sshkeytest -echo "Blu30nyx!" | passwd --stdin sshkeytest - -for KEYTYPE in $KEYTYPES; do - r_log "openssh" "Creating key: ${KEYTYPE}" - runuser -l sshkeytest -c "echo | ssh-keygen -q -t ${KEYTYPE} -b 4096 -f ~/.ssh/id_${KEYTYPE}" > /dev/null - runuser -l sshkeytest -c "cat ~/.ssh/*pub > ~/.ssh/authorized_keys && chmod 600 ~/.ssh/*keys" > /dev/null - STRINGTEST=$(mktemp -u) - echo "${STRINGTEST}" > /home/sshkeytest/test_file - r_log "openssh" "Testing key: ${KEYTYPE}" - runuser -l sshkeytest -c "ssh -i ~/.ssh/id_${KEYTYPE} localhost | grep -q ${STRINGTEST} /home/sshkeytest/test_file" - ret_val=$? - r_checkExitStatus $ret_val -done - -userdel -rf sshkeytest diff --git a/func/core/pkg_openssl/00-install-openssl.sh b/func/core/pkg_openssl/00-install-openssl.sh deleted file mode 100755 index ab718a7..0000000 --- a/func/core/pkg_openssl/00-install-openssl.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "openssl" "Install openssl" -p_installPackageNormal openssl diff --git a/func/core/pkg_openssl/10-test-openssl.sh b/func/core/pkg_openssl/10-test-openssl.sh deleted file mode 100755 index b9bb4b3..0000000 --- a/func/core/pkg_openssl/10-test-openssl.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash -r_log "openssl" "Create openssl certificates and verify" -DROPDIR=/var/tmp/openssl -mkdir -p $DROPDIR - -openssl genrsa -passout pass:obsidian -des3 -out $DROPDIR/openssl.key.secure 4096 > /dev/null 2>&1 -ret_val=$? -if [ $ret_val -ne 0 ]; then - r_log "openssl" "Failed creating private key" - r_checkExitStatus 1 -fi - -openssl rsa -passin pass:obsidian -in "$DROPDIR/openssl.key.secure" -out "$DROPDIR/openssl.key" > /dev/null 2>&1 -ret_val=$? -if [ $ret_val -ne 0 ]; then - r_log "openssl" "Could not create openssl private key from secure key" - r_checkExitStatus 1 -fi - -if [ ! -f ./common/files/openssl-answers ]; then - r_log "openssl" "We do not have our openssl answers file" - r_checkExitStatus 1 -fi - -openssl req -batch -config ./common/files/openssl-answers -new -key "$DROPDIR/openssl.key" -out "$DROPDIR/openssl.csr" > /dev/null 2>&1 -ret_val=$? -if [ $ret_val -ne 0 ]; then - r_log "openssl" "Could not create openssl csr" - r_checkExitStatus 1 -fi - -openssl x509 -req -days 365 -in "$DROPDIR/openssl.csr" -signkey "$DROPDIR/openssl.key" -out "$DROPDIR/openssl.crt" > /dev/null 2>&1 -ret_val=$? -if [ $ret_val -ne 0 ]; then - r_log "openssl" "Could not create self-signed certificate" - r_checkExitStatus 1 -fi - -SSLVAR=$(openssl version -d) -SSLREGEX='OPENSSLDIR\:\ \"(.*)\"' -if [[ "$SSLVAR" =~ $SSLREGEX ]]; then - SSLPATH=${BASH_REMATCH[1]} -else - r_log "openssl" "Could not find the openssl config directory" - r_checkExitStatus 1 -fi - -cp "$DROPDIR/openssl.crt" "$SSLPATH/certs/" -# shellcheck disable=SC2086 -HASH="$(openssl x509 -noout -hash -in $SSLPATH/certs/openssl.crt)" -ret_val=$? -if [ $ret_val -ne 0 ]; then - r_log "openssl" "Could not create hash" -fi - -ln -s "$SSLPATH/certs/openssl.crt" "$SSLPATH/certs/${HASH}.0" - -openssl verify $DROPDIR/openssl.crt | grep -cq OK -ret_val=$? -if [ $ret_val -ne 0 ]; then - r_log "openssl" "Self signed certificate verification failed" - r_checkExitStatus 1 -fi - -r_checkExitStatus 0 - -rm -rf $DROPDIR/certs "$SSLPATH/certs/${HASH}.0" "$SSLPATH/certs/openssl.crt" diff --git a/func/core/pkg_openssl/README.md b/func/core/pkg_openssl/README.md deleted file mode 100644 index 1887e26..0000000 --- a/func/core/pkg_openssl/README.md +++ /dev/null @@ -1 +0,0 @@ -Test openssl diff --git a/func/core/pkg_perl/00-install-perl.sh b/func/core/pkg_perl/00-install-perl.sh deleted file mode 100755 index 0b87333..0000000 --- a/func/core/pkg_perl/00-install-perl.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "perl" "Install perl" -p_installPackageNormal perl diff --git a/func/core/pkg_perl/10-test-perl.sh b/func/core/pkg_perl/10-test-perl.sh deleted file mode 100755 index f7d62ef..0000000 --- a/func/core/pkg_perl/10-test-perl.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "perl" "Verify that perl is installed" -perl --version &> /dev/null -r_checkExitStatus $? diff --git a/func/core/pkg_perl/11-test-perl-script.sh b/func/core/pkg_perl/11-test-perl-script.sh deleted file mode 100755 index 4f87ae5..0000000 --- a/func/core/pkg_perl/11-test-perl-script.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -r_log "perl" "Test perl script" -echo 'print "Hello!"' > /var/tmp/perltest -perl /var/tmp/perltest | grep -q "Hello!" -r_checkExitStatus $? diff --git a/func/core/pkg_perl/README.md b/func/core/pkg_perl/README.md deleted file mode 100644 index 2967e73..0000000 --- a/func/core/pkg_perl/README.md +++ /dev/null @@ -1 +0,0 @@ -Basic perl tests diff --git a/func/core/pkg_podman/00-install-podman.sh b/func/core/pkg_podman/00-install-podman.sh deleted file mode 100755 index e80295b..0000000 --- a/func/core/pkg_podman/00-install-podman.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -# -r_log "podman" "Installing podman" -p_installPackageNormal podman diff --git a/func/core/pkg_podman/10-test-podman.sh b/func/core/pkg_podman/10-test-podman.sh deleted file mode 100755 index 3cfc20b..0000000 --- a/func/core/pkg_podman/10-test-podman.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash - -r_log "podman" "Testing podman" - -test_to_run=( - "podman version" - "podman info" - "podman run --rm quay.io/rockylinux/rockylinux:${RL_VER}" - "podman system service -t 1" - "touch ${HOME}/test.txt && \ - podman run --rm --privileged -v ${HOME}/test.txt:/test.txt quay.io/rockylinux/rockylinux:${RL_VER} bash -c 'echo HELLO > /test.txt' && \ - grep -qe 'HELLO' ${HOME}/test.txt && \ - rm -f ${HOME}/test.txt" - "printf \"FROM quay.io/rockylinux/rockylinux:${RL_VER}\nCMD echo 'HELLO'\n\" > ${HOME}/Containerfile && \ - podman build -t test:latest -f ${HOME}/Containerfile && \ - podman image rm localhost/test:latest && \ - rm -rf ${HOME}/Containerfile" -) - -tmpoutput="$(mktemp)" -trap 'rm -f ${tmpoutput}' EXIT - -for command in "${test_to_run[@]}"; do - r_log "podman" "Running $0: ${command}" - if ! eval "${command}" > "${tmpoutput}" 2>&1; then - r_log "podman" "${command} has failed." - cat "${tmpoutput}" - exit 1 - else - r_checkExitStatus 0 - fi -done diff --git a/func/core/pkg_podman/11-test-podman-socket.sh b/func/core/pkg_podman/11-test-podman-socket.sh deleted file mode 100755 index 57562ad..0000000 --- a/func/core/pkg_podman/11-test-podman-socket.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash - -r_log "podman" "Testing podman sockets" - -useradd podman-remote -loginctl enable-linger podman-remote -tmpoutput="$(mktemp)" - -trap 'loginctl terminate-user podman-remote && loginctl disable-linger podman-remote && sleep 1 && userdel -r podman-remote && rm -f ${tmpoutput}' EXIT - -sleep 3 - -su -l podman-remote > "${tmpoutput}" 2>&1 <> /var/log/maillog -fi - -if [[ "$mailresp" =~ $REGEX ]]; then - grep -q "${BASH_REMATCH[1]}: removed" /var/log/maillog - DELIVER=$? -fi - -if [ "$MTA_ACCEPTED" -eq 0 ] && [ "$DELIVER" -eq 0 ]; then - r_log "postfix" "Mail was delivered." - r_checkExitStatus 0 -else - r_log "postfix" "Mail was not delivered." - r_checkExitStatus 1 -fi diff --git a/func/core/pkg_postfix/30-postfix-sasl.sh b/func/core/pkg_postfix/30-postfix-sasl.sh deleted file mode 100755 index ff84486..0000000 --- a/func/core/pkg_postfix/30-postfix-sasl.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -r_log "postfix" "Test postfix sasl support" - -cp -a /etc/postfix/main.cf /etc/postfix/main.cf.backup -cp -a /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.backup - -cat ./common/files/postfix-test-sasl >> /etc/postfix/main.cf -cat ./common/files/dovecot-test-sasl >> /etc/dovecot/dovecot.conf - -m_serviceCycler dovecot restart -m_serviceCycler postfix restart - -r_log "postfix" "Testing that postfix accepts connections and plain auth" -echo "ehlo test" | nc -w 3 127.0.0.1 25 | grep -q 'AUTH PLAIN' -ret_val=$? - -mv /etc/dovecot/dovecot.conf.backup /etc/dovecot/dovecot.conf -mv /etc/postfix/main.cf.backup /etc/postfix/main.cf - -r_checkExitStatus $ret_val diff --git a/func/core/pkg_postfix/40-postfix-tls.sh b/func/core/pkg_postfix/40-postfix-tls.sh deleted file mode 100755 index a5fe9c1..0000000 --- a/func/core/pkg_postfix/40-postfix-tls.sh +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -r_log "postfix" "Test postfix with TLS" -DROPDIR=/var/tmp/postfix - -function cleanup() { - mv /etc/postfix/main.cf.backup /etc/postfix/main.cf - mv /etc/dovecot/dovecot.conf.backup /etc/dovecot/dovecot.conf - rm /etc/pki/tls/certs/mail.crt - rm /etc/pki/tls/private/mail.key - rm -rf $DROPDIR/mail.* - rm -rf /var/tmp/postfix -} - -trap cleanup EXIT - -cp -a /etc/postfix/main.cf /etc/postfix/main.cf.backup -cp -a /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.backup - -cat ./common/files/postfix-test-tls >> /etc/postfix/main.cf -cat ./common/files/dovecot-test-sasl >> /etc/dovecot/dovecot.conf - -mkdir $DROPDIR - -r_log "postfix" "Creating mail certificate and keys" - -openssl genrsa -passout pass:obsidian -des3 -out $DROPDIR/mail.key.secure 4096 > /dev/null 2>&1 -ret_val=$? -if [ $ret_val -ne 0 ]; then - r_log "postfix" "Could not create private key." - r_checkExitStatus 1 -fi - -openssl rsa -passin pass:rocky -in "$DROPDIR/mail.key.secure" -out "$DROPDIR/mail.key" > /dev/null 2>&1 -ret_val=$? -if [ $ret_val -ne 0 ]; then - r_log "postfix" "Could not create mail private key from secure key" - r_checkExitStatus 1 -fi - -if [ ! -f ./common/files/openssl-answers ]; then - r_log "postfix" "We do not have our openssl answers file" - r_checkExitStatus 1 -fi - -openssl req -batch -config ./common/files/openssl-answers -new -key "$DROPDIR/mail.key" -out "$DROPDIR/mail.csr" > /dev/null 2>&1 -ret_val=$? -if [ $ret_val -ne 0 ]; then - r_log "postfix" "Could not create mail csr" - r_checkExitStatus 1 -fi - -openssl x509 -req -days 365 -in "$DROPDIR/mail.csr" -signkey "$DROPDIR/mail.key" -out "$DROPDIR/mail.crt" > /dev/null 2>&1 -ret_val=$? -if [ $ret_val -ne 0 ]; then - r_log "postfix" "Could not create self-signed certificate" - r_checkExitStatus 1 -fi - -cp "$DROPDIR/mail.key" /etc/pki/tls/private/ -cp "$DROPDIR/mail.crt" /etc/pki/tls/certs/ - -chmod 400 /etc/pki/tls/private/mail.key -chown postfix:postfix /etc/pki/tls/private/mail.key /etc/pki/tls/certs/mail.crt - -m_serviceCycler postfix restart -m_serviceCycler dovecot restart - -r_log "postfix" "Testing that postfix offers STARTTLS" - -echo "ehlo test" | nc -w 3 127.0.0.1 25 | grep -q "STARTTLS" -ret_val=$? - -r_checkExitStatus $ret_val diff --git a/func/core/pkg_postfix/README.md b/func/core/pkg_postfix/README.md deleted file mode 100644 index a1bdc7c..0000000 --- a/func/core/pkg_postfix/README.md +++ /dev/null @@ -1 +0,0 @@ -Basic postfix tests diff --git a/func/core/pkg_postgresql/00-install-postgresql.sh b/func/core/pkg_postgresql/00-install-postgresql.sh deleted file mode 100755 index cc39dd3..0000000 --- a/func/core/pkg_postgresql/00-install-postgresql.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "postgresql" "Installing postgresql" -p_installPackageNormal postgresql-server postgresql diff --git a/func/core/pkg_postgresql/01-configure-postgresql.sh b/func/core/pkg_postgresql/01-configure-postgresql.sh deleted file mode 100755 index 0f1cb43..0000000 --- a/func/core/pkg_postgresql/01-configure-postgresql.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -r_log "postgresql" "Initialize postgresql" -postgresql-setup --initdb -m_serviceCycler postgresql cycle -sleep 15 diff --git a/func/core/pkg_postgresql/10-create-db.sh b/func/core/pkg_postgresql/10-create-db.sh deleted file mode 100755 index c796d2c..0000000 --- a/func/core/pkg_postgresql/10-create-db.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "postgresql" "Creating db" -su - postgres -c 'createdb pg_test' -r_checkExitStatus $? diff --git a/func/core/pkg_postgresql/11-create-user.sh b/func/core/pkg_postgresql/11-create-user.sh deleted file mode 100755 index 271eacf..0000000 --- a/func/core/pkg_postgresql/11-create-user.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "postgresql" "Creating user" -su - postgres -c 'createuser -S -R -D testuser' > /dev/null 2>&1 -r_checkExitStatus $? diff --git a/func/core/pkg_postgresql/20-drop-db.sh b/func/core/pkg_postgresql/20-drop-db.sh deleted file mode 100755 index a887545..0000000 --- a/func/core/pkg_postgresql/20-drop-db.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "postgresql" "Dropping database" -su - postgres -c 'dropdb pg_test' > /dev/null 2>&1 -r_checkExitStatus $? diff --git a/func/core/pkg_postgresql/21-drop-user.sh b/func/core/pkg_postgresql/21-drop-user.sh deleted file mode 100755 index 0679dc1..0000000 --- a/func/core/pkg_postgresql/21-drop-user.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "postgresql" "Dropping user" -su - postgres -c 'dropuser testuser' > /dev/null 2>&1 -r_checkExitStatus $? diff --git a/func/core/pkg_python/00-install-python.sh b/func/core/pkg_python/00-install-python.sh deleted file mode 100755 index 1dac8ac..0000000 --- a/func/core/pkg_python/00-install-python.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "python" "Install python3" -p_installPackageNormal python3 diff --git a/func/core/pkg_python/10-test-python3.sh b/func/core/pkg_python/10-test-python3.sh deleted file mode 100755 index da16764..0000000 --- a/func/core/pkg_python/10-test-python3.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -r_log "python" "Test python basic printing" - -cat > /var/tmp/test.py << EOF -print("Hello!") -EOF -/usr/bin/python3 /var/tmp/test.py | grep -q "Hello!" -r_checkExitStatus $? diff --git a/func/core/pkg_python/README.md b/func/core/pkg_python/README.md deleted file mode 100644 index 7a2a579..0000000 --- a/func/core/pkg_python/README.md +++ /dev/null @@ -1,3 +0,0 @@ -Basic python tests - -TODO: Add other tests that use modules? Perhaps some wsgi stuff diff --git a/func/core/pkg_release/00-install-file.sh b/func/core/pkg_release/00-install-file.sh deleted file mode 100755 index 1cc548b..0000000 --- a/func/core/pkg_release/00-install-file.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "rocky" "Install the file package" -p_installPackageNormal file diff --git a/func/core/pkg_release/10-name-sanity-check.sh b/func/core/pkg_release/10-name-sanity-check.sh deleted file mode 100755 index da590da..0000000 --- a/func/core/pkg_release/10-name-sanity-check.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -r_log "release" "Ensure the release is actually where it should be" - -case $RELEASE_NAME in - rocky) - r_log "rocky release" "Base Repo Check" - grep -q 'name=Rocky' /etc/yum.repos.d/*ocky*.repo - r_checkExitStatus $? - r_log "rocky release" "Check /etc/rocky-release" - grep -q "Rocky" /etc/rocky-release - r_checkExitStatus $? - ;; - centos) - r_log "centos release" "Base Repo Check" - grep -q 'name=CentOS' /etc/yum.repos.d/CentOS*-Base*.repo - r_checkExitStatus $? - r_log "centos release" "Check /etc/centos-release" - grep -q "CentOS" /etc/centos-release - r_checkExitStatus $? - ;; - redhat) - r_log "redhat release" "Base Repo Check" - grep -q 'name=Red Hat' /etc/yum.repos.d/redhat.repo - r_checkExitStatus $? - r_log "redhat release" "Check /etc/redhat-release" - grep -q "Red Hat" /etc/redhat-release - r_checkExitStatus $? - ;; - *) - r_log "release" "Not a valid test candidate" - r_checkExitStatus 1 - ;; -esac diff --git a/func/core/pkg_release/20-check-gpg-keys.sh b/func/core/pkg_release/20-check-gpg-keys.sh deleted file mode 100755 index 9a30354..0000000 --- a/func/core/pkg_release/20-check-gpg-keys.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -r_log "rocky" "Check the GPG keys" -if [ "$RL_VER" -eq 8 ]; then - file /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial > /dev/null 2>&1 && \ - file /etc/pki/rpm-gpg/RPM-GPG-KEY-rockytesting > /dev/null 2>&1 -else - file "/etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-${RL_VER}" > /dev/null 2>&1 && \ - file "/etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-${RL_VER}-Testing" > /dev/null 2>&1 -fi - -r_checkExitStatus $? diff --git a/func/core/pkg_release/30-os-release.sh b/func/core/pkg_release/30-os-release.sh deleted file mode 100755 index 65b9ca7..0000000 --- a/func/core/pkg_release/30-os-release.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -r_log "rocky" "Check /etc/os-release stuff" - -r_log "rocky" "Verify support directives" -for s in NAME=\"Rocky\ Linux\" \ - ID=\"rocky\" \ - ROCKY_SUPPORT_PRODUCT=\"Rocky-Linux-$RL_VER\" \ - ROCKY_SUPPORT_PRODUCT_VERSION=\"$RL_VER\..*\"; do - if ! grep -q "$s" /etc/os-release; then - r_log "rocky" "Missing string ($s) in /etc/os-release" - r_checkExitStatus 1 - fi -done diff --git a/func/core/pkg_release/40-system-release.sh b/func/core/pkg_release/40-system-release.sh deleted file mode 100755 index 145a7f4..0000000 --- a/func/core/pkg_release/40-system-release.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -r_log "rocky" "Check /etc/rocky-release symbolic links" - -grep -q "Rocky" /etc/rocky-release || r_checkExitStatus 1 -(file /etc/redhat-release | grep -qE "symbolic link to .?rocky-release.?") && \ -(file /etc/system-release | grep -qE "symbolic link to .?rocky-release.?") - -r_checkExitStatus $? diff --git a/func/core/pkg_release/50-release-ver.sh b/func/core/pkg_release/50-release-ver.sh deleted file mode 100755 index 0081f97..0000000 --- a/func/core/pkg_release/50-release-ver.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Check that the release package is 1.X -r_log "rocky release" "Checking that the package is at least X.Y-1.B" - -RELEASE_VER="$(rpm -q rocky-release --qf '%{RELEASE}')" -RELNUM="${RELEASE_VER:0:1}" -if [ "${RELNUM}" -ge "1" ]; then - if [[ "${RELEASE_VER:0:3}" =~ ^${RELNUM}.[[:digit:]] ]]; then - ret_val="0" - else - r_log "rocky release" "FAIL: The release package is not in X.Y-A.B format" - ret_val="1" - fi -else - r_log "rocky release" "FAIL: The release package likely starts with 0 and is not considered production ready." - ret_val="1" -fi - -r_checkExitStatus $ret_val diff --git a/func/core/pkg_release/README.md b/func/core/pkg_release/README.md deleted file mode 100644 index 28c1414..0000000 --- a/func/core/pkg_release/README.md +++ /dev/null @@ -1 +0,0 @@ -Test the rocky-release packages diff --git a/func/core/pkg_rootfiles/00-install-rootfiles.sh b/func/core/pkg_rootfiles/00-install-rootfiles.sh deleted file mode 100755 index 17884cf..0000000 --- a/func/core/pkg_rootfiles/00-install-rootfiles.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "rootfiles" "Install rootfiles (should be there)" -p_installPackageNormal rootfiles diff --git a/func/core/pkg_rootfiles/10-test-rootfiles.sh b/func/core/pkg_rootfiles/10-test-rootfiles.sh deleted file mode 100755 index b4a493a..0000000 --- a/func/core/pkg_rootfiles/10-test-rootfiles.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -r_log "rootfiles" "Test that rootfiles exist" -for y in .bashrc .bash_profile .bashrc .tcshrc .cshrc; do - r_log "rootfiles" "Checking for $y" - if [ ! -e "/root/${y}" ]; then - r_log "rootfiles" "$y doesn't exist" - r_checkExitStatus 1 - fi -done - -r_checkExitStatus 0 diff --git a/func/core/pkg_rsyslog/00-install-rsyslog.sh b/func/core/pkg_rsyslog/00-install-rsyslog.sh deleted file mode 100755 index 822f43b..0000000 --- a/func/core/pkg_rsyslog/00-install-rsyslog.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash -r_log "rsyslog" "Install rsyslog (default)" -p_installPackageNormal rsyslog - -r_log "rsyslog" "Ensure rsyslog is started" -m_serviceCycler rsyslog start diff --git a/func/core/pkg_rsyslog/10-test-syslog.sh b/func/core/pkg_rsyslog/10-test-syslog.sh deleted file mode 100755 index ba6a1fc..0000000 --- a/func/core/pkg_rsyslog/10-test-syslog.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -r_log "rsyslog" "Verify that rsyslog is working as intended" -logger "$0 says Green Obsidian" - -sleep 3 - -grep -q "Green Obsidian" /var/log/messages -r_checkExitStatus $? diff --git a/func/core/pkg_rsyslog/README.md b/func/core/pkg_rsyslog/README.md deleted file mode 100644 index 65b90ed..0000000 --- a/func/core/pkg_rsyslog/README.md +++ /dev/null @@ -1 +0,0 @@ -Syslog tests diff --git a/func/core/pkg_samba/00-install-samba.sh b/func/core/pkg_samba/00-install-samba.sh deleted file mode 100755 index 19b21ae..0000000 --- a/func/core/pkg_samba/00-install-samba.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "samba" "Install samba" -p_installPackageNormal samba samba-client cifs-utils -m_serviceCycler smb start diff --git a/func/core/pkg_samba/10-test-samba.sh b/func/core/pkg_samba/10-test-samba.sh deleted file mode 100755 index 1a9216b..0000000 --- a/func/core/pkg_samba/10-test-samba.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -r_log "sambsa" "Configure and test samba for a simple share" -/bin/cp /etc/samba/smb.conf /etc/samba/smb.conf.backup -/bin/cp ./common/files/smb.conf /etc/samba/smb.conf -mkdir -p /srv/smb -mkdir -p /mnt/smb -chcon -R -t samba_share_t /srv/smb - -m_serviceCycler smb restart -sleep 3 - -echo "Obsidian is the Release Name" > /srv/smb/test.txt - -mount -t cifs -o guest,ro //127.0.0.1/rocky /mnt/smb -sleep 1 - -grep -q "Obsidian" /mnt/smb/test.txt - -ret_val=$? -umount /mnt/smb -/bin/rm -rf /mnt/smb - -r_checkExitStatus $ret_val diff --git a/func/core/pkg_samba/README.md b/func/core/pkg_samba/README.md deleted file mode 100644 index 7236cb8..0000000 --- a/func/core/pkg_samba/README.md +++ /dev/null @@ -1 +0,0 @@ -Basic samba tests diff --git a/func/core/pkg_secureboot/10-test-grub-secureboot.sh b/func/core/pkg_secureboot/10-test-grub-secureboot.sh deleted file mode 100755 index 30e50c9..0000000 --- a/func/core/pkg_secureboot/10-test-grub-secureboot.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -r_log "secureboot" "Verify that grub2-efi is correctly signed" - -if [ ! -d /sys/firmware/efi ]; then - r_log "secureboot" "System was not booted in EFI mode. It is likely that grub2-efi is also not installed." - if [ -f /boot/efi/EFI/rocky/grubx64.efi ]; then - r_log "secureboot" "Correct, system is not EFI and thus does not have grub2-efi installed." - exit 0 - fi -else - p_installPackageNormal pesign - pesign --show-signature --in /boot/efi/EFI/rocky/grubx64.efi | grep -Eq 'Rocky Linux' - r_checkExitStatus $? -fi diff --git a/func/core/pkg_secureboot/11-test-shim-certs.sh b/func/core/pkg_secureboot/11-test-shim-certs.sh deleted file mode 100755 index febacce..0000000 --- a/func/core/pkg_secureboot/11-test-shim-certs.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -r_log "secureboot" "Verify that grub2-efi is correctly signed" - -if [ ! -d /sys/firmware/efi ]; then - r_log "secureboot" "System was not booted in EFI mode. It is likely that grub2-efi is also not installed." - if [ -f /boot/efi/EFI/rocky/grubx64.efi ]; then - r_log "secureboot" "Correct, system is not EFI and thus does not have grub2-efi installed." - exit 0 - fi -else - if [[ "$rl_arch" == "x86_64" ]]; then - p_installPackageNormal pesign - pesign --show-signature --in /boot/efi/EFI/rocky/shim.efi | grep -Eq "Microsoft Windows UEFI Driver Publisher" - r_checkExitStatus $? - else - r_log "secureboot" "x86_64 is the only supported secureboot arch at this time" - exit 0 - fi -fi diff --git a/func/core/pkg_secureboot/README.md b/func/core/pkg_secureboot/README.md deleted file mode 100644 index 273769c..0000000 --- a/func/core/pkg_secureboot/README.md +++ /dev/null @@ -1 +0,0 @@ -Not an actual package name - Any tests for testing secure boot related keys diff --git a/func/core/pkg_selinux/00-install-selinux-tools.sh b/func/core/pkg_selinux/00-install-selinux-tools.sh deleted file mode 100755 index 57b8c22..0000000 --- a/func/core/pkg_selinux/00-install-selinux-tools.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -r_log "selinux" "Install selinux toolset" - -# Shouldn't change in 9 -p_installPackageNormal python3-libselinux diff --git a/func/core/pkg_selinux/10-check-alerts.sh b/func/core/pkg_selinux/10-check-alerts.sh deleted file mode 100755 index d37c7ac..0000000 --- a/func/core/pkg_selinux/10-check-alerts.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "selinux" "Check for SELinux AVC alerts" -grep -v "AVC" /var/log/audit/audit.log > /dev/null 2>&1 -r_checkExitStatus $? diff --git a/func/core/pkg_selinux/20-check-policy-mismatch.sh b/func/core/pkg_selinux/20-check-policy-mismatch.sh deleted file mode 100755 index dd2b5b2..0000000 --- a/func/core/pkg_selinux/20-check-policy-mismatch.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash -r_log "selinux" "Check policy mismatch" - -cat << EOF | /usr/bin/python3 - -import sys -import selinux.audit2why as audit2why - -try: - audit2why.init() -except: - sys.exit(1) - -sys.exit(0) -EOF - -r_checkExitStatus $? diff --git a/func/core/pkg_setup/00-test-shells.sh b/func/core/pkg_setup/00-test-shells.sh deleted file mode 100755 index b4e33a0..0000000 --- a/func/core/pkg_setup/00-test-shells.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash -r_log "setup" "Test /etc/shells" - -grep -q 'bash' /etc/shells - -r_checkExitStatus $? diff --git a/func/core/pkg_setup/10-test-group-file.sh b/func/core/pkg_setup/10-test-group-file.sh deleted file mode 100755 index 67ebe20..0000000 --- a/func/core/pkg_setup/10-test-group-file.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -r_log "setup" "Testing /etc/group file" -NOBODY=65534 - -grep -q "root:x:0" /etc/group && \ -grep -q "bin:x:1" /etc/group && \ -grep -q "daemon:x:2" /etc/group && \ -grep -q "sys:x:3" /etc/group && \ -grep -q "nobody:x:${NOBODY}" /etc/group - -r_checkExitStatus $? diff --git a/func/core/pkg_setup/20-test-passwd-file.sh b/func/core/pkg_setup/20-test-passwd-file.sh deleted file mode 100755 index a628a23..0000000 --- a/func/core/pkg_setup/20-test-passwd-file.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -r_log "setup" "Testing /etc/passwd file" -NOBODY=65534 - -grep -q "root:x:0" /etc/passwd && \ -grep -q "bin:x:1" /etc/passwd && \ -grep -q "nobody:x:${NOBODY}" /etc/passwd - -r_checkExitStatus $? diff --git a/func/core/pkg_setup/README.md b/func/core/pkg_setup/README.md deleted file mode 100644 index db25ea8..0000000 --- a/func/core/pkg_setup/README.md +++ /dev/null @@ -1 +0,0 @@ -Test setup diff --git a/func/core/pkg_shadow-utils/00-install.sh b/func/core/pkg_shadow-utils/00-install.sh deleted file mode 100755 index b6d36d9..0000000 --- a/func/core/pkg_shadow-utils/00-install.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "shadow" "I mean really, it should be installed." -p_installPackageNormal shadow-utils diff --git a/func/core/pkg_shadow-utils/10-files-verify.sh b/func/core/pkg_shadow-utils/10-files-verify.sh deleted file mode 100755 index 916adaf..0000000 --- a/func/core/pkg_shadow-utils/10-files-verify.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -r_log "shadow" "Verify the shadow-utils files exist" - -r_log "shadow" "Verify /etc/default" -[ -d "/etc/default" ] || { r_log "shadow" "Missing /etc/default"; r_checkExitStatus 1; } -r_log "shadow" "Verify /etc/default/useradd" -[ -e "/etc/default/useradd" ] || { r_log "shadow" "Missing /etc/default/useradd"; r_checkExitStatus 1; } -r_log "shadow" "Verify /etc/login.defs" -[ -e "/etc/login.defs" ] || { r_log "shadow" "Missing /etc/login.defs"; r_checkExitStatus 1; } -r_checkExitStatus 0 diff --git a/func/core/pkg_shadow-utils/20-user-tests.sh b/func/core/pkg_shadow-utils/20-user-tests.sh deleted file mode 100755 index cde2682..0000000 --- a/func/core/pkg_shadow-utils/20-user-tests.sh +++ /dev/null @@ -1,84 +0,0 @@ -#!/bin/bash -r_log "shadow" "Various User Tests" - -# useradd -r_log "shadow" "Ensure that useradd works" -r_log "shadow" "Add the user obsidian" -useradd obsidian -r_checkExitStatus $? - -r_log "shadow" "Verify obsidian exists with ID" -id obsidian > /dev/null 2>&1 -r_checkExitStatus $? - -r_log "shadow" "Verify /etc/passwd" -grep -q "^obsidian" /etc/passwd -r_checkExitStatus $? - -# usermod -r_log "shadow" "Verify usermod can add a comment" -usermod -c "Green Obsidian" obsidian -r_checkExitStatus $? -r_log "shadow" "Verify comment exists in /etc/passwd" -grep "^obsidian" /etc/passwd | grep -q "Green Obsidian" -r_checkExitStatus $? -r_log "shadow" "Verify comment exists with getent" -getent passwd obsidian | grep -q "Green Obsidian" -r_checkExitStatus $? - -# lastlog -r_log "shadow" "Verify lastlog" -# shellcheck disable=SC2063 -lastlog -u obsidian | grep -q "**Never logged in**" -r_checkExitStatus $? - -# chpasswd -r_log "shadow" "Verify chpasswd utility" -chpasswd -e << EOF -obsidian:somenonsense -EOF -r_checkExitStatus $? -r_log "shadow" "Verify /etc/shadow" -grep -q "somenonsense" /etc/shadow -r_checkExitStatus $? - -# newusers -r_log "shadow" "Verify newusers utility" -newusers << EOF -blueonyx:x:333344:333344:Blue Onyx:/home/blueonyx:/bin/bash -EOF -r_checkExitStatus $? -r_log "shadow" "Verify blueonyx exists with ID" -id blueonyx > /dev/null 2>&1 -r_checkExitStatus $? -r_log "shadow" "Verify /etc/passwd" -grep -q "^blueonyx" /etc/passwd -r_checkExitStatus $? - -# chage -r_log "shadow" "Verify chage utility" -echo "obsidian" | passwd --stdin obsidian -chage -d 2012-11-20 obsidian -r_checkExitStatus $? - -r_log "shadow" "Verify last password change is correct" -chage -l obsidian | grep Last | grep -q "Nov 20, 2012" -r_checkExitStatus $? - -# userdel -r_log "shadow" "Delete the users we created: obsidian" -userdel -rf obsidian -r_checkExitStatus $? -r_log "shadow" "Delete the users we created: blueonyx" -userdel -rf blueonyx -r_checkExitStatus $? - -r_log "shadow" "Verify they do not exist" -grep -qE "^obsidian|^blueonyx" /etc/passwd -ret_val=$? -if [ "$ret_val" -ne 0 ]; then - r_checkExitStatus 0 -else - r_log "shadow" "The users still exist." - r_checkExitStatus 1 -fi diff --git a/func/core/pkg_shadow-utils/30-group-tests.sh b/func/core/pkg_shadow-utils/30-group-tests.sh deleted file mode 100755 index b2e502d..0000000 --- a/func/core/pkg_shadow-utils/30-group-tests.sh +++ /dev/null @@ -1,115 +0,0 @@ -#!/bin/bash -r_log "shadow" "Various Group Tests" - -r_log "shadow" "Verify /etc/group exists" -[ -e /etc/group ] || { r_log "shadow" "/etc/group doesn't exist"; exit 1; } - -# groupadd -r_log "shadow" "Create our first group" -groupadd -g 55553 onyxgroup -r_checkExitStatus $? - -# gpasswd -r_log "shadow" "Create a user and add to the group with gpasswd" -useradd onyxuser -gpasswd -a onyxuser onyxgroup -r_checkExitStatus $? - -# groupmems -r_log "shadow" "Simple groupmems test against onyxgroup" -groupmems -g onyxgroup -l | grep -q "onyxuser" -r_checkExitStatus $? - -# newgrp -r_log "shadow" "Attempt to use newgrp for onyxuser" -groups onyxuser | grep -q "onyxuser onyxgroup" || { r_log "shadow" "Groups information is incorrect."; r_checkExitStatus 1; } -# I'll fix this eventually -# shellcheck disable=SC2046,SC2005 -echo $( su - onyxuser << EOF -newgrp onyxgroup -groups -exit -EOF -) | grep -q "onyxgroup onyxuser" -r_checkExitStatus $? - -# groupmod -r_log "shadow" "Verify that the onyxgroup exists with GID 55553" -getent group onyxgroup | grep -q "onyxgroup:x:55553:onyxuser" -r_checkExitStatus $? -r_log "shadow" "Change the GID for onyxgroup to 55554" -groupmod -g 55554 onyxgroup -r_checkExitStatus $? - -# grpck -r_log "shadow" "Verify grpck functions" -grpck -r_checkExitStatus $? - -r_log "shadow" "Check that test files are malformed" -grpck -r ./common/files/malform-group ./common/files/malform-gshadow -ret_val=$? -if [ "$ret_val" -eq 2 ]; then - r_checkExitStatus 0 -else - r_log "shadow" "Malformed files were not detected." - r_checkExitStatus 1 -fi - -# groupdel -r_log "shadow" "Verify groupdel functionality" -getent group onyxgroup > /dev/null 2>&1 || { r_log "shadow" "The onyxgroup doesn't exist."; exit 1; } -groupdel onyxgroup -r_checkExitStatus $? - -r_log "shadow" "Make sure that when a group doesn't exist, groupdel returns 6" -groupdel onyxgroup > /dev/null 2>&1 -ret_val=$? -if [ "$ret_val" -eq 6 ]; then - r_checkExitStatus 0 -else - r_log "shadow" "Either the group still existed or another problem occured." - r_checkExitStatus 1 -fi - -r_log "shadow" "Make sure that when a group is a primary user group, groupdel returns 8" -groupdel onyxuser -ret_val=$? -if [ "$ret_val" -eq 8 ]; then - r_checkExitStatus 0 -else - r_log "shadow" "The group was removed..." - r_checkExitStatus 1 -fi - -# grpconv -r_log "shadow" "Test that grpconv properly creates /etc/gshadow" -/bin/cp /etc/gshadow /var/tmp/gshadow.backup -grpconv -r_checkExitStatus $? -r_log "shadow" "Verify the format is consistent" -grpck -r_checkExitStatus $? - -# grpunconv -r_log "shadow" "Convert group and gshadow to be merged" -mkdir -p /var/tmp/grpunconv -/bin/cp /etc/group /etc/gshadow /var/tmp/grpunconv -r_log "shadow" "Verify consistency first" -grpck -r_checkExitStatus $? -/bin/cp /var/tmp/grpunconv/* /etc -rm -r /var/tmp/grpunconv -r_log "shadow" "Actually do it." -grpunconv -r_checkExitStatus $? -grpconv - -# sg -r_log "shadow" "Test sg" -sg onyxuser "touch /var/tmp/onyxsg" -r_checkExitStatus $? -r_log "shadow" "Verify sg worked" -stat --format="%G" /var/tmp/onyxsg | grep -q onyxuser -r_checkExitStatus $? -rm /var/tmp/onyxsg diff --git a/func/core/pkg_shadow-utils/40-pw.sh b/func/core/pkg_shadow-utils/40-pw.sh deleted file mode 100755 index 5596e87..0000000 --- a/func/core/pkg_shadow-utils/40-pw.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -function cleanup() { - pwconv - rm -rf /var/tmp/pwunconv /var/tmp/pwconv -} - -trap cleanup EXIT - -r_log "shadow" "Check that pwck can use correct files" -pwck -rq ./common/files/correct-passwd ./common/files/correct-shadow -r_checkExitStatus $? - -r_log "shadow" "Check that pwck cannot use incorrect files" -pwck -rq ./common/files/incorrect-passwd ./common/files/incorrect-shadow -ret_val=$? -if [ "$ret_val" -eq 0 ]; then - r_log "shadow" "They're correct." - r_checkExitStatus 1 -else - r_log "shadow" "They're incorrect." - r_checkExitStatus 0 -fi - -r_log "shadow" "Check that pwconv is functional" -mkdir -p /var/tmp/pwconv -/bin/cp /etc/shadow /etc/passwd /var/tmp/pwconv || { r_log "shadow" "Could not backup files"; exit 1; } -/bin/cp /var/tmp/pwconv/* /etc -pwconv -r_checkExitStatus $? - -r_log "shadow" "Check that pwunconv is functional" -mkdir -p /var/tmp/pwunconv -/bin/cp /etc/passwd /etc/shadow /var/tmp/pwunconv || { r_log "shadow" "Could not backup files"; exit 1; } -/bin/cp /var/tmp/pwunconv/* /etc -pwunconv -r_checkExitStatus $? - -# cleanup -pwconv -rm -rf /var/tmp/pwunconv /var/tmp/pwconv diff --git a/func/core/pkg_shadow-utils/90-clean.sh b/func/core/pkg_shadow-utils/90-clean.sh deleted file mode 100755 index 4297516..0000000 --- a/func/core/pkg_shadow-utils/90-clean.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -userdel -rf onyxuser > /dev/null 2>&1 -userdel -rf obsidian > /dev/null 2>&1 -groupdel onyxgroup > /dev/null 2>&1 diff --git a/func/core/pkg_shadow-utils/README.md b/func/core/pkg_shadow-utils/README.md deleted file mode 100644 index d38a78d..0000000 --- a/func/core/pkg_shadow-utils/README.md +++ /dev/null @@ -1 +0,0 @@ -Test anything related to passwd/group/shadow/etc diff --git a/func/core/pkg_snmp/00-install-snmp.sh b/func/core/pkg_snmp/00-install-snmp.sh deleted file mode 100755 index c15cf64..0000000 --- a/func/core/pkg_snmp/00-install-snmp.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "snmp" "Install net-snmp" -p_installPackageNormal net-snmp net-snmp-utils -m_serviceCycler snmpd start diff --git a/func/core/pkg_snmp/10-test-snmp-1.sh b/func/core/pkg_snmp/10-test-snmp-1.sh deleted file mode 100755 index fd36235..0000000 --- a/func/core/pkg_snmp/10-test-snmp-1.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -r_log "snmp" "Run snmpv1 test" - -snmpwalk -v 1 -c public 127.0.0.1 > /dev/null 2>&1 -r_checkExitStatus $? diff --git a/func/core/pkg_snmp/11-test-snmp-2.sh b/func/core/pkg_snmp/11-test-snmp-2.sh deleted file mode 100755 index 3a5800a..0000000 --- a/func/core/pkg_snmp/11-test-snmp-2.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -r_log "snmp" "Run snmpv2 test" - -snmpwalk -v 2c -c public 127.0.0.1 > /dev/null 2>&1 -r_checkExitStatus $? diff --git a/func/core/pkg_snmp/12-test-snmp-3.sh b/func/core/pkg_snmp/12-test-snmp-3.sh deleted file mode 100755 index b7b2143..0000000 --- a/func/core/pkg_snmp/12-test-snmp-3.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -r_log "snmp" "Test snmpv3" - -cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.backup - -r_log "snmp" "Create rockyro user" -cat >> /etc/snmp/snmpd.conf < /dev/null 2>&1 -r_checkExitStatus $? - -cp /etc/snmp/snmpd.conf.backup /etc/snmp/snmpd.conf -m_serviceCycler snmpd restart diff --git a/func/core/pkg_snmp/README.md b/func/core/pkg_snmp/README.md deleted file mode 100644 index b436d3a..0000000 --- a/func/core/pkg_snmp/README.md +++ /dev/null @@ -1 +0,0 @@ -Test basic snmp stuff diff --git a/func/core/pkg_sqlite/00-install-sqlite.sh b/func/core/pkg_sqlite/00-install-sqlite.sh deleted file mode 100755 index 9c553c1..0000000 --- a/func/core/pkg_sqlite/00-install-sqlite.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "sqlite" "Install sqlite" -p_installPackageNormal sqlite diff --git a/func/core/pkg_sqlite/10-sqlite-tables.sh b/func/core/pkg_sqlite/10-sqlite-tables.sh deleted file mode 100755 index 186431e..0000000 --- a/func/core/pkg_sqlite/10-sqlite-tables.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash -r_log "sqlite" "Test basic table functionality" - -r_log "sqlite" "Create a database" -sqlite3 /var/tmp/coretest.db 'drop table if exists tf_coretable' -sqlite3 /var/tmp/coretest.db 'create table tf_coretable(text, id INTEGER);' -r_checkExitStatus $? - -r_log "sqlite" "Create a table in that database" -sqlite3 /var/tmp/coretest.db "insert into tf_coretable values ('Green_Obsidian', 1);" -r_checkExitStatus $? - -r_log "sqlite" "Check that we can select that table" -sqlite3 /var/tmp/coretest.db "select * from tf_coretable;" | grep -q "Green_Obsidian" -r_checkExitStatus $? diff --git a/func/core/pkg_sqlite/20-sqlite-dump.sh b/func/core/pkg_sqlite/20-sqlite-dump.sh deleted file mode 100755 index 747d63c..0000000 --- a/func/core/pkg_sqlite/20-sqlite-dump.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "sqlite" "Test that we can dump the database" -sqlite3 /var/tmp/coretest.db ".dump" | grep -q "Green_Obsidian" -r_checkExitStatus $? diff --git a/func/core/pkg_sqlite/README.md b/func/core/pkg_sqlite/README.md deleted file mode 100644 index 2ec9e41..0000000 --- a/func/core/pkg_sqlite/README.md +++ /dev/null @@ -1 +0,0 @@ -sqlite tests diff --git a/func/core/pkg_strace/00-install-strace.sh b/func/core/pkg_strace/00-install-strace.sh deleted file mode 100755 index b359af3..0000000 --- a/func/core/pkg_strace/00-install-strace.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "strace" "Install strace" -p_installPackageNormal strace diff --git a/func/core/pkg_strace/10-test-strace.sh b/func/core/pkg_strace/10-test-strace.sh deleted file mode 100755 index aff1779..0000000 --- a/func/core/pkg_strace/10-test-strace.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -r_log "strace" "Run basic strace tests" -/usr/bin/strace ls &> /dev/null -ret_val=$? - -if [ "$ret_val" -ne 0 ]; then - r_log "strace" "strace exited with a non-zero exit code" - r_checkExitStatus 1 -else - r_checkExitStatus 0 -fi diff --git a/func/core/pkg_strace/README.md b/func/core/pkg_strace/README.md deleted file mode 100644 index 9738b52..0000000 --- a/func/core/pkg_strace/README.md +++ /dev/null @@ -1 +0,0 @@ -Test strace diff --git a/func/core/pkg_sysstat/00-install-sysstat.sh b/func/core/pkg_sysstat/00-install-sysstat.sh deleted file mode 100755 index 036ee4a..0000000 --- a/func/core/pkg_sysstat/00-install-sysstat.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "sysstat" "Install sysstat" -p_installPackageNormal sysstat diff --git a/func/core/pkg_sysstat/10-iostat.sh b/func/core/pkg_sysstat/10-iostat.sh deleted file mode 100755 index 1c1cf12..0000000 --- a/func/core/pkg_sysstat/10-iostat.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -r_log "sysstat" "Test basic iostat disk measurements" - -TMPFILE=/var/tmp/iostat.disk -BLOCKS=4096 -COUNT=10100 -SUM="$(( BLOCKS * COUNT / 1024 ))" -DISK="$(fdisk -l | grep -Po -m1 '^/dev/[\D]+')" - -[ -e $TMPFILE ] && /bin/rm -f $TMPFILE - -# Clear out page cache -echo 1 > /proc/sys/vm/drop_caches - -r_log "sysstat" "Running iostat on $DISK" -/usr/bin/iostat -dkx 1 5 "$DISK" > $TMPFILE & - -# wait -sleep 4 - -# Generate traffic -/bin/dd if="$DISK" of=/dev/null bs=$BLOCKS count=$COUNT &> /dev/null - -# wait -sleep 6 - -READBYTES=$(awk '$6 ~ /[0-9]/ {NR>1 && sum+=$6} END {print int(sum)}' $TMPFILE) - -[ "$READBYTES" -ge "$SUM" ] || { r_log "sysstat" "It doesn't look like we got a lot of traffic. Why?"; } - -r_checkExitStatus $? diff --git a/func/core/pkg_sysstat/11-cpu.sh b/func/core/pkg_sysstat/11-cpu.sh deleted file mode 100755 index 6c07e5e..0000000 --- a/func/core/pkg_sysstat/11-cpu.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -r_log "sysstat" "Testing CPU load is being measured via mpstat" - -TMPFILE=/var/tmp/mpstat -BLOCKS=4096 -COUNT=20000 - -[ -e "$TMPFILE" ] && /bin/rm -f $TMPFILE - -/usr/bin/mpstat -P 0 1 5 > $TMPFILE & - -# wait -sleep 5 - -# generate cpu stuff -/bin/dd if=/dev/urandom bs=$BLOCKS count=$COUNT 2> /dev/null | sha256sum -b - &> /dev/null - -# wait -sleep 5 - -# Check that our bytes are greater than zero. Except the first line. -CPU_SYS_PERCENT=$(awk '$6 ~ /[0-9]\./ {$6>a ? a=$6 : $6} END {print int(a)}' $TMPFILE) - -[ "$CPU_SYS_PERCENT" -gt 5 ] || { r_log "sysstat" "Why didn't we log CPU activity..."; } - -r_checkExitStatus $? diff --git a/func/core/pkg_sysstat/12-cpu-io.sh b/func/core/pkg_sysstat/12-cpu-io.sh deleted file mode 100755 index b06850c..0000000 --- a/func/core/pkg_sysstat/12-cpu-io.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -r_log "sysstat" "Test CPU measurements via iostat" - -TMPFILE=/var/tmp/iostat.cpi -DISK=$(fdisk -l|grep -Po -m1 '^/dev/[\D]+') -BLOCKS=4096 -COUNT=20000 - - -# drop caches -echo 1 > /proc/sys/vm/drop_caches - -[ -e "$TMPFILE" ] && /bin/rm -f $TMPFILE - -/usr/bin/iostat -c 1 5 > $TMPFILE & - -# wait -sleep 5 - -/bin/dd if="$DISK" bs=$BLOCKS count=$COUNT 2> /dev/null | sha256sum -b - &> /dev/null - -# wait -sleep 5 - -CPU_USER_PERCENT=$(awk '$1 ~ /[0-9]/ {$1>a ? a=$1 : $1} END {print int(a)}' $TMPFILE) - -[ "$CPU_USER_PERCENT" -gt 3 ] || { r_log "sysstat" "Why aren't we generating activity..."; } - -r_checkExitStatus $? diff --git a/func/core/pkg_sysstat/README.md b/func/core/pkg_sysstat/README.md deleted file mode 100644 index 355b98f..0000000 --- a/func/core/pkg_sysstat/README.md +++ /dev/null @@ -1 +0,0 @@ -Test some sysstat stufff diff --git a/func/core/pkg_systemd/00-systemd-list-services.sh b/func/core/pkg_systemd/00-systemd-list-services.sh deleted file mode 100755 index f95e47c..0000000 --- a/func/core/pkg_systemd/00-systemd-list-services.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -r_log "systemd" "Checking that systemctl can verify if a service is enabled" - -# sshd is part of a minimal install -systemctl is-enabled sshd.service > /dev/null - -r_checkExitStatus $? diff --git a/func/core/pkg_systemd/10-systemd-list-non-native-sevices.sh b/func/core/pkg_systemd/10-systemd-list-non-native-sevices.sh deleted file mode 100755 index a0494c2..0000000 --- a/func/core/pkg_systemd/10-systemd-list-non-native-sevices.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -r_log "systemd" "Checking if systemctl can see enabled status for non-native services" -systemctl is-enabled kdump.service 2> /dev/null | grep -qE 'disabled|enabled' - -r_checkExitStatus $? diff --git a/func/core/pkg_systemd/11-systemd-service-status.sh b/func/core/pkg_systemd/11-systemd-service-status.sh deleted file mode 100755 index 9dab1a6..0000000 --- a/func/core/pkg_systemd/11-systemd-service-status.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash -r_log "systemd" "Checking if systemctl can check service status" - -systemctl is-active sshd.service > /dev/null - -r_checkExitStatus $? diff --git a/func/core/pkg_systemd/20-systemd-journald.sh b/func/core/pkg_systemd/20-systemd-journald.sh deleted file mode 100755 index 245c777..0000000 --- a/func/core/pkg_systemd/20-systemd-journald.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -r_log "systemd" "Testing journalctl with a teststring" - -currentTime=$(date +'%T') -testString=01092deadbeef9915710501deadbeef6 -echo "${testString}" > /dev/kmsg -journalctl --since "${currentTime}" | grep -q "${testString}" - -r_checkExitStatus $? diff --git a/func/core/pkg_systemd/README.md b/func/core/pkg_systemd/README.md deleted file mode 100644 index f7585f9..0000000 --- a/func/core/pkg_systemd/README.md +++ /dev/null @@ -1 +0,0 @@ -Test systemd and journald diff --git a/func/core/pkg_tcpdump/README.md b/func/core/pkg_tcpdump/README.md deleted file mode 100644 index 34e1a56..0000000 --- a/func/core/pkg_tcpdump/README.md +++ /dev/null @@ -1 +0,0 @@ -Test basic tcpdump stuff diff --git a/func/core/pkg_telnet/00-install-telnet.sh b/func/core/pkg_telnet/00-install-telnet.sh deleted file mode 100755 index 861ec85..0000000 --- a/func/core/pkg_telnet/00-install-telnet.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "telnet" "Install the telnet package" -p_installPackageNormal telnet diff --git a/func/core/pkg_telnet/10-test-telnet.sh b/func/core/pkg_telnet/10-test-telnet.sh deleted file mode 100755 index e645b88..0000000 --- a/func/core/pkg_telnet/10-test-telnet.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -r_log "telnet" "Basic telnet test" - -telnet_sshd_test=$(telnet 127.0.0.1 22 << EOF -EOF -) -echo "$telnet_sshd_test" | grep -q "Escape character is '^]'" -r_checkExitStatus $? diff --git a/func/core/pkg_tftp-server/00-install-tftp.sh b/func/core/pkg_tftp-server/00-install-tftp.sh deleted file mode 100755 index 34c47be..0000000 --- a/func/core/pkg_tftp-server/00-install-tftp.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "tftp" "Installing packages" -p_installPackageNormal tftp-server tftp diff --git a/func/core/pkg_tftp-server/01-configure-tftp.sh b/func/core/pkg_tftp-server/01-configure-tftp.sh deleted file mode 100755 index 117d8ad..0000000 --- a/func/core/pkg_tftp-server/01-configure-tftp.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -r_log "tftp" "Configure tftp" - -if [ "$RL_VER" -eq 8 ]; then - cat < /etc/xinetd.d/tftp -service tftp -{ - socket_type = dgram - protocol = udp - wait = yes - user = root - server = /usr/sbin/in.tftpd - server_args = -s /var/lib/tftpboot - disable = no - per_source = 11 - cps = 100 2 - flags = IPv4 -} -EOF - -fi - -m_serviceCycler tftp.socket start diff --git a/func/core/pkg_tftp-server/10-get-test.sh b/func/core/pkg_tftp-server/10-get-test.sh deleted file mode 100755 index 2d39af3..0000000 --- a/func/core/pkg_tftp-server/10-get-test.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -r_log "tftp" "Getting a file from tftp" - -chmod 777 /var/lib/tftpboot -echo "rocky func" > /var/lib/tftpboot/tftptest -tftp 127.0.0.1 -c get tftptest - -grep -q "rocky func" tftptest -r_checkExitStatus $? -/bin/rm tftptest diff --git a/func/core/pkg_tftp-server/11-put-test.sh b/func/core/pkg_tftp-server/11-put-test.sh deleted file mode 100755 index afda5f1..0000000 --- a/func/core/pkg_tftp-server/11-put-test.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -r_log "tftp" "Testing anon write" -TFTPDIR=/var/lib/tftpboot -setsebool tftp_anon_write 1 -chmod 777 $TFTPDIR -echo "rocky func" > puttest -touch $TFTPDIR > $TFTPDIR/puttest -chmod 666 $TFTPDIR/puttest -tftp 127.0.0.1 -c put puttest -sleep 2 -grep -q 'rocky func' $TFTPDIR/puttest -r_checkExitStatus $? -/bin/rm puttest -/bin/rm $TFTPDIR/puttest diff --git a/func/core/pkg_vsftpd/00-install-vsftpd.sh b/func/core/pkg_vsftpd/00-install-vsftpd.sh deleted file mode 100755 index 4663647..0000000 --- a/func/core/pkg_vsftpd/00-install-vsftpd.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "vsftpd" "Installing vsftpd" -p_installPackageNormal vsftpd diff --git a/func/core/pkg_vsftpd/10-anonymous-vsftpd.sh b/func/core/pkg_vsftpd/10-anonymous-vsftpd.sh deleted file mode 100755 index c4cad3d..0000000 --- a/func/core/pkg_vsftpd/10-anonymous-vsftpd.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash -r_log "vsftpd" "Configure vsftpd for anonymous login" - -# el9 likely won't change - -if [ "$RL_VER" -ge 8 ]; then - cp -fp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.backup - sed -i 's/anonymous_enable=NO/anonymous_enable=YES/g' /etc/vsftpd/vsftpd.conf -fi - -m_serviceCycler vsftpd restart - -r_log "vsftpd" "Verify anonymous logins work" -echo -e 'user anonymous\npass password\nquit' | nc localhost 21 | grep -q "230 Login successful." - -r_checkExitStatus $? diff --git a/func/core/pkg_vsftpd/20-local-login.sh b/func/core/pkg_vsftpd/20-local-login.sh deleted file mode 100755 index 8fc14f4..0000000 --- a/func/core/pkg_vsftpd/20-local-login.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -r_log "vsftpd" "Test local logins" - -getent passwd ftprocky | grep -q "ftprocky" -ret_val=$? - -if [ $ret_val -ne 0 ]; then - useradd ftprocky -fi - -echo ftptest | passwd --stdin ftprocky -setsebool ftp_home_dir 1 - -echo -e 'user ftprocky\npass ftptest\nquit' | nc localhost 21 | grep -q '230 Login successful.' - -r_checkExitStatus $? - -userdel -rf ftprocky diff --git a/func/core/pkg_vsftpd/30-cleanup.sh b/func/core/pkg_vsftpd/30-cleanup.sh deleted file mode 100755 index d80f43f..0000000 --- a/func/core/pkg_vsftpd/30-cleanup.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -r_log "vsftpd" "Cleanup configs" -cp -fp /etc/vsftpd/vsftpd.conf.backup /etc/vsftpd/vsftpd.conf -m_serviceCycler vsftpd stop diff --git a/func/core/pkg_vsftpd/README.md b/func/core/pkg_vsftpd/README.md deleted file mode 100644 index 1822f30..0000000 --- a/func/core/pkg_vsftpd/README.md +++ /dev/null @@ -1 +0,0 @@ -vsftpd tests diff --git a/func/core/pkg_wget/00-install-wget.sh b/func/core/pkg_wget/00-install-wget.sh deleted file mode 100755 index edaf71e..0000000 --- a/func/core/pkg_wget/00-install-wget.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "wget" "Install wget" -p_installPackageNormal wget diff --git a/func/core/pkg_wget/10-test-wget.sh b/func/core/pkg_wget/10-test-wget.sh deleted file mode 100755 index a09e1da..0000000 --- a/func/core/pkg_wget/10-test-wget.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -r_log "wget" "Test wget works as intended" - -URL=http://dl.rockylinux.org -FILE=/var/tmp/dlrocky.html -CHECK="pub/" - -r_log "wget" "Querying: ${URL}" -wget -q -O ${FILE} ${URL} -grep -q "${CHECK}" "${FILE}" - -r_checkExitStatus $? -/bin/rm ${FILE} diff --git a/func/core/pkg_wget/README.md b/func/core/pkg_wget/README.md deleted file mode 100644 index c222c12..0000000 --- a/func/core/pkg_wget/README.md +++ /dev/null @@ -1 +0,0 @@ -Test wget diff --git a/func/core/pkg_which/00-install-which.sh b/func/core/pkg_which/00-install-which.sh deleted file mode 100755 index 46bce63..0000000 --- a/func/core/pkg_which/00-install-which.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "which" "Install which" -p_installPackageNormal which diff --git a/func/core/pkg_which/10-test-which.sh b/func/core/pkg_which/10-test-which.sh deleted file mode 100755 index 916bb3f..0000000 --- a/func/core/pkg_which/10-test-which.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -r_log "which" "Testing that which can find bash" -/usr/bin/which bash | grep -Eq '^(/usr)?/bin/bash$' -r_checkExitStatus $? - -r_log "which" "Testing that which fails on a command that doesn't exist" -/usr/bin/which obsidiaN 2> /dev/null -[ $? -eq 1 ] || { r_log "which" "Which should have failed." ; exit "$FAIL"; } -r_checkExitStatus $? diff --git a/func/core/pkg_which/README.md b/func/core/pkg_which/README.md deleted file mode 100644 index 1213dd5..0000000 --- a/func/core/pkg_which/README.md +++ /dev/null @@ -1 +0,0 @@ -Testing which diff --git a/func/debrand.list b/func/debrand.list deleted file mode 100644 index a851fae..0000000 --- a/func/debrand.list +++ /dev/null @@ -1 +0,0 @@ -# Packages that have been debranded will be in the rocky/metadata git repository diff --git a/func/ipa.sh b/func/ipa.sh deleted file mode 100644 index 19086c1..0000000 --- a/func/ipa.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/bash -# Release Engineering Core Functionality Testing -# Louis Abel @nazunalika - -################################################################################ -# Settings and variables - -# Exits on any non-zero exit status - Disabled for now. -#set -e -# Undefined variables will cause an exit -set -u - -COMMON_EXPORTS='./common/exports.sh' -COMMON_IMPORTS='./common/imports.sh' -SELINUX=$(getenforce) - -# End -################################################################################ - -# shellcheck source=/dev/null disable=SC2015 -[ -f $COMMON_EXPORTS ] && source $COMMON_EXPORTS || { echo -e "\n[-] $(date): Variables cannot be sourced."; exit 1; } -# shellcheck source=/dev/null disable=SC2015 -[ -f $COMMON_IMPORTS ] && source $COMMON_IMPORTS || { echo -e "\n[-] $(date): Functions cannot be sourced."; exit 1; } -# Init log -# shellcheck disable=SC2015 -[ -e "$LOGFILE" ] && m_recycleLog || touch "$LOGFILE" -# SELinux check -if [ "$SELINUX" != "Enforcing" ]; then - echo -e "\n[-] $(date): SELinux is not enforcing." - exit 1 -fi - -r_log "internal" "Starting Release Engineering Core Tests" - -################################################################################ -# Script Work - -# Skip tests in a list - some tests are already -x, so it won't be an issue -if [ -e skip.list ]; then - r_log "internal" "Disabling tests" - # shellcheck disable=SC2162 - grep -E "^${RL_VER}" skip.list | while read line; do - # shellcheck disable=SC2086 - testFile="$(echo $line | cut -d '|' -f 2)" - r_log "internal" "SKIP ${testFile}" - chmod -x "${testFile}" - done - r_log "internal" "WARNING: Tests above were disabled." -fi - -# TODO: should we let $1 judge what directory is ran? -# TODO: get some stacks and lib in there - -#r_processor <(/usr/bin/find ./core -type f | sort -t'/') -#r_processor <(/usr/bin/find ./lib -type f | sort -t'/') -r_processor <(/usr/bin/find ./stacks/ipa -type f | sort -t'/') - -r_log "internal" "Core Tests completed" -exit 0 diff --git a/func/lib/pdf/00-install-pdf-utils.sh b/func/lib/pdf/00-install-pdf-utils.sh deleted file mode 100644 index 09272dc..0000000 --- a/func/lib/pdf/00-install-pdf-utils.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -r_log "pdf" "Install enscript, ghostscript, and poppler" -p_installPackageNormal fontconfig @fonts enscript ghostscript poppler-utils diff --git a/func/lib/pdf/10-test-pdf.sh b/func/lib/pdf/10-test-pdf.sh deleted file mode 100644 index 2f11709..0000000 --- a/func/lib/pdf/10-test-pdf.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -r_log "pdf" "Create a PDF from postscript from text, convert it back to text and check" -trap 'rm -rf $PSFILE $PDFFILE $TESTFILE' EXIT - -TOFIND="BlueOnyx" -PSFILE="/var/tmp/test.ps" -PDFFILE="/var/tmp/test.pdf" -TESTFILE="/var/tmp/psresult" - -encript -q -p $PSFILE /etc/rocky-release - -r_log "pdf" "Check created file" - -grep -q $TOFIND $PSFILE -pdf_ret_val=$? -r_checkExitStatus $pdf_ret_val - -ps2pdf $PSFILE $PDFFILE -pdftotext -q $PDFFILE $TESTFILE -r_log "pdf" "Checking after conversion to text" -grep -q $TOFIND $TESTFILE -text_ret_val=$? -r_checkExitStatus $text_ret_val diff --git a/func/log/README.md b/func/log/README.md deleted file mode 100644 index b9a25cd..0000000 --- a/func/log/README.md +++ /dev/null @@ -1 +0,0 @@ -All logs will show up here. diff --git a/func/mods.list b/func/mods.list deleted file mode 100644 index 3132816..0000000 --- a/func/mods.list +++ /dev/null @@ -1,14 +0,0 @@ -# Place modified packages here (that have a .rocky and/or required heavy -# modification). This list does not affect the functionality of the tests. -# -# The format is this: -# -> Rocky Version ($RL_VER, so major version) -# -> Package Name -# -> Current version that was modified (full NVR required) -# X|name|N-V-R -8|dotnet3.1|ALL -8|dotnet5.0|ALL -ALL|fwupd|ALL -ALL|fwupdate|ALL -ALL|pesign|ALL -ALL|shim|ALL diff --git a/func/monotests.sh b/func/monotests.sh deleted file mode 100644 index ce03842..0000000 --- a/func/monotests.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -# This is used to help identify what actually failed (assuming we can't figure -# it out ourselves or don't want to run something manually) - -for x in success fail; do - [ -e "$x" ] && rm "$x" -done diff --git a/func/runtests.sh b/func/runtests.sh deleted file mode 100644 index d2f82df..0000000 --- a/func/runtests.sh +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/bash -# Release Engineering Core Functionality Testing -# Louis Abel @nazunalika - -################################################################################ -# Settings and variables - -# Exits on any non-zero exit status - Disabled for now. -#set -e -# Undefined variables will cause an exit -set -u - -COMMON_EXPORTS='./common/exports.sh' -COMMON_IMPORTS='./common/imports.sh' -SELINUX=$(getenforce) - -# End -################################################################################ - -# shellcheck source=/dev/null disable=SC2015 -[ -f $COMMON_EXPORTS ] && source $COMMON_EXPORTS || { echo -e "\n[-] $(date): Variables cannot be sourced."; exit 1; } -# shellcheck source=/dev/null disable=SC2015 -[ -f $COMMON_IMPORTS ] && source $COMMON_IMPORTS || { echo -e "\n[-] $(date): Functions cannot be sourced."; exit 1; } -# Init log -# shellcheck disable=SC2015 -[ -e "$LOGFILE" ] && m_recycleLog || touch "$LOGFILE" -# SELinux check -if [ "$SELINUX" != "Enforcing" ]; then - echo -e "\n[-] $(date): SELinux is not enforcing." - exit 1 -fi - -r_checkEPELEnabled -is_epel=$? -if [[ "$is_epel" == "0" ]]; then - echo "EPEL enabled. Stop." - r_log "internal" "EPEL enabled. Stop." - exit 1 -fi - -r_checkTmpNoExec - -r_log "internal" "Starting Release Engineering Core Tests" - -################################################################################ -# Script Work - -# Skip tests in a list - some tests are already -x, so it won't be an issue -if [ -e skip.list ]; then - r_log "internal" "Disabling tests" - # shellcheck disable=SC2162 - grep -E "^${RL_VER}" skip.list | while read line; do - # shellcheck disable=SC2086 - testFile="$(echo $line | cut -d '|' -f 2)" - r_log "internal" "SKIP ${testFile}" - chmod -x "${testFile}" - done - r_log "internal" "WARNING: Tests above were disabled." -fi - -# TODO: should we let $1 judge what directory is ran? -# TODO: get some stacks and lib in there - -r_processor <(/usr/bin/find ./core -type f | sort -t'/') -r_processor <(/usr/bin/find ./lib -type f | sort -t'/') -#r_processor <(/usr/bin/find ./stacks -type f | sort -t'/') - -r_log "internal" "Core Tests completed" -exit 0 diff --git a/func/skip.list b/func/skip.list deleted file mode 100644 index 2ebe6ab..0000000 --- a/func/skip.list +++ /dev/null @@ -1,21 +0,0 @@ -# Place skipped tests here. Typically we ask that a test that will be skipped -# to be set -x, but there may be a need to just have a list instead to track -# it. -# -# The format is this: -# -> Rocky Version ($RL_VER, so major version) -# -> Path to the test, relative to this file (eg, ./core/pkg_foo/10-bar.sh) -# -> Name (eg github username, RAS account name) -# -> Reason (must be a URL to a bugs.rl.o or related github issue) -# -> Must be a URL to bugs.rl.o, a github issue number, or a code, such as: -# * NEEDINFO -# * NOTREADY -# * NOPKG -8|./core/pkg_archive/26-zmore.sh|nazunalika|NEEDINFO -8|./core/pkg_nfs/12-prepare-autofs.sh|nazunalika|NEEDINFO -8|./core/pkg_diffutils/00-install-diff.sh|nazunalika|NOTREADY -8|./core/pkg_snmp/12-test-snmp-3.sh|nazunalika|NOTWORKING -8|./core/pkg_samba/00-install-samba.sh|nazunalika|NOTWORKING -8|./core/pkg_samba/10-test-samba.sh|nazunalika|NOTWORKING -9|./core/pkg_archive/27-znew.sh|nazunalika|NOPKG -9|./core/pkg_network/30-test-arpwatch.sh|nazunalika|NOPKG diff --git a/func/stacks.sh b/func/stacks.sh deleted file mode 100644 index cca6550..0000000 --- a/func/stacks.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/bash -# Release Engineering Core Functionality Testing -# Louis Abel @nazunalika - -################################################################################ -# Settings and variables - -# Exits on any non-zero exit status - Disabled for now. -#set -e -# Undefined variables will cause an exit -set -u - -COMMON_EXPORTS='./common/exports.sh' -COMMON_IMPORTS='./common/imports.sh' -SELINUX=$(getenforce) - -# End -################################################################################ - -# shellcheck source=/dev/null disable=SC2015 -[ -f $COMMON_EXPORTS ] && source $COMMON_EXPORTS || { echo -e "\n[-] $(date): Variables cannot be sourced."; exit 1; } -# shellcheck source=/dev/null disable=SC2015 -[ -f $COMMON_IMPORTS ] && source $COMMON_IMPORTS || { echo -e "\n[-] $(date): Functions cannot be sourced."; exit 1; } -# Init log -# shellcheck disable=SC2015 -[ -e "$LOGFILE" ] && m_recycleLog || touch "$LOGFILE" -# SELinux check -if [ "$SELINUX" != "Enforcing" ]; then - echo -e "\n[-] $(date): SELinux is not enforcing." - exit 1 -fi - -r_log "internal" "Starting Release Engineering Core Tests" - -################################################################################ -# Script Work - -# Skip tests in a list - some tests are already -x, so it won't be an issue -if [ -e skip.list ]; then - r_log "internal" "Disabling tests" - # shellcheck disable=SC2162 - grep -E "^${RL_VER}" skip.list | while read line; do - # shellcheck disable=SC2086 - testFile="$(echo $line | cut -d '|' -f 2)" - r_log "internal" "SKIP ${testFile}" - chmod -x "${testFile}" - done - r_log "internal" "WARNING: Tests above were disabled." -fi - -# TODO: should we let $1 judge what directory is ran? -# TODO: get some stacks and lib in there - -#r_processor <(/usr/bin/find ./core -type f | sort -t'/') -#r_processor <(/usr/bin/find ./lib -type f | sort -t'/') -r_processor <(/usr/bin/find ./stacks -type f | sort -t'/') - -r_log "internal" "Core Tests completed" -exit 0 diff --git a/func/stacks/ipa/00-ipa-pregame.sh b/func/stacks/ipa/00-ipa-pregame.sh deleted file mode 100755 index 9a84754..0000000 --- a/func/stacks/ipa/00-ipa-pregame.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -if m_getArch aarch64 | grep -qE 'aarch64'; then - r_log "ipa" "Skipping for aarch64" - exit 0 -fi - -r_log "ipa" "Removing the httpd package if present" -if rpm -q httpd &> /dev/null; then - p_removePackage httpd - rm -rf /etc/httpd -fi - -r_log "ipa" "Removing the bind package if present" -if rpm -q httpd &> /dev/null; then - p_removePackage bind - rm -rf /etc/named /var/named -fi - -mkdir /root/ipa-backup -r_log "ipa" "Backup dnf history" -dnf history list | awk 'NR == 4 {print $1}' > /root/ipa-backup/dnf-history.ipa - -r_log "ipa" "Backup necessary files in /etc" -r_log "ipa" "/etc/resolv.conf" -cp /etc/resolv.conf /root/ipa-backup -r_log "ipa" "/etc/nsswitch.conf" -cp /etc/nsswitch.conf /root/ipa-backup -r_log "ipa" "/etc/hosts" -cp /etc/hosts /root/ipa-backup -r_log "ipa" "/etc/hostname" -cp /etc/hostname /root/ipa-backup -# For Justin Case -hostname > /root/ipa-backup/hostname-command - -# Not really necessary, an NTP server shouldn't be default anymore -r_log "ipa" "/etc/chrony.conf" -cp /etc/chrony.conf /root/ipa-backup - -r_log "ipa" "/etc/ssh/ssh_config" -cp /etc/ssh/ssh_config /root/ipa-backup - -r_log "ipa" "Removing hostname from /etc/hosts" -sed -i "s|127.0.0.1 $(hostname)||" /etc/hosts - -r_log "ipa" "Removing tomcat if installed" -p_removePackage ipa-server tomcat -rm -rf /var/lib/pki/pki-tomcat/ \ - /etc/sysconfig/pki-tomcat \ - /var/log/pki/pki-tomcat \ - /etc/pki/pki-tomcat \ - /etc/sysconfig/pki/tomcat/pki-tomcat diff --git a/func/stacks/ipa/10-install-ipa.sh b/func/stacks/ipa/10-install-ipa.sh deleted file mode 100755 index 901055e..0000000 --- a/func/stacks/ipa/10-install-ipa.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -if m_getArch aarch64 | grep -qE 'aarch64'; then - r_log "ipa $0" "Skipping for aarch64" - exit 0 -fi - -# The IPA maintainers for EL went a little bonkers with how they want to -# support it. There's two separate modules. It's not clear if in 9 it's -# going to be the same thing or not so this check is there just in case. -if [ "$RL_VER" -eq 8 ]; then - p_enableModule idm:DL1/{client,common,dns,server} -fi - -p_installPackageNormal ipa-server ipa-server-dns expect diff --git a/func/stacks/ipa/11-configure-ipa.sh b/func/stacks/ipa/11-configure-ipa.sh deleted file mode 100755 index a4d3aa5..0000000 --- a/func/stacks/ipa/11-configure-ipa.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -if m_getArch aarch64 | grep -qE 'aarch64'; then - r_log "ipa" "Skipping for aarch64" - exit 0 -fi - -r_log "ipa" "Setting up the networking portions of the system" -net_int=$(ip addr | grep -B1 "link/ether" | head -n 1 | awk '{print $2}' | tr -d ':') -net_ip=$(ip -4 -o addr show dev "${net_int}" | awk '/inet/ {print $4}' | cut -d'/' -f1) -forwarder=$(awk '$0 ~ /nameserver/ {print $2}' /etc/resolv.conf | head -n 1) - -r_log "ipa" "Set hostname" -hostnamectl set-hostname onyxtest.rlipa.local -echo "$net_ip $(hostname)" >> /etc/hosts -hostname | grep "onyxtest.rlipa.local" &> /dev/null -r_checkExitStatus $? - -r_log "ipa" "Installing the IPA domain (warning this takes a while)" -ipa-server-install -U \ - --hostname="$(hostname)" \ - --ip-address="${net_ip}" \ - -r RLIPA.LOCAL \ - -n rlipa.local \ - -p b1U3OnyX! \ - -a b1U3OnyX! \ - --ssh-trust-dns \ - --setup-dns \ - --mkhomedir \ - --forwarder="${forwarder}" - -ret_val=$? - -if [ "$ret_val" -eq 0 ]; then - r_log "ipa" "IPA Domain installed" - r_checkExitStatus 0 -else - r_log "ipa" "IPA Domain failed to install" - r_checkExitStatus 1 - export IPAINSTALLED=1 -fi diff --git a/func/stacks/ipa/12-verify-ipa.sh b/func/stacks/ipa/12-verify-ipa.sh deleted file mode 100755 index b8fa76e..0000000 --- a/func/stacks/ipa/12-verify-ipa.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -if m_getArch aarch64 | grep -qE 'aarch64'; then - r_log "ipa $0" "Skipping for aarch64" - exit 0 -fi - -if [ "$IPAINSTALLED" -eq 1 ]; then - r_log "ipa" "IPA was not successfully installed. Aborting." - r_checkExitStatus 1 -fi diff --git a/func/stacks/ipa/20-ipa-user.sh b/func/stacks/ipa/20-ipa-user.sh deleted file mode 100755 index c0f5313..0000000 --- a/func/stacks/ipa/20-ipa-user.sh +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/bash -if m_getArch aarch64 | grep -qE 'aarch64'; then - r_log "ipa $0" "Skipping for aarch64" - exit 0 -fi - -if [ "$IPAINSTALLED" -eq 1 ]; then - r_log "ipa" "IPA was not successfully installed. Aborting." - r_checkExitStatus 1 -fi - -kdestroy &> /dev/null -klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)" &> /dev/null -r_checkExitStatus $? - -echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL - -klist | grep "admin@RLIPA.LOCAL" &> /dev/null -r_checkExitStatus $? - -r_log "ipa" "Test adding a user" -ipa user-add --first=test --last=user --random ipatestuser > /tmp/ipatestuser -grep -q 'Added user "ipatestuser"' /tmp/ipatestuser - -ret_val=$? -if [ "$ret_val" -ne 0 ]; then - r_log "ipa" "User was not created, this is considered fatal" - r_checkExitStatus 1 - exit 1 -fi - -sed -i 's|^ ||g' /tmp/ipatestuser -grep -q 'First name: test' /tmp/ipatestuser -r_checkExitStatus $? -grep -q 'Last name: user' /tmp/ipatestuser -r_checkExitStatus $? -grep -q 'Full name: test user' /tmp/ipatestuser -r_checkExitStatus $? -grep -q 'Home directory: /home/ipatestuser' /tmp/ipatestuser -r_checkExitStatus $? - -r_log "ipa" "Changing password of the user" -kdestroy &> /dev/null -userPassword="$(awk '/Random password/ { print $3 }' /tmp/ipatestuser)" -/bin/rm /tmp/ipatestuser - -expect -f - < /dev/null -r_checkExitStatus $? - -kdestroy &> /dev/null - -r_log "ipa" "Testing for user in getent" -getent passwd ipatestuser &> /dev/null -r_checkExitStatus $? diff --git a/func/stacks/ipa/21-ipa-service.sh b/func/stacks/ipa/21-ipa-service.sh deleted file mode 100755 index c509ab6..0000000 --- a/func/stacks/ipa/21-ipa-service.sh +++ /dev/null @@ -1,61 +0,0 @@ -#!/bin/bash -if m_getArch aarch64 | grep -qE 'aarch64'; then - r_log "ipa" "Skipping for aarch64" - exit 0 -fi - -if [ "$IPAINSTALLED" -eq 1 ]; then - r_log "ipa" "IPA was not successfully installed. Aborting." - r_checkExitStatus 1 -fi - -kdestroy &> /dev/null -klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)" &> /dev/null -r_checkExitStatus $? - -echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL - -klist | grep "admin@RLIPA.LOCAL" &> /dev/null -r_checkExitStatus $? - -r_log "ipa" "Adding test service" -ipa service-add testservice/onyxtest.rlipa.local &> /dev/null -r_checkExitStatus $? - -r_log "ipa" "Getting keytab for service" -ipa-getkeytab -s onyxtest.rlipa.local -p testservice/onyxtest.rlipa.local -k /tmp/testservice.keytab &> /dev/null -r_checkExitStatus $? - -r_log "ipa" "Getting a certificate for service" -ipa-getcert request -K testservice/onyxtest.rlipa.local -D onyxtest.rlipa.local -f /etc/pki/tls/certs/testservice.crt -k /etc/pki/tls/private/testservice.key &> /dev/null -r_checkExitStatus $? - -while true; do - entry="$(ipa-getcert list -r | sed -n '/Request ID/,/auto-renew: yes/p')" - if [[ $entry =~ "status:" ]] && [[ $entry =~ "CA_REJECTED" ]]; then - r_checkExitStatus 1 - break - fi - if [[ $entry =~ "" ]]; then - r_checkExitStatus 0 - break - fi - sleep 1 -done - -while ! stat /etc/pki/tls/certs/testservice.crt &> /dev/null; do - sync - sleep 1 -done - -r_log "ipa" "Verifying keytab" -klist -k /tmp/testservice.keytab | grep "testservice/onyxtest.rlipa.local" &> /dev/null -r_checkExitStatus $? - -r_log "ipa" "Verifying key matches the certificate" -diff <(openssl x509 -in /etc/pki/tls/certs/testservice.crt -noout -modulus 2>&1 ) <(openssl rsa -in /etc/pki/tls/private/testservice.key -noout -modulus 2>&1 ) -r_checkExitStatus $? - -r_log "ipa" "Verifying the certificate against our CA" -openssl verify -CAfile /etc/ipa/ca.crt /etc/pki/tls/certs/testservice.crt | grep "/etc/pki/tls/certs/testservice.crt: OK" &> /dev/null -r_checkExitStatus $? diff --git a/func/stacks/ipa/22-ipa-dns.sh b/func/stacks/ipa/22-ipa-dns.sh deleted file mode 100755 index e0b507f..0000000 --- a/func/stacks/ipa/22-ipa-dns.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -if m_getArch aarch64 | grep -qE 'aarch64'; then - r_log "ipa -bash" "Skipping for aarch64" - exit 0 -fi - -if [ "$IPAINSTALLED" -eq 1 ]; then - r_log "ipa" "IPA was not successfully installed. Aborting." - r_checkExitStatus 1 -fi - -kdestroy &> /dev/null -klist 2>&1 | grep -qE "(No credentials|Credentials cache .* not found)" &> /dev/null -r_checkExitStatus $? - -echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL - -klist | grep "admin@RLIPA.LOCAL" &> /dev/null -r_checkExitStatus $? - -r_log "ipa" "Adding testzone subdomain" -ipa dnszone-add --name-server=onyxtest.rlipa.local. --admin-email=hostmaster.testzone.rlipa.local. testzone.rlipa.local &> /dev/null -r_checkExitStatus $? -sleep 5 - -r_log "ipa" "Get SOA from testzone subdomain" -dig @localhost SOA testzone.rlipa.local | grep -q "status: NOERROR" &> /dev/null -r_checkExitStatus $? - -r_log "ipa" "Adding a CNAME record to the primary domain" -ipa dnsrecord-add rlipa.local testrecord --cname-hostname=onyxtest &> /dev/null -r_checkExitStatus $? -sleep 5 - -r_log "ipa" "Retrieving CNAME record" -dig @localhost CNAME testrecord.rlipa.local | grep -q "status: NOERROR" &> /dev/null -r_checkExitStatus $? - -r_log "ipa" "Adding a CNAME to subdomain" -ipa dnsrecord-add testzone.rlipa.local testrecord --cname-hostname=onyxtest.rlipa.local. &> /dev/null -r_checkExitStatus $? -sleep 5 - -r_log "ipa" "Testing can retrieve record from subdomain" -dig @localhost CNAME testrecord.testzone.rlipa.local | grep -q "status: NOERROR" &> /dev/null -r_checkExitStatus $? diff --git a/func/stacks/ipa/23-ipa-sudo.sh b/func/stacks/ipa/23-ipa-sudo.sh deleted file mode 100755 index a52c4ef..0000000 --- a/func/stacks/ipa/23-ipa-sudo.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/bash -if m_getArch aarch64 | grep -qE 'aarch64'; then - r_log "ipa -bash" "Skipping for aarch64" - exit 0 -fi - -if [ "$IPAINSTALLED" -eq 1 ]; then - r_log "ipa" "IPA was not successfully installed. Aborting." - r_checkExitStatus 1 -fi - -kdestroy -A -klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)" -r_checkExitStatus $? - -echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL - -klist | grep -q "admin@RLIPA.LOCAL" -r_checkExitStatus $? - -r_log "ipa" "Creating a test sudo rule" -ipa sudorule-add testrule --desc="Test rule in IPA" --hostcat=all --cmdcat=all --runasusercat=all --runasgroupcat=all &> /dev/null -r_checkExitStatus $? - -r_log "ipa" "Adding user to test sudo rule" -ipa sudorule-add-user testrule --users="ipatestuser" &> /dev/null -r_checkExitStatus $? - -r_log "ipa" "Verifying rule..." -ipa sudorule-show testrule > /tmp/testrule -grep -q 'Rule name: testrule' /tmp/testrule -r_checkExitStatus $? -grep -q 'Description: Test rule in IPA' /tmp/testrule -r_checkExitStatus $? -grep -q 'Enabled: TRUE' /tmp/testrule -r_checkExitStatus $? -grep -q 'Host category: all' /tmp/testrule -r_checkExitStatus $? -grep -q 'Command category: all' /tmp/testrule -r_checkExitStatus $? -grep -q 'RunAs User category: all' /tmp/testrule -r_checkExitStatus $? -grep -q 'RunAs Group category: all' /tmp/testrule -r_checkExitStatus $? -grep -q 'Users: ipatestuser' /tmp/testrule -r_checkExitStatus $? - -m_serviceCycler sssd stop -rm -rf /var/lib/sss/db/* -m_serviceCycler sssd start - -sleep 5 - -r_log "ipa" "Verifying sudo abilities" -sudo -l -U ipatestuser > /tmp/sudooutput -grep -q 'ipatestuser may run the following commands' /tmp/sudooutput -r_checkExitStatus $? -grep -q 'ALL) ALL' /tmp/sudooutput -r_checkExitStatus $? diff --git a/func/stacks/ipa/50-cleanup-ipa.sh b/func/stacks/ipa/50-cleanup-ipa.sh deleted file mode 100755 index 9f17e3f..0000000 --- a/func/stacks/ipa/50-cleanup-ipa.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -if m_getArch aarch64 | grep -qE 'aarch64'; then - r_log "ipa" "Skipping for aarch64" - exit 0 -fi - -if [ "$IPAINSTALLED" -eq 1 ]; then - r_log "ipa" "IPA was not successfully installed. Aborting." - r_checkExitStatus 1 -fi - diff --git a/func/stacks/ipa/README.md b/func/stacks/ipa/README.md deleted file mode 100644 index 0bd1a92..0000000 --- a/func/stacks/ipa/README.md +++ /dev/null @@ -1,2 +0,0 @@ -While not considered a "stack", it's a combination of many things at once. So -it is being tested as a stack. diff --git a/func/stacks/lamp/00-install-lamp.sh b/func/stacks/lamp/00-install-lamp.sh deleted file mode 100644 index cef30a9..0000000 --- a/func/stacks/lamp/00-install-lamp.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -r_log "lamp" "Install LAMP packages" - -# this shouldn't change for 9 -if [ "$RL_VER" -ge 8 ]; then - p_installPackageNormal mariadb mariadb-server httpd php php-mysqlnd wget -fi - -m_serviceCycler httpd stop - -# for some reason or another, httpd doesn't stop right away -# in some instances. - -if pgrep httpd; then - killall -9 httpd -fi - -sleep 1 - -m_serviceCycler httpd start diff --git a/func/stacks/lamp/01-verification.sh b/func/stacks/lamp/01-verification.sh deleted file mode 100644 index 3bfc978..0000000 --- a/func/stacks/lamp/01-verification.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -r_log_"lamp" "Verify LAMP can potentially work" - -PHP_CHECK=/tmp/php.check - -# This may not change for EL9 -if [ "$RL_VER" -ge 8 ]; then - SQL=mariadb -else - SQL=mysqld -fi - -# for Justin Case -rm -f "${PHP_CHECK}" - -r_log "lamp" "Starting up httpd and MySQL/mariadb" - -m_serviceCycler httpd restart -m_serviceCycler $SQL restart - -r_log "lamp" "We did this before, but double check PHP works" -echo "" > $PHP_CHECK - -/bin/php $PHP_CHECK &> /dev/null -r_checkExitStatus $? diff --git a/func/stacks/lamp/10-test-lamp.sh b/func/stacks/lamp/10-test-lamp.sh deleted file mode 100644 index 04a3d1b..0000000 --- a/func/stacks/lamp/10-test-lamp.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -r_log "lamp" "Testing basic LAMP (not for moths)" -if [ "$RL_VER" -ge 8 ]; then - SQL=mariadb -else - SQL=mysqld -fi - -r_log "lamp" "Import SQL" -mysql < ./common/files/lamp-sql - -cp ./common/files/lamp-sql-php /var/www/html/mysql.php -curl -s http://localhost/mysql.php - -r_log "lamp" "Perform the LAMP test (no moths allowed)" -db_content=$(echo "select * from obsidiancore.tests where name='sqltest'" | mysql -B --skip-column-names) - -if [ "$db_content" == "sqltest" ]; then - r_checkExitStatus 0 -else - r_log "lamp" "The database doesn't seem to exist or contain correct data" - r_checkExitStatus 1 -fi - -r_log "lamp" "Clean up" -mysql -u root -e 'drop database obsidiancore;' -m_serviceCycler httpd stop -m_serviceCycler $SQL stop diff --git a/iso/empanadas/pyproject.toml b/iso/empanadas/pyproject.toml index 4381d0e..8c996c9 100644 --- a/iso/empanadas/pyproject.toml +++ b/iso/empanadas/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "empanadas" -version = "0.6.2" +version = "0.7.0" description = "hand crafted ISOs with love and spice" authors = ["Louis Abel ", "Neil Hanlon "] diff --git a/sync/stage-live-images.sh b/sync/stage-live-images.sh deleted file mode 100644 index 217f987..0000000 --- a/sync/stage-live-images.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -# Source common variables -# shellcheck disable=SC2046,1091,1090 -source "$(dirname "$0")/common" - -if [[ $# -eq 0 ]]; then - echo "You must specify a short name." - exit 1 -fi - -# For now, only architecture that we support live is x86_64 -TARGET="${STAGING_ROOT}/${CATEGORY_STUB}/${REV}/Live/x86_64" -mkdir -p "${TARGET}" - -cat > "${TARGET}/README" < fullfilelist - #if [[ -f /usr/local/bin/create-filelist ]]; then - # # We're already here, but Justin Case wanted this - # cd "${PRODUCTION_ROOT}/" || { echo "Failed to change directory"; exit 1; } - # /bin/cp fullfiletimelist-rocky fullfiletimelist-rocky-old - # /usr/local/bin/create-filelist > fullfiletimelist-rocky - # cp fullfiletimelist-rocky fullfiletimelist - #fi - ## Full file list update for rocky linux itself - cd "${PRODUCTION_ROOT}/${CATEGORY_STUB}/" || { echo "Failed to change directory"; exit 1; } - ## Hardlink everything except xml files - echo "Hard linking" - hardlink -x '.*\.xml.*' "${REVISION}" - #echo "Getting a full file list for the rocky dir" - #find . > fullfilelist - #if [[ -f /usr/local/bin/create-filelist ]]; then - # # We're already here, but Justin Case wanted this - # cd "${PRODUCTION_ROOT}/${CATEGORY_STUB}/" || { echo "Failed to change directory"; exit 1; } - # /bin/cp fullfiletimelist-rocky fullfiletimelist-rocky-old - # /usr/local/bin/create-filelist > fullfiletimelist-rocky - # cp fullfiletimelist-rocky fullfiletimelist - #fi - #chown 10004:10005 fullfilelist fullfiletimelist-rocky fullfiletimelist - echo "Syncing to prod completed. Please run the file list script." -fi - diff --git a/sync/sync-to-staging-9.sh b/sync/sync-to-staging-9.sh deleted file mode 100644 index 4a745eb..0000000 --- a/sync/sync-to-staging-9.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash - -# Source common variables -# shellcheck disable=SC2046,1091,1090 -source "$(dirname "$0")/common" - -if [[ $# -eq 0 ]]; then - echo "You must specify a short name." - exit 1 -fi - -# Major Version (eg, 8) -MAJ=${RLVER} -# Short name (eg, NFV, extras, Rocky, gluster9) -SHORT=${1} -PROFILE=${2} - -cd "/mnt/compose/${MAJ}/latest-${SHORT}-${MAJ}${PROFILE}/compose" || { echo "Failed to change directory"; ret_val=1; exit 1; } -ret_val=$? - -if [ $ret_val -eq "0" ]; then - TARGET="${STAGING_ROOT}/${CATEGORY_STUB}/${REV}" - mkdir -p "${TARGET}" - # disabling because none of our files should be starting with dashes. If they - # are something is *seriously* wrong here. - # shellcheck disable=SC2035 - #sudo -l && find **/* -maxdepth 0 -type d | parallel --will-cite -j 18 sudo rsync -av --chown=10004:10005 --progress --relative --human-readable \ - # {} "${TARGET}" - sudo -l && time fpsync -n 24 -o '-a --numeric-ids --no-compress --chown=10004:10005' -t /mnt/compose/partitions "/mnt/compose/${MAJ}/latest-${SHORT}-${MAJ}${PROFILE}/compose/" "${TARGET}/" - - # This is temporary until we implement rsync into empanadas - #if [ -f "COMPOSE_ID" ]; then - # cp COMPOSE_ID "${TARGET}" - # chown 10004:10005 "${TARGET}/COMPOSE_ID" - #fi - - #if [ -d "metadata" ]; then - # rsync -av --chown=10004:10005 --progress --relative --human-readable metadata "${TARGET}" - #fi -fi diff --git a/sync/sync-to-staging-fpsync-testing.sh b/sync/sync-to-staging-fpsync-testing.sh deleted file mode 100644 index c449ebf..0000000 --- a/sync/sync-to-staging-fpsync-testing.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash - -# Source common variables -# shellcheck disable=SC2046,1091,1090 -source "$(dirname "$0")/common" - -if [[ $# -eq 0 ]]; then - echo "You must specify a short name." - exit 1 -fi - -# Major Version (eg, 8) -MAJ=${RLVER} -# Short name (eg, NFV, extras, Rocky, gluster9) -SHORT=${1} -PROFILE=${2} - -cd "/mnt/compose/${MAJ}/latest-${SHORT}-${MAJ}${PROFILE}/compose" || { echo "Failed to change directory"; ret_val=1; exit 1; } -ret_val=$? - -if [ $ret_val -eq "0" ]; then - TARGET="${STAGING_ROOT}/${CATEGORY_STUB}/${REV}" - mkdir -p "${TARGET}" - # disabling because none of our files should be starting with dashes. If they - # are something is *seriously* wrong here. - # shellcheck disable=SC2035 - #sudo -l && find **/* -maxdepth 0 -type d | parallel --will-cite -j 18 sudo rsync -av --chown=10004:10005 --progress --relative --human-readable \ - # {} "${TARGET}" - sudo -l && time fpsync -n 18 -o '-a --numeric-ids --no-compress --chown=10004:10005' -t /mnt/compose/partitions "/mnt/compose/${MAJ}/latest-${SHORT}-${MAJ}${PROFILE}/compose/" "${TARGET}/" - - # This is temporary until we implement rsync into empanadas - #if [ -f "COMPOSE_ID" ]; then - # cp COMPOSE_ID "${TARGET}" - # chown 10004:10005 "${TARGET}/COMPOSE_ID" - #fi - - #if [ -d "metadata" ]; then - # rsync -av --chown=10004:10005 --progress --relative --human-readable metadata "${TARGET}" - #fi -fi