Initial commit

README.md

@@ -0,0 +1,7 @@
+sig-core-toolkit
+================
+
+Release Engineering toolkit for repeatable operations or functionality testing.
+
+There may be some things that will be moved to its own repository in the near
+future. This repository may be mirrored.

func/.gitignore

@@ -0,0 +1,2 @@
+log/*.log
+log/*.log.*

func/README.md

@@ -0,0 +1,466 @@
+Release Engineering Core Functionality Testing
+==============================================
+
+These are a set of scripts that are designed to test the core functionality
+of a Rocky Linux system. They are designed to work on current versions of
+Rocky and are used to test a system as a Release Engineering self-QA but
+can be used by others for their own personal testing (under the assumption
+that you just want to see what happens, we don't judge :).
+
+These tests *must* pass for a release to be considered "Core Validated"
+Checking against the upstream repositories for package matches are not enough
+and are/will be addressed by other tools.
+
+* common  -> Functions that our scripts and tests may or may not use. Templates
+             and other files should come here too under common/files and
+             scripts that use them should reference them as `./common/files/...`
+* core    -> Core functionality and testing. For example, packages and service
+             functionality.
+* lib     -> Library tests (these may be done elsewhere)
+* log     -> Log output. This repository has example logs of running on Rocky
+             Linux.
+* modules -> Tests for module streams and their basic tests
+* stacks  -> Software stacks, think like LAMP.
+
+How to Run
+----------
+
+There are two ways to run through the tests:
+
+* By running `/bin/bash runtests.sh`
+  * Runs all tests
+* By running `/bin/bash monotests.sh`
+  * Runs all tests one by one to help identify failures as they happen
+
+Adding Tests
+------------
+
+So you want to add a few tests. Great! Before you add them, I want you to ask
+yourself the following questions:
+
+* Are my test(s) brand new?
+* Are my test(s) actually for the "core" functionality of the system?
+* Will my test(s) be going through a shellcheck?
+* Were my tests running with SELinux enforcing?
+
+If you've answered no to any of the above, the test may not be valid for this
+project. If you are planning on changing a test or fixing a test to look or
+work better, then a PR is more than welcome. Some things could definitely
+use some touching up or improvements.
+
+When creating tests, the below should be followed (at a minimum):
+
+* Use functions from `./common/imports.sh`
+* Global variables should be in `./common/exports.sh`
+* Reusable files should be in `./common/files`
+* Logging is enforced; use `r_log` where ever necessary
+* Exits and status checks should be against `r_checkExitStatus`
+* Place comments where `r_log` won't be descriptive enough
+* With some exceptions, keep lines to a maximum of 80 characters
+* Use fullpath to binaries when necessary
+* Use shellcheck to verify the scripts are valid and compliant (some stuff that
+  shellcheck reports could be false - Just use a comment to turn off that test
+  for that particular line, but you need to ensure it's a false positive.)
+* All filenames should start with a number and end with `.sh` (eg `00-foo.sh`)
+* The executable bit should be set (except for scripts that are sourced)
+
+**Note**: that if tests should be skipped, they should be placed into the
+`skip.list` file so that way they won't run during the test phase. The file will
+get a -x placed on it. Note that this is generally OK, since this repo will just
+be cloned when being used anyway and won't be committed back. It is just
+expected that all scripts are +x to begin with unless there's a valid reason.
+There are a few tests we already have disabled because they're either not done
+or they are acting strangely.
+
+**Note**: If a package required additional modification (eg, dotnet) and it
+it has a `.rocky` on the release tag, then it should be noted in the mods.list.
+The same thing goes for the debrand list. Additionally, if certain patches
+can change the output, it would be good to test for this (see `core/pkg_httpd`)
+for an example.
+
+Core Functionality
+------------------
+
+Everyone has their own idea of "core functionality." In the case of Release
+Engineering, core functionality is simply us saying that with a basic
+installation of Rocky Linux, we can run basic commands that any system admin,
+developer, or casual user would run and expect to work on a regular basis.
+
+Think about the software you probably use fairly regularly on any Linux system
+that you've installed, ran, or are currently running. Now think about the
+commands that you run day in, and day out. Now consider that what you're
+running isn't niche and it's highly likely others use them too. If something
+goes wrong with the build of your distribution, your tools might not work as
+expected. Which is why the idea of doing basic testing of most, if not all of
+the common stuff is a good thing to do.
+
+While writing this, the things that come to mind are:
+
+* archiving: zip, tar, gzip, etc
+* file: head, tail, less, cat, diff, find, grep, vim, git
+* network: ping, ip, ssh, wget, curl
+* packaging: rpm, dnf
+* system utilities: systemctl, top, sudo, ps
+* web (packaging): httpd
+
+Those are just off the top of my head. There's obviously a lot more, but with
+that in mind, you now have the idea of what we're trying to accomplish with
+this set of tests.
+
+With that being said, there are obviously other tests being employed for things
+that people may or may not use (LAMP stacks for example). It's not a core
+function by any means, but it at least validates that a common thing or set of
+things works as intended without extending the system or fixing the baseline
+set of packages.
+
+FAQ
+---
+
+### How do I know what some of these scripts do?
+You can view the script and look at the various `r_log` lines or the comments
+if they happen to be there. If you don't see a comment, look for an `r_log`.
+
+### How do I disable a test?
+A test can be disabled by running `chmod -x` on any given test. It's also
+recommended to add it to `skip.list`
+
+### Won't some of the tests have to change on (insert major release here)?
+Yes and no. There are some tests will have to be altered to deal with it, but
+the only way to really find out is to run the tests on a new major release
+and see what happens.
+
+### A test failed, what do I do?
+Run a test manually to get the error. (Most) errors are not sent to the logs
+as the logs are mainly to say if something was "PASSED", "FAILED", or "SKIPPED".
+
+### A test isn't descriptive enough on r_log or comments, can I PR for that?
+Absolutely - If you feel there is a gap, please fork and change what you feel
+needs more information!
+
+### Do I really need SELinux enforcing to run/add tests?
+Yes.
+
+### Why though?
+Ensuring the tests work and operate under default conditions (firewall and 
+selinux are up) helps those who use our distribution in environments where
+security is important, actually work and function correctly.
+
+With that said, There is no reason to disable integral security layers on your
+system.
+
+Current Tree
+------------
+```
+.
+├── common
+│   ├── exports.sh
+│   ├── files
+│   │   ├── correct-passwd
+│   │   ├── correct-shadow
+│   │   ├── dovecot-test-sasl
+│   │   ├── hello.c
+│   │   ├── hello.cpp
+│   │   ├── incorrect-passwd
+│   │   ├── incorrect-shadow
+│   │   ├── lamp-sql
+│   │   ├── lamp-sql-php
+│   │   ├── malform-group
+│   │   ├── malform-gshadow
+│   │   ├── openssl-answers
+│   │   ├── postfix-test-sasl
+│   │   ├── postfix-test-tls
+│   │   └── smb.conf
+│   └── imports.sh
+├── core
+│   ├── pkg_acl
+│   │   ├── 00-install-acl.sh
+│   │   ├── 10-test-acl-functions.sh
+│   │   └── README.md
+│   ├── pkg_archive
+│   │   ├── 00-install-formats.sh
+│   │   ├── 10-bzip.sh
+│   │   ├── 20-gzip-bin-test.sh
+│   │   ├── 21-gzip-test.sh
+│   │   ├── 22-gzexe.sh
+│   │   ├── 23-zcmp-zdiff.sh
+│   │   ├── 24-zforce.sh
+│   │   ├── 25-zgrep.sh
+│   │   ├── 25-zless.sh
+│   │   ├── 26-zmore.sh
+│   │   ├── 27-znew.sh
+│   │   ├── 30-tar.sh
+│   │   ├── 40-xzcmp-xzdiff.sh
+│   │   ├── 40-zip.sh
+│   │   ├── 50-lzop.sh
+│   │   └── README.md
+│   ├── pkg_attr
+│   │   ├── 00-install-attr.sh
+│   │   ├── 10-check-attr.sh
+│   │   └── README.md
+│   ├── pkg_auditd
+│   │   ├── 00-install-auditd.sh
+│   │   ├── 10-auditd-logs.sh
+│   │   ├── 11-generate-events.sh
+│   │   └── README.md
+│   ├── pkg_bash
+│   │   ├── 00-bash-version.sh
+│   │   └── README.md
+│   ├── pkg_bc
+│   │   ├── 00-install-bc.sh
+│   │   ├── 10-test-calculation.sh
+│   │   └── README.md
+│   ├── pkg_bind
+│   │   ├── 00-install-bind.sh
+│   │   ├── 10-test-lookup.sh
+│   │   └── README.md
+│   ├── pkg_coreutils
+│   │   ├── 00-install-coreutils.sh
+│   │   ├── 10-arch.sh
+│   │   ├── 11-basename.sh
+│   │   ├── 12-cat.sh
+│   │   ├── 13-cut.sh
+│   │   ├── 14-bool.sh
+│   │   ├── 15-heads-tails.sh
+│   │   ├── 16-pathchk.sh
+│   │   ├── 17-readlink.sh
+│   │   ├── 18-seq.sh
+│   │   ├── 19-timeout.sh
+│   │   ├── 20-hash.sh
+│   │   ├── 21-touch-ls.sh
+│   │   ├── 22-uniq.sh
+│   │   ├── 23-wc.sh
+│   │   ├── 24-yes.sh
+│   │   └── README.md
+│   ├── pkg_cpio
+│   │   ├── 00-install-cpio.sh
+│   │   ├── 10-cpio.sh
+│   │   └── README.md
+│   ├── pkg_cracklib
+│   │   ├── 00-install-cracklib.sh
+│   │   ├── 10-test-passwords.sh
+│   │   └── README.md
+│   ├── pkg_cron
+│   │   ├── 00-install-cron.sh
+│   │   ├── 10-dot-cron.sh
+│   │   └── README.md
+│   ├── pkg_curl
+│   │   ├── 00-install-curl.sh
+│   │   ├── 10-test-curl.sh
+│   │   └── README.md
+│   ├── pkg_diffutils
+│   │   ├── 00-install-diff.sh
+│   │   └── README.md
+│   ├── pkg_dnf
+│   │   ├── 10-remove-package.sh
+│   │   └── README.md
+│   ├── pkg_dovecot
+│   │   ├── 00-install-dovecot.sh
+│   │   ├── 01-configure-dovecot.sh
+│   │   ├── 10-pop3-test.sh
+│   │   ├── 11-imap-test.sh
+│   │   ├── 12-dovecot-clean.sh
+│   │   └── README.md
+│   ├── pkg_file
+│   │   ├── 00-install-file.sh
+│   │   ├── 10-mime-check.sh
+│   │   ├── 20-mime-image.sh
+│   │   ├── 30-mime-symlink.sh
+│   │   └── README.md
+│   ├── pkg_findutils
+│   │   ├── 00-install-findutils.sh
+│   │   ├── 10-find.sh
+│   │   └── README.md
+│   ├── pkg_firefox
+│   │   ├── 00-install-firefox.sh
+│   │   ├── 10-check-firefox-start-page.sh
+│   │   └── README.md
+│   ├── pkg_firewalld
+│   │   ├── 00-install-firewalld.sh
+│   │   ├── 10-firewalld-check-rule.sh
+│   │   └── README.md
+│   ├── pkg_freeradius
+│   │   ├── 00-install-freeradius.sh
+│   │   ├── 10-test-freeradius.sh
+│   │   └── README.md
+│   ├── pkg_gcc
+│   │   ├── 00-install-gcc.sh
+│   │   ├── 10-gcc-build-simple.sh
+│   │   ├── 11-gcc-build-cpp.sh
+│   │   ├── 20-annobin-test-gcc.sh
+│   │   ├── 21-annobin-test-gplusplus.sh
+│   │   └── README.md
+│   ├── pkg_git
+│   │   ├── 00-install-git.sh
+│   │   ├── 10-test-git.sh
+│   │   ├── 11-test-clone-log.sh
+│   │   └── README.md
+│   ├── pkg_httpd
+│   │   ├── 00-install-httpd.sh
+│   │   ├── 10-httpd-branding.sh
+│   │   ├── 20-test-basic-http.sh
+│   │   ├── 21-test-basic-https.sh
+│   │   ├── 30-test-basic-auth.sh
+│   │   ├── 40-test-basic-vhost.sh
+│   │   ├── 50-test-basic-php.sh
+│   │   └── README.md
+│   ├── pkg_kernel
+│   │   ├── 10-test-kernel-keyring.sh
+│   │   ├── 11-test-secure-boot.sh
+│   │   ├── 12-test-debrand.sh
+│   │   └── README.md
+│   ├── pkg_lsb
+│   │   ├── 00-install-lsb.sh
+│   │   ├── 10-test-branding.sh
+│   │   └── README.md
+│   ├── pkg_lsof
+│   │   ├── 00-install-lsof.sh
+│   │   ├── 10-test-lsof.sh
+│   │   └── README.md
+│   ├── pkg_network
+│   │   ├── 00-install-packages.sh
+│   │   ├── 10-tracepath.sh
+│   │   ├── 11-traceroute.sh
+│   │   ├── 12-mtr.sh
+│   │   ├── 13-iptraf.sh
+│   │   ├── 20-configure-bridge.sh
+│   │   ├── 30-test-arpwatch.sh
+│   │   ├── imports.sh
+│   │   └── README.md
+│   ├── pkg_nfs
+│   │   ├── 00-install-nfs.sh
+│   │   ├── 10-prepare-nfs-ro.sh
+│   │   ├── 11-prepare-nfs-rw.sh
+│   │   ├── 12-prepare-autofs.sh
+│   │   └── README.md
+│   ├── pkg_openssl
+│   │   ├── 00-install-openssl.sh
+│   │   ├── 10-test-openssl.sh
+│   │   └── README.md
+│   ├── pkg_perl
+│   │   ├── 00-install-perl.sh
+│   │   ├── 10-test-perl.sh
+│   │   ├── 11-test-perl-script.sh
+│   │   └── README.md
+│   ├── pkg_postfix
+│   │   ├── 00-install-postfix.sh
+│   │   ├── 10-test-helo.sh
+│   │   ├── 20-mta.sh
+│   │   ├── 30-postfix-sasl.sh
+│   │   ├── 40-postfix-tls.sh
+│   │   └── README.md
+│   ├── pkg_python
+│   │   ├── 00-install-python.sh
+│   │   ├── 10-test-python3.sh
+│   │   └── README.md
+│   ├── pkg_release
+│   │   ├── 00-install-file.sh
+│   │   ├── 10-name-sanity-check.sh
+│   │   ├── 20-check-gpg-keys.sh
+│   │   ├── 30-os-release.sh
+│   │   ├── 40-system-release.sh
+│   │   └── README.md
+│   ├── pkg_rootfiles
+│   │   ├── 00-install-rootfiles.sh
+│   │   └── 10-test-rootfiles.sh
+│   ├── pkg_rsyslog
+│   │   ├── 00-install-rsyslog.sh
+│   │   ├── 10-test-syslog.sh
+│   │   └── README.md
+│   ├── pkg_samba
+│   │   ├── 00-install-samba.sh
+│   │   ├── 10-test-samba.sh
+│   │   └── README.md
+│   ├── pkg_secureboot
+│   │   ├── 10-test-grub-secureboot.sh
+│   │   ├── 11-test-shim-certs.sh
+│   │   └── README.md
+│   ├── pkg_selinux
+│   │   ├── 00-install-selinux-tools.sh
+│   │   ├── 10-check-alerts.sh
+│   │   └── 20-check-policy-mismatch.sh
+│   ├── pkg_setup
+│   │   ├── 00-test-shells.sh
+│   │   ├── 10-test-group-file.sh
+│   │   ├── 20-test-passwd-file.sh
+│   │   └── README.md
+│   ├── pkg_shadow-utils
+│   │   ├── 00-install.sh
+│   │   ├── 10-files-verify.sh
+│   │   ├── 20-user-tests.sh
+│   │   ├── 30-group-tests.sh
+│   │   ├── 40-pw.sh
+│   │   ├── 90-clean.sh
+│   │   └── README.md
+│   ├── pkg_snmp
+│   │   ├── 00-install-snmp.sh
+│   │   ├── 10-test-snmp-1.sh
+│   │   ├── 11-test-snmp-2.sh
+│   │   ├── 12-test-snmp-3.sh
+│   │   └── README.md
+│   ├── pkg_sqlite
+│   │   ├── 00-install-sqlite.sh
+│   │   ├── 10-sqlite-tables.sh
+│   │   ├── 20-sqlite-dump.sh
+│   │   └── README.md
+│   ├── pkg_strace
+│   │   ├── 00-install-strace.sh
+│   │   ├── 10-test-strace.sh
+│   │   └── README.md
+│   ├── pkg_sysstat
+│   │   ├── 00-install-sysstat.sh
+│   │   ├── 10-iostat.sh
+│   │   ├── 11-cpu.sh
+│   │   ├── 12-cpu-io.sh
+│   │   └── README.md
+│   ├── pkg_systemd
+│   │   ├── 00-systemd-list-services.sh
+│   │   ├── 10-systemd-list-non-native-sevices.sh
+│   │   ├── 11-systemd-service-status.sh
+│   │   ├── 20-systemd-journald.sh
+│   │   └── README.md
+│   ├── pkg_tcpdump
+│   │   └── README.md
+│   ├── pkg_telnet
+│   │   ├── 00-install-telnet.sh
+│   │   └── 10-test-telnet.sh
+│   ├── pkg_vsftpd
+│   │   ├── 00-install-vsftpd.sh
+│   │   ├── 10-anonymous-vsftpd.sh
+│   │   ├── 20-local-login.sh
+│   │   ├── 30-cleanup.sh
+│   │   └── README.md
+│   ├── pkg_wget
+│   │   ├── 00-install-wget.sh
+│   │   ├── 10-test-wget.sh
+│   │   └── README.md
+│   └── pkg_which
+│       ├── 00-install-which.sh
+│       ├── 10-test-which.sh
+│       └── README.md
+├── debrand.list
+├── lib
+├── log
+│   └── README.md
+├── mods.list
+├── modules
+├── monotests.sh
+├── README.md
+├── runtests.sh
+├── skip.list
+└── stacks
+    ├── ipa
+    │   ├── 00-ipa-pregame.sh
+    │   ├── 10-install-ipa.sh
+    │   ├── 11-configure-ipa.sh
+    │   ├── 12-verify-ipa.sh
+    │   ├── 20-ipa-user.sh
+    │   ├── 21-ipa-service.sh
+    │   ├── 22-ipa-dns.sh
+    │   ├── 23-ipa-sudo.sh
+    │   ├── 50-cleanup-ipa.sh
+    │   └── README.md
+    └── lamp
+        ├── 00-install-lamp.sh
+        ├── 01-verification.sh
+        └── 10-test-lamp.sh
+```

func/common/exports.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+# Common Variables
+export DNFDEBUG=0
+export readonly PASS=0
+export readonly FAIL=1
+RL_VER=$(rpm --eval %rhel)
+export readonly RL_VER
+export readonly PRE_RELEASE=0
+# This should be either: rocky, redhat, centos
+export readonly RELEASE_NAME=rocky
+# A 0 means it was successful. It can be changed to 1 on failure.
+export IPAINSTALLED=0
+
+LOGFILE="./log/$(date +'%m-%d-%Y')-tests.log"
+export LOGFILE

func/common/files/correct-passwd

@@ -0,0 +1 @@
+obsidian:x:9999:9999::/home/obsidian:/bin/bash

func/common/files/correct-shadow

@@ -0,0 +1 @@
+obsidian:$6$p/uYvJM34LitE94s$gQsL3.ytkx5MpU0jGOH8XaymvvqxuuUEiZPyazju3vH34tslLjRqUlKebGx8X2lx2nTJdvcC/H4BdUZvLUyGF1:18780:0:99999:7:::

func/common/files/dovecot-test-sasl

@@ -0,0 +1,7 @@
+service auth {
+  unix_listener /var/spool/postfix/private/auth {
+    mode = 0660
+    user = postfix
+    group = postfix
+  }
+}

func/common/files/hello.c

@@ -0,0 +1,5 @@
+#include <stdio.h>
+int main() {
+  printf("Hello!\n");
+  return 0;
+}

func/common/files/hello.cpp

@@ -0,0 +1,5 @@
+#include <iostream>
+int main() {
+  std::cout << "Hello!\n";
+  return 0;
+}

func/common/files/incorrect-passwd

@@ -0,0 +1 @@
+:obsidian:x:9999:9999:::/home/obsidian:/bin/bash:

func/common/files/incorrect-shadow

@@ -0,0 +1 @@
+obsidian:$6$p/uYvJM34LitE94s$gQsL3.ytkx5MpU0jGOH8XaymvvqxuuUEiZPyazju3vH34tslLjRqUlKebGx8X2lx2nTJdvcC/H4BdUZvLUyGF1:18780:0:99999:7:::

func/common/files/lamp-sql

@@ -0,0 +1,5 @@
+create database obsidiancore;
+use obsidiancore;
+create table tests (name varchar(20)) ;
+grant all on obsidiancore.* to 'rocky'@'localhost' identified by 'onyx';
+flush privileges;

func/common/files/lamp-sql-php

@@ -0,0 +1,11 @@
+<?php
+$dbconnect = mysqli_connect("localhost","rocky","onyx");
+if (!$dbconnect)
+  {
+  die('Could not connect: ' . mysqli_error());
+  }
+mysqli_select_db($dbconnect, "obsidiancore");
+mysqli_query($dbconnect, "INSERT INTO tests (name)
+VALUES ('sqltest')");
+mysqli_close($dbconnect);
+?> 

func/common/files/malform-group

@@ -0,0 +1 @@
+:test:x:9999::

func/common/files/malform-gshadow

@@ -0,0 +1 @@
+test:x::

func/common/files/openssl-answers

@@ -0,0 +1,15 @@
+[ req ]
+default_bits       = 4096
+distinguished_name = req_distinguished_name
+string_mask        = nombstr
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+countryName_default             = US
+stateOrProvinceName             = State or Province Name (full name)
+stateOrProvinceName_default     = Arizona
+localityName                    = Locality Name (eg, city)
+localityName_default            = Phoenix
+0.organizationName              = Organization Name (eg, company)
+0.organizationName_default      = RESF
+organizationalUnitName          = Organizational Unit Name (eg, section)
+organizationalUnitName_default  = Rocky

func/common/files/postfix-test-sasl

@@ -0,0 +1,6 @@
+smtpd_sasl_auth_enable = yes
+smtpd_sasl_type = dovecot
+smtpd_sasl_path = private/auth
+smtpd_sasl_security_options = noanonymous
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
+broken_sasl_auth_clients = yes

func/common/files/postfix-test-tls

@@ -0,0 +1,15 @@
+smtpd_sasl_auth_enable = yes
+smtpd_sasl_type = dovecot
+smtpd_sasl_path = private/auth
+smtpd_sasl_security_options = noanonymous
+smtpd_tls_security_level = may
+smtpd_tls_key_file = /etc/pki/tls/private/mail.key
+smtpd_tls_cert_file = /etc/pki/tls/certs/mail.crt
+# smtpd_tls_CAfile = /etc/pki/tls/root.crt
+smtpd_tls_loglevel = 1
+smtpd_tls_session_cache_timeout = 3600s
+smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache
+tls_random_source = dev:/dev/urandom
+smtpd_tls_auth_only = yes
+broken_sasl_auth_clients = yes
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

func/common/files/smb.conf

@@ -0,0 +1,11 @@
+[global] 
+workgroup = wrkgrp 
+netbios name = smbsrv 
+security = user
+map to guest = Bad User
+
+[rocky]
+comment = Rocky Share
+path = /srv/smb
+read only = yes
+guest only = yes

func/common/imports.sh

@@ -0,0 +1,219 @@
+#!/bin/bash
+# Common functions and imports to use across all scripts
+# Louis Abel <label@rockylinux.org> @nazunalika
+
+################################################################################
+# Functions that (r)eturn things
+function r_log() {
+  SCR=$1
+  MESSAGE=$2
+  printf "[-] %s %s: %s\n" "$(date +'%m-%d-%Y %T')" "$SCR" "$MESSAGE" >> "$LOGFILE"
+}
+
+# Always call this at the end of scripts to check for exit status. This will
+# report "PASS" or "FAIL" depending on the exit and it will show up in the log.
+# Args: $1 will be whatever you want checked
+function r_checkExitStatus() {
+  [ "$1" -eq 0 ] && r_log "result" "PASSED" && return "$PASS"
+  r_log "status" "FAILED"
+  exit "$FAIL"
+}
+
+# Processes a list of folders containing the tests. This ignores files that
+# start with a dot (.), an underscore (_) or contain README in the name.
+# This is done because we cannot guarantee that whoever adds in tests or
+# writes additional "find" commands won't negate these lookups.
+
+# Additionally, we should look at the file's executable status. I considered
+# just having the files named differently, but that seemed more annoying than
+# just setting +x
+function r_processor() {
+  exec 8< $@
+  while read -u 8 file; do
+    if [[ "$(basename ${file})" =~ README|^\.|^_ ]]; then
+      continue
+    fi
+    [ -x ${file} ] && ${file}
+  done
+  return 0
+}
+
+################################################################################
+# Functions that deal with (p)ackages
+
+# Installs packages normally (including weak dependencies)
+# Args: Any number of $1..X
+function p_installPackageNormal() {
+  r_log "internal" "Attempting install: $*"
+  /usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} install "$@"
+  r_checkExitStatus $?
+}
+
+# Installs packages excluding weak dependencies - There are some cases where
+# you would need to do this.
+# Args: Any number of $1..X
+function p_installPackageNoWeaks() {
+  r_log "internal" "Attempting install: $*"
+  /usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} --setopt install_weak_deps=0 install "$@"
+  r_checkExitStatus $?
+}
+
+# Removes packages
+# Args: Any number of $1..X
+function p_removePackage() {
+  r_log "internal" "Attempting uninstall: $*"
+  /usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} remove "$@"
+  r_checkExitStatus $?
+}
+
+# Enables dnf modules
+# Args: Any number of $1..X
+function p_enableModule() {
+  r_log "internal" "Enabling module: $*"
+  /usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} module enable "$@"
+  r_checkExitStatus $?
+}
+
+# Resets modules (since you can't "disable" technically)
+# Args: Any number of $1..X
+function p_resetModule() {
+  r_log "internal" "Resetting module: $*"
+  /usr/bin/dnf --assumeyes --debuglevel ${DNFDEBUG} module reset "$@"
+  r_checkExitStatus $?
+}
+
+function p_getPackageRelease() {
+  rpm -q --queryformat '%{RELEASE}' $1
+}
+
+function p_getPackageArch() {
+  rpm -q --queryformat '%{ARCH}' $1
+}
+
+function p_getDist() {
+  rpm -q $(rpm -qf /etc/redhat-release) --queryformat '%{version}\n' | cut -d'.' -f1
+}
+
+################################################################################
+# Functions that that are considered (m)isc
+
+# Service cycler, basically a way of handling services and also being able to
+# prevent potential race conditions.
+function m_serviceCycler() {
+  if [ "$2" = "cycle" ]; then
+    /bin/systemctl stop $1
+    sleep 3
+    /bin/systemctl start $1
+  else
+    /bin/systemctl $2 $1
+  fi
+  sleep 3
+}
+
+function m_checkForPort() {
+  while true; do
+    sleep 1
+    if echo > /dev/tcp/localhost/$1 >/dev/null 2>&1; then
+      r_log "internal" "Waiting for TCP port $1 to start listening"
+      break
+    fi
+  done
+}
+
+function m_assertCleanExit() {
+  "$@" > /dev/null 2>&1
+  r_checkExitStatus $?
+}
+
+function m_assertEquals() {
+  [ "$1" -eq "$2" ]
+  r_checkExitStatus $?
+}
+
+function m_skipReleaseEqual() {
+  if [ "$(rpm --eval %rhel)" -eq "$1" ]; then
+    r_log "$2" "Skipped test for $1 release"
+    exit 0
+  fi
+}
+
+function m_skipReleaseNotEqual() {
+  if [ "$(rpm --eval %rhel)" -ne "$1" ]; then
+    r_log "$2" "Skipped test"
+    exit 0
+  fi
+}
+
+function m_skipReleaseGreaterThan() {
+  if [ "$(rpm --eval %rhel)" -gt "$1" ]; then
+    r_log "$2" "Skipped test"
+    exit 0
+  fi
+}
+
+function m_skipReleaseLessThan() {
+  if [ "$(rpm --eval %rhel)" -lt "$1" ]; then
+    r_log "$2" "Skipped test"
+    exit 0
+  fi
+}
+
+function m_selectAlternative() {
+  primaryName=$1
+  searchRegex=$2
+  option=$(/bin/echo | /usr/sbin/alternatives --config "$primaryName" | /bin/grep -E "$searchRegex" | /usr/bin/head -n1 | sed 's/    .*//g;s/[^0-9]//g')
+  if [ -z "$option" ]; then
+    r_log "alternatives" "Option not found for alternative $searchRegex of $primaryName"
+    r_checkExitStatus 1
+  fi
+  r_log "alternatives" "Selecting alternative $option for $primaryName $searchRegex"
+  /bin/echo "$option" | /usr/sbin/alternatives --config "$primaryName" > /dev/null 2>&1
+}
+
+function m_getArch() {
+  /usr/bin/uname -m
+}
+
+function m_recycleLog() {
+  num=0
+  rotFile="${LOGFILE}.$num"
+  while [ -e "$rotFile" ]; do
+    num=$(( num + 1 ))
+    rotFile="${LOGFILE}.$num"
+  done
+  mv "$LOGFILE" "$rotFile"
+}
+
+################################################################################
+# export all functions below
+
+# When this is sourced, the functions are typically already available and ready
+# to be used. But it does not hurt to have them below.
+
+rl_ver=$(p_getDist)
+rl_arch=$(m_getArch)
+export rl_ver
+export rl_arch
+
+export -f r_log
+export -f r_checkExitStatus
+export -f r_processor
+export -f p_installPackageNormal
+export -f p_installPackageNoWeaks
+export -f p_removePackage
+export -f p_enableModule
+export -f p_resetModule
+export -f p_getPackageRelease
+export -f p_getPackageArch
+export -f p_getDist
+export -f m_serviceCycler
+export -f m_checkForPort
+export -f m_assertCleanExit
+export -f m_assertEquals
+export -f m_skipReleaseEqual
+export -f m_skipReleaseNotEqual
+export -f m_skipReleaseGreaterThan
+export -f m_skipReleaseLessThan
+export -f m_selectAlternative
+export -f m_getArch
+export -f m_recycleLog

func/core/pkg_acl/00-install-acl.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+r_log "acl" "Install the acl package"
+p_installPackageNormal acl
+r_log "acl" "Remount filesystems with ACL support (this normally should not be needed)"
+mount -o remount,acl /
+sleep 3

func/core/pkg_acl/10-test-acl-functions.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+ACLFILE=/tmp/testfile_acl
+r_log "acl" "Test that the acl get and set functions work"
+touch "${ACLFILE}"
+
+# Use setfacl for readonly
+r_log "acl" "Set readonly ACL for the user nobody"
+setfacl -m user:nobody:r "${ACLFILE}"
+
+# Use getfacl to verify readonly
+r_log "acl" "Verifying that the nobody user is set to read only"
+getfacl "${ACLFILE}" | grep -q 'user:nobody:r--'
+
+r_checkExitStatus $?
+/bin/rm -f "${ACLFILE}"

func/core/pkg_acl/README.md

@@ -0,0 +1 @@
+Test the acl packge

func/core/pkg_archive/00-install-formats.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+r_log "archive" "Installing appropriate archive formats"
+
+# We might need expect for zmore - does anyone actually use zmore?
+p_installPackageNormal bzip2 diffutils gzip less ncompress tar unzip util-linux-ng zip lzop

func/core/pkg_archive/10-bzip.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+r_log "archive" "Test bzip/bzcat/bunzip"
+FILE=/var/tmp/bziptest.txt
+
+cat > "$FILE" <<EOF
+testing text
+EOF
+
+# bzip it up
+/bin/bzip2 "$FILE"
+/bin/rm -f "$FILE"
+
+# Checking bzcat
+if ! bzcat "${FILE}.bz2" | grep -q "testing text"; then
+  r_log "archive" "bzcat has failed"
+  exit
+fi
+
+# bunzip it down
+/bin/bunzip2 "${FILE}.bz2"
+
+# check file contents again
+grep -q 'testing text' "${FILE}"
+
+r_checkExitStatus $?
+
+/bin/rm -f "${FILE}*"

func/core/pkg_archive/20-gzip-bin-test.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+r_log "archive" "Verifying gzip binaries"
+
+for bin in gunzip gzexe gzip zcat zcmp zdiff zegrep zfgrep zforce zgrep zless zmore znew; do
+  echo -n "$bin"
+  r_log "archive" "$bin"
+  $bin --version &> /dev/null || r_checkExitStatus 1
+done
+
+echo
+
+r_checkExitStatus 0

func/core/pkg_archive/21-gzip-test.sh

@@ -0,0 +1,109 @@
+#!/bin/bash
+r_log "archive" "Test gzip/zcat/gunzip"
+
+FILE=/var/tmp/gzip-test.txt
+MD5HASH=e6331c582fbad6653832860f469f7d1b
+
+# Double check that stuff is cleared out
+/bin/rm $FILE* &> /dev/null
+/bin/rm -rf /var/tmp/gziptest &> /dev/null
+
+# Make our test file
+cat > $FILE <<EOF
+Green Obsidian is the release name
+EOF
+
+# gzip
+r_log "archive" "Testing gzip works"
+gzip $FILE || r_checkExitStatus 1
+
+# zcat
+r_log "archive" "Test zcat works"
+zcat $FILE.gz | grep -q "Green Obsidian" || r_checkExitStatus 1
+
+# no overwrite
+r_log "archive" "Check that files won't be overwritten"
+touch $FILE
+echo | gunzip $FILE &> /dev/null
+[ $? -ne 2 ] && r_checkExitStatus 1
+
+echo | gzip $FILE &> /dev/null
+[ $? -ne 2 ] && r_checkExitStatus 1
+
+# force overwrite
+r_log "archive" "Check that files can be forcefully overwritten"
+gunzip -f $FILE.gz || r_checkExitStatus 1
+touch $FILE.gz
+gzip -f $FILE || r_checkExitStatus 1
+
+# -a should be ignored
+# Hopefully this behavior does NOT change in 9
+r_log "archive" "Check that -a is ignored"
+gunzip -a $FILE.gz 2>&1 | head -n 1 | grep -q 'gzip: option --ascii ignored on this system' || r_checkExitStatus 1
+
+# -c should write to stdout
+r_log "archive" "Check that -c outputs to stdout"
+gzip -c $FILE | gunzip | grep -q 'Green Obsidian' || r_checkExitStatus 1
+
+# Expected hash is: e6331c582fbad6653832860f469f7d1b
+# check -l
+r_log "archive" "Check that the md5 matches"
+gzip $FILE
+md5check=$(gzip -l $FILE.gz | md5sum | cut -d' ' -f1)
+[ "$md5check" == "$MD5HASH" ] || r_checkExitStatus 1
+
+# Check that -v gives us some good info
+r_log "archive" "Check that -v increases verbosity"
+gzip -lv $FILE.gz | grep -q "e0e1ed1a" || r_checkExitStatus 1
+gunzip $FILE.gz
+
+# custom suffix
+r_log "archive" "Check that a custom suffix can be used"
+gzip -S .rl $FILE
+[ -e $FILE.rl ] || r_checkExitStatus 1
+gunzip -S .rl $FILE || r_checkExitStatus 1
+
+# check -r
+r_log "archive" "Check that -r functions"
+mkdir /var/tmp/gziptest
+touch /var/tmp/gziptest/{a,b}
+gzip -r /var/tmp/gziptest
+[ "$(ls /var/tmp/gziptest/*.gz | wc -l)" -eq "2" ] || r_checkExitStatus 1
+
+# check different compression levels
+r_log "archive" "Check compression levels"
+cp $FILE $FILE.1
+gzip -1 $FILE
+gzip -9 $FILE.1
+[ "$(stat -c %s $FILE.gz)" -ne "$(stat -c %s $FILE.1.gz)" ] || r_checkExitStatus 1
+
+# check multiple input files
+r_log "archive" "Check multiple input files"
+gunzip $FILE.gz $FILE.1.gz || r_checkExitStatus 1
+
+# don't specify an extension
+r_log "archive" "Don't specify file extensions"
+gzip $FILE $FILE.1 || r_checkExitStatus 1
+
+# check that .Z can be handled
+r_log "archive" "Verify that .Z files can be handled"
+gunzip $FILE.gz
+ls -l /var/tmp >> $FILE
+compress $FILE || r_checkExitStatus 1
+gunzip $FILE.Z || r_checkExitStatus 1
+
+# handle some zip files
+r_log "archive" "Verify that .zip files can be handled"
+zip $FILE.zip $FILE &> /dev/null || r_checkExitStatus 1
+gunzip -f -S .zip $FILE.zip || r_checkExitStatus 1
+
+# handle some tgz files
+r_log "archive" "Verify that .tgz files can be handled"
+tar -czf $FILE.tgz $FILE &> /dev/null
+gunzip $FILE.tgz
+[ -e $FILE.tar ]
+r_checkExitStatus $?
+
+# clean up
+/bin/rm $FILE* &> /dev/null
+/bin/rm -rf /var/tmp/gziptest &> /dev/null

func/core/pkg_archive/22-gzexe.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+r_log "archive" "Checking gzexe"
+r_log "archive" "Creating archive"
+FILE=/var/tmp/gzexe-test-script
+/bin/rm -f $FILE* &>/dev/null
+
+cat > $FILE <<EOF
+#!/bin/bash
+echo "Hello!"
+EOF
+
+chmod +x $FILE
+$FILE | grep -q "Hello!" || r_checkExitStatus 1
+
+r_log "archive" "Test gzexe"
+/bin/gzexe $FILE &>/dev/null || r_checkExitStatus 1
+
+r_log "archive" "Check that it actually runs"
+$FILE | grep -q "Hello!"
+r_checkExitStatus $?
+
+/bin/rm -f $FILE* 2>/dev/null

func/core/pkg_archive/23-zcmp-zdiff.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+r_log "archive" "Check zcmp and zdiff"
+BASEFILE="/var/tmp/gziptest"
+/bin/rm -f ${BASEFILE}
+
+cat > ${BASEFILE}.1 <<EOF
+Green Obsidian is the release name
+EOF
+
+/bin/gzip ${BASEFILE}.1 || r_checkExitStatus 1
+cp ${BASEFILE}.1.gz ${BASEFILE}.2.gz
+
+r_log "archive" "Check zcmp"
+/bin/zcmp ${BASEFILE}.1.gz ${BASEFILE}.2.gz || r_checkExitStatus 1
+
+r_log "archive" "Check zdiff"
+/bin/zdiff ${BASEFILE}.1.gz ${BASEFILE}.2.gz || r_checkExitStatus 1
+
+/bin/rm -f ${BASEFILE}*

func/core/pkg_archive/24-zforce.sh

@@ -0,0 +1,18 @@
+#!/bin/bash
+r_log "archive" "Testing zforce"
+
+BASEFILE="/var/tmp/abcdefg"
+/bin/rm $BASEFILE* &>/dev/null
+
+cat > $BASEFILE <<EOF
+Green Obsidian is our release name
+EOF
+
+gzip $BASEFILE
+mv $BASEFILE.gz $BASEFILE
+
+zforce $BASEFILE || r_checkExitStatus 1
+[ -e "$BASEFILE.gz" ]
+r_checkExitStatus $?
+
+/bin/rm "$BASEFILE.gz"

func/core/pkg_archive/25-zgrep.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+r_log "archive" "Testing zgrep"
+BASEFILE=/var/tmp/zgreptest
+/bin/rm $BASEFILE* &> /dev/null
+
+cat > $BASEFILE <<EOF
+Green Obsidian is the release name
+EOF
+
+gzip $BASEFILE
+
+zgrep -q 'Green Obsidian' $BASEFILE.gz
+r_checkExitStatus $?
+
+/bin/rm $BASEFILE*

func/core/pkg_archive/25-zless.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+r_log "archive" "Testing zless"
+r_log "archive" "Generate file"
+gzip -cvf /usr/lib/os-release > /var/tmp/gziptest.gz
+zless -F /var/tmp/gziptest.gz | grep -q 'Rocky Linux'
+r_checkExitStatus $?

func/core/pkg_archive/26-zmore.sh

@@ -0,0 +1 @@
+#!/bin/bash

func/core/pkg_archive/27-znew.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+r_log "archive" "Testing znew"
+
+TESTFILE=/var/tmp/znew.txt
+/bin/rm $TESTFILE* &>/dev/null
+
+ls -l /usr/bin > $TESTFILE
+compress $TESTFILE
+
+znew $TESTFILE.Z
+r_checkExitStatus $?

func/core/pkg_archive/30-tar.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+r_log "archive" "Test tar create and extract"
+
+TARDIR="/var/tmp/tartest"
+FILE1="$TARDIR/test.1.txt"
+FILE2="$TARDIR/test.2.txt"
+
+mkdir -p $TARDIR
+cat > $FILE1 <<EOF
+First file!
+EOF
+
+cat > $FILE2 <<EOF
+Second file!
+EOF
+
+/bin/tar -c $TARDIR -f /var/tmp/tarfile.tar > /dev/null 2>&1
+/bin/rm -rf $TARDIR
+if [ -e "$TARDIR" ]; then
+  r_log "archive" "We couldn't delete $TARDIR"
+  exit
+fi
+
+tar -C / -xf /var/tmp/tarfile.tar
+grep -q 'First file'  $FILE1
+RES1=$?
+grep -q 'Second file' $FILE2
+RES2=$?
+
+if [ $RES1 == 0 ] && [ $RES2 == 0 ]; then
+  ret_val=0
+fi
+
+r_checkExitStatus $ret_val
+
+/bin/rm -rf /var/tmp/tarfile.tar $TARDIR

func/core/pkg_archive/40-xzcmp-xzdiff.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+r_log "archive" "Check xzcmp and xzdiff"
+BASEFILE="/var/tmp/xztest"
+/bin/rm -f ${BASEFILE}
+
+cat > ${BASEFILE}.1 <<EOF
+Green Obsidian is the release name
+EOF
+
+/bin/xz ${BASEFILE}.1 || r_checkExitStatus 1
+cp ${BASEFILE}.1.xz ${BASEFILE}.2.xz
+
+r_log "archive" "Check xzcmp"
+/bin/zcmp ${BASEFILE}.1.xz ${BASEFILE}.2.xz || r_checkExitStatus 1
+
+r_log "archive" "Check xzdiff"
+/bin/zdiff ${BASEFILE}.1.xz ${BASEFILE}.2.xz || r_checkExitStatus 1
+
+/bin/rm -f ${BASEFILE}*

func/core/pkg_archive/40-zip.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+r_log "archive" "Test zip create and extract"
+
+ZIPDIR="/var/tmp/ziptest"
+FILE1="$ZIPDIR/test.1.txt"
+FILE2="$ZIPDIR/test.2.txt"
+
+mkdir -p $ZIPDIR
+cat > $FILE1 <<EOF
+First file!
+EOF
+
+cat > $FILE2 <<EOF
+Second file!
+EOF
+
+/bin/zip -q /var/tmp/zipfile.zip $ZIPDIR/*
+/bin/rm -rf $ZIPDIR
+if [ -e "$ZIPDIR" ]; then
+  r_log "archive" "We couldn't delete $ZIPDIR"
+  exit
+fi
+
+/bin/unzip -q /var/tmp/zipfile.zip -d /
+grep -q 'First file'  $FILE1
+RES1=$?
+grep -q 'Second file' $FILE2
+RES2=$?
+
+if [ $RES1 == 0 ] && [ $RES2 == 0 ]; then
+  ret_val=0
+fi
+
+r_checkExitStatus $ret_val
+
+/bin/rm -rf /var/tmp/zipfile.zip $ZIPDIR

func/core/pkg_archive/50-lzop.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+r_log "archive" "Testing lzop compress and decompress"
+
+LZOFILE=/var/tmp/obsidian.txt
+
+echo 'Green Obsidian is the release name' > ${LZOFILE}
+
+# running compression
+lzop -9 ${LZOFILE} -o ${LZOFILE}.lzo
+/bin/rm ${LZOFILE}
+
+lzop -d ${LZOFILE}.lzo -o ${LZOFILE}
+/bin/rm ${LZOFILE}.lzo
+
+grep -q 'Green Obsidian' ${LZOFILE}
+
+/bin/rm ${LZOFILE}

func/core/pkg_archive/README.md

@@ -0,0 +1,3 @@
+Tests archive formats and archive accessories
+
+TODO: Add xz

func/core/pkg_attr/00-install-attr.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+r_log "attr" "Installing the attr package"
+p_installPackageNormal attr

func/core/pkg_attr/10-check-attr.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+ATTRTEST="/var/tmp/attrtest.img"
+ATTRMNT="/mnt/attrtest"
+
+r_log "attr" "Checking that *attr works"
+dd if=/dev/zero of="${ATTRTEST}" bs=1024000 count=100 &>/dev/null
+r_checkExitStatus $?
+
+mkdir "${ATTRMNT}"
+echo -e 'y\n' | mkfs.ext3 "${ATTRTEST}" > /dev/null 2>&1
+mount -t ext3 -o loop,user_xattr "${ATTRTEST}" "${ATTRMNT}"
+touch "${ATTRMNT}/testfile"
+setfattr -n user.test "${ATTRMNT}/testfile"
+getfattr "${ATTRMNT}/testfile" | grep -oq "user.test"
+
+r_checkExitStatus $?
+
+# Cleanup
+umount /mnt/attrtest
+/bin/rm -f "${ATTRTEST}"
+/bin/rm -rf "${ATTRMNT}"

func/core/pkg_attr/README.md

@@ -0,0 +1 @@
+Test attr

func/core/pkg_auditd/00-install-auditd.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+r_log "auditd" "Install auditd (this should be available during minimal)"
+p_installPackageNormal audit
+r_log "auditd" "Ensure auditd is running and enabled"
+# Ignore service cycler, auditd refuses manual stop
+/usr/sbin/service auditd restart
+sleep 2
+/usr/bin/systemctl status auditd.service | grep -q "active"
+r_checkExitStatus $?

func/core/pkg_auditd/10-auditd-logs.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+r_log "auditd" "Check if the audit logs are not empty"
+[[ -s /var/log/audit/audit.log ]]
+r_checkExitStatus $?

func/core/pkg_auditd/11-generate-events.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+r_log "auditd" "Generate events for audit log"
+
+r_log "auditd" "Add test user"
+useradd relengauditd
+grep "ADD_USER" /var/log/audit/audit.log | grep -q 'acct="relengauditd"'
+r_checkExitStatus $?
+
+r_log "auditd" "Delete test user"
+userdel relengauditd
+grep "DEL_USER" /var/log/audit/audit.log | grep -q 'ID="relengauditd"'
+r_checkExitStatus $?

func/core/pkg_auditd/README.md

@@ -0,0 +1 @@
+Test auditd

func/core/pkg_bash/00-bash-version.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+# Bash is default installed on minimal
+r_log "bash" "Check that the bash version is valid"
+
+bash --version | grep -qE "(x86_64|aarch64|powerpc64le)-redhat-linux-gnu"
+
+r_checkExitStatus $?

func/core/pkg_bash/README.md

@@ -0,0 +1 @@
+Test bash

func/core/pkg_bc/00-install-bc.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+r_log "bc" "Install bc"
+p_installPackageNormal bc
+r_checkExitStatus $?
+
+r_log "bc" "Check bc version"
+bc --version
+r_checkExitStatus $?

func/core/pkg_bc/10-test-calculation.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+r_log "bc" "Testing simple calculations"
+test $(echo "8 + 5 * 2 / 10 - 1" | bc) -eq "8"
+r_checkExitStatus $?

func/core/pkg_bc/README.md

@@ -0,0 +1 @@
+Test bc.

func/core/pkg_bind/00-install-bind.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+r_log "bind" "Installing bind"
+p_installPackageNormal bind bind-utils
+m_serviceCycler named start

func/core/pkg_bind/10-test-lookup.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+r_log "bind" "Testing bind lookups work"
+dig +timeout=5 +short @127.0.0.1 localhost | grep -q "127.0.0.1"
+r_checkExitStatus $?

func/core/pkg_bind/README.md

@@ -0,0 +1 @@
+Test the bind package

func/core/pkg_coreutils/00-install-coreutils.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+# coreutils should already be there, but just in case I guess.
+r_log "coreutils" "Install coreutils"
+p_installPackageNormal coreutils

func/core/pkg_coreutils/10-arch.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+r_log "coreutils" "Check that the architecture matches"
+uname -a | grep -q "$(arch)"
+r_checkExitStatus $?

func/core/pkg_coreutils/11-basename.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+r_log "coreutils" "Testing basename"
+
+# Doing two tests for validation
+basename ./core/pkg_coreutils/11-basename.sh | grep -q 11-basename.sh
+r_checkExitStatus $?
+
+basename /etc/hosts | grep -q hosts
+r_checkExitStatus $?

func/core/pkg_coreutils/12-cat.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+r_log "coreutils" "Testing cat"
+
+cat > /var/tmp/cattest <<EOF
+Green Obsidian
+EOF
+
+grep -q "Green Obsidian" /var/tmp/cattest
+r_checkExitStatus $?
+
+/bin/rm /var/tmp/cattest

func/core/pkg_coreutils/13-cut.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+r_log "coreutils" "Test cut command"
+
+[ "$(cut -f1 -d ' ' /etc/redhat-release)" == "Rocky" ]
+r_checkExitStatus $?

func/core/pkg_coreutils/14-bool.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+r_log "coreutils" "Test true/false"
+
+r_log "coreutils" "Test true"
+true
+test $? -eq 0
+r_checkExitStatus $?
+
+r_log "coreutils" "Test false"
+false
+test $? -eq 1
+r_checkExitStatus $?

func/core/pkg_coreutils/15-heads-tails.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+r_log "coreutils" "Test head and tail"
+
+r_log "coreutils" "Testing head"
+head -n1 /etc/os-release | grep -q NAME
+r_checkExitStatus $?
+
+r_log "coreutils" "Testing tail"
+tail -n1 /etc/os-release | grep -q SUPPORT
+r_checkExitStatus $?

func/core/pkg_coreutils/16-pathchk.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+r_log "coreutils" "Testing pathchk"
+pathchk -p "<>" 2> /dev/null
+[ $? -eq 1 ] && pathchk /var/tmp/fakePathAndFile
+[ $? -eq 0 ] && pathchk /var/tmp
+r_checkExitStatus $?

func/core/pkg_coreutils/17-readlink.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+r_log "coreutils" "Testing readlink"
+ln -s /var/tmp/talk /var/tmp/listen
+readlink /var/tmp/listen | grep -q "/var/tmp/talk"
+r_checkExitStatus $?
+/bin/rm /var/tmp/listen

func/core/pkg_coreutils/18-seq.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+r_log "coreutils" "Testing seq"
+seq -s " " 6 | grep -q "1 2 3 4 5 6" && \
+seq -s " " 3 5 | grep -q "3 4 5" && \
+seq -s " " 3 3 9 | grep -q "3 6 9"
+r_checkExitStatus $?

func/core/pkg_coreutils/19-timeout.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+r_log "coreutils" "Testing timeout and sleep"
+timeout 1 sleep 1
+[ $? -eq 124 ] && timeout 2 sleep 2
+[ $? -eq 124 ] && r_checkExitStatus $?

func/core/pkg_coreutils/20-hash.sh

@@ -0,0 +1,26 @@
+#!/bin/bash
+r_log "coreutils" "Test hash sum tools"
+
+HASHFILE=/var/tmp/obsidian
+echo "Green Obsidian is our release name" > ${HASHFILE}
+
+r_log "coreutils" "Test md5sum"
+/usr/bin/md5sum ${HASHFILE} | grep -q 7ee0df0c24cd8fbf747bbeaec2afb935
+r_checkExitStatus $?
+r_log "coreutils" "Test sha1sum"
+/usr/bin/sha1sum ${HASHFILE} | grep -q d9dc0c244c60e6488ebca1733d8072217a2e53d9
+r_checkExitStatus $?
+r_log "coreutils" "Test sha224sum"
+/usr/bin/sha224sum ${HASHFILE} | grep -q 5b7a29dcee3d895e21877d08da1e1408bbd6b09426887cdbfb583753
+r_checkExitStatus $?
+r_log "coreutils" "Test sha256sum"
+/usr/bin/sha256sum ${HASHFILE} | grep -q 38ee9bbdd83f1f1dd4506b061141d956496ab01dd187e24db35e024b37f47110
+r_checkExitStatus $?
+r_log "coreutils" "Test sha384sum"
+/usr/bin/sha384sum ${HASHFILE} | grep -q 5002b880f8b05ab66ead70ea828e3869114fe6a85bffc84fc2199c7d10fee39a69c0b523562e7bb208e7922b0d291916
+r_checkExitStatus $?
+r_log "coreutils" "Test sha512sum"
+/usr/bin/sha512sum ${HASHFILE} | grep -q e50554c29a5cb7bd04279d3c0918e486024c79c4b305a2e360a97d4021dacf56ce0d17fa6e6a0e81ad03d5fb74fbe2d50cce6081c2c277f22b958cdae978a2f5
+r_checkExitStatus $?
+
+/bin/rm ${HASHFILE}

func/core/pkg_coreutils/21-touch-ls.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+r_log "coreutils" "Testing touch and ls"
+
+r_log "coreutils" "Touch files with specific dates"
+touch -t 199104230420 /tmp/touch-1
+touch -t 199104240420 /tmp/touch-2
+
+r_log "coreutils" "Verify that the oldest file is last"
+ls -lt /tmp/touch-? | tail -n 1 | grep -q 'touch-1'
+
+r_checkExitStatus $?
+
+/bin/rm /tmp/touch-?

func/core/pkg_coreutils/22-uniq.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+r_log "coreutils" "Ensure uniq works as expected"
+
+cat > /var/tmp/uniq <<EOF
+Rocky
+Rocky
+Obsidian
+obsidian
+Green
+Green
+Blue
+onyn
+EOF
+
+uniq -d /var/tmp/uniq | wc -l | grep -q 2 && uniq -u /var/tmp/uniq | wc -l | grep -q 4
+r_checkExitStatus $?
+/bin/rm /var/tmp/uniq

func/core/pkg_coreutils/23-wc.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+r_log "coreutils" "Ensure wc works as expected"
+r_log "coreutils" "This should have already been done with uniq"
+# Context: we should probably test some switches...
+
+cat > /var/tmp/wc <<EOF
+Rocky
+Rocky
+Obsidian
+obsidian
+Green
+Green
+Blue
+onynx
+EOF
+
+wc -l /var/tmp/wc | grep -q 8 && \
+wc -c /var/tmp/wc | grep -q 53 && \
+wc -m /var/tmp/wc | grep -q 53 && \
+wc -L /var/tmp/wc | grep -q 8 && \
+wc -w /var/tmp/wc | grep -q 8
+
+r_checkExitStatus $?
+
+/bin/rm /var/tmp/wc

func/core/pkg_coreutils/24-yes.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+r_log "coreutils" "Test the yes command"
+
+touch /var/tmp/yes-123
+touch /var/tmp/yes-345
+yes | /bin/rm -i /var/tmp/yes-* || r_checkExitStatus 1
+
+deleted=1
+test -f /var/tmp/yes-123 || test -f /var/tmp/yes-345 || deleted=0
+r_checkExitStatus $deleted

func/core/pkg_coreutils/README.md

@@ -0,0 +1 @@
+Test coreutils

func/core/pkg_cpio/00-install-cpio.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+r_log "cpio" "Install cpio"
+p_installPackageNormal cpio diffutils

func/core/pkg_cpio/10-cpio.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+r_log "cpio" "Test basic cpio stuff"
+
+OUTTER=/var/tmp/cpio/out
+INNER=/var/tmp/cpio/in
+PASSER=/var/tmp/cpio/pass
+
+# Nothing should be here. Clean up first.
+[ -d /var/tmp/cpio ] && /bin/rm -rf /var/tmp/cpio
+
+r_log "cpio" "Test basic copy out"
+mkdir -p "$OUTTER" "$INNER" "$PASSER"
+
+ls /tmp | cpio -o > "$OUTTER"/cpio.out
+r_checkExitStatus $?
+
+r_log "cpio" "Test basic copy in"
+pushd "$INNER" || exit 1
+  cpio -i < "$OUTTER"/cpio.out
+  r_checkExitStatus $?
+popd || exit 1
+
+r_log "cpio" "Test basic passthrough"
+pushd "$INNER" || exit 1
+find /tmp | cpio -pd "$PASSER"
+r_checkExitStatus $?
+popd || exit 1
+
+r_log "cpio" "Checking that the directories (pass and in) are the same"
+diff "$PASSER" "$INNER" &> /dev/null
+r_checkExitStatus $?

func/core/pkg_cpio/README.md

@@ -0,0 +1 @@
+Test cpio

func/core/pkg_cracklib/00-install-cracklib.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+r_log "cracklib" "Install the cracklib package"
+p_installPackageNormal cracklib

func/core/pkg_cracklib/10-test-passwords.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+r_log "cracklib" "Test that cracklib can check passwords"
+
+r_log "cracklib" "Test a very simple password"
+echo -e "test" | cracklib-check | grep -q "too short"
+r_checkExitStatus $?
+
+r_log "cracklib" "Test a simple/dictionary password"
+echo -e "testing" | cracklib-check | grep -q "dictionary"
+r_checkExitStatus $?
+
+r_log "cracklib" "Testing simplistic password"
+echo -e "1234_abc" | cracklib-check | grep -q 'simplistic'
+r_checkExitStatus $?
+
+r_log "cracklib" "Testing a complicated password"
+echo -e "2948_Obaym-" | cracklib-check | grep -q "OK"

func/core/pkg_cracklib/README.md

@@ -0,0 +1 @@
+Testing cracklib and cracklib accessories

func/core/pkg_cron/00-install-cron.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+r_log "cron" "Installing crond"
+p_installPackageNormal cronie
+m_serviceCycler crond cycle

func/core/pkg_cron/10-dot-cron.sh

@@ -0,0 +1,38 @@
+#!/bin/bash
+r_log "cron" "Testing hourly cron jobs"
+
+cat > /etc/cron.hourly/rocky.sh <<EOF
+#!/bin/bash
+echo "obsidian"
+EOF
+
+chmod +x /etc/cron.hourly/rocky.sh
+
+run-parts /etc/cron.hourly | grep -q "obsidian"
+r_checkExitStatus $?
+
+r_log "cron" "Testing daily cron jobs"
+
+cat > /etc/cron.daily/rocky.sh <<EOF
+#!/bin/bash
+echo "obsidian"
+EOF
+
+chmod +x /etc/cron.daily/rocky.sh
+
+run-parts /etc/cron.daily | grep -q "obsidian"
+r_checkExitStatus $?
+
+r_log "cron" "Testing weekly cron jobs"
+
+cat > /etc/cron.weekly/rocky.sh <<EOF
+#!/bin/bash
+echo "obsidian"
+EOF
+
+chmod +x /etc/cron.weekly/rocky.sh
+
+run-parts /etc/cron.weekly | grep -q "obsidian"
+r_checkExitStatus $?
+
+/bin/rm /etc/cron.{weekly,daily,hourly}/rocky.sh

func/core/pkg_cron/README.md

@@ -0,0 +1 @@
+Testing cron and cron accessories

func/core/pkg_curl/00-install-curl.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+r_log "curl" "Install curl"
+p_installPackageNormal curl

func/core/pkg_curl/10-test-curl.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+r_log "curl" "Basic curl test"
+
+# TODO: Setup variables/switches I guess? Would need to be utilized in primary
+#       script
+
+STRING="Rocky Linux"
+URL="https://rockylinux.org"
+
+r_log "curl" "Checking out ${URL}"
+
+curl --location -s ${URL} | grep -q "${STRING}"

func/core/pkg_curl/README.md

@@ -0,0 +1 @@
+Simple curl tests

func/core/pkg_diffutils/00-install-diff.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+r_log "diffutils" "Installing diffutils"
+p_installPackageNormal diffutils

func/core/pkg_diffutils/README.md

@@ -0,0 +1,3 @@
+Test diffutils.
+
+There's no tests here though. Need to figure out what to do.

func/core/pkg_dnf/10-remove-package.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+r_log "dnf" "Install ksh package"
+p_installPackageNormal ksh
+
+r_log "dnf" "Remove ksh package"
+p_removePackage ksh
+
+rpm -q ksh | grep -q "package ksh is not installed"
+r_checkExitStatus $?

func/core/pkg_dnf/README.md

@@ -0,0 +1 @@
+Test dnf and accessories

func/core/pkg_dovecot/00-install-dovecot.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+r_log "dovecot" "Installing dovecot"
+p_installPackageNormal dovecot nc grep
+m_serviceCycler dovecot start

func/core/pkg_dovecot/01-configure-dovecot.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+r_log "dovecot" "Configuring dovecot"
+
+cat > /etc/dovecot/conf.d/11-rocky.conf << EOF
+mail_location = mbox:~/mail:INBOX=/var/mail/%u
+mail_privileged_group = mail
+EOF
+
+m_serviceCycler dovecot restart

func/core/pkg_dovecot/10-pop3-test.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+r_log "dovecot" "Testing basic POP3 (does anyone still use this?)"
+
+# Note that nmap-nc appears to be the default, even in fedora
+NC_OPTS="-w 5 -d 3"
+
+r_log "dovecot" "Add poptest user and maildir"
+if ! id poptest > /dev/null 2>&1; then
+  useradd poptest
+  echo pop3test | passwd --stdin poptest
+fi
+
+# shellcheck disable=SC2174
+mkdir -m 700 -p /home/poptest/mail/.imap/INBOX
+chown -R poptest:poptest /home/poptest/mail
+
+r_log "dovecot" "Test basic POP3 login"
+
+
+# shellcheck disable=SC2086
+echo -e "user poptest\npass pop3test\n" | nc ${NC_OPTS} localhost 110 | grep -q "+OK Logged in."
+ret_val=$?
+
+if [ "$ret_val" -ne 0 ]; then
+  tail /var/log/secure
+  tail /var/log/maillog
+fi
+
+r_checkExitStatus $ret_val
+
+userdel -rf poptest

func/core/pkg_dovecot/11-imap-test.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+r_log "dovecot" "Testing basic IMAP"
+
+# Note that nmap-nc appears to be the default, even in fedora
+NC_OPTS="-w 5 -d 3"
+
+r_log "dovecot" "Add imapper user and maildir"
+if ! id imapper > /dev/null 2>&1; then
+  useradd imapper
+  echo imaptest | passwd --stdin imapper
+fi
+
+# shellcheck disable=SC2174
+mkdir -m 700 -p /home/imapper/mail/.imap/INBOX
+chown -R imapper:imapper /home/imapper/mail
+
+r_log "dovecot" "Test basic IMAP login"
+
+
+# shellcheck disable=SC2086
+echo -e "01 LOGIN imapper imaptest\n" | nc ${NC_OPTS} localhost 143 | grep -q "Logged in."
+ret_val=$?
+
+if [ "$ret_val" -ne 0 ]; then
+  tail /var/log/secure
+  tail /var/log/maillog
+fi
+
+r_checkExitStatus $ret_val
+
+userdel -rf imapper

func/core/pkg_dovecot/12-dovecot-clean.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+rm -f /etc/dovecot/conf.d/11-rocky.conf
+m_serviceCycler dovecot restart

func/core/pkg_dovecot/README.md

@@ -0,0 +1 @@
+Testing dovecot

func/core/pkg_file/00-install-file.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+r_log "file" "Install the file package"
+# At one point it was installed in an earlier test (or it's default)
+m_assertCleanExit rpm -q file

func/core/pkg_file/10-mime-check.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+r_log "file" "Check mimetype of bash"
+
+# Add additional versions here when ready
+case "$RL_VER" in
+  8)
+    MIME="application/x-sharedlib"
+    ;;
+  *)
+    # This is from fedora, 9 may or may not be this
+    MIME="application/x-pie-executable"
+    ;;
+esac
+
+file -i /bin/bash | grep -q "${MIME}"
+r_checkExitStatus $?

func/core/pkg_file/20-mime-image.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+r_log "file" "Check image mimetype"
+pngFile="$(find /usr/share -type f -name '*.png' -print -quit)"
+
+if [ -z "$pngFile" ]; then
+  r_log "file" "No png files were found. SKIP"
+  exit 0
+fi
+
+file -i $pngFile | grep -q 'image/png'
+r_checkExitStatus $?

func/core/pkg_file/30-mime-symlink.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+r_log "file" "Check that we can see a symlink"
+FILE_PATH=/var/tmp/linktest
+MIME="inode/symlink"
+ln -s /etc/issue $FILE_PATH
+file -i $FILE_PATH | grep -q "${MIME}"
+r_checkExitStatus $?
+
+/bin/rm /var/tmp/linktest

func/core/pkg_file/README.md

@@ -0,0 +1 @@
+File tests

func/core/pkg_findutils/00-install-findutils.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+r_log "findutils" "Install findutils"
+p_installPackageNormal findutils

func/core/pkg_findutils/10-find.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+r_log "findutils" "Testing basic find stuff"
+
+TMPDIR=/var/tmp/find
+
+[ -e $TMPDIR ] && rm -rf "$TMPDIR"
+
+mkdir -p "$TMPDIR" || { r_log "findutils" "Can't create $TMPDIR"; exit $FAIL; }
+touch "$TMPDIR/file1"
+touch "$TMPDIR/file with a space"
+r_log "findutils" "Check that find just works(tm)"
+find "$TMPDIR" &> /dev/null
+r_checkExitStatus $?
+
+r_log "findutils" "Check that find fails for something that doesn't exist"
+find "$TMPDIR/doesntexit" &> /dev/null
+if [ $? -ne 1 ]; then
+  r_log "findutils" "Something wrong happened. Was the file there?"
+else
+  r_checkExitStatus 0
+fi
+
+r_log "findutils" "Prepare for xargs test"
+LINES=$(find "$TMPDIR" -print0 | wc -l)
+
+if [ $LINES -eq 0 ]; then
+  r_checkExitStatus 0
+else
+  r_checkExitStatus 1
+fi
+
+r_log "findutils" "Perform for xargs test"
+find "$TMPDIR" -type f -print0 | xargs -0 ls &> /dev/null
+r_checkExitStatus $?
+
+r_log "findutils" "Perform for xargs test: fails with spaces in the name"
+find "$TMPDIR" -type f | xargs ls &> /dev/null && { r_log "findutils" "Why did this get a 0 exit?"; exit $FAIL; }
+if [ $? -ne 0 ]; then
+  r_checkExitStatus $?
+fi
+
+rm -rf "$TMPDIR"