Compare commits

..

246 commits

Author SHA1 Message Date
27cab40b9a
fix lack of MAJ 2024-12-19 03:37:23 -07:00
723e822464
release scripts should also not hardcode 2024-12-17 23:08:06 -07:00
ba5fe93f98
stop hardcoding in specific places 2024-12-17 23:03:45 -07:00
0e3727d637
add cron jobs 2024-12-17 15:52:41 -07:00
02a8229346
vault: add devel as a modular repo for an edge case 2024-12-12 20:09:34 -07:00
6cf9eeac4f
kiwi: Add extra repos list to LiveBuild 2024-12-10 02:48:12 -07:00
7e854f0b5c
add flatpak data to parser 2024-12-04 04:36:16 -07:00
31a81c2620
missing createrepo vault targets 2024-12-03 14:12:32 -07:00
95a55b18c9
fasttrack: add IDs 2024-11-26 10:01:07 -07:00
6bdcc019d7
fix fasttrack repos 2024-11-26 09:59:08 -07:00
e061332e2b
fix sig core project id 2024-11-23 03:48:49 -07:00
ab57120508
add 10 release 2024-11-23 03:45:34 -07:00
edd17ab0d8
add minimal XML for all arches 2024-11-18 14:56:22 -07:00
f268502918
add magic 2024-11-15 15:08:03 -07:00
a4d6899601
use pycdlib to get iso label 2024-11-15 04:35:17 -07:00
df4bb47691
remove rc switch and update deps 2024-11-15 02:39:04 -07:00
d53e0d939d
refresh treeinfo should NOT overwrite by default 2024-11-13 15:06:50 -07:00
0bb3867c6a
empanadas: change el9.yaml for 9.5 2024-11-12 10:27:27 -07:00
78301b7906
sync: change to 9.5 2024-11-12 10:23:15 -07:00
2cb5ae42b9
fix safednf 2024-10-29 23:35:13 -07:00
96f8877d1b
dnf4 is required for reposync 2024-10-29 13:10:26 -07:00
1470e590d3
add group auditor 1/? 2024-10-18 14:24:26 -07:00
546f8b4687
look at host category for ALL 2024-10-18 12:35:08 -07:00
7f3a4b4761
add shim unsigned to parser part 2 2024-10-17 15:37:44 -07:00
4906749ed0
add shim unsigned to parser 2024-10-17 15:37:15 -07:00
1a45143b00
fix rs for generators 2024-10-17 15:14:16 -07:00
fc0b738c75
add notice for 0 hosts 2024-10-17 12:25:31 -07:00
689e7aa793
mangle: separate hbac hosts by lists 2024-10-17 11:55:14 -07:00
9c1b828ab7
remove resilient storage from r10 2024-10-17 10:01:56 -07:00
448b8c035b
mangle/ipa: all hbac access supersedes everything else 2024-10-16 10:17:09 -07:00
a6f4632d66
prepare for 9.5 builds 2024-10-16 01:29:40 -07:00
08d8995344
Use label=disable to prevent context changes 2024-10-07 15:09:06 -07:00
333f3614f9
add python_freeipa support 2024-10-02 11:25:01 -07:00
dc53a5be9e
catch all category 2024-10-02 10:30:39 -07:00
678c807741
allow mangle to work on IPA DC 2024-10-02 10:12:28 -07:00
f482ef6e1f
add HBAC host list to user deep 2024-10-02 09:54:52 -07:00
eba3593cfd
ensure el10 has reposcan capabilities 2024-10-01 14:47:55 -07:00
b53afe66e2
fix: ensures skipped images are not in the list for podman 2024-10-01 14:44:32 -07:00
30a84cfed5
Add reposcan option for variants that should not look at compose 2024-10-01 13:56:56 -07:00
5e6427ea4b
some profiles do not have squashfs listed 2024-10-01 12:55:33 -07:00
8c775c308c
resolve #19
Resolves PR #19 and makes both iso and live classes consistent.

Signed-off-by: Sergei Shtepa <sshtepa@noreply@resf.org>
Signed-off-by: Louis Abel <label@rockylinux.org>
2024-09-12 09:40:24 -07:00
951558deb4
update rss plugin: remove comments 2024-08-19 08:26:52 -07:00
65c531cf4c
cleanup: remove unused scripts and dirs
mangle/mock is no longer needed and has been superseded by
https://git.resf.org/sig_core/mock-rocky-configs

iso/py and iso/sh were placeholders for empanadas initial development.
as such as they are no longer needed.
2024-08-15 04:18:03 -07:00
fabbe8e46d
cleanup: remove obsolete functions
8.10 was built using xorrisofs. As a result, there's no reason to keep
isohybrid or any of those other functions around in the event we use
empanadas to recreate ISO's specifically for Rocky Linux 8.

As a result, a lot of obsolete variables and functions have been removed
or pruned.
2024-08-14 23:39:58 -07:00
a15f74a421
Changes (see notes)
* Bump empanadas to 0.7.0
* Archive and remove `func` as testing team should be handling these
  components with tmt and openqa
* Remove unused scripts from sync
2024-08-14 21:08:06 -07:00
c44e25ca5d
chore: update readme to reflect toolkit name
We spend a lot of time beating around the bush, but the toolkit is
essentially the sum of all the things in here -- we should accept that
and just call it all Empanadas and work on cleaning up and having a
better strategy around how we're doing development work in this repo
including cutting releases.
2024-08-14 23:45:18 -04:00
e2ae0f8630
CVE fix for 'safe extract' tar is covered by filter 2024-08-13 22:24:41 -07:00
8ce5f69772
empanadas: update deps 2024-08-13 11:36:02 -07:00
142f314c02
add rdma-core 2024-08-07 08:43:16 -07:00
78cd9c47a1
ensure openssl-fips-provider is not available 2024-07-31 14:22:32 -07:00
c2ab7d72c2
add group query 2024-07-31 07:20:07 -07:00
04d1ec6a00
add query ability 2024-07-17 15:30:24 -07:00
39b2c5601a
ipaauditor: add control checks 2024-07-15 14:05:50 -07:00
7557ff5987
feat: support looping over packages; formatting 2024-07-09 18:00:48 -04:00
384eaf18d9
fix: formatting change 2024-07-09 16:26:26 -04:00
416e4f1d10
feat: allow url to be templated to be used on non-rocky forges 2024-07-09 16:23:12 -04:00
df55c42db9
fix kiwi refs for 10 2024-07-06 22:04:09 -07:00
ec5de9df99
add shim to ignores 2024-06-08 09:02:46 -07:00
ce9f6e9340
sig sync must use sigvars instead 2024-05-29 19:12:19 -07:00
c5a859eaea
adjust sigs to use it also 2024-05-29 19:09:30 -07:00
aa9e16070d
fix dict 2024-05-29 17:50:34 -07:00
86787a7347
move gpg key to separate config item 2024-05-29 17:44:16 -07:00
de40f18582
update rocky 8 config 2024-05-28 13:56:11 -07:00
8f27de4f21
use RC2 2024-05-27 06:38:21 -07:00
aa140d142d
prepare for 8.10 2024-05-21 23:30:11 -07:00
18ecf1a8ac
fix debug repo format 2024-05-21 16:55:01 -07:00
9a53bf6f5c
adjust most formatting to f-string 2024-05-21 16:51:40 -07:00
4cfcf75e8d
update poetry.lock again 2024-05-21 13:25:32 -07:00
72ed6301f0
update to 3.9 2024-05-21 13:24:49 -07:00
57c78f84c3
update deps 2024-05-21 13:23:45 -07:00
2cff98e5d1
update deps for poetry lock 2024-05-21 13:19:49 -07:00
1bfc1615d0
live iso should default to 0 increment 2024-05-21 13:14:20 -07:00
efbdafd84b
adjust commands to be consistent 2024-05-21 13:11:02 -07:00
7d54ace28e
mangle: oval.sh contains a broken podman command 2024-05-10 01:36:29 -07:00
cfa4bc81e4
add toolbox 2024-05-08 00:06:53 -07:00
59467129e7
add more kiwi directives 2024-05-08 00:05:04 -07:00
bad06d19b5
Fix s3_determine func 2024-05-07 23:47:11 -07:00
3e6d7d3cc0
lorax removes are no longer required for now 2024-05-07 14:07:56 -07:00
1a80921b2b
add kiwi changes 2024-05-07 13:53:04 -07:00
3ffe6962b4
add kiwi info 2024-05-07 13:44:33 -07:00
74fb593919
adjust manglers 2024-05-07 09:27:26 -07:00
544f4ef07a
allow changing increment 2024-05-06 11:46:09 -07:00
dea52484e7
catch checksum as a wildcard 2024-05-05 19:11:03 -07:00
c533ca0737
add dvd as a variant 2024-05-05 19:06:31 -07:00
91f348f8b1
update ISOREADME 2024-05-05 14:11:58 -07:00
0c6f18b24a
address minimal image repoclosure issue 2024-05-05 13:40:06 -07:00
ee330b8157
add python3-lxml to minimal 2024-05-05 13:28:51 -07:00
8dca4cf8c5
the containers are stream, so lorax-templates-rocky isn't a thing 2024-05-04 23:27:45 -07:00
17d8fd7f23
use translators 2024-05-04 18:30:35 -07:00
796e96ed95
use double quotes for fstring 2024-05-04 18:18:50 -07:00
441eaa778b
add root_prefix requirement for shared func 2024-05-04 18:17:23 -07:00
439f1f7984
fix node pinning, new lorax path 2024-05-04 15:26:32 -04:00
7811415112
utilize extra_repos 2024-05-03 13:22:29 -07:00
d860d4e661
don't use hashed repos for rc builds 2024-05-01 23:58:43 -04:00
1adce9408b
change toolkit config for 9.4 2024-04-30 03:19:31 -07:00
b1bf2f49dc
switch to 9.4 2024-04-30 01:43:06 -07:00
e9f6b7a99f
add kiwi config items 2024-04-24 00:24:12 -07:00
2d30ed5c29
fix multiline issue in template 2024-04-19 14:41:49 -07:00
6d931afac5
toolkit: add squashfs_only option to configs 2024-04-17 08:37:14 -07:00
b0c0b55232
rl10 configs are the true buildroot 2024-04-14 00:16:20 -07:00
1178e32e1c
fix: broke this by accident 2024-04-04 01:43:40 -04:00
09cac511fb
fix: rocky 8 repo names are capital 2024-04-04 00:43:43 -04:00
c93ee4dcd9
fix: regex 2024-04-04 00:42:47 -04:00
7b5fc95765
add lorax-templates-rhel 2024-03-30 23:46:08 -07:00
d018838a6c
add kiwimap to other profiles
Signed-off-by: Louis Abel <label@rockylinux.org>
2024-03-29 01:13:15 -07:00
138cb51485
remove variantmap, add check for livemap valid type 2024-03-29 01:05:55 -07:00
2ced55eab2
prepare for additional live builders 2024-03-27 17:12:15 -07:00
5300649b09
add missing attr install 2024-03-19 10:53:55 -07:00
3d1574055c
add xattr test 2024-03-19 10:53:34 -07:00
b9826dd7cf
add rl10 configs for all arches 2024-03-18 19:02:06 -07:00
9da86fa538
change lorax-templates-rhel and remove genisoimage 2024-03-16 10:45:12 -07:00
392d4c4e89
fix 10lh and prep 9.4 beta 2024-03-16 10:34:12 -07:00
5127772b21
add NetworkManager-wifi to minimal 2024-03-15 16:48:02 -07:00
a9469f4ffe
empanadas: kernel-common should be kernel-drivers
Signed-off-by: Louis Abel <label@rockylinux.org>
2024-03-12 08:56:50 -07:00
e6f308f0e2
add kernel-common repo to sig/kernel 2024-03-12 10:19:19 -04:00
05def1afef
update el10 configs 2024-02-21 13:17:19 -07:00
9d9357647e
change lh to s 2024-02-21 12:07:16 -07:00
f6776e5bb5
temp: add stream 10 specific scripts 2024-02-21 11:44:30 -07:00
2d6eeed6ae
add bugtracker manglers 2024-02-12 19:48:40 -07:00
5eee8d4c76
separate mock configs by arch 2024-01-17 15:36:27 -07:00
52f68aa4c4
add el10 and codes 2024-01-17 11:10:29 -07:00
3c8d0d0ef5
add ln for new way 2023-12-26 01:06:43 -07:00
cdcf7e4c87
add log level option, don't use logger 2023-12-23 15:13:20 -07:00
62d8d6a233
undo logger none removal 2023-12-23 15:06:20 -07:00
8481efd03c
support log level override 2023-12-22 14:51:23 -05:00
dfa4caec54
fix: quotas code was broken 2023-12-20 19:51:48 -05:00
d42c919b09
func: add restorecon as in some instances httpd fails 2023-12-05 09:34:53 -07:00
3b896ae1c2
func: add pdf test, modify exports 2023-12-04 02:37:20 -07:00
a686f168c3
correct some tests 2023-11-30 02:10:42 -07:00
7a4f15caf8
add a noexec check 2023-11-30 01:04:41 -07:00
dd1d5de120
Ensure torrent generation goes to separate directories 2023-11-29 18:57:08 -07:00
81cf38ec13
add more traps 2023-11-29 14:09:12 -07:00
e4955719c0
use cmd var 2023-11-28 12:44:24 -07:00
26f1680aff
add X.Y-A.B check 2023-11-26 20:08:39 -07:00
b394a4d74e
add SIG vaulting 2023-11-21 20:09:43 -07:00
a1aceb2be4
ensure treeinfo and discinfo are unrelated 2023-11-21 14:00:17 -07:00
47c64bbd74
func: add more traps 2023-11-21 01:23:44 -07:00
94cb5741e2
8 is now RC2 2023-11-19 16:16:33 -07:00
ca358f6117
rl#4390 - add uefi-preferred to boot mode for images
Fixes: https://bugs.rockylinux.org/view.php?id=4390
2023-11-19 16:56:30 -05:00
5eb80aac4c
add sig config stub 2023-11-19 11:39:46 -05:00
fd7466e1e6
pinn markupsafe to 2.0.1 due to deprecation 2023-11-19 11:38:29 -05:00
ae8ef2265c
ensure we use the latest version 2023-11-19 07:15:25 -07:00
72235d9003
fix: don't use gha max cache 2023-11-19 07:14:57 -07:00
2b355c1302
superfluous shasum for isos 2023-11-18 14:51:57 -07:00
0bbfd68611
change to 8.9 2023-11-17 02:32:37 -07:00
108244b3d6
use releasever where necessary 2023-11-16 18:39:31 -07:00
4c9da48ad4
remove export 2023-11-16 16:07:15 -07:00
8a2ef36330
MODS isn't being overridden 2023-11-16 16:03:19 -07:00
4e67ac32a6
MODS isn't being overridden 2023-11-16 15:57:42 -07:00
3e70e3599c
CRB is not powertools 2023-11-16 15:49:12 -07:00
6a60dad27a
fix wildcard 2023-11-16 15:28:18 -07:00
8c2122decc
fix createrepo 2023-11-16 15:21:56 -07:00
f583ef5834
ensure debug 2023-11-16 14:09:08 -07:00
eaf545acc4
vault no norepodata 2023-11-16 13:59:52 -07:00
5f89f4da2f
try to make the buildroot unique from default templates 2023-11-15 20:43:29 -07:00
3529b7a5e1
add actual podman tests, start using trap 2023-11-13 17:14:57 -07:00
f5a4d2f563
remove erroneous sync-to-vault 2023-11-13 13:22:16 -07:00
48be209c64
add rsync that does not sync repodata 2023-11-13 13:21:58 -07:00
6cfae3af98
func: add starting podman tests 2023-11-13 10:28:48 -07:00
b93edbf9b8
change rsync switches 2023-11-13 02:31:53 -07:00
3567691639
change rsync switches 2023-11-13 02:30:29 -07:00
9f87266007
stop using fpsync 2023-11-13 02:22:42 -07:00
282eef11f9
turn off -a for fpsync 2023-11-12 00:45:34 -07:00
df1115e0ae
Revert "let's try to build on git.resf.org instead.."
This reverts commit f4d62d8e63.
2023-11-11 12:28:25 -05:00
f4d62d8e63
let's try to build on git.resf.org instead.. 2023-11-11 12:26:48 -05:00
3d03042c15
bump to new action versions 2023-11-11 12:23:24 -05:00
338f53c30a
turn off bootstrap image 2023-11-11 07:10:40 -07:00
ccae1045b3
update versions of empanadas 2023-11-08 14:16:49 -07:00
419e7af362
use rpm shim instead of the other library 2023-11-08 16:06:08 -05:00
ce533823be
add IPA info tools 2023-11-08 00:25:28 -07:00
4720a6dda5
Change 9.2 to 9.3 2023-11-06 19:40:06 -07:00
82f9523ee5
add mock configs for manglers 2023-10-30 16:00:26 -07:00
77f078c287
change project ID for mangles 2023-10-12 12:32:43 -07:00
bc72e6c7e4
fix vault-release.sh messages 2023-10-02 21:16:35 -07:00
dadc382dae
add regex check in def 2023-10-02 21:13:09 -07:00
6f5b1f59ac
add rlutil.py 2023-10-02 21:08:34 -07:00
abc469d677
fix rm scripts 2023-09-24 16:14:20 -07:00
4a4708b615
remove unnecessary boot image 2023-09-24 10:59:53 -07:00
129f1e2196
update rss 2023-09-24 07:25:31 -07:00
8ccad56168
beta should delete also 2023-09-21 15:28:39 -07:00
c9ccffde40
update rss to do a break on description 2023-09-20 17:07:29 -07:00
e68f40bf23
use base64 to do magic for rss 2023-09-13 01:39:11 -07:00
8b428ef521
ensure double descriptions aren't happening 2023-09-12 03:25:27 -07:00
8f08a0ca71
ensure to_unicode is used in description 2023-09-12 03:13:13 -07:00
ccb65bd912
do not xmlescape entire description 2023-09-12 01:15:26 -07:00
2b2bb9aaf4
bump lookahead versions 2023-09-07 12:23:28 -07:00
2b319d3576
remove leading space 2023-09-07 14:04:34 -04:00
90194156bb
fix ignore for vimswp 2023-09-07 14:01:53 -04:00
df64134fc9
move oval generator; fix bug 2023-09-07 09:48:19 -04:00
87268e18a2
vault time list script 2023-09-07 03:21:58 -07:00
e3b7a99974
update rss script to fix date issues 2023-09-07 02:54:04 -07:00
21f8ced3dc
move to use elementtree 2023-09-07 02:12:08 -07:00
98a1737764
change default URL to dnf github 2023-09-06 18:25:46 -07:00
2f7d07b492
fix missing feature 2023-09-05 02:35:23 -07:00
58f5b81f46
change description to help 2023-09-05 02:30:55 -07:00
acbfc8b2c4
remove swp 2023-09-05 02:23:39 -07:00
cf1bd7e63b
allow module hotfixes 2023-09-05 02:23:23 -07:00
265ea8f7e2
remove swp 2023-09-05 01:06:09 -07:00
3ff9e5e0a7
Add changelog support to rss feeder 2023-09-05 00:54:53 -07:00
29a304d34b
plus and extras are consolidated 2023-09-04 01:13:51 -07:00
bfcfcb2671
symlinks for 8 2023-09-03 23:14:49 -07:00
03d1bfd638
don't delete for non-rocky variants in lh 2023-09-03 16:46:05 -07:00
3c4bc461e2
minor adjustments 2023-09-03 16:38:07 -07:00
258466c0e3
fix loops 2023-09-03 15:15:05 -07:00
d7e226e46f
force RLREL in sync scripts 2023-09-03 15:06:20 -07:00
72e11ceb01
remove swp file 2023-09-03 14:44:10 -07:00
270a5219b6
lookahead should delete on sync 2023-09-03 14:43:13 -07:00
6edd65ca79
common_10 2023-09-02 20:37:29 -07:00
aa9b814905
make an rss feeder thingy missing features 2023-08-31 18:31:27 -07:00
24200e2740
add fasttrack and security profiles 2023-08-31 13:59:15 -07:00
c656810fba
revert accidental line 2023-08-30 15:18:04 -04:00
9c7097c5a0
Add kernel SIG profile to empanadas 2023-07-27 12:37:22 -07:00
3c4355e428
update poetry 2023-07-14 12:21:30 -07:00
7934601fdf
add sig for hpc 2023-07-12 14:35:59 -07:00
403b147f08
hardlink only after rocky is synced 2023-06-05 12:45:41 -07:00
ee439d8af5
start using with open within reason 1/2 2023-06-04 04:09:15 -07:00
8f5a8292ff
address future 10 major version 2023-05-22 16:15:35 -07:00
625d67f824
fix cd 2023-05-22 03:32:05 -07:00
73662e8a89
delete script should not accept RLVER=8 2023-05-22 02:12:07 -07:00
ed38b67626
add missing dry run flags 2023-05-19 11:30:50 -07:00
7d15d57ca1
use createrepo update instead 2023-05-18 14:15:19 -07:00
280dec6f65
add dry run 2023-05-18 12:19:55 -07:00
effdcf4dea
add owner/group options to rsync 2023-05-18 03:46:12 -07:00
2a9b72e586
fix module portion 2023-05-17 18:47:31 -07:00
1cba3efaf6
use rsync for kickstart 2023-05-17 18:40:56 -07:00
40463a6791
use -L to snuff out symlinks 2023-05-17 17:47:48 -07:00
7d2ef9a553
add delete exclude option 2023-05-17 17:22:29 -07:00
0f6804ae01
revamp sync 2023-05-17 17:19:35 -07:00
76ea9657cc
make sync scripts friendly for next push 2023-05-17 14:51:12 -07:00
8392927586
update to 8.8 2023-05-17 16:43:43 -04:00
ebaaead520
add RPI and GenericArm fix 2023-05-17 16:40:56 -04:00
669686777c
Support extra repos passed into lorax 2023-05-17 16:40:23 -04:00
48a4171ebd
add GenericArm support for SIG/AltArch 2023-05-17 16:40:23 -04:00
f473dbc010
shouldn't go to staging 2023-05-17 03:41:10 -07:00
86ee2045ac
sync for 8.8 2023-05-17 00:34:33 -07:00
c8eff9b7ee
fix results vars 2023-05-15 08:55:53 -07:00
2455f20ce9
find public key violations 2023-05-13 22:39:04 -07:00
10456f70b8
Set vars as local in funcs, fix minor release script 2023-05-13 14:46:12 -07:00
78154eb23e
fix bug when not passing variant to type which has variants 2023-05-13 17:30:30 -04:00
f26149337d
fix: standardized name for OCP to Base, in case of future variants 2023-05-13 17:28:37 -04:00
1fa63f6967
remove comments, add hard link function 2023-05-13 13:59:58 -07:00
e756e71203
move syncing into common 2023-05-13 13:44:17 -07:00
f152ff5a44
Add golang stubs for scripts to maintain image versions 2023-05-12 14:02:39 -04:00
ed2a2999ad
formatting, add WSL container variant, support requesting new quotas 2023-05-12 14:00:52 -04:00
173b0ff814 Merge pull request 'Fix Vagrant for macOS aarch64 platform' (#10) from lumarel/toolkit:fix/vagrant-vmx into devel
Reviewed-on: sig_core/toolkit#10
Reviewed-by: Neil Hanlon <neil@noreply@resf.org>
2023-05-12 17:22:07 +00:00
714146d3d1
turn off set when testing for iso 2023-05-12 10:06:41 -07:00
415 changed files with 19600 additions and 6260 deletions

BIN
.github/empanadas.png vendored Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 209 KiB

View file

@ -17,17 +17,17 @@ jobs:
uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
uses: docker/setup-qemu-action@v3
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
uses: docker/setup-buildx-action@v3
with:
install: true
- name: Login to ghcr
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
@ -35,7 +35,7 @@ jobs:
- name: Build and push
id: docker_build
uses: docker/build-push-action@v2
uses: docker/build-push-action@v5
with:
builder: ${{ steps.buildx.outputs.name }}
platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
@ -44,4 +44,4 @@ jobs:
push: ${{ github.event_name != 'pull_request' }}
tags: ghcr.io/rocky-linux/sig-core-toolkit:latest
cache-from: type=gha
cache-to: type=gha,mode=max
cache-to: type=inline

2
.gitignore vendored
View file

@ -1 +1 @@
.swp
*.sw[a-z]

View file

@ -1,7 +1,9 @@
sig-core-toolkit
Empanadas
================
Release Engineering toolkit for repeatable operations or functionality testing.
Empanadas is the Rocky Linux Release Engineering toolkit for repeatable operations or functionality testing.
<center><img src='.github/empanadas.png' width=150px /></center>
Currently mirrored at our [github](https://github.com/rocky-linux), and the
[RESF Git Service](https://git.resf.org). Changes will typically occur at the
@ -12,10 +14,9 @@ What does this have?
* analyze -> Analysis utilities (such as download stats)
* chat -> mattermost related utilities
* func -> (mostly defunct) testing scripts and tools to test base functionality
* iso -> Contains `empanadas`, which provides ISO, Compose, and Sync related utilities.
* mangle -> Manglers and other misc stuff
* sync -> Sync tools, primarily for Rocky Linux 8 and will eventually be deprecated
* sync -> Sync tools, used to sync from compose directories to mirror for Rocky Linux
How can I help?
---------------
@ -35,9 +36,3 @@ PR's against the main branch will be closed.
PR's are preferred at the [RESF Git Service](https://git.resf.org).
Will some of this be moved into separate repositories?
------------------------------------------------------
There may be some things that will be moved to its own repository in the near
future. From a SIG/Core standpoint, we believe a good chunk of this should stay
here as it makes it easier for us to maintain and manage.

23
cron/beta-8 Normal file
View file

@ -0,0 +1,23 @@
#!/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
FROMMAIL="Compose Tracker <releng@rockylinux.org>"
rm -rf /etc/pungi-beta
git clone https://git.rockylinux.org/rocky/pungi-rocky.git -b r8-beta /etc/pungi-beta
ret_val=$?
if [ "$ret_val" -ne 0 ]; then
echo "Git pull failed for beta pungi config" | mutt -e "set from=\"$FROM\"" \
-e 'set envelope_from=yes' \
-s "Git pull on /etc/pungi-beta failed" \
releng@rockylinux.org
exit 1
fi
pushd /etc/pungi-beta/scripts
bash produce-8-beta-full.sh
ret_val=$?
popd
if [ "$ret_val" -eq 0 ]; then
pushd /root/sync-devel/sync
RLVER=8 bash beta-release-sync-to-staging.sh
popd
fi

22
cron/lookahead-8 Normal file
View file

@ -0,0 +1,22 @@
#!/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
FROMMAIL="Compose Tracker <releng@rockylinux.org>"
pushd /etc/pungi-lh/scripts
git pull
ret_val=$?
if [ "$ret_val" -ne 0 ]; then
echo "Git pull failed for LookAhead pungi config" | mutt -e "set from=\"$FROM\"" \
-e 'set envelope_from=yes' \
-s "Git pull on /etc/pungi-lh failed" \
releng@rockylinux.org
exit 1
fi
bash produce-8-lookahead-full.sh
ret_val=$?
popd
if [ "$ret_val" -eq 0 ]; then
pushd /root/sync-devel/sync
RLVER=8 bash lh-release-sync-to-staging.sh
popd
fi

35
cron/stable-updates-8 Normal file
View file

@ -0,0 +1,35 @@
#!/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
FROMMAIL="Compose Tracker <releng@rockylinux.org>"
rm -rf /etc/pungi-prod
git clone https://git.rockylinux.org/rocky/pungi-rocky.git -b r8 /etc/pungi-prod
rm -rf /mnt/compose/8_metadata
git clone https://git.rockylinux.org/rocky/rocky-module-metadata.git -b r8 /mnt/compose/8_metadata
ret_val=$?
if [ "$ret_val" -ne 0 ]; then
echo "Git pull failed for prod pungi config" | mutt -e "set from=\"$FROM\"" \
-e 'set envelope_from=yes' \
-s "Git pull on /etc/pungi-prod failed" \
releng@rockylinux.org
exit 1
fi
pushd /etc/pungi-prod/scripts
bash updates-8-full.sh
ret_val=$?
popd
if [ "$ret_val" -eq 0 ]; then
pushd /root/sync-devel/sync
RLVER=8 bash sync-to-staging.sh Rocky-devel
RLVER=8 bash sync-to-staging.sh Extras
RLVER=8 bash sync-to-staging.sh Rocky
popd
pushd /mnt/repos-staging/mirror/pub/rocky/8.10
python3.9 /usr/local/bin/apollo_tree -p $(pwd) -n 'Rocky Linux 8 $arch' -i Live -i Minimal -i devel -i extras -i images -i isos -i live -i metadata -i Devel -i plus -i nfv
popd
pushd /root/sync-devel/sync
RLVER=8 bash sign-repos-only.sh
popd
fi

View file

@ -0,0 +1,34 @@
#!/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
FROMMAIL="Compose Tracker <releng@rockylinux.org>"
rm -rf /etc/pungi-prod
git clone https://git.rockylinux.org/rocky/pungi-rocky.git -b r8 /etc/pungi-prod
ret_val=$?
if [ "$ret_val" -ne 0 ]; then
echo "Git pull failed for prod pungi config" | mutt -e "set from=\"$FROM\"" \
-e 'set envelope_from=yes' \
-s "Git pull on /etc/pungi-prod failed" \
releng@rockylinux.org
exit 1
fi
pushd /etc/pungi-prod/scripts
#bash updates-8-full.sh
bash updates-8.sh
ret_val=$?
popd
if [ "$ret_val" -eq 0 ]; then
pushd /root/sync-devel/sync
#RLVER=8 bash sync-to-staging.sh Rocky-devel
#RLVER=8 bash sync-to-staging.sh Extras
RLVER=8 bash sync-to-staging.sh Rocky
popd
pushd /mnt/repos-staging/mirror/pub/rocky/8.10
python3.9 /usr/local/bin/apollo_tree -p $(pwd) -n 'Rocky Linux 8 $arch' -i Live -i Minimal -i devel -i extras -i images -i isos -i live -i metadata -i Devel -i plus -i nfv
popd
pushd /root/sync-devel/sync
RLVER=8 bash sign-repos-only.sh
popd
fi

View file

@ -0,0 +1,18 @@
#!/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
FROMMAIL="Compose Tracker <releng@rockylinux.org>"
rm -rf /etc/pungi-prod
git clone https://git.rockylinux.org/rocky/pungi-rocky.git -b r8 /etc/pungi-prod
ret_val=$?
if [ "$ret_val" -ne 0 ]; then
echo "Git pull failed for prod pungi config" | mutt -e "set from=\"$FROM\"" \
-e 'set envelope_from=yes' \
-s "Git pull on /etc/pungi-prod failed" \
releng@rockylinux.org
exit 1
fi
pushd /etc/pungi-prod/scripts
#bash updates-8-full.sh
bash updates-8.sh
ret_val=$?
popd

5
func/.gitignore vendored
View file

@ -1,5 +0,0 @@
log/*.log
log/*.log.*
clone_again/
cloned/
tftptest

View file

@ -1,488 +0,0 @@
Release Engineering Core Functionality Testing
==============================================
These are a set of scripts that are designed to test the core functionality
of a Rocky Linux system. They are designed to work on current versions of
Rocky and are used to test a system as a Release Engineering self-QA but
can be used by others for their own personal testing (under the assumption
that you just want to see what happens, we don't judge :).
These tests *must* pass for a release to be considered "Core Validated"
Checking against the upstream repositories for package matches are not enough
and are/will be addressed by other tools.
* common -> Functions that our scripts and tests may or may not use. Templates
and other files should come here too under common/files and
scripts that use them should reference them as `./common/files/...`
* core -> Core functionality and testing. For example, packages and service
functionality.
* lib -> Library tests (these may be done elsewhere)
* log -> Log output. This repository has example logs of running on Rocky
Linux.
* modules -> Tests for module streams and their basic tests
* stacks -> Software stacks, think like LAMP.
How to Run
----------
There are two ways to run through the tests:
* By running `/bin/bash runtests.sh`
* Runs all core tests
* By running `/bin/bash stacktests.sh`
* Runs all stack tests (eg, lamp, ipa)
* By running `/bin/bash monotests.sh`
* Supposed to runs all tests one by one to help identify failures as they happen (not functional)
Adding Tests
------------
So you want to add a few tests. Great! Before you add them, I want you to ask
yourself the following questions:
* Are my test(s) brand new?
* Are my test(s) actually for the "core" functionality of the system?
* Will my test(s) be going through a shellcheck?
* Were my tests running with SELinux enforcing?
If you've answered no to any of the above, the test may not be valid for this
project. If you are planning on changing a test or fixing a test to look or
work better, then a PR is more than welcome. Some things could definitely
use some touching up or improvements.
When creating tests, the below should be followed (at a minimum):
* Use functions from `./common/imports.sh`
* Global variables should be in `./common/exports.sh`
* Reusable files should be in `./common/files`
* Logging is enforced; use `r_log` where ever necessary
* Exits and status checks should be against `r_checkExitStatus`
* Place comments where `r_log` won't be descriptive enough
* With some exceptions, keep lines to a maximum of 80 characters
* Use fullpath to binaries when necessary
* Use shellcheck to verify the scripts are valid and compliant (some stuff that
shellcheck reports could be false - Just use a comment to turn off that test
for that particular line, but you need to ensure it's a false positive.)
* All filenames should start with a number and end with `.sh` (eg `00-foo.sh`)
* The executable bit should be set (except for scripts that are sourced)
**Note**: that if tests should be skipped, they should be placed into the
`skip.list` file so that way they won't run during the test phase. The file will
get a -x placed on it. Note that this is generally OK, since this repo will just
be cloned when being used anyway and won't be committed back. It is just
expected that all scripts are +x to begin with unless there's a valid reason.
There are a few tests we already have disabled because they're either not done
or they are acting strangely.
**Note**: If a package required additional modification (eg, dotnet) and it
it has a `.rocky` on the release tag, then it should be noted in the mods.list.
The same thing goes for the debrand list. Additionally, if certain patches
can change the output, it would be good to test for this (see `core/pkg_httpd`)
for an example.
Core Functionality
------------------
Everyone has their own idea of "core functionality." In the case of Release
Engineering, core functionality is simply us saying that with a basic
installation of Rocky Linux, we can run basic commands that any system admin,
developer, or casual user would run and expect to work on a regular basis.
Think about the software you probably use fairly regularly on any Linux system
that you've installed, ran, or are currently running. Now think about the
commands that you run day in, and day out. Now consider that what you're
running isn't niche and it's highly likely others use them too. If something
goes wrong with the build of your distribution, your tools might not work as
expected. Which is why the idea of doing basic testing of most, if not all of
the common stuff is a good thing to do.
While writing this, the things that come to mind are:
* archiving: zip, tar, gzip, etc
* file: head, tail, less, cat, diff, find, grep, vim, git
* network: ping, ip, ssh, wget, curl
* packaging: rpm, dnf
* system utilities: systemctl, top, sudo, ps
* web (packaging): httpd
Those are just off the top of my head. There's obviously a lot more, but with
that in mind, you now have the idea of what we're trying to accomplish with
this set of tests.
With that being said, there are obviously other tests being employed for things
that people may or may not use (LAMP stacks for example). It's not a core
function by any means, but it at least validates that a common thing or set of
things works as intended without extending the system or fixing the baseline
set of packages.
FAQ
---
### How do I know what some of these scripts do?
You can view the script and look at the various `r_log` lines or the comments
if they happen to be there. If you don't see a comment, look for an `r_log`.
### How do I disable a test?
A test can be disabled by running `chmod -x` on any given test. It's also
recommended to add it to `skip.list`
### Won't some of the tests have to change on (insert major release here)?
Yes and no. There are some tests will have to be altered to deal with it, but
the only way to really find out is to run the tests on a new major release
and see what happens.
### A test failed, what do I do?
Run a test manually to get the error. (Most) errors are not sent to the logs
as the logs are mainly to say if something was "PASSED", "FAILED", or "SKIPPED".
### A test isn't descriptive enough on r_log or comments, can I PR for that?
Absolutely - If you feel there is a gap, please fork and change what you feel
needs more information!
### Do I really need SELinux enforcing to run/add tests?
Yes.
### Why though?
Ensuring the tests work and operate under default conditions (firewall and
selinux are up) helps those who use our distribution in environments where
security is important, actually work and function correctly.
With that said, There is no reason to disable integral security layers on your
system.
### Should EPEL be enabled?
No. The point is to test Rocky packages, not EPEL. There are also package
differences that will break (eg: nc -> nmap-ncat vs netcat).
Current Tree
------------
```
.
├── common
│   ├── exports.sh
│   ├── files
│   │   ├── correct-passwd
│   │   ├── correct-shadow
│   │   ├── dovecot-test-sasl
│   │   ├── hello.c
│   │   ├── hello.cpp
│   │   ├── incorrect-passwd
│   │   ├── incorrect-shadow
│   │   ├── lamp-sql
│   │   ├── lamp-sql-php
│   │   ├── malform-group
│   │   ├── malform-gshadow
│   │   ├── openssl-answers
│   │   ├── postfix-test-sasl
│   │   ├── postfix-test-tls
│   │   └── smb.conf
│   └── imports.sh
├── core
│   ├── pkg_acl
│   │   ├── 00-install-acl.sh
│   │   ├── 10-test-acl-functions.sh
│   │   └── README.md
│   ├── pkg_archive
│   │   ├── 00-install-formats.sh
│   │   ├── 10-bzip.sh
│   │   ├── 20-gzip-bin-test.sh
│   │   ├── 21-gzip-test.sh
│   │   ├── 22-gzexe.sh
│   │   ├── 23-zcmp-zdiff.sh
│   │   ├── 24-zforce.sh
│   │   ├── 25-zgrep.sh
│   │   ├── 25-zless.sh
│   │   ├── 26-zmore.sh
│   │   ├── 27-znew.sh
│   │   ├── 30-tar.sh
│   │   ├── 40-xzcmp-xzdiff.sh
│   │   ├── 40-zip.sh
│   │   ├── 50-lzop.sh
│   │   └── README.md
│   ├── pkg_attr
│   │   ├── 00-install-attr.sh
│   │   ├── 10-check-attr.sh
│   │   └── README.md
│   ├── pkg_auditd
│   │   ├── 00-install-auditd.sh
│   │   ├── 10-auditd-logs.sh
│   │   ├── 11-generate-events.sh
│   │   └── README.md
│   ├── pkg_bash
│   │   ├── 00-bash-version.sh
│   │   └── README.md
│   ├── pkg_bc
│   │   ├── 00-install-bc.sh
│   │   ├── 10-test-calculation.sh
│   │   └── README.md
│   ├── pkg_bind
│   │   ├── 00-install-bind.sh
│   │   ├── 10-test-lookup.sh
│   │   └── README.md
│   ├── pkg_coreutils
│   │   ├── 00-install-coreutils.sh
│   │   ├── 10-arch.sh
│   │   ├── 11-basename.sh
│   │   ├── 12-cat.sh
│   │   ├── 13-cut.sh
│   │   ├── 14-bool.sh
│   │   ├── 15-heads-tails.sh
│   │   ├── 16-pathchk.sh
│   │   ├── 17-readlink.sh
│   │   ├── 18-seq.sh
│   │   ├── 19-timeout.sh
│   │   ├── 20-hash.sh
│   │   ├── 21-touch-ls.sh
│   │   ├── 22-uniq.sh
│   │   ├── 23-wc.sh
│   │   ├── 24-yes.sh
│   │   └── README.md
│   ├── pkg_cpio
│   │   ├── 00-install-cpio.sh
│   │   ├── 10-cpio.sh
│   │   └── README.md
│   ├── pkg_cracklib
│   │   ├── 00-install-cracklib.sh
│   │   ├── 10-test-passwords.sh
│   │   └── README.md
│   ├── pkg_cron
│   │   ├── 00-install-cron.sh
│   │   ├── 10-dot-cron.sh
│   │   └── README.md
│   ├── pkg_curl
│   │   ├── 00-install-curl.sh
│   │   ├── 10-test-curl.sh
│   │   └── README.md
│   ├── pkg_diffutils
│   │   ├── 00-install-diff.sh
│   │   └── README.md
│   ├── pkg_dnf
│   │   ├── 10-remove-package.sh
│   │   └── README.md
│   ├── pkg_dovecot
│   │   ├── 00-install-dovecot.sh
│   │   ├── 01-configure-dovecot.sh
│   │   ├── 10-pop3-test.sh
│   │   ├── 11-imap-test.sh
│   │   ├── 12-dovecot-clean.sh
│   │   └── README.md
│   ├── pkg_file
│   │   ├── 00-install-file.sh
│   │   ├── 10-mime-check.sh
│   │   ├── 20-mime-image.sh
│   │   ├── 30-mime-symlink.sh
│   │   └── README.md
│   ├── pkg_findutils
│   │   ├── 00-install-findutils.sh
│   │   ├── 10-find.sh
│   │   └── README.md
│   ├── pkg_firefox
│   │   ├── 00-install-firefox.sh
│   │   ├── 10-check-firefox-start-page.sh
│   │   └── README.md
│   ├── pkg_firewalld
│   │   ├── 00-install-firewalld.sh
│   │   ├── 10-firewalld-check-rule.sh
│   │   └── README.md
│   ├── pkg_freeradius
│   │   ├── 00-install-freeradius.sh
│   │   ├── 10-test-freeradius.sh
│   │   └── README.md
│   ├── pkg_gcc
│   │   ├── 00-install-gcc.sh
│   │   ├── 10-gcc-build-simple.sh
│   │   ├── 11-gcc-build-cpp.sh
│   │   ├── 20-annobin-test-gcc.sh
│   │   ├── 21-annobin-test-gplusplus.sh
│   │   └── README.md
│   ├── pkg_git
│   │   ├── 00-install-git.sh
│   │   ├── 10-test-git.sh
│   │   ├── 11-test-clone-log.sh
│   │   └── README.md
│   ├── pkg_httpd
│   │   ├── 00-install-httpd.sh
│   │   ├── 10-httpd-branding.sh
│   │   ├── 20-test-basic-http.sh
│   │   ├── 21-test-basic-https.sh
│   │   ├── 30-test-basic-auth.sh
│   │   ├── 40-test-basic-vhost.sh
│   │   ├── 50-test-basic-php.sh
│   │   └── README.md
│   ├── pkg_kernel
│   │   ├── 10-test-kernel-keyring.sh
│   │   ├── 11-test-secure-boot.sh
│   │   ├── 12-test-debrand.sh
│   │   └── README.md
│   ├── pkg_lsb
│   │   ├── 00-install-lsb.sh
│   │   ├── 10-test-branding.sh
│   │   └── README.md
│   ├── pkg_lsof
│   │   ├── 00-install-lsof.sh
│   │   ├── 10-test-lsof.sh
│   │   └── README.md
│   ├── pkg_mdadm
│   │   ├── 00-install-mdadm.sh
│   │   └── 01-test-mdadm.sh
│   ├── pkg_network
│   │   ├── 00-install-packages.sh
│   │   ├── 10-tracepath.sh
│   │   ├── 11-traceroute.sh
│   │   ├── 12-mtr.sh
│   │   ├── 13-iptraf.sh
│   │   ├── 20-configure-bridge.sh
│   │   ├── 30-test-arpwatch.sh
│   │   ├── imports.sh
│   │   └── README.md
│   ├── pkg_nfs
│   │   ├── 00-install-nfs.sh
│   │   ├── 10-prepare-nfs-ro.sh
│   │   ├── 11-prepare-nfs-rw.sh
│   │   ├── 12-prepare-autofs.sh
│   │   └── README.md
│   ├── pkg_openssl
│   │   ├── 00-install-openssl.sh
│   │   ├── 10-test-openssl.sh
│   │   └── README.md
│   ├── pkg_perl
│   │   ├── 00-install-perl.sh
│   │   ├── 10-test-perl.sh
│   │   ├── 11-test-perl-script.sh
│   │   └── README.md
│   ├── pkg_postfix
│   │   ├── 00-install-postfix.sh
│   │   ├── 10-test-helo.sh
│   │   ├── 20-mta.sh
│   │   ├── 30-postfix-sasl.sh
│   │   ├── 40-postfix-tls.sh
│   │   └── README.md
│   ├── pkg_postgresql
│   │   ├── 00-install-postgresql.sh
│   │   ├── 01-configure-postgresql.sh
│   │   ├── 10-create-db.sh
│   │   ├── 11-create-user.sh
│   │   ├── 20-drop-db.sh
│   │   └── 21-drop-user.sh
│   ├── pkg_python
│   │   ├── 00-install-python.sh
│   │   ├── 10-test-python3.sh
│   │   └── README.md
│   ├── pkg_release
│   │   ├── 00-install-file.sh
│   │   ├── 10-name-sanity-check.sh
│   │   ├── 20-check-gpg-keys.sh
│   │   ├── 30-os-release.sh
│   │   ├── 40-system-release.sh
│   │   └── README.md
│   ├── pkg_rootfiles
│   │   ├── 00-install-rootfiles.sh
│   │   └── 10-test-rootfiles.sh
│   ├── pkg_rsyslog
│   │   ├── 00-install-rsyslog.sh
│   │   ├── 10-test-syslog.sh
│   │   └── README.md
│   ├── pkg_samba
│   │   ├── 00-install-samba.sh
│   │   ├── 10-test-samba.sh
│   │   └── README.md
│   ├── pkg_secureboot
│   │   ├── 10-test-grub-secureboot.sh
│   │   ├── 11-test-shim-certs.sh
│   │   └── README.md
│   ├── pkg_selinux
│   │   ├── 00-install-selinux-tools.sh
│   │   ├── 10-check-alerts.sh
│   │   └── 20-check-policy-mismatch.sh
│   ├── pkg_setup
│   │   ├── 00-test-shells.sh
│   │   ├── 10-test-group-file.sh
│   │   ├── 20-test-passwd-file.sh
│   │   └── README.md
│   ├── pkg_shadow-utils
│   │   ├── 00-install.sh
│   │   ├── 10-files-verify.sh
│   │   ├── 20-user-tests.sh
│   │   ├── 30-group-tests.sh
│   │   ├── 40-pw.sh
│   │   ├── 90-clean.sh
│   │   └── README.md
│   ├── pkg_snmp
│   │   ├── 00-install-snmp.sh
│   │   ├── 10-test-snmp-1.sh
│   │   ├── 11-test-snmp-2.sh
│   │   ├── 12-test-snmp-3.sh
│   │   └── README.md
│   ├── pkg_sqlite
│   │   ├── 00-install-sqlite.sh
│   │   ├── 10-sqlite-tables.sh
│   │   ├── 20-sqlite-dump.sh
│   │   └── README.md
│   ├── pkg_strace
│   │   ├── 00-install-strace.sh
│   │   ├── 10-test-strace.sh
│   │   └── README.md
│   ├── pkg_sysstat
│   │   ├── 00-install-sysstat.sh
│   │   ├── 10-iostat.sh
│   │   ├── 11-cpu.sh
│   │   ├── 12-cpu-io.sh
│   │   └── README.md
│   ├── pkg_systemd
│   │   ├── 00-systemd-list-services.sh
│   │   ├── 10-systemd-list-non-native-sevices.sh
│   │   ├── 11-systemd-service-status.sh
│   │   ├── 20-systemd-journald.sh
│   │   └── README.md
│   ├── pkg_tcpdump
│   │   └── README.md
│   ├── pkg_telnet
│   │   ├── 00-install-telnet.sh
│   │   └── 10-test-telnet.sh
│   ├── pkg_tftp-server
│   │   ├── 00-install-tftp.sh
│   │   ├── 01-configure-tftp.sh
│   │   ├── 10-get-test.sh
│   │   └── 11-put-test.sh
│   ├── pkg_vsftpd
│   │   ├── 00-install-vsftpd.sh
│   │   ├── 10-anonymous-vsftpd.sh
│   │   ├── 20-local-login.sh
│   │   ├── 30-cleanup.sh
│   │   └── README.md
│   ├── pkg_wget
│   │   ├── 00-install-wget.sh
│   │   ├── 10-test-wget.sh
│   │   └── README.md
│   └── pkg_which
│   ├── 00-install-which.sh
│   ├── 10-test-which.sh
│   └── README.md
├── debrand.list
├── lib
├── log
│   └── README.md
├── mods.list
├── modules
├── monotests.sh
├── README.md
├── runtests.sh
├── skip.list
├── stacks
│   ├── ipa
│   │   ├── 00-ipa-pregame.sh
│   │   ├── 10-install-ipa.sh
│   │   ├── 11-configure-ipa.sh
│   │   ├── 12-verify-ipa.sh
│   │   ├── 20-ipa-user.sh
│   │   ├── 21-ipa-service.sh
│   │   ├── 22-ipa-dns.sh
│   │   ├── 23-ipa-sudo.sh
│   │   ├── 50-cleanup-ipa.sh
│   │   └── README.md
│   └── lamp
│   ├── 00-install-lamp.sh
│   ├── 01-verification.sh
│   └── 10-test-lamp.sh
└── stacks.sh
```

View file

@ -1,15 +0,0 @@
#!/bin/bash
# Common Variables
export DNFDEBUG=0
export readonly PASS=0
export readonly FAIL=1
RL_VER=$(rpm --eval %rhel)
export readonly RL_VER
export readonly PRE_RELEASE=0
# This should be either: rocky, redhat, centos
export readonly RELEASE_NAME=rocky
# A 0 means it was successful. It can be changed to 1 on failure.
export IPAINSTALLED=0
LOGFILE="$(pwd)/log/$(date +'%m-%d-%Y')-tests.log"
export LOGFILE

View file

@ -1 +0,0 @@
obsidian:x:9999:9999::/home/obsidian:/bin/bash

View file

@ -1 +0,0 @@
obsidian:$6$p/uYvJM34LitE94s$gQsL3.ytkx5MpU0jGOH8XaymvvqxuuUEiZPyazju3vH34tslLjRqUlKebGx8X2lx2nTJdvcC/H4BdUZvLUyGF1:18780:0:99999:7:::

View file

@ -1,7 +0,0 @@
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
}

View file

@ -1,5 +0,0 @@
#include <stdio.h>
int main() {
printf("Hello!\n");
return 0;
}

View file

@ -1,5 +0,0 @@
#include <iostream>
int main() {
std::cout << "Hello!\n";
return 0;
}

View file

@ -1 +0,0 @@
:obsidian:x:9999:9999:::/home/obsidian:/bin/bash:

View file

@ -1 +0,0 @@
obsidian:$6$p/uYvJM34LitE94s$gQsL3.ytkx5MpU0jGOH8XaymvvqxuuUEiZPyazju3vH34tslLjRqUlKebGx8X2lx2nTJdvcC/H4BdUZvLUyGF1:18780:0:99999:7:::

View file

@ -1,5 +0,0 @@
create database obsidiancore;
use obsidiancore;
create table tests (name varchar(20)) ;
grant all on obsidiancore.* to 'rocky'@'localhost' identified by 'onyx';
flush privileges;

View file

@ -1,11 +0,0 @@
<?php
$dbconnect = mysqli_connect("localhost","rocky","onyx");
if (!$dbconnect)
{
die('Could not connect: ' . mysqli_error());
}
mysqli_select_db($dbconnect, "obsidiancore");
mysqli_query($dbconnect, "INSERT INTO tests (name)
VALUES ('sqltest')");
mysqli_close($dbconnect);
?>

View file

@ -1 +0,0 @@
:test:x:9999::

View file

@ -1 +0,0 @@
test:x::

View file

@ -1,15 +0,0 @@
[ req ]
default_bits = 4096
distinguished_name = req_distinguished_name
string_mask = nombstr
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = US
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Arizona
localityName = Locality Name (eg, city)
localityName_default = Phoenix
0.organizationName = Organization Name (eg, company)
0.organizationName_default = RESF
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default = Rocky

View file

@ -1,6 +0,0 @@
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
broken_sasl_auth_clients = yes

View file

@ -1,15 +0,0 @@
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_tls_security_level = may
smtpd_tls_key_file = /etc/pki/tls/private/mail.key
smtpd_tls_cert_file = /etc/pki/tls/certs/mail.crt
# smtpd_tls_CAfile = /etc/pki/tls/root.crt
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache
tls_random_source = dev:/dev/urandom
smtpd_tls_auth_only = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

View file

@ -1,11 +0,0 @@
[global]
workgroup = wrkgrp
netbios name = smbsrv
security = user
map to guest = Bad User
[rocky]
comment = Rocky Share
path = /srv/smb
read only = yes
guest only = yes

View file

@ -1,237 +0,0 @@
#!/bin/bash
# Common functions and imports to use across all scripts
# Louis Abel <label@rockylinux.org> @nazunalika
################################################################################
# Functions that (r)eturn things
function r_log() {
SCR=$1
MESSAGE=$2
printf "[-] %s %s: %s\n" "$(date +'%m-%d-%Y %T')" "$SCR" "$MESSAGE" >> "$LOGFILE"
}
# Always call this at the end of scripts to check for exit status. This will
# report "PASS" or "FAIL" depending on the exit and it will show up in the log.
# Args: $1 will be whatever you want checked
function r_checkExitStatus() {
[ "$1" -eq 0 ] && r_log "result" "PASSED" && return "$PASS"
r_log "status" "FAILED"
exit "$FAIL"
}
# Processes a list of folders containing the tests. This ignores files that
# start with a dot (.), an underscore (_) or contain README in the name.
# This is done because we cannot guarantee that whoever adds in tests or
# writes additional "find" commands won't negate these lookups.
# Additionally, we should look at the file's executable status. I considered
# just having the files named differently, but that seemed more annoying than
# just setting +x
function r_processor() {
# shellcheck disable=SC2068
exec 8< $@
# shellcheck disable=SC2162
while read -u 8 file; do
# shellcheck disable=SC2086
if [[ "$(basename ${file})" =~ README|^\.|^_ ]]; then
continue
fi
[ -x "${file}" ] && echo "Begin processing script: ${file}" && "${file}"
done
return 0
}
function r_checkEPELEnabled() {
/usr/bin/dnf repolist | grep -q '^epel'
return $?
}
################################################################################
# Functions that deal with (p)ackages
# Installs packages normally (including weak dependencies)
# Args: Any number of $1..X
function p_installPackageNormal() {
r_log "internal" "Attempting install: $*"
# shellcheck disable=SC2086
/usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} install "$@"
r_checkExitStatus $?
}
# Installs packages excluding weak dependencies - There are some cases where
# you would need to do this.
# Args: Any number of $1..X
function p_installPackageNoWeaks() {
r_log "internal" "Attempting install: $*"
# shellcheck disable=SC2086
/usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} --setopt install_weak_deps=0 install "$@"
r_checkExitStatus $?
}
# Removes packages
# Args: Any number of $1..X
function p_removePackage() {
r_log "internal" "Attempting uninstall: $*"
# shellcheck disable=SC2086
/usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} remove "$@"
r_checkExitStatus $?
}
# Enables dnf modules
# Args: Any number of $1..X
function p_enableModule() {
r_log "internal" "Enabling module: $*"
# shellcheck disable=SC2086
/usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} module enable "$@"
r_checkExitStatus $?
}
# Resets modules (since you can't "disable" technically)
# Args: Any number of $1..X
function p_resetModule() {
r_log "internal" "Resetting module: $*"
# shellcheck disable=SC2086
/usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} module reset "$@"
r_checkExitStatus $?
}
function p_getPackageRelease() {
rpm -q --queryformat '%{RELEASE}' "$1"
}
function p_getPackageArch() {
rpm -q --queryformat '%{ARCH}' "$1"
}
function p_getDist() {
rpm -q "$(rpm -qf /etc/redhat-release)" --queryformat '%{version}\n' | cut -d'.' -f1
}
################################################################################
# Functions that that are considered (m)isc
# Service cycler, basically a way of handling services and also being able to
# prevent potential race conditions.
function m_serviceCycler() {
if [ "$2" = "cycle" ]; then
# shellcheck disable=SC2086
/bin/systemctl stop $1
sleep 3
# shellcheck disable=SC2086
/bin/systemctl start $1
else
# shellcheck disable=SC2086
/bin/systemctl $2 $1
fi
sleep 3
}
function m_checkForPort() {
while true; do
sleep 1
# shellcheck disable=SC2086
if echo > /dev/tcp/localhost/$1 >/dev/null 2>&1; then
r_log "internal" "Waiting for TCP port $1 to start listening"
break
fi
done
}
function m_assertCleanExit() {
"$@" > /dev/null 2>&1
r_checkExitStatus $?
}
function m_assertEquals() {
[ "$1" -eq "$2" ]
r_checkExitStatus $?
}
function m_skipReleaseEqual() {
if [ "$(rpm --eval %rhel)" -eq "$1" ]; then
r_log "$2" "Skipped test for $1 release"
exit 0
fi
}
function m_skipReleaseNotEqual() {
if [ "$(rpm --eval %rhel)" -ne "$1" ]; then
r_log "$2" "Skipped test"
exit 0
fi
}
function m_skipReleaseGreaterThan() {
if [ "$(rpm --eval %rhel)" -gt "$1" ]; then
r_log "$2" "Skipped test"
exit 0
fi
}
function m_skipReleaseLessThan() {
if [ "$(rpm --eval %rhel)" -lt "$1" ]; then
r_log "$2" "Skipped test"
exit 0
fi
}
function m_selectAlternative() {
primaryName=$1
searchRegex=$2
option=$(/bin/echo | /usr/sbin/alternatives --config "$primaryName" | /bin/grep -E "$searchRegex" | /usr/bin/head -n1 | sed 's/ .*//g;s/[^0-9]//g')
if [ -z "$option" ]; then
r_log "alternatives" "Option not found for alternative $searchRegex of $primaryName"
r_checkExitStatus 1
fi
r_log "alternatives" "Selecting alternative $option for $primaryName $searchRegex"
/bin/echo "$option" | /usr/sbin/alternatives --config "$primaryName" > /dev/null 2>&1
}
function m_getArch() {
/usr/bin/uname -m
}
function m_recycleLog() {
num=0
rotFile="${LOGFILE}.$num"
while [ -e "$rotFile" ]; do
num=$(( num + 1 ))
rotFile="${LOGFILE}.$num"
done
mv "$LOGFILE" "$rotFile"
}
################################################################################
# export all functions below
# When this is sourced, the functions are typically already available and ready
# to be used. But it does not hurt to have them below.
rl_ver=$(p_getDist)
rl_arch=$(m_getArch)
export rl_ver
export rl_arch
export -f r_log
export -f r_checkExitStatus
export -f r_processor
export -f r_checkEPELEnabled
export -f p_installPackageNormal
export -f p_installPackageNoWeaks
export -f p_removePackage
export -f p_enableModule
export -f p_resetModule
export -f p_getPackageRelease
export -f p_getPackageArch
export -f p_getDist
export -f m_serviceCycler
export -f m_checkForPort
export -f m_assertCleanExit
export -f m_assertEquals
export -f m_skipReleaseEqual
export -f m_skipReleaseNotEqual
export -f m_skipReleaseGreaterThan
export -f m_skipReleaseLessThan
export -f m_selectAlternative
export -f m_getArch
export -f m_recycleLog

View file

@ -1,6 +0,0 @@
#!/bin/bash
r_log "acl" "Install the acl package"
p_installPackageNormal acl
r_log "acl" "Remount filesystems with ACL support (this normally should not be needed)"
mount -o remount,acl /
sleep 3

View file

@ -1,15 +0,0 @@
#!/bin/bash
ACLFILE=/tmp/testfile_acl
r_log "acl" "Test that the acl get and set functions work"
touch "${ACLFILE}"
# Use setfacl for readonly
r_log "acl" "Set readonly ACL for the user nobody"
setfacl -m user:nobody:r "${ACLFILE}"
# Use getfacl to verify readonly
r_log "acl" "Verifying that the nobody user is set to read only"
getfacl "${ACLFILE}" | grep -q 'user:nobody:r--'
r_checkExitStatus $?
/bin/rm -f "${ACLFILE}"

View file

@ -1 +0,0 @@
Test the acl packge

View file

@ -1,5 +0,0 @@
#!/bin/bash
r_log "archive" "Installing appropriate archive formats"
# We might need expect for zmore - does anyone actually use zmore?
p_installPackageNormal bzip2 diffutils gzip less tar unzip util-linux-ng zip lzop

View file

@ -1,27 +0,0 @@
#!/bin/bash
r_log "archive" "Test bzip/bzcat/bunzip"
FILE=/var/tmp/bziptest.txt
cat > "$FILE" <<EOF
testing text
EOF
# bzip it up
/bin/bzip2 "$FILE"
/bin/rm -f "$FILE"
# Checking bzcat
if ! bzcat "${FILE}.bz2" | grep -q "testing text"; then
r_log "archive" "bzcat has failed"
exit
fi
# bunzip it down
/bin/bunzip2 "${FILE}.bz2"
# check file contents again
grep -q 'testing text' "${FILE}"
r_checkExitStatus $?
/bin/rm -f "${FILE}*"

View file

@ -1,13 +0,0 @@
#!/bin/bash
r_log "archive" "Verifying gzip binaries"
echo -n "Processing; "
for bin in gunzip gzexe gzip zcat zcmp zdiff zegrep zfgrep zforce zgrep zless zmore znew; do
echo -n "$bin "
r_log "archive" "$bin"
$bin --version &> /dev/null || r_checkExitStatus 1
done
echo
r_checkExitStatus 0

View file

@ -1,113 +0,0 @@
#!/bin/bash
r_log "archive" "Test gzip/zcat/gunzip"
FILE=/var/tmp/gzip-test.txt
MD5HASH=e6331c582fbad6653832860f469f7d1b
# Double check that stuff is cleared out
/bin/rm $FILE* &> /dev/null
/bin/rm -rf /var/tmp/gziptest &> /dev/null
# Make our test file
cat > $FILE <<EOF
Green Obsidian is the release name
EOF
# gzip
r_log "archive" "Testing gzip works"
gzip $FILE || r_checkExitStatus 1
# zcat
r_log "archive" "Test zcat works"
zcat $FILE.gz | grep -q "Green Obsidian" || r_checkExitStatus 1
# no overwrite
r_log "archive" "Check that files won't be overwritten"
touch $FILE
echo | gunzip $FILE &> /dev/null
[ $? -ne 2 ] && r_checkExitStatus 1
echo | gzip $FILE &> /dev/null
[ $? -ne 2 ] && r_checkExitStatus 1
# force overwrite
r_log "archive" "Check that files can be forcefully overwritten"
gunzip -f $FILE.gz || r_checkExitStatus 1
touch $FILE.gz
gzip -f $FILE || r_checkExitStatus 1
# -a should be ignored
# Hopefully this behavior does NOT change in 9
r_log "archive" "Check that -a is ignored"
gunzip -a $FILE.gz 2>&1 | head -n 1 | grep -q 'gzip: option --ascii ignored on this system' || r_checkExitStatus 1
# -c should write to stdout
r_log "archive" "Check that -c outputs to stdout"
gzip -c $FILE | gunzip | grep -q 'Green Obsidian' || r_checkExitStatus 1
# Expected hash is: e6331c582fbad6653832860f469f7d1b
# check -l
r_log "archive" "Check that the md5 matches"
gzip $FILE
md5check=$(gzip -l $FILE.gz | md5sum | cut -d' ' -f1)
[ "$md5check" == "$MD5HASH" ] || r_checkExitStatus 1
# Check that -v gives us some good info
r_log "archive" "Check that -v increases verbosity"
gzip -lv $FILE.gz | grep -q "e0e1ed1a" || r_checkExitStatus 1
gunzip $FILE.gz
# custom suffix
r_log "archive" "Check that a custom suffix can be used"
gzip -S .rl $FILE
[ -e $FILE.rl ] || r_checkExitStatus 1
gunzip -S .rl $FILE || r_checkExitStatus 1
# check -r
r_log "archive" "Check that -r functions"
mkdir /var/tmp/gziptest
touch /var/tmp/gziptest/{a,b}
gzip -r /var/tmp/gziptest
[ "$(find /var/tmp/gziptest/*.gz | wc -l)" -eq "2" ] || r_checkExitStatus 1
# check different compression levels
r_log "archive" "Check compression levels"
cp $FILE $FILE.1
gzip -1 $FILE
gzip -9 $FILE.1
[ "$(stat -c %s $FILE.gz)" -ne "$(stat -c %s $FILE.1.gz)" ] || r_checkExitStatus 1
# check multiple input files
r_log "archive" "Check multiple input files"
gunzip $FILE.gz $FILE.1.gz || r_checkExitStatus 1
# don't specify an extension
r_log "archive" "Don't specify file extensions"
gzip $FILE $FILE.1 || r_checkExitStatus 1
# check that .Z can be handled
r_log "archive" "Verify that .Z files can be handled"
gunzip $FILE.gz
ls -l /var/tmp >> $FILE
if [ "$RL_VER" -eq 8 ]; then
compress $FILE || r_checkExitStatus 1
gunzip $FILE.Z || r_checkExitStatus 1
else
r_log "archive" "Skipping for 9"
fi
# handle some zip files
r_log "archive" "Verify that .zip files can be handled"
zip $FILE.zip $FILE &> /dev/null || r_checkExitStatus 1
gunzip -f -S .zip $FILE.zip || r_checkExitStatus 1
# handle some tgz files
r_log "archive" "Verify that .tgz files can be handled"
tar -czf $FILE.tgz $FILE &> /dev/null
gunzip $FILE.tgz
[ -e $FILE.tar ]
r_checkExitStatus $?
# clean up
/bin/rm $FILE* &> /dev/null
/bin/rm -rf /var/tmp/gziptest &> /dev/null

View file

@ -1,22 +0,0 @@
#!/bin/bash
r_log "archive" "Checking gzexe"
r_log "archive" "Creating archive"
FILE=/var/tmp/gzexe-test-script
/bin/rm -f $FILE* &>/dev/null
cat > $FILE <<EOF
#!/bin/bash
echo "Hello!"
EOF
chmod +x $FILE
$FILE | grep -q "Hello!" || r_checkExitStatus 1
r_log "archive" "Test gzexe"
/bin/gzexe $FILE &>/dev/null || r_checkExitStatus 1
r_log "archive" "Check that it actually runs"
$FILE | grep -q "Hello!"
r_checkExitStatus $?
/bin/rm -f $FILE* 2>/dev/null

View file

@ -1,19 +0,0 @@
#!/bin/bash
r_log "archive" "Check zcmp and zdiff"
BASEFILE="/var/tmp/gziptest"
/bin/rm -f ${BASEFILE}
cat > ${BASEFILE}.1 <<EOF
Green Obsidian is the release name
EOF
/bin/gzip ${BASEFILE}.1 || r_checkExitStatus 1
cp ${BASEFILE}.1.gz ${BASEFILE}.2.gz
r_log "archive" "Check zcmp"
/bin/zcmp ${BASEFILE}.1.gz ${BASEFILE}.2.gz || r_checkExitStatus 1
r_log "archive" "Check zdiff"
/bin/zdiff ${BASEFILE}.1.gz ${BASEFILE}.2.gz || r_checkExitStatus 1
/bin/rm -f ${BASEFILE}*

View file

@ -1,18 +0,0 @@
#!/bin/bash
r_log "archive" "Testing zforce"
BASEFILE="/var/tmp/abcdefg"
/bin/rm $BASEFILE* &>/dev/null
cat > $BASEFILE <<EOF
Green Obsidian is our release name
EOF
gzip $BASEFILE
mv $BASEFILE.gz $BASEFILE
zforce $BASEFILE || r_checkExitStatus 1
[ -e "$BASEFILE.gz" ]
r_checkExitStatus $?
/bin/rm "$BASEFILE.gz"

View file

@ -1,15 +0,0 @@
#!/bin/bash
r_log "archive" "Testing zgrep"
BASEFILE=/var/tmp/zgreptest
/bin/rm $BASEFILE* &> /dev/null
cat > $BASEFILE <<EOF
Green Obsidian is the release name
EOF
gzip $BASEFILE
zgrep -q 'Green Obsidian' $BASEFILE.gz
r_checkExitStatus $?
/bin/rm $BASEFILE*

View file

@ -1,6 +0,0 @@
#!/bin/bash
r_log "archive" "Testing zless"
r_log "archive" "Generate file"
gzip -cvf /usr/lib/os-release > /var/tmp/gziptest.gz
zless -F /var/tmp/gziptest.gz | grep -q 'Rocky Linux'
r_checkExitStatus $?

View file

@ -1 +0,0 @@
#!/bin/bash

View file

@ -1,11 +0,0 @@
#!/bin/bash
r_log "archive" "Testing znew"
TESTFILE=/var/tmp/znew.txt
/bin/rm $TESTFILE* &>/dev/null
ls -l /usr/bin > $TESTFILE
compress $TESTFILE
znew $TESTFILE.Z
r_checkExitStatus $?

View file

@ -1,36 +0,0 @@
#!/bin/bash
r_log "archive" "Test tar create and extract"
TARDIR="/var/tmp/tartest"
FILE1="$TARDIR/test.1.txt"
FILE2="$TARDIR/test.2.txt"
mkdir -p $TARDIR
cat > $FILE1 <<EOF
First file!
EOF
cat > $FILE2 <<EOF
Second file!
EOF
/bin/tar -c $TARDIR -f /var/tmp/tarfile.tar > /dev/null 2>&1
/bin/rm -rf $TARDIR
if [ -e "$TARDIR" ]; then
r_log "archive" "We couldn't delete $TARDIR"
exit
fi
tar -C / -xf /var/tmp/tarfile.tar
grep -q 'First file' $FILE1
RES1=$?
grep -q 'Second file' $FILE2
RES2=$?
if [ $RES1 == 0 ] && [ $RES2 == 0 ]; then
ret_val=0
fi
r_checkExitStatus $ret_val
/bin/rm -rf /var/tmp/tarfile.tar $TARDIR

View file

@ -1,19 +0,0 @@
#!/bin/bash
r_log "archive" "Check xzcmp and xzdiff"
BASEFILE="/var/tmp/xztest"
/bin/rm -f ${BASEFILE}
cat > ${BASEFILE}.1 <<EOF
Green Obsidian is the release name
EOF
/bin/xz ${BASEFILE}.1 || r_checkExitStatus 1
cp ${BASEFILE}.1.xz ${BASEFILE}.2.xz
r_log "archive" "Check xzcmp"
/bin/zcmp ${BASEFILE}.1.xz ${BASEFILE}.2.xz || r_checkExitStatus 1
r_log "archive" "Check xzdiff"
/bin/zdiff ${BASEFILE}.1.xz ${BASEFILE}.2.xz || r_checkExitStatus 1
/bin/rm -f ${BASEFILE}*

View file

@ -1,36 +0,0 @@
#!/bin/bash
r_log "archive" "Test zip create and extract"
ZIPDIR="/var/tmp/ziptest"
FILE1="$ZIPDIR/test.1.txt"
FILE2="$ZIPDIR/test.2.txt"
mkdir -p $ZIPDIR
cat > $FILE1 <<EOF
First file!
EOF
cat > $FILE2 <<EOF
Second file!
EOF
/bin/zip -q /var/tmp/zipfile.zip $ZIPDIR/*
/bin/rm -rf $ZIPDIR
if [ -e "$ZIPDIR" ]; then
r_log "archive" "We couldn't delete $ZIPDIR"
exit
fi
/bin/unzip -q /var/tmp/zipfile.zip -d /
grep -q 'First file' $FILE1
RES1=$?
grep -q 'Second file' $FILE2
RES2=$?
if [ $RES1 == 0 ] && [ $RES2 == 0 ]; then
ret_val=0
fi
r_checkExitStatus $ret_val
/bin/rm -rf /var/tmp/zipfile.zip $ZIPDIR

View file

@ -1,17 +0,0 @@
#!/bin/bash
r_log "archive" "Testing lzop compress and decompress"
LZOFILE=/var/tmp/obsidian.txt
echo 'Green Obsidian is the release name' > ${LZOFILE}
# running compression
lzop -9 ${LZOFILE} -o ${LZOFILE}.lzo
/bin/rm ${LZOFILE}
lzop -d ${LZOFILE}.lzo -o ${LZOFILE}
/bin/rm ${LZOFILE}.lzo
grep -q 'Green Obsidian' ${LZOFILE}
/bin/rm ${LZOFILE}

View file

@ -1,3 +0,0 @@
Tests archive formats and archive accessories
TODO: Add xz

View file

@ -1,3 +0,0 @@
#!/bin/bash
r_log "attr" "Installing the attr package"
p_installPackageNormal attr

View file

@ -1,21 +0,0 @@
#!/bin/bash
ATTRTEST="/var/tmp/attrtest.img"
ATTRMNT="/mnt/attrtest"
r_log "attr" "Checking that *attr works"
dd if=/dev/zero of="${ATTRTEST}" bs=1024000 count=100 &>/dev/null
r_checkExitStatus $?
mkdir "${ATTRMNT}"
echo -e 'y\n' | mkfs.ext3 "${ATTRTEST}" > /dev/null 2>&1
mount -t ext3 -o loop,user_xattr "${ATTRTEST}" "${ATTRMNT}"
touch "${ATTRMNT}/testfile"
setfattr -n user.test "${ATTRMNT}/testfile"
getfattr "${ATTRMNT}/testfile" | grep -oq "user.test"
r_checkExitStatus $?
# Cleanup
umount /mnt/attrtest
/bin/rm -f "${ATTRTEST}"
/bin/rm -rf "${ATTRMNT}"

View file

@ -1 +0,0 @@
Test attr

View file

@ -1,9 +0,0 @@
#!/bin/bash
r_log "auditd" "Install auditd (this should be available during minimal)"
p_installPackageNormal audit
r_log "auditd" "Ensure auditd is running and enabled"
# Ignore service cycler, auditd refuses manual stop
/usr/sbin/service auditd restart
sleep 2
/usr/bin/systemctl status auditd.service | grep -q "active"
r_checkExitStatus $?

View file

@ -1,4 +0,0 @@
#!/bin/bash
r_log "auditd" "Check if the audit logs are not empty"
[[ -s /var/log/audit/audit.log ]]
r_checkExitStatus $?

View file

@ -1,12 +0,0 @@
#!/bin/bash
r_log "auditd" "Generate events for audit log"
r_log "auditd" "Add test user"
useradd relengauditd
grep "ADD_USER" /var/log/audit/audit.log | grep -q 'acct="relengauditd"'
r_checkExitStatus $?
r_log "auditd" "Delete test user"
userdel relengauditd
grep "DEL_USER" /var/log/audit/audit.log | grep -q 'ID="relengauditd"'
r_checkExitStatus $?

View file

@ -1 +0,0 @@
Test auditd

View file

@ -1,8 +0,0 @@
#!/bin/bash
# Bash is default installed on minimal
r_log "bash" "Check that the bash version is valid"
bash --version | grep -qE "(x86_64|aarch64|powerpc64le)-redhat-linux-gnu"
r_checkExitStatus $?

View file

@ -1 +0,0 @@
Test bash

View file

@ -1,8 +0,0 @@
#!/bin/bash
r_log "bc" "Install bc"
p_installPackageNormal bc
r_checkExitStatus $?
r_log "bc" "Check bc version"
bc --version
r_checkExitStatus $?

View file

@ -1,4 +0,0 @@
#!/bin/bash
r_log "bc" "Testing simple calculations"
test "$(echo "8 + 5 * 2 / 10 - 1" | bc)" -eq "8"
r_checkExitStatus $?

View file

@ -1 +0,0 @@
Test bc.

View file

@ -1,4 +0,0 @@
#!/bin/bash
r_log "bind" "Installing bind"
p_installPackageNormal bind bind-utils
m_serviceCycler named start

View file

@ -1,4 +0,0 @@
#!/bin/bash
r_log "bind" "Testing bind lookups work"
dig +timeout=5 +short @127.0.0.1 localhost | grep -q "127.0.0.1"
r_checkExitStatus $?

View file

@ -1 +0,0 @@
Test the bind package

View file

@ -1,4 +0,0 @@
#!/bin/bash
# coreutils should already be there, but just in case I guess.
r_log "coreutils" "Install coreutils"
p_installPackageNormal coreutils

View file

@ -1,4 +0,0 @@
#!/bin/bash
r_log "coreutils" "Check that the architecture matches"
uname -a | grep -q "$(arch)"
r_checkExitStatus $?

View file

@ -1,9 +0,0 @@
#!/bin/bash
r_log "coreutils" "Testing basename"
# Doing two tests for validation
basename ./core/pkg_coreutils/11-basename.sh | grep -q 11-basename.sh
r_checkExitStatus $?
basename /etc/hosts | grep -q hosts
r_checkExitStatus $?

View file

@ -1,11 +0,0 @@
#!/bin/bash
r_log "coreutils" "Testing cat"
cat > /var/tmp/cattest <<EOF
Green Obsidian
EOF
grep -q "Green Obsidian" /var/tmp/cattest
r_checkExitStatus $?
/bin/rm /var/tmp/cattest

View file

@ -1,5 +0,0 @@
#!/bin/bash
r_log "coreutils" "Test cut command"
[ "$(cut -f1 -d ' ' /etc/redhat-release)" == "Rocky" ]
r_checkExitStatus $?

View file

@ -1,12 +0,0 @@
#!/bin/bash
r_log "coreutils" "Test true/false"
r_log "coreutils" "Test true"
true
test $? -eq 0
r_checkExitStatus $?
r_log "coreutils" "Test false"
false
test $? -eq 1
r_checkExitStatus $?

View file

@ -1,10 +0,0 @@
#!/bin/bash
r_log "coreutils" "Test head and tail"
r_log "coreutils" "Testing head"
head -n1 /etc/os-release | grep -q NAME
r_checkExitStatus $?
r_log "coreutils" "Testing tail"
tail -n1 /etc/os-release | grep -q SUPPORT
r_checkExitStatus $?

View file

@ -1,8 +0,0 @@
#!/bin/bash
r_log "coreutils" "Testing pathchk"
pathchk -p "<>" 2> /dev/null
# shellcheck disable=SC2181
[ $? -eq 1 ] && pathchk /var/tmp/fakePathAndFile
# shellcheck disable=SC2181
[ $? -eq 0 ] && pathchk /var/tmp
r_checkExitStatus $?

View file

@ -1,6 +0,0 @@
#!/bin/bash
r_log "coreutils" "Testing readlink"
ln -s /var/tmp/talk /var/tmp/listen
readlink /var/tmp/listen | grep -q "/var/tmp/talk"
r_checkExitStatus $?
/bin/rm /var/tmp/listen

View file

@ -1,6 +0,0 @@
#!/bin/bash
r_log "coreutils" "Testing seq"
seq -s " " 6 | grep -q "1 2 3 4 5 6" && \
seq -s " " 3 5 | grep -q "3 4 5" && \
seq -s " " 3 3 9 | grep -q "3 6 9"
r_checkExitStatus $?

View file

@ -1,5 +0,0 @@
#!/bin/bash
r_log "coreutils" "Testing timeout and sleep"
timeout 1 sleep 1
[ $? -eq 124 ] && timeout 2 sleep 2
[ $? -eq 124 ] && r_checkExitStatus $?

View file

@ -1,26 +0,0 @@
#!/bin/bash
r_log "coreutils" "Test hash sum tools"
HASHFILE=/var/tmp/obsidian
echo "Green Obsidian is our release name" > ${HASHFILE}
r_log "coreutils" "Test md5sum"
/usr/bin/md5sum ${HASHFILE} | grep -q 7ee0df0c24cd8fbf747bbeaec2afb935
r_checkExitStatus $?
r_log "coreutils" "Test sha1sum"
/usr/bin/sha1sum ${HASHFILE} | grep -q d9dc0c244c60e6488ebca1733d8072217a2e53d9
r_checkExitStatus $?
r_log "coreutils" "Test sha224sum"
/usr/bin/sha224sum ${HASHFILE} | grep -q 5b7a29dcee3d895e21877d08da1e1408bbd6b09426887cdbfb583753
r_checkExitStatus $?
r_log "coreutils" "Test sha256sum"
/usr/bin/sha256sum ${HASHFILE} | grep -q 38ee9bbdd83f1f1dd4506b061141d956496ab01dd187e24db35e024b37f47110
r_checkExitStatus $?
r_log "coreutils" "Test sha384sum"
/usr/bin/sha384sum ${HASHFILE} | grep -q 5002b880f8b05ab66ead70ea828e3869114fe6a85bffc84fc2199c7d10fee39a69c0b523562e7bb208e7922b0d291916
r_checkExitStatus $?
r_log "coreutils" "Test sha512sum"
/usr/bin/sha512sum ${HASHFILE} | grep -q e50554c29a5cb7bd04279d3c0918e486024c79c4b305a2e360a97d4021dacf56ce0d17fa6e6a0e81ad03d5fb74fbe2d50cce6081c2c277f22b958cdae978a2f5
r_checkExitStatus $?
/bin/rm ${HASHFILE}

View file

@ -1,14 +0,0 @@
#!/bin/bash
r_log "coreutils" "Testing touch and ls"
r_log "coreutils" "Touch files with specific dates"
touch -t 199104230420 /tmp/touch-1
touch -t 199104240420 /tmp/touch-2
r_log "coreutils" "Verify that the oldest file is last"
# shellcheck disable=SC2012
ls -lt /tmp/touch-? | tail -n 1 | grep -q 'touch-1'
r_checkExitStatus $?
/bin/rm /tmp/touch-?

View file

@ -1,17 +0,0 @@
#!/bin/bash
r_log "coreutils" "Ensure uniq works as expected"
cat > /var/tmp/uniq <<EOF
Rocky
Rocky
Obsidian
obsidian
Green
Green
Blue
onyn
EOF
uniq -d /var/tmp/uniq | wc -l | grep -q 2 && uniq -u /var/tmp/uniq | wc -l | grep -q 4
r_checkExitStatus $?
/bin/rm /var/tmp/uniq

View file

@ -1,25 +0,0 @@
#!/bin/bash
r_log "coreutils" "Ensure wc works as expected"
r_log "coreutils" "This should have already been done with uniq"
# Context: we should probably test some switches...
cat > /var/tmp/wc <<EOF
Rocky
Rocky
Obsidian
obsidian
Green
Green
Blue
onynx
EOF
wc -l /var/tmp/wc | grep -q 8 && \
wc -c /var/tmp/wc | grep -q 53 && \
wc -m /var/tmp/wc | grep -q 53 && \
wc -L /var/tmp/wc | grep -q 8 && \
wc -w /var/tmp/wc | grep -q 8
r_checkExitStatus $?
/bin/rm /var/tmp/wc

View file

@ -1,11 +0,0 @@
#!/bin/bash
r_log "coreutils" "Test the yes command"
touch /var/tmp/yes-123
touch /var/tmp/yes-345
# shellcheck disable=SC2216
yes | /bin/rm -i /var/tmp/yes-* || r_checkExitStatus 1
deleted=1
test -f /var/tmp/yes-123 || test -f /var/tmp/yes-345 || deleted=0
r_checkExitStatus $deleted

View file

@ -1 +0,0 @@
Test coreutils

View file

@ -1,3 +0,0 @@
#!/bin/bash
r_log "cpio" "Install cpio"
p_installPackageNormal cpio diffutils

View file

@ -1,34 +0,0 @@
#!/bin/bash
r_log "cpio" "Test basic cpio stuff"
OUTTER=/var/tmp/cpio/out
INNER=/var/tmp/cpio/in
PASSER=/var/tmp/cpio/pass
# Nothing should be here. Clean up first.
[ -d /var/tmp/cpio ] && /bin/rm -rf /var/tmp/cpio
r_log "cpio" "Test basic copy out"
mkdir -p "$OUTTER" "$INNER" "$PASSER"
# Ensure at least one file exists in /tmp to prevent errors.
echo 1 > $(mktemp)
# shellcheck disable=2012
find /tmp -type f | cpio -o > "$OUTTER"/cpio.out 2> /dev/null
r_checkExitStatus $?
r_log "cpio" "Test basic copy in"
pushd "$INNER" || exit 1
cpio -i < "$OUTTER"/cpio.out
r_checkExitStatus $?
popd || exit 1
r_log "cpio" "Test basic passthrough"
pushd "$INNER" || exit 1
find /tmp | cpio -pd "$PASSER"
r_checkExitStatus $?
popd || exit 1
r_log "cpio" "Checking that the directories (pass and in) are the same"
diff "$PASSER" "$INNER" &> /dev/null
r_checkExitStatus $?

View file

@ -1 +0,0 @@
Test cpio

View file

@ -1,3 +0,0 @@
#!/bin/bash
r_log "cracklib" "Install the cracklib package"
p_installPackageNormal cracklib

View file

@ -1,17 +0,0 @@
#!/bin/bash
r_log "cracklib" "Test that cracklib can check passwords"
r_log "cracklib" "Test a very simple password"
echo -e "test" | cracklib-check | grep -q "too short"
r_checkExitStatus $?
r_log "cracklib" "Test a simple/dictionary password"
echo -e "testing" | cracklib-check | grep -q "dictionary"
r_checkExitStatus $?
r_log "cracklib" "Testing simplistic password"
echo -e "1234_abc" | cracklib-check | grep -q 'simplistic'
r_checkExitStatus $?
r_log "cracklib" "Testing a complicated password"
echo -e "2948_Obaym-" | cracklib-check | grep -q "OK"

View file

@ -1 +0,0 @@
Testing cracklib and cracklib accessories

View file

@ -1,4 +0,0 @@
#!/bin/bash
r_log "cron" "Installing crond"
p_installPackageNormal cronie
m_serviceCycler crond cycle

View file

@ -1,38 +0,0 @@
#!/bin/bash
r_log "cron" "Testing hourly cron jobs"
cat > /etc/cron.hourly/rocky.sh <<EOF
#!/bin/bash
echo "obsidian"
EOF
chmod +x /etc/cron.hourly/rocky.sh
run-parts /etc/cron.hourly | grep -q "obsidian"
r_checkExitStatus $?
r_log "cron" "Testing daily cron jobs"
cat > /etc/cron.daily/rocky.sh <<EOF
#!/bin/bash
echo "obsidian"
EOF
chmod +x /etc/cron.daily/rocky.sh
run-parts /etc/cron.daily | grep -q "obsidian"
r_checkExitStatus $?
r_log "cron" "Testing weekly cron jobs"
cat > /etc/cron.weekly/rocky.sh <<EOF
#!/bin/bash
echo "obsidian"
EOF
chmod +x /etc/cron.weekly/rocky.sh
run-parts /etc/cron.weekly | grep -q "obsidian"
r_checkExitStatus $?
/bin/rm /etc/cron.{weekly,daily,hourly}/rocky.sh

View file

@ -1 +0,0 @@
Testing cron and cron accessories

View file

@ -1,3 +0,0 @@
#!/bin/bash
r_log "curl" "Install curl"
p_installPackageNormal curl

View file

@ -1,12 +0,0 @@
#!/bin/bash
r_log "curl" "Basic curl test"
# TODO: Setup variables/switches I guess? Would need to be utilized in primary
# script
STRING="Rocky Linux"
URL="https://rockylinux.org"
r_log "curl" "Checking out ${URL}"
curl --location -s ${URL} | grep -q "${STRING}"

View file

@ -1 +0,0 @@
Simple curl tests

View file

@ -1,3 +0,0 @@
#!/bin/bash
r_log "diffutils" "Installing diffutils"
p_installPackageNormal diffutils

View file

@ -1,3 +0,0 @@
Test diffutils.
There's no tests here though. Need to figure out what to do.

View file

@ -1,9 +0,0 @@
#!/bin/bash
r_log "dnf" "Install ksh package"
p_installPackageNormal ksh
r_log "dnf" "Remove ksh package"
p_removePackage ksh
rpm -q ksh | grep -q "package ksh is not installed"
r_checkExitStatus $?

View file

@ -1 +0,0 @@
Test dnf and accessories

View file

@ -1,4 +0,0 @@
#!/bin/bash
r_log "dovecot" "Installing dovecot"
p_installPackageNormal dovecot nc grep
m_serviceCycler dovecot start

View file

@ -1,9 +0,0 @@
#!/bin/bash
r_log "dovecot" "Configuring dovecot"
cat > /etc/dovecot/conf.d/11-rocky.conf << EOF
mail_location = mbox:~/mail:INBOX=/var/mail/%u
mail_privileged_group = mail
EOF
m_serviceCycler dovecot restart

View file

@ -1,31 +0,0 @@
#!/bin/bash
r_log "dovecot" "Testing basic POP3 (does anyone still use this?)"
# Note that nmap-nc appears to be the default, even in fedora
NC_OPTS="-w 5 -d 3"
r_log "dovecot" "Add poptest user and maildir"
if ! id poptest > /dev/null 2>&1; then
useradd poptest
echo pop3test | passwd --stdin poptest
fi
# shellcheck disable=SC2174
mkdir -m 700 -p /home/poptest/mail/.imap/INBOX
chown -R poptest:poptest /home/poptest/mail
r_log "dovecot" "Test basic POP3 login"
# shellcheck disable=SC2086
echo -e "user poptest\npass pop3test\n" | nc ${NC_OPTS} localhost 110 | grep -q "+OK Logged in."
ret_val=$?
if [ "$ret_val" -ne 0 ]; then
tail /var/log/secure
tail /var/log/maillog
fi
r_checkExitStatus $ret_val
userdel -rf poptest

View file

@ -1,31 +0,0 @@
#!/bin/bash
r_log "dovecot" "Testing basic IMAP"
# Note that nmap-nc appears to be the default, even in fedora
NC_OPTS="-w 5 -d 3"
r_log "dovecot" "Add imapper user and maildir"
if ! id imapper > /dev/null 2>&1; then
useradd imapper
echo imaptest | passwd --stdin imapper
fi
# shellcheck disable=SC2174
mkdir -m 700 -p /home/imapper/mail/.imap/INBOX
chown -R imapper:imapper /home/imapper/mail
r_log "dovecot" "Test basic IMAP login"
# shellcheck disable=SC2086
echo -e "01 LOGIN imapper imaptest\n" | nc ${NC_OPTS} localhost 143 | grep -q "Logged in."
ret_val=$?
if [ "$ret_val" -ne 0 ]; then
tail /var/log/secure
tail /var/log/maillog
fi
r_checkExitStatus $ret_val
userdel -rf imapper

View file

@ -1,3 +0,0 @@
#!/bin/bash
rm -f /etc/dovecot/conf.d/11-rocky.conf
m_serviceCycler dovecot restart

Some files were not shown because too many files have changed in this diff Show more