Changes (see notes)
Some checks failed
Build empanada images for imagefactory / buildx (push) Failing after 4s
Build empanada container images for lorax / buildx (push) Successful in 1s

* Bump empanadas to 0.7.0
* Archive and remove `func` as testing team should be handling these
  components with tmt and openqa
* Remove unused scripts from sync
This commit is contained in:
Louis Abel 2024-08-14 21:08:06 -07:00
parent c44e25ca5d
commit a15f74a421
Signed by: label
GPG Key ID: 2A6975660E424560
286 changed files with 2 additions and 4471 deletions

View File

@ -14,10 +14,9 @@ What does this have?
* analyze -> Analysis utilities (such as download stats)
* chat -> mattermost related utilities
* func -> (mostly defunct) testing scripts and tools to test base functionality
* iso -> Contains `empanadas`, which provides ISO, Compose, and Sync related utilities.
* mangle -> Manglers and other misc stuff
* sync -> Sync tools, primarily for Rocky Linux 8 and will eventually be deprecated
* sync -> Sync tools, used to sync from compose directories to mirror for Rocky Linux
How can I help?
---------------
@ -37,9 +36,3 @@ PR's against the main branch will be closed.
PR's are preferred at the [RESF Git Service](https://git.resf.org).
Will some of this be moved into separate repositories?
------------------------------------------------------
There may be some things that will be moved to its own repository in the near
future. From a SIG/Core standpoint, we believe a good chunk of this should stay
here as it makes it easier for us to maintain and manage.

5
func/.gitignore vendored
View File

@ -1,5 +0,0 @@
log/*.log
log/*.log.*
clone_again/
cloned/
tftptest

View File

@ -1,489 +0,0 @@
Release Engineering Core Functionality Testing
==============================================
These are a set of scripts that are designed to test the core functionality
of a Rocky Linux system. They are designed to work on current versions of
Rocky and are used to test a system as a Release Engineering self-QA but
can be used by others for their own personal testing (under the assumption
that you just want to see what happens, we don't judge.
These tests *must* pass for a X.0 release to be considered "Core Validated".
* common -> Functions that our scripts and tests may or may not use. Templates
and other files should come here too under common/files and
scripts that use them should reference them as `./common/files/...`
* core -> Core functionality and testing. For example, packages and service
functionality.
* lib -> Library tests (these may be done elsewhere, such as openqa)
* log -> Log output. This repository has example logs of running on Rocky
Linux.
* modules -> Tests for module streams and their basic tests
* stacks -> Software stacks, think like LAMP (may be done elsewhere, such as openqa)
How to Run
----------
There are two ways to run through the tests:
* By running `/bin/bash runtests.sh`
* Runs all core tests
* By running `/bin/bash stacktests.sh`
* Runs all stack tests (eg, lamp, ipa)
* By running `/bin/bash monotests.sh`
* Supposed to runs all tests one by one to help identify failures as they happen (not functional)
Adding Tests
------------
So you want to add a few tests. Great! Before you add them, I want you to ask
yourself the following questions:
* Are my test(s) brand new?
* Are my test(s) actually for the "core" functionality of the system?
* Will my test(s) be going through a shellcheck?
* Were my tests running with SELinux enforcing?
If you've answered no to any of the above, the test may not be valid for this
project. If you are planning on changing a test or fixing a test to look or
work better, then a PR is more than welcome. Some things could definitely
use some touching up or improvements.
When creating tests, the below should be followed (at a minimum):
* Use functions from `./common/imports.sh`
* Global variables should be in `./common/exports.sh`
* Reusable files should be in `./common/files`
* Logging is enforced; use `r_log` where ever necessary
* Exits and status checks should be against `r_checkExitStatus`
* Place comments where `r_log` won't be descriptive enough
* With some exceptions, keep lines to a maximum of 80 characters
* Use fullpath to binaries when necessary
* Use shellcheck to verify the scripts are valid and compliant (some stuff that
shellcheck reports could be false - Just use a comment to turn off that test
for that particular line, but you need to ensure it's a false positive.)
* All filenames should start with a number and end with `.sh` (eg `00-foo.sh`)
* The executable bit should be set (except for scripts that are sourced)
**Note**: that if tests should be skipped, they should be placed into the
`skip.list` file so that way they won't run during the test phase. The file will
get a -x placed on it. Note that this is generally OK, since this repo will just
be cloned when being used anyway and won't be committed back. It is just
expected that all scripts are +x to begin with unless there's a valid reason.
There are a few tests we already have disabled because they're either not done
or they are acting strangely.
**Note**: If a package required additional modification (eg, dotnet) and it
it has a `.rocky` on the release tag, then it should be noted in the mods.list.
The same thing goes for the debrand list. Additionally, if certain patches
can change the output, it would be good to test for this (see `core/pkg_httpd`)
for an example.
Core Functionality
------------------
Everyone has their own idea of "core functionality." In the case of Release
Engineering, core functionality is simply us saying that with a basic
installation of Rocky Linux, we can run basic commands that any system admin,
developer, or casual user would run and expect to work on a regular basis.
Think about the software you probably use fairly regularly on any Linux system
that you've installed, ran, or are currently running. Now think about the
commands that you run day in, and day out. Now consider that what you're
running isn't niche and it's highly likely others use them too. If something
goes wrong with the build of your distribution, your tools might not work as
expected. Which is why the idea of doing basic testing of most, if not all of
the common stuff is a good thing to do.
While writing this, the things that come to mind are:
* archiving: zip, tar, gzip, etc
* file: head, tail, less, cat, diff, find, grep, vim, git
* network: ping, ip, ssh, wget, curl
* packaging: rpm, dnf
* system utilities: systemctl, top, sudo, ps
* web (packaging): httpd
Those are just off the top of my head. There's obviously a lot more, but with
that in mind, you now have the idea of what we're trying to accomplish with
this set of tests.
With that being said, there are obviously other tests being employed for things
that people may or may not use (LAMP stacks for example). It's not a core
function by any means, but it at least validates that a common thing or set of
things works as intended without extending the system or fixing the baseline
set of packages.
FAQ
---
### How do I know what some of these scripts do?
You can view the script and look at the various `r_log` lines or the comments
if they happen to be there. If you don't see a comment, look for an `r_log`.
### How do I disable a test?
A test can be disabled by running `chmod -x` on any given test. It's also
recommended to add it to `skip.list`
### Won't some of the tests have to change on (insert major release here)?
Yes and no. There are some tests will have to be altered to deal with it, but
the only way to really find out is to run the tests on a new major release
and see what happens.
### A test failed, what do I do?
Run a test manually to get the error. (Most) errors are not sent to the logs
as the logs are mainly to say if something was "PASSED", "FAILED", or "SKIPPED".
### A test isn't descriptive enough on r_log or comments, can I PR for that?
Absolutely - If you feel there is a gap, please fork and change what you feel
needs more information!
### Do I really need SELinux enforcing to run/add tests?
Yes.
### Why though?
Ensuring the tests work and operate under default conditions (firewall and
selinux are up) helps those who use our distribution in environments where
security is important, actually work and function correctly.
With that said, There is no reason to disable integral security layers on your
system.
### Should EPEL be enabled?
No. The point is to test Rocky packages, not EPEL. There are also package
differences that will break (eg: nc -> nmap-ncat vs netcat).
### What about CRB or extras?
It may say it's a failure, but it will continue anyway.
Current Tree
------------
```
.
├── common
│   ├── exports.sh
│   ├── files
│   │   ├── correct-passwd
│   │   ├── correct-shadow
│   │   ├── dovecot-test-sasl
│   │   ├── hello.c
│   │   ├── hello.cpp
│   │   ├── incorrect-passwd
│   │   ├── incorrect-shadow
│   │   ├── lamp-sql
│   │   ├── lamp-sql-php
│   │   ├── malform-group
│   │   ├── malform-gshadow
│   │   ├── openssl-answers
│   │   ├── postfix-test-sasl
│   │   ├── postfix-test-tls
│   │   └── smb.conf
│   └── imports.sh
├── core
│   ├── pkg_acl
│   │   ├── 00-install-acl.sh
│   │   ├── 10-test-acl-functions.sh
│   │   └── README.md
│   ├── pkg_archive
│   │   ├── 00-install-formats.sh
│   │   ├── 10-bzip.sh
│   │   ├── 20-gzip-bin-test.sh
│   │   ├── 21-gzip-test.sh
│   │   ├── 22-gzexe.sh
│   │   ├── 23-zcmp-zdiff.sh
│   │   ├── 24-zforce.sh
│   │   ├── 25-zgrep.sh
│   │   ├── 25-zless.sh
│   │   ├── 26-zmore.sh
│   │   ├── 27-znew.sh
│   │   ├── 30-tar.sh
│   │   ├── 40-xzcmp-xzdiff.sh
│   │   ├── 40-zip.sh
│   │   ├── 50-lzop.sh
│   │   └── README.md
│   ├── pkg_attr
│   │   ├── 00-install-attr.sh
│   │   ├── 10-check-attr.sh
│   │   └── README.md
│   ├── pkg_auditd
│   │   ├── 00-install-auditd.sh
│   │   ├── 10-auditd-logs.sh
│   │   ├── 11-generate-events.sh
│   │   └── README.md
│   ├── pkg_bash
│   │   ├── 00-bash-version.sh
│   │   └── README.md
│   ├── pkg_bc
│   │   ├── 00-install-bc.sh
│   │   ├── 10-test-calculation.sh
│   │   └── README.md
│   ├── pkg_bind
│   │   ├── 00-install-bind.sh
│   │   ├── 10-test-lookup.sh
│   │   └── README.md
│   ├── pkg_coreutils
│   │   ├── 00-install-coreutils.sh
│   │   ├── 10-arch.sh
│   │   ├── 11-basename.sh
│   │   ├── 12-cat.sh
│   │   ├── 13-cut.sh
│   │   ├── 14-bool.sh
│   │   ├── 15-heads-tails.sh
│   │   ├── 16-pathchk.sh
│   │   ├── 17-readlink.sh
│   │   ├── 18-seq.sh
│   │   ├── 19-timeout.sh
│   │   ├── 20-hash.sh
│   │   ├── 21-touch-ls.sh
│   │   ├── 22-uniq.sh
│   │   ├── 23-wc.sh
│   │   ├── 24-yes.sh
│   │   └── README.md
│   ├── pkg_cpio
│   │   ├── 00-install-cpio.sh
│   │   ├── 10-cpio.sh
│   │   └── README.md
│   ├── pkg_cracklib
│   │   ├── 00-install-cracklib.sh
│   │   ├── 10-test-passwords.sh
│   │   └── README.md
│   ├── pkg_cron
│   │   ├── 00-install-cron.sh
│   │   ├── 10-dot-cron.sh
│   │   └── README.md
│   ├── pkg_curl
│   │   ├── 00-install-curl.sh
│   │   ├── 10-test-curl.sh
│   │   └── README.md
│   ├── pkg_diffutils
│   │   ├── 00-install-diff.sh
│   │   └── README.md
│   ├── pkg_dnf
│   │   ├── 10-remove-package.sh
│   │   └── README.md
│   ├── pkg_dovecot
│   │   ├── 00-install-dovecot.sh
│   │   ├── 01-configure-dovecot.sh
│   │   ├── 10-pop3-test.sh
│   │   ├── 11-imap-test.sh
│   │   ├── 12-dovecot-clean.sh
│   │   └── README.md
│   ├── pkg_file
│   │   ├── 00-install-file.sh
│   │   ├── 10-mime-check.sh
│   │   ├── 20-mime-image.sh
│   │   ├── 30-mime-symlink.sh
│   │   └── README.md
│   ├── pkg_findutils
│   │   ├── 00-install-findutils.sh
│   │   ├── 10-find.sh
│   │   └── README.md
│   ├── pkg_firefox
│   │   ├── 00-install-firefox.sh
│   │   ├── 10-check-firefox-start-page.sh
│   │   └── README.md
│   ├── pkg_firewalld
│   │   ├── 00-install-firewalld.sh
│   │   ├── 10-firewalld-check-rule.sh
│   │   └── README.md
│   ├── pkg_freeradius
│   │   ├── 00-install-freeradius.sh
│   │   ├── 10-test-freeradius.sh
│   │   └── README.md
│   ├── pkg_gcc
│   │   ├── 00-install-gcc.sh
│   │   ├── 10-gcc-build-simple.sh
│   │   ├── 11-gcc-build-cpp.sh
│   │   ├── 20-annobin-test-gcc.sh
│   │   ├── 21-annobin-test-gplusplus.sh
│   │   └── README.md
│   ├── pkg_git
│   │   ├── 00-install-git.sh
│   │   ├── 10-test-git.sh
│   │   ├── 11-test-clone-log.sh
│   │   └── README.md
│   ├── pkg_httpd
│   │   ├── 00-install-httpd.sh
│   │   ├── 10-httpd-branding.sh
│   │   ├── 20-test-basic-http.sh
│   │   ├── 21-test-basic-https.sh
│   │   ├── 30-test-basic-auth.sh
│   │   ├── 40-test-basic-vhost.sh
│   │   ├── 50-test-basic-php.sh
│   │   └── README.md
│   ├── pkg_kernel
│   │   ├── 10-test-kernel-keyring.sh
│   │   ├── 11-test-secure-boot.sh
│   │   ├── 12-test-debrand.sh
│   │   └── README.md
│   ├── pkg_lsb
│   │   ├── 00-install-lsb.sh
│   │   ├── 10-test-branding.sh
│   │   └── README.md
│   ├── pkg_lsof
│   │   ├── 00-install-lsof.sh
│   │   ├── 10-test-lsof.sh
│   │   └── README.md
│   ├── pkg_mdadm
│   │   ├── 00-install-mdadm.sh
│   │   └── 01-test-mdadm.sh
│   ├── pkg_network
│   │   ├── 00-install-packages.sh
│   │   ├── 10-tracepath.sh
│   │   ├── 11-traceroute.sh
│   │   ├── 12-mtr.sh
│   │   ├── 13-iptraf.sh
│   │   ├── 20-configure-bridge.sh
│   │   ├── 30-test-arpwatch.sh
│   │   ├── imports.sh
│   │   └── README.md
│   ├── pkg_nfs
│   │   ├── 00-install-nfs.sh
│   │   ├── 10-prepare-nfs-ro.sh
│   │   ├── 11-prepare-nfs-rw.sh
│   │   ├── 12-prepare-autofs.sh
│   │   └── README.md
│   ├── pkg_openssl
│   │   ├── 00-install-openssl.sh
│   │   ├── 10-test-openssl.sh
│   │   └── README.md
│   ├── pkg_perl
│   │   ├── 00-install-perl.sh
│   │   ├── 10-test-perl.sh
│   │   ├── 11-test-perl-script.sh
│   │   └── README.md
│   ├── pkg_postfix
│   │   ├── 00-install-postfix.sh
│   │   ├── 10-test-helo.sh
│   │   ├── 20-mta.sh
│   │   ├── 30-postfix-sasl.sh
│   │   ├── 40-postfix-tls.sh
│   │   └── README.md
│   ├── pkg_postgresql
│   │   ├── 00-install-postgresql.sh
│   │   ├── 01-configure-postgresql.sh
│   │   ├── 10-create-db.sh
│   │   ├── 11-create-user.sh
│   │   ├── 20-drop-db.sh
│   │   └── 21-drop-user.sh
│   ├── pkg_python
│   │   ├── 00-install-python.sh
│   │   ├── 10-test-python3.sh
│   │   └── README.md
│   ├── pkg_release
│   │   ├── 00-install-file.sh
│   │   ├── 10-name-sanity-check.sh
│   │   ├── 20-check-gpg-keys.sh
│   │   ├── 30-os-release.sh
│   │   ├── 40-system-release.sh
│   │   └── README.md
│   ├── pkg_rootfiles
│   │   ├── 00-install-rootfiles.sh
│   │   └── 10-test-rootfiles.sh
│   ├── pkg_rsyslog
│   │   ├── 00-install-rsyslog.sh
│   │   ├── 10-test-syslog.sh
│   │   └── README.md
│   ├── pkg_samba
│   │   ├── 00-install-samba.sh
│   │   ├── 10-test-samba.sh
│   │   └── README.md
│   ├── pkg_secureboot
│   │   ├── 10-test-grub-secureboot.sh
│   │   ├── 11-test-shim-certs.sh
│   │   └── README.md
│   ├── pkg_selinux
│   │   ├── 00-install-selinux-tools.sh
│   │   ├── 10-check-alerts.sh
│   │   └── 20-check-policy-mismatch.sh
│   ├── pkg_setup
│   │   ├── 00-test-shells.sh
│   │   ├── 10-test-group-file.sh
│   │   ├── 20-test-passwd-file.sh
│   │   └── README.md
│   ├── pkg_shadow-utils
│   │   ├── 00-install.sh
│   │   ├── 10-files-verify.sh
│   │   ├── 20-user-tests.sh
│   │   ├── 30-group-tests.sh
│   │   ├── 40-pw.sh
│   │   ├── 90-clean.sh
│   │   └── README.md
│   ├── pkg_snmp
│   │   ├── 00-install-snmp.sh
│   │   ├── 10-test-snmp-1.sh
│   │   ├── 11-test-snmp-2.sh
│   │   ├── 12-test-snmp-3.sh
│   │   └── README.md
│   ├── pkg_sqlite
│   │   ├── 00-install-sqlite.sh
│   │   ├── 10-sqlite-tables.sh
│   │   ├── 20-sqlite-dump.sh
│   │   └── README.md
│   ├── pkg_strace
│   │   ├── 00-install-strace.sh
│   │   ├── 10-test-strace.sh
│   │   └── README.md
│   ├── pkg_sysstat
│   │   ├── 00-install-sysstat.sh
│   │   ├── 10-iostat.sh
│   │   ├── 11-cpu.sh
│   │   ├── 12-cpu-io.sh
│   │   └── README.md
│   ├── pkg_systemd
│   │   ├── 00-systemd-list-services.sh
│   │   ├── 10-systemd-list-non-native-sevices.sh
│   │   ├── 11-systemd-service-status.sh
│   │   ├── 20-systemd-journald.sh
│   │   └── README.md
│   ├── pkg_tcpdump
│   │   └── README.md
│   ├── pkg_telnet
│   │   ├── 00-install-telnet.sh
│   │   └── 10-test-telnet.sh
│   ├── pkg_tftp-server
│   │   ├── 00-install-tftp.sh
│   │   ├── 01-configure-tftp.sh
│   │   ├── 10-get-test.sh
│   │   └── 11-put-test.sh
│   ├── pkg_vsftpd
│   │   ├── 00-install-vsftpd.sh
│   │   ├── 10-anonymous-vsftpd.sh
│   │   ├── 20-local-login.sh
│   │   ├── 30-cleanup.sh
│   │   └── README.md
│   ├── pkg_wget
│   │   ├── 00-install-wget.sh
│   │   ├── 10-test-wget.sh
│   │   └── README.md
│   └── pkg_which
│   ├── 00-install-which.sh
│   ├── 10-test-which.sh
│   └── README.md
├── debrand.list
├── lib
├── log
│   └── README.md
├── mods.list
├── modules
├── monotests.sh
├── README.md
├── runtests.sh
├── skip.list
├── stacks
│   ├── ipa
│   │   ├── 00-ipa-pregame.sh
│   │   ├── 10-install-ipa.sh
│   │   ├── 11-configure-ipa.sh
│   │   ├── 12-verify-ipa.sh
│   │   ├── 20-ipa-user.sh
│   │   ├── 21-ipa-service.sh
│   │   ├── 22-ipa-dns.sh
│   │   ├── 23-ipa-sudo.sh
│   │   ├── 50-cleanup-ipa.sh
│   │   └── README.md
│   └── lamp
│   ├── 00-install-lamp.sh
│   ├── 01-verification.sh
│   └── 10-test-lamp.sh
└── stacks.sh
```

View File

@ -1,15 +0,0 @@
#!/bin/bash
# Common Variables
export DNFDEBUG=0
export readonly PASS=0
export readonly FAIL=1
RL_VER=$(rpm --eval %rhel)
export readonly RL_VER
export readonly PRE_RELEASE=0
# This should be either: rocky, redhat, centos
export readonly RELEASE_NAME=rocky
# A 0 means it was successful. It can be changed to 1 on failure.
export IPAINSTALLED=0
LOGFILE="$(pwd)/log/$(date +'%m-%d-%Y')-tests.log"
export LOGFILE

View File

@ -1 +0,0 @@
obsidian:x:9999:9999::/home/obsidian:/bin/bash

View File

@ -1 +0,0 @@
obsidian:$6$p/uYvJM34LitE94s$gQsL3.ytkx5MpU0jGOH8XaymvvqxuuUEiZPyazju3vH34tslLjRqUlKebGx8X2lx2nTJdvcC/H4BdUZvLUyGF1:18780:0:99999:7:::

View File

@ -1,7 +0,0 @@
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
}

View File

@ -1,5 +0,0 @@
#include <stdio.h>
int main() {
printf("Hello!\n");
return 0;
}

View File

@ -1,5 +0,0 @@
#include <iostream>
int main() {
std::cout << "Hello!\n";
return 0;
}

View File

@ -1 +0,0 @@
:obsidian:x:9999:9999:::/home/obsidian:/bin/bash:

View File

@ -1 +0,0 @@
obsidian:$6$p/uYvJM34LitE94s$gQsL3.ytkx5MpU0jGOH8XaymvvqxuuUEiZPyazju3vH34tslLjRqUlKebGx8X2lx2nTJdvcC/H4BdUZvLUyGF1:18780:0:99999:7:::

View File

@ -1,5 +0,0 @@
create database obsidiancore;
use obsidiancore;
create table tests (name varchar(20)) ;
grant all on obsidiancore.* to 'rocky'@'localhost' identified by 'onyx';
flush privileges;

View File

@ -1,11 +0,0 @@
<?php
$dbconnect = mysqli_connect("localhost","rocky","onyx");
if (!$dbconnect)
{
die('Could not connect: ' . mysqli_error());
}
mysqli_select_db($dbconnect, "obsidiancore");
mysqli_query($dbconnect, "INSERT INTO tests (name)
VALUES ('sqltest')");
mysqli_close($dbconnect);
?>

View File

@ -1 +0,0 @@
:test:x:9999::

View File

@ -1 +0,0 @@
test:x::

View File

@ -1,15 +0,0 @@
[ req ]
default_bits = 4096
distinguished_name = req_distinguished_name
string_mask = nombstr
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = US
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Arizona
localityName = Locality Name (eg, city)
localityName_default = Phoenix
0.organizationName = Organization Name (eg, company)
0.organizationName_default = RESF
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default = Rocky

View File

@ -1,6 +0,0 @@
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
broken_sasl_auth_clients = yes

View File

@ -1,15 +0,0 @@
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_tls_security_level = may
smtpd_tls_key_file = /etc/pki/tls/private/mail.key
smtpd_tls_cert_file = /etc/pki/tls/certs/mail.crt
# smtpd_tls_CAfile = /etc/pki/tls/root.crt
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache
tls_random_source = dev:/dev/urandom
smtpd_tls_auth_only = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

View File

@ -1,11 +0,0 @@
[global]
workgroup = wrkgrp
netbios name = smbsrv
security = user
map to guest = Bad User
[rocky]
comment = Rocky Share
path = /srv/smb
read only = yes
guest only = yes

View File

@ -1,254 +0,0 @@
#!/bin/bash
# Common functions and imports to use across all scripts
# Louis Abel <label@rockylinux.org> @nazunalika
################################################################################
# Functions that (r)eturn things
function r_log() {
SCR=$1
MESSAGE=$2
printf "[-] %s %s: %s\n" "$(date +'%m-%d-%Y %T')" "$SCR" "$MESSAGE" >> "$LOGFILE"
}
# Always call this at the end of scripts to check for exit status. This will
# report "PASS" or "FAIL" depending on the exit and it will show up in the log.
# Args: $1 will be whatever you want checked
function r_checkExitStatus() {
[ "$1" -eq 0 ] && r_log "result" "PASSED" && return "$PASS"
r_log "status" "FAILED"
exit "$FAIL"
}
# Processes a list of folders containing the tests. This ignores files that
# start with a dot (.), an underscore (_) or contain README in the name.
# This is done because we cannot guarantee that whoever adds in tests or
# writes additional "find" commands won't negate these lookups.
# Additionally, we should look at the file's executable status. I considered
# just having the files named differently, but that seemed more annoying than
# just setting +x
function r_processor() {
# shellcheck disable=SC2068
exec 8< $@
# shellcheck disable=SC2162
while read -u 8 file; do
# shellcheck disable=SC2086
if [[ "$(basename ${file})" =~ README|^\.|^_ ]]; then
continue
fi
[ -x "${file}" ] && echo "Begin processing script: ${file}" && "${file}"
done
return 0
}
function r_checkEPELEnabled() {
/usr/bin/dnf repolist | grep -q '^epel'
return $?
}
function r_checkTmpNoExec() {
grep 'tmp' /etc/fstab | grep -q noexec
tmpexec=$?
if [ "$tmpexec" -eq "0" ]; then
r_log "internal" "WARN: noexec is set for temporary directories. Some tests may fail."
fi
}
################################################################################
# Functions that deal with (p)ackages
# Installs packages normally (including weak dependencies)
# Args: Any number of $1..X
function p_installPackageNormal() {
r_log "internal" "Attempting install: $*"
# shellcheck disable=SC2086
/usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} install "$@"
r_checkExitStatus $?
}
# Installs packages excluding weak dependencies - There are some cases where
# you would need to do this.
# Args: Any number of $1..X
function p_installPackageNoWeaks() {
r_log "internal" "Attempting install: $*"
# shellcheck disable=SC2086
/usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} --setopt install_weak_deps=0 install "$@"
r_checkExitStatus $?
}
# Removes packages
# Args: Any number of $1..X
function p_removePackage() {
r_log "internal" "Attempting uninstall: $*"
# shellcheck disable=SC2086
/usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} remove "$@"
r_checkExitStatus $?
}
# Enables dnf modules
# Args: Any number of $1..X
function p_enableModule() {
r_log "internal" "Enabling module: $*"
# shellcheck disable=SC2086
/usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} module enable "$@"
r_checkExitStatus $?
}
# Resets modules (since you can't "disable" technically)
# Args: Any number of $1..X
function p_resetModule() {
r_log "internal" "Resetting module: $*"
# shellcheck disable=SC2086
/usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} module reset "$@"
r_checkExitStatus $?
}
function p_getPackageRelease() {
rpm -q --queryformat '%{RELEASE}' "$1"
}
function p_getPackageArch() {
rpm -q --queryformat '%{ARCH}' "$1"
}
function p_getDist() {
rpm -q --whatprovides redhat-release --queryformat '%{version}\n' | cut -d'.' -f1
}
function p_getMinorVersion() {
rpm -q --whatprovides redhat-release --queryformat '%{version}\n' | cut -d'.' -f2
}
################################################################################
# Functions that that are considered (m)isc
# Service cycler, basically a way of handling services and also being able to
# prevent potential race conditions.
function m_serviceCycler() {
if [ "$2" = "cycle" ]; then
# shellcheck disable=SC2086
/bin/systemctl stop $1
sleep 3
# shellcheck disable=SC2086
/bin/systemctl start $1
else
# shellcheck disable=SC2086
/bin/systemctl $2 $1
fi
sleep 3
}
function m_checkForPort() {
while true; do
sleep 1
# shellcheck disable=SC2086
if echo > /dev/tcp/localhost/$1 >/dev/null 2>&1; then
r_log "internal" "Waiting for TCP port $1 to start listening"
break
fi
done
}
function m_assertCleanExit() {
"$@" > /dev/null 2>&1
r_checkExitStatus $?
}
function m_assertEquals() {
[ "$1" -eq "$2" ]
r_checkExitStatus $?
}
function m_skipReleaseEqual() {
if [ "$(rpm --eval %rhel)" -eq "$1" ]; then
r_log "$2" "Skipped test for $1 release"
exit 0
fi
}
function m_skipReleaseNotEqual() {
if [ "$(rpm --eval %rhel)" -ne "$1" ]; then
r_log "$2" "Skipped test"
exit 0
fi
}
function m_skipReleaseGreaterThan() {
if [ "$(rpm --eval %rhel)" -gt "$1" ]; then
r_log "$2" "Skipped test"
exit 0
fi
}
function m_skipReleaseLessThan() {
if [ "$(rpm --eval %rhel)" -lt "$1" ]; then
r_log "$2" "Skipped test"
exit 0
fi
}
function m_selectAlternative() {
primaryName=$1
searchRegex=$2
option=$(/bin/echo | /usr/sbin/alternatives --config "$primaryName" | /bin/grep -E "$searchRegex" | /usr/bin/head -n1 | sed 's/ .*//g;s/[^0-9]//g')
if [ -z "$option" ]; then
r_log "alternatives" "Option not found for alternative $searchRegex of $primaryName"
r_checkExitStatus 1
fi
r_log "alternatives" "Selecting alternative $option for $primaryName $searchRegex"
/bin/echo "$option" | /usr/sbin/alternatives --config "$primaryName" > /dev/null 2>&1
}
function m_getArch() {
/usr/bin/uname -m
}
function m_recycleLog() {
num=0
rotFile="${LOGFILE}.$num"
while [ -e "$rotFile" ]; do
num=$(( num + 1 ))
rotFile="${LOGFILE}.$num"
done
mv "$LOGFILE" "$rotFile"
}
################################################################################
# export all functions below
# When this is sourced, the functions are typically already available and ready
# to be used. But it does not hurt to have them below.
rl_ver=$(p_getDist)
rl_arch=$(m_getArch)
rl_minor_ver=$(p_getMinorVersion)
export rl_ver
export rl_arch
export rl_minor_ver
export -f r_log
export -f r_checkExitStatus
export -f r_processor
export -f r_checkEPELEnabled
export -f r_checkTmpNoExec
export -f p_installPackageNormal
export -f p_installPackageNoWeaks
export -f p_removePackage
export -f p_enableModule
export -f p_resetModule
export -f p_getPackageRelease
export -f p_getPackageArch
export -f p_getDist
export -f p_getMinorVersion
export -f m_serviceCycler
export -f m_checkForPort
export -f m_assertCleanExit
export -f m_assertEquals
export -f m_skipReleaseEqual
export -f m_skipReleaseNotEqual
export -f m_skipReleaseGreaterThan
export -f m_skipReleaseLessThan
export -f m_selectAlternative
export -f m_getArch
export -f m_recycleLog

View File

@ -1 +0,0 @@
Basic tests, such as repos

View File

@ -1,56 +0,0 @@
#!/usr/bin/env python3
# label <label@rockylinux.org>
import datetime
import sys
import dnf
import dnf.exceptions
# pylint: disable=unnecessary-lambda-assignment
now = datetime.datetime.today().strftime("%m-%d-%Y %T")
class DnfQuiet(dnf.Base):
"""
DNF object
This is in the event we need special functions
"""
def __init__(self):
dnf.Base.__init__(self)
def main():
"""
Main run
"""
dnfobj = DnfQuiet()
releasever = dnfobj.conf.releasever
try:
dnfobj.read_all_repos()
# pylint: disable=bare-except
except:
print(f'[-] {now} -> Could not read repos', file=sys.stderr)
sys.exit(1)
rocky_default_repos = {
'8': ['baseos', 'appstream', 'extras'],
'9': ['baseos', 'appstream', 'extras']
}.get(releasever, None)
if not rocky_default_repos:
print(f'[-] {now} -> Not a Rocky Linux system')
sys.exit(1)
print(f'[-] {now} -> Checking if non-default repo is enabled')
_not_allowed=False
for repo in list(dnfobj.repos.iter_enabled()):
if not repo.id in rocky_default_repos:
print(f'[-] {now} -> {repo.id} is enabled and should be disabled')
_not_allowed=True
if _not_allowed:
print(f'[-] {now} -> FAIL - There are extra repos enabled')
sys.exit(1)
print(f'[-] {now} -> PASS')
sys.exit(0)
if __name__ == "__main__":
main()

View File

@ -1,8 +0,0 @@
#!/bin/bash
r_log "acl" "Install the acl package"
p_installPackageNormal acl
p_installPackageNormal attr
# This normally is not needed.
#r_log "acl" "Remount filesystems with ACL support"
#mount -o remount,acl /
sleep 3

View File

@ -1,15 +0,0 @@
#!/bin/bash
ACLFILE=/tmp/testfile_acl
r_log "acl" "Test that the acl get and set functions work"
touch "${ACLFILE}"
trap '/bin/rm -f ${ACLFILE}' EXIT
# Use setfacl for readonly
r_log "acl" "Set readonly ACL for the user nobody"
setfacl -m user:nobody:r "${ACLFILE}"
# Use getfacl to verify readonly
r_log "acl" "Verifying that the nobody user is set to read only"
getfacl "${ACLFILE}" | grep -q 'user:nobody:r--'
r_checkExitStatus $?

View File

@ -1,22 +0,0 @@
#!/bin/bash
ACLIMG=/tmp/testacl.img
r_log "acl" "Test the use of xattr"
touch "${ACLIMG}"
trap '/bin/rm -f ${ACLIMG}' EXIT
# Use setfacl for readonly
r_log "acl" "Create image"
dd if=/dev/zero of=${ACLIMG} bs=1024000 count=100
echo -e 'y\n' | mkfs.ext3 "${ACLIMG}"
mkdir /mnt/xattr
mount -t ext3 -o loop,user_xattr "${ACLIMG}" /mnt/xattr
touch /mnt/xattr/testfile
r_log "acl" "Apply attrs as needed"
setfattr -n user.nobody /mnt/xattr/testfile
getfattr /mnt/xattr/testfile | grep -q 'user.nobody'
final_status=$?
umount /mnt/xattr
r_checkExitStatus $final_status

View File

@ -1 +0,0 @@
Test the acl packge

View File

@ -1,5 +0,0 @@
#!/bin/bash
r_log "archive" "Installing appropriate archive formats"
# We might need expect for zmore - does anyone actually use zmore?
p_installPackageNormal bzip2 diffutils gzip less tar unzip util-linux-ng zip lzop

View File

@ -1,26 +0,0 @@
#!/bin/bash
r_log "archive" "Test bzip/bzcat/bunzip"
FILE=/var/tmp/bziptest.txt
trap '/bin/rm -f ${FILE}' EXIT
cat > "$FILE" <<EOF
testing text
EOF
# bzip it up
/bin/bzip2 "$FILE"
/bin/rm -f "$FILE"
# Checking bzcat
if ! bzcat "${FILE}.bz2" | grep -q "testing text"; then
r_log "archive" "bzcat has failed"
exit
fi
# bunzip it down
/bin/bunzip2 "${FILE}.bz2"
# check file contents again
grep -q 'testing text' "${FILE}"
r_checkExitStatus $?

View File

@ -1,13 +0,0 @@
#!/bin/bash
r_log "archive" "Verifying gzip binaries"
echo -n "Processing; "
for bin in gunzip gzexe gzip zcat zcmp zdiff zegrep zfgrep zforce zgrep zless zmore znew; do
echo -n "$bin "
r_log "archive" "$bin"
$bin --version &> /dev/null || r_checkExitStatus 1
done
echo
r_checkExitStatus 0

View File

@ -1,112 +0,0 @@
#!/bin/bash
r_log "archive" "Test gzip/zcat/gunzip"
FILE=/var/tmp/gzip-test.txt
MD5HASH=e6331c582fbad6653832860f469f7d1b
# clean up
trap '/bin/rm $FILE* &> /dev/null && /bin/rm -rf /var/tmp/gziptest &> /dev/null' EXIT
# Double check that stuff is cleared out
/bin/rm $FILE* &> /dev/null
/bin/rm -rf /var/tmp/gziptest &> /dev/null
# Make our test file
cat > $FILE <<EOF
Green Obsidian is the release name
EOF
# gzip
r_log "archive" "Testing gzip works"
gzip $FILE || r_checkExitStatus 1
# zcat
r_log "archive" "Test zcat works"
zcat $FILE.gz | grep -q "Green Obsidian" || r_checkExitStatus 1
# no overwrite
r_log "archive" "Check that files won't be overwritten"
touch $FILE
echo | gunzip $FILE &> /dev/null
[ $? -ne 2 ] && r_checkExitStatus 1
echo | gzip $FILE &> /dev/null
[ $? -ne 2 ] && r_checkExitStatus 1
# force overwrite
r_log "archive" "Check that files can be forcefully overwritten"
gunzip -f $FILE.gz || r_checkExitStatus 1
touch $FILE.gz
gzip -f $FILE || r_checkExitStatus 1
# -a should be ignored
# Hopefully this behavior does NOT change in 9
r_log "archive" "Check that -a is ignored"
gunzip -a $FILE.gz 2>&1 | head -n 1 | grep -q 'gzip: option --ascii ignored on this system' || r_checkExitStatus 1
# -c should write to stdout
r_log "archive" "Check that -c outputs to stdout"
gzip -c $FILE | gunzip | grep -q 'Green Obsidian' || r_checkExitStatus 1
# Expected hash is: e6331c582fbad6653832860f469f7d1b
# check -l
r_log "archive" "Check that the md5 matches"
gzip $FILE
md5check=$(gzip -l $FILE.gz | md5sum | cut -d' ' -f1)
[ "$md5check" == "$MD5HASH" ] || r_checkExitStatus 1
# Check that -v gives us some good info
r_log "archive" "Check that -v increases verbosity"
gzip -lv $FILE.gz | grep -q "e0e1ed1a" || r_checkExitStatus 1
gunzip $FILE.gz
# custom suffix
r_log "archive" "Check that a custom suffix can be used"
gzip -S .rl $FILE
[ -e $FILE.rl ] || r_checkExitStatus 1
gunzip -S .rl $FILE || r_checkExitStatus 1
# check -r
r_log "archive" "Check that -r functions"
mkdir /var/tmp/gziptest
touch /var/tmp/gziptest/{a,b}
gzip -r /var/tmp/gziptest
[ "$(find /var/tmp/gziptest/*.gz | wc -l)" -eq "2" ] || r_checkExitStatus 1
# check different compression levels
r_log "archive" "Check compression levels"
cp $FILE $FILE.1
gzip -1 $FILE
gzip -9 $FILE.1
[ "$(stat -c %s $FILE.gz)" -ne "$(stat -c %s $FILE.1.gz)" ] || r_checkExitStatus 1
# check multiple input files
r_log "archive" "Check multiple input files"
gunzip $FILE.gz $FILE.1.gz || r_checkExitStatus 1
# don't specify an extension
r_log "archive" "Don't specify file extensions"
gzip $FILE $FILE.1 || r_checkExitStatus 1
# check that .Z can be handled
r_log "archive" "Verify that .Z files can be handled"
gunzip $FILE.gz
ls -l /var/tmp >> $FILE
if [ "$RL_VER" -eq 8 ]; then
compress $FILE || r_checkExitStatus 1
gunzip $FILE.Z || r_checkExitStatus 1
else
r_log "archive" "Skipping for 9"
fi
# handle some zip files
r_log "archive" "Verify that .zip files can be handled"
zip $FILE.zip $FILE &> /dev/null || r_checkExitStatus 1
gunzip -f -S .zip $FILE.zip || r_checkExitStatus 1
# handle some tgz files
r_log "archive" "Verify that .tgz files can be handled"
tar -czf $FILE.tgz $FILE &> /dev/null
gunzip $FILE.tgz
[ -e $FILE.tar ]
r_checkExitStatus $?

View File

@ -1,22 +0,0 @@
#!/bin/bash
r_log "archive" "Checking gzexe"
r_log "archive" "Creating archive"
FILE=/var/tmp/gzexe-test-script
trap '/bin/rm -f $FILE* 2>/dev/null' EXIT
/bin/rm -f $FILE* &>/dev/null
cat > $FILE <<EOF
#!/bin/bash
echo "Hello!"
EOF
chmod +x $FILE
$FILE | grep -q "Hello!" || r_checkExitStatus 1
r_log "archive" "Test gzexe"
/bin/gzexe $FILE &>/dev/null || r_checkExitStatus 1
r_log "archive" "Check that it actually runs"
$FILE | grep -q "Hello!"
r_checkExitStatus $?

View File

@ -1,18 +0,0 @@
#!/bin/bash
r_log "archive" "Check zcmp and zdiff"
BASEFILE="/var/tmp/gziptest"
trap '/bin/rm -f ${BASEFILE}*' EXIT
/bin/rm -f ${BASEFILE}
cat > ${BASEFILE}.1 <<EOF
Green Obsidian is the release name
EOF
/bin/gzip ${BASEFILE}.1 || r_checkExitStatus 1
cp ${BASEFILE}.1.gz ${BASEFILE}.2.gz
r_log "archive" "Check zcmp"
/bin/zcmp ${BASEFILE}.1.gz ${BASEFILE}.2.gz || r_checkExitStatus 1
r_log "archive" "Check zdiff"
/bin/zdiff ${BASEFILE}.1.gz ${BASEFILE}.2.gz || r_checkExitStatus 1

View File

@ -1,17 +0,0 @@
#!/bin/bash
r_log "archive" "Testing zforce"
BASEFILE="/var/tmp/abcdefg"
trap '/bin/rm "$BASEFILE.gz"' EXIT
/bin/rm $BASEFILE* &>/dev/null
cat > $BASEFILE <<EOF
Green Obsidian is our release name
EOF
gzip $BASEFILE
mv $BASEFILE.gz $BASEFILE
zforce $BASEFILE || r_checkExitStatus 1
[ -e "$BASEFILE.gz" ]
r_checkExitStatus $?

View File

@ -1,14 +0,0 @@
#!/bin/bash
r_log "archive" "Testing zgrep"
BASEFILE=/var/tmp/zgreptest
trap '/bin/rm $BASEFILE*' EXIT
/bin/rm $BASEFILE* &> /dev/null
cat > $BASEFILE <<EOF
Green Obsidian is the release name
EOF
gzip $BASEFILE
zgrep -q 'Green Obsidian' $BASEFILE.gz
r_checkExitStatus $?

View File

@ -1,6 +0,0 @@
#!/bin/bash
r_log "archive" "Testing zless"
r_log "archive" "Generate file"
gzip -cvf /usr/lib/os-release > /var/tmp/gziptest.gz
zless -F /var/tmp/gziptest.gz | grep -q 'Rocky Linux'
r_checkExitStatus $?

View File

@ -1 +0,0 @@
#!/bin/bash

View File

@ -1,11 +0,0 @@
#!/bin/bash
r_log "archive" "Testing znew"
TESTFILE=/var/tmp/znew.txt
/bin/rm $TESTFILE* &>/dev/null
ls -l /usr/bin > $TESTFILE
compress $TESTFILE
znew $TESTFILE.Z
r_checkExitStatus $?

View File

@ -1,35 +0,0 @@
#!/bin/bash
r_log "archive" "Test tar create and extract"
TARDIR="/var/tmp/tartest"
FILE1="$TARDIR/test.1.txt"
FILE2="$TARDIR/test.2.txt"
trap '/bin/rm -rf /var/tmp/tarfile.tar $TARDIR' EXIT
mkdir -p $TARDIR
cat > $FILE1 <<EOF
First file!
EOF
cat > $FILE2 <<EOF
Second file!
EOF
/bin/tar -c $TARDIR -f /var/tmp/tarfile.tar > /dev/null 2>&1
/bin/rm -rf $TARDIR
if [ -e "$TARDIR" ]; then
r_log "archive" "We couldn't delete $TARDIR"
exit
fi
tar -C / -xf /var/tmp/tarfile.tar
grep -q 'First file' $FILE1
RES1=$?
grep -q 'Second file' $FILE2
RES2=$?
if [ $RES1 == 0 ] && [ $RES2 == 0 ]; then
ret_val=0
fi
r_checkExitStatus $ret_val

View File

@ -1,18 +0,0 @@
#!/bin/bash
r_log "archive" "Check xzcmp and xzdiff"
BASEFILE="/var/tmp/xztest"
trap '/bin/rm -f ${BASEFILE}*' EXIT
/bin/rm -f ${BASEFILE}
cat > ${BASEFILE}.1 <<EOF
Green Obsidian is the release name
EOF
/bin/xz ${BASEFILE}.1 || r_checkExitStatus 1
cp ${BASEFILE}.1.xz ${BASEFILE}.2.xz
r_log "archive" "Check xzcmp"
/bin/zcmp ${BASEFILE}.1.xz ${BASEFILE}.2.xz || r_checkExitStatus 1
r_log "archive" "Check xzdiff"
/bin/zdiff ${BASEFILE}.1.xz ${BASEFILE}.2.xz || r_checkExitStatus 1

View File

@ -1,35 +0,0 @@
#!/bin/bash
r_log "archive" "Test zip create and extract"
ZIPDIR="/var/tmp/ziptest"
FILE1="$ZIPDIR/test.1.txt"
FILE2="$ZIPDIR/test.2.txt"
trap '/bin/rm -rf /var/tmp/zipfile.zip $ZIPDIR' EXIT
mkdir -p $ZIPDIR
cat > $FILE1 <<EOF
First file!
EOF
cat > $FILE2 <<EOF
Second file!
EOF
/bin/zip -q /var/tmp/zipfile.zip $ZIPDIR/*
/bin/rm -rf $ZIPDIR
if [ -e "$ZIPDIR" ]; then
r_log "archive" "We couldn't delete $ZIPDIR"
exit
fi
/bin/unzip -q /var/tmp/zipfile.zip -d /
grep -q 'First file' $FILE1
RES1=$?
grep -q 'Second file' $FILE2
RES2=$?
if [ $RES1 == 0 ] && [ $RES2 == 0 ]; then
ret_val=0
fi
r_checkExitStatus "$ret_val"

View File

@ -1,18 +0,0 @@
#!/bin/bash
r_log "archive" "Testing lzop compress and decompress"
LZOFILE=/var/tmp/obsidian.txt
trap '/bin/rm ${LZOFILE}' EXIT
echo 'Green Obsidian is the release name' > ${LZOFILE}
# running compression
lzop -9 ${LZOFILE} -o ${LZOFILE}.lzo
/bin/rm ${LZOFILE}
lzop -d ${LZOFILE}.lzo -o ${LZOFILE}
/bin/rm ${LZOFILE}.lzo
grep -q 'Green Obsidian' ${LZOFILE}
ret_val="$?"
r_checkExitStatus "$ret_val"

View File

@ -1,3 +0,0 @@
Tests archive formats and archive accessories
TODO: Add xz

View File

@ -1,3 +0,0 @@
#!/bin/bash
r_log "attr" "Installing the attr package"
p_installPackageNormal attr

View File

@ -1,18 +0,0 @@
#!/bin/bash
ATTRTEST="/var/tmp/attrtest.img"
ATTRMNT="/mnt/attrtest"
trap 'umount /mnt/attrtest ; /bin/rm -f ${ATTRTEST} ; /bin/rm -rf ${ATTRMNT}' EXIT
r_log "attr" "Checking that *attr works"
dd if=/dev/zero of="${ATTRTEST}" bs=1024000 count=100 &>/dev/null
r_checkExitStatus $?
mkdir "${ATTRMNT}"
echo -e 'y\n' | mkfs.ext3 "${ATTRTEST}" > /dev/null 2>&1
mount -t ext3 -o loop,user_xattr "${ATTRTEST}" "${ATTRMNT}"
touch "${ATTRMNT}/testfile"
setfattr -n user.test "${ATTRMNT}/testfile"
getfattr "${ATTRMNT}/testfile" | grep -oq "user.test"
r_checkExitStatus $?

View File

@ -1 +0,0 @@
Test attr

View File

@ -1,9 +0,0 @@
#!/bin/bash
r_log "auditd" "Install auditd (this should be available during minimal)"
p_installPackageNormal audit
r_log "auditd" "Ensure auditd is running and enabled"
# Ignore service cycler, auditd refuses manual stop
/usr/sbin/service auditd restart
sleep 2
/usr/bin/systemctl status auditd.service | grep -q "active"
r_checkExitStatus $?

View File

@ -1,4 +0,0 @@
#!/bin/bash
r_log "auditd" "Check if the audit logs are not empty"
[[ -s /var/log/audit/audit.log ]]
r_checkExitStatus $?

View File

@ -1,12 +0,0 @@
#!/bin/bash
r_log "auditd" "Generate events for audit log"
r_log "auditd" "Add test user"
useradd relengauditd
grep "ADD_USER" /var/log/audit/audit.log | grep -q 'acct="relengauditd"'
r_checkExitStatus $?
r_log "auditd" "Delete test user"
userdel relengauditd
grep "DEL_USER" /var/log/audit/audit.log | grep -q 'ID="relengauditd"'
r_checkExitStatus $?

View File

@ -1 +0,0 @@
Test auditd

View File

@ -1,8 +0,0 @@
#!/bin/bash
# Bash is default installed on minimal
r_log "bash" "Check that the bash version is valid"
bash --version | grep -qE "(x86_64|aarch64|powerpc64le)-redhat-linux-gnu"
r_checkExitStatus $?

View File

@ -1 +0,0 @@
Test bash