sig_core
/
toolkit
7
2
Fork 1
Code Issues 5 Pull Requests Actions Projects Releases Wiki Activity

Compare commits

base: sig_core:devel
Branches Tags
sig_core:devel
sig_core:fresh-empanadas
sig_core:main
sig_core:feature/variant-images-download
sig_core:fixes/el8
sig_core:feature/imagebuild
sig_core:feature/iso-kube
..
compare: sig_core:feature/iso-kube
Branches Tags
sig_core:devel
sig_core:fresh-empanadas
sig_core:main
sig_core:feature/variant-images-download
sig_core:fixes/el8
sig_core:feature/imagebuild
sig_core:feature/iso-kube

1 Commits
devel ... feature/is

Author SHA1 Message Date
Neil Hanlon 91c01da5cf
use a flag to determine if we want an RC or not 2022-06-20 20:12:20 -04:00
274 changed files with 1737 additions and 16068 deletions
Show Stats Expand all files Collapse all files

47
.github/workflows/imagefactory-image.yml vendored
View File

@ -1,47 +0,0 @@
---
name: Build empanada images for imagefactory
on:
push:
branches: [ $default-branch, "devel" ]
pull_request:
branches: [ $default-branch ]
workflow_dispatch:
jobs:
buildx:
runs-on:
- ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
install: true
- name: Login to ghcr
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
id: docker_build
uses: docker/build-push-action@v2
with:
builder: ${{ steps.buildx.outputs.name }}
platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
context: ./iso/empanadas
file: ./iso/empanadas/Containerfile.imagefactory
push: ${{ github.event_name != 'pull_request' }}
tags: ghcr.io/rocky-linux/empanadas-imagefactory:latest
cache-from: type=gha
cache-to: type=gha,mode=max

16
.github/workflows/mix-empanadas.yml vendored
View File

@ -1,9 +1,9 @@
--- ---
name: Build empanada container images for lorax name: Build empanada container images
on: on:
push: push:
branches: [ $default-branch, "devel" ] branches: [ $default-branch ]
pull_request: pull_request:
branches: [ $default-branch ] branches: [ $default-branch ]
workflow_dispatch: workflow_dispatch:
@ -17,17 +17,17 @@ jobs:
uses: actions/checkout@v2 uses: actions/checkout@v2
- name: Set up QEMU - name: Set up QEMU
uses: docker/setup-qemu-action@v3 uses: docker/setup-qemu-action@v1
# https://github.com/docker/setup-buildx-action # https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx - name: Set up Docker Buildx
id: buildx id: buildx
uses: docker/setup-buildx-action@v3 uses: docker/setup-buildx-action@v1
with: with:
install: true install: true
- name: Login to ghcr - name: Login to ghcr
if: github.event_name != 'pull_request' if: github.event_name != 'pull_request'
uses: docker/login-action@v3 uses: docker/login-action@v1
with: with:
registry: ghcr.io registry: ghcr.io
username: ${{ github.repository_owner }} username: ${{ github.repository_owner }}
@ -35,13 +35,13 @@ jobs:
- name: Build and push - name: Build and push
id: docker_build id: docker_build
uses: docker/build-push-action@v5 uses: docker/build-push-action@v2
with: with:
builder: ${{ steps.buildx.outputs.name }} builder: ${{ steps.buildx.outputs.name }}
platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
context: ./iso/empanadas context: ./iso/empanadas
file: ./iso/empanadas/Containerfile file: ./iso/empanadas/Containerfile
push: ${{ github.event_name != 'pull_request' }} push: ${{ github.event_name != 'pull_request' }}
tags: ghcr.io/rocky-linux/sig-core-toolkit:latest tags: ghcr.io/neilhanlon/sig-core-toolkit:latest
cache-from: type=gha cache-from: type=gha
cache-to: type=inline cache-to: type=gha,mode=max

1
.gitignore vendored
View File

@ -1 +0,0 @@
*.sw[a-z]

0
.disable.gitlab-ci.yml → .gitlab-ci.yml
View File

26
README.md
View File

@ -3,9 +3,10 @@ sig-core-toolkit
Release Engineering toolkit for repeatable operations or functionality testing. Release Engineering toolkit for repeatable operations or functionality testing.
Currently mirrored at our [github](https://github.com/rocky-linux), and the Currently mirrored at our [github](https://github.com/rocky-linux),
[RESF Git Service](https://git.resf.org). Changes will typically occur at the [Rocky Linux Git Service](https://git.rockylinux.org), and the
RESF Git Service. [RESF Git Service](https://git.resf.org). Changes either occur at the Rocky
Linux Git Service or RESF Git Service.
What does this have? What does this have?
-------------------- --------------------
@ -13,9 +14,10 @@ What does this have?
* analyze -> Analysis utilities (such as download stats) * analyze -> Analysis utilities (such as download stats)
* chat -> mattermost related utilities * chat -> mattermost related utilities
* func -> (mostly defunct) testing scripts and tools to test base functionality * func -> (mostly defunct) testing scripts and tools to test base functionality
* iso -> Contains `empanadas`, which provides ISO, Compose, and Sync related utilities. * iso -> ISO related utilities
* live -> Live image related utilities
* mangle -> Manglers and other misc stuff * mangle -> Manglers and other misc stuff
* sync -> Sync tools, primarily for Rocky Linux 8 and will eventually be deprecated * sync -> Sync tools, primarily for Rocky Linux 8
How can I help? How can I help?
--------------- ---------------
@ -23,17 +25,13 @@ How can I help?
Fork this repository and open a PR with your changes. Keep these things in mind Fork this repository and open a PR with your changes. Keep these things in mind
when you make changes: when you make changes:
* Your PR should be against the devel branch (not optional) * Have pre-commit installed
* Have pre-commit installed if possible * Have shellcheck installed
* Have shellcheck installed if possible
* Shell Scripts: These must pass a shellcheck test! * Shell Scripts: These must pass a shellcheck test!
* Python scripts: Try your best to follow PEP8 guidelines (even the best linters get things wrong) * Python scripts: Try your best to follow PEP8 guidelines
* Note that not everything has to pass. Just try your best. Your PR should be against the devel branch at all times. PR's against the main
branch will be closed.
PR's against the main branch will be closed.
PR's are preferred at the [RESF Git Service](https://git.resf.org).
Will some of this be moved into separate repositories? Will some of this be moved into separate repositories?
------------------------------------------------------ ------------------------------------------------------

3
func/.gitignore vendored
View File

@ -1,5 +1,2 @@
log/*.log log/*.log
log/*.log.* log/*.log.*
clone_again/
cloned/
tftptest

71
func/README.md
View File

@ -5,20 +5,22 @@ These are a set of scripts that are designed to test the core functionality
of a Rocky Linux system. They are designed to work on current versions of of a Rocky Linux system. They are designed to work on current versions of
Rocky and are used to test a system as a Release Engineering self-QA but Rocky and are used to test a system as a Release Engineering self-QA but
can be used by others for their own personal testing (under the assumption can be used by others for their own personal testing (under the assumption
that you just want to see what happens, we don't judge. that you just want to see what happens, we don't judge :).
These tests *must* pass for a X.0 release to be considered "Core Validated". These tests *must* pass for a release to be considered "Core Validated"
Checking against the upstream repositories for package matches are not enough
and are/will be addressed by other tools.
* common -> Functions that our scripts and tests may or may not use. Templates * common -> Functions that our scripts and tests may or may not use. Templates
and other files should come here too under common/files and and other files should come here too under common/files and
scripts that use them should reference them as `./common/files/...` scripts that use them should reference them as `./common/files/...`
* core -> Core functionality and testing. For example, packages and service * core -> Core functionality and testing. For example, packages and service
functionality. functionality.
* lib -> Library tests (these may be done elsewhere, such as openqa) * lib -> Library tests (these may be done elsewhere)
* log -> Log output. This repository has example logs of running on Rocky * log -> Log output. This repository has example logs of running on Rocky
Linux. Linux.
* modules -> Tests for module streams and their basic tests * modules -> Tests for module streams and their basic tests
* stacks -> Software stacks, think like LAMP (may be done elsewhere, such as openqa) * stacks -> Software stacks, think like LAMP.
How to Run How to Run
---------- ----------
@ -26,11 +28,9 @@ How to Run
There are two ways to run through the tests: There are two ways to run through the tests:
* By running `/bin/bash runtests.sh` * By running `/bin/bash runtests.sh`
* Runs all core tests * Runs all tests
* By running `/bin/bash stacktests.sh`
* Runs all stack tests (eg, lamp, ipa)
* By running `/bin/bash monotests.sh` * By running `/bin/bash monotests.sh`
* Supposed to runs all tests one by one to help identify failures as they happen (not functional) * Runs all tests one by one to help identify failures as they happen
Adding Tests Adding Tests
------------ ------------
@ -148,13 +148,6 @@ security is important, actually work and function correctly.
With that said, There is no reason to disable integral security layers on your With that said, There is no reason to disable integral security layers on your
system. system.
### Should EPEL be enabled?
No. The point is to test Rocky packages, not EPEL. There are also package
differences that will break (eg: nc -> nmap-ncat vs netcat).
### What about CRB or extras?
It may say it's a failure, but it will continue anyway.
Current Tree Current Tree
------------ ------------
``` ```
@ -323,9 +316,6 @@ Current Tree
│   │   ├── 00-install-lsof.sh │   │   ├── 00-install-lsof.sh
│   │   ├── 10-test-lsof.sh │   │   ├── 10-test-lsof.sh
│   │   └── README.md │   │   └── README.md
│   ├── pkg_mdadm
│   │   ├── 00-install-mdadm.sh
│   │   └── 01-test-mdadm.sh
│   ├── pkg_network │   ├── pkg_network
│   │   ├── 00-install-packages.sh │   │   ├── 00-install-packages.sh
│   │   ├── 10-tracepath.sh │   │   ├── 10-tracepath.sh
@ -358,13 +348,6 @@ Current Tree
│   │   ├── 30-postfix-sasl.sh │   │   ├── 30-postfix-sasl.sh
│   │   ├── 40-postfix-tls.sh │   │   ├── 40-postfix-tls.sh
│   │   └── README.md │   │   └── README.md
│   ├── pkg_postgresql
│   │   ├── 00-install-postgresql.sh
│   │   ├── 01-configure-postgresql.sh
│   │   ├── 10-create-db.sh
│   │   ├── 11-create-user.sh
│   │   ├── 20-drop-db.sh
│   │   └── 21-drop-user.sh
│   ├── pkg_python │   ├── pkg_python
│   │   ├── 00-install-python.sh │   │   ├── 00-install-python.sh
│   │   ├── 10-test-python3.sh │   │   ├── 10-test-python3.sh
@ -440,11 +423,6 @@ Current Tree
│   ├── pkg_telnet │   ├── pkg_telnet
│   │   ├── 00-install-telnet.sh │   │   ├── 00-install-telnet.sh
│   │   └── 10-test-telnet.sh │   │   └── 10-test-telnet.sh
│   ├── pkg_tftp-server
│   │   ├── 00-install-tftp.sh
│   │   ├── 01-configure-tftp.sh
│   │   ├── 10-get-test.sh
│   │   └── 11-put-test.sh
│   ├── pkg_vsftpd │   ├── pkg_vsftpd
│   │   ├── 00-install-vsftpd.sh │   │   ├── 00-install-vsftpd.sh
│   │   ├── 10-anonymous-vsftpd.sh │   │   ├── 10-anonymous-vsftpd.sh
@ -469,21 +447,20 @@ Current Tree
├── README.md ├── README.md
├── runtests.sh ├── runtests.sh
├── skip.list ├── skip.list
├── stacks └── stacks
│   ├── ipa ├── ipa
│   │   ├── 00-ipa-pregame.sh │   ├── 00-ipa-pregame.sh
│   │   ├── 10-install-ipa.sh │   ├── 10-install-ipa.sh
│   │   ├── 11-configure-ipa.sh │   ├── 11-configure-ipa.sh
│   │   ├── 12-verify-ipa.sh │   ├── 12-verify-ipa.sh
│   │   ├── 20-ipa-user.sh │   ├── 20-ipa-user.sh
│   │   ├── 21-ipa-service.sh │   ├── 21-ipa-service.sh
│   │   ├── 22-ipa-dns.sh │   ├── 22-ipa-dns.sh
│   │   ├── 23-ipa-sudo.sh │   ├── 23-ipa-sudo.sh
│   │   ├── 50-cleanup-ipa.sh │   ├── 50-cleanup-ipa.sh
│   │   └── README.md │   └── README.md
│   └── lamp └── lamp
│   ├── 00-install-lamp.sh ├── 00-install-lamp.sh
│   ├── 01-verification.sh ├── 01-verification.sh
│   └── 10-test-lamp.sh └── 10-test-lamp.sh
└── stacks.sh
``` ```

2
func/common/exports.sh
View File

@ -11,5 +11,5 @@ export readonly RELEASE_NAME=rocky
# A 0 means it was successful. It can be changed to 1 on failure. # A 0 means it was successful. It can be changed to 1 on failure.
export IPAINSTALLED=0 export IPAINSTALLED=0
LOGFILE="$(pwd)/log/$(date +'%m-%d-%Y')-tests.log" LOGFILE="./log/$(date +'%m-%d-%Y')-tests.log"
export LOGFILE export LOGFILE

27
func/common/imports.sh
View File

@ -36,25 +36,11 @@ function r_processor() {
if [[ "$(basename ${file})" =~ README|^\.|^_ ]]; then if [[ "$(basename ${file})" =~ README|^\.|^_ ]]; then
continue continue
fi fi
[ -x "${file}" ] && echo "Begin processing script: ${file}" && "${file}" [ -x "${file}" ] && "${file}"
done done
return 0 return 0
} }
function r_checkEPELEnabled() {
/usr/bin/dnf repolist | grep -q '^epel'
return $?
}
function r_checkTmpNoExec() {
grep 'tmp' /etc/fstab | grep -q noexec
tmpexec=$?
if [ "$tmpexec" -eq "0" ]; then
r_log "internal" "WARN: noexec is set for temporary directories. Some tests may fail."
fi
}
################################################################################ ################################################################################
# Functions that deal with (p)ackages # Functions that deal with (p)ackages
@ -113,11 +99,7 @@ function p_getPackageArch() {
} }
function p_getDist() { function p_getDist() {
rpm -q --whatprovides redhat-release --queryformat '%{version}\n' | cut -d'.' -f1 rpm -q "$(rpm -qf /etc/redhat-release)" --queryformat '%{version}\n' | cut -d'.' -f1
}
function p_getMinorVersion() {
rpm -q --whatprovides redhat-release --queryformat '%{version}\n' | cut -d'.' -f2
} }
################################################################################ ################################################################################
@ -222,16 +204,12 @@ function m_recycleLog() {
rl_ver=$(p_getDist) rl_ver=$(p_getDist)
rl_arch=$(m_getArch) rl_arch=$(m_getArch)
rl_minor_ver=$(p_getMinorVersion)
export rl_ver export rl_ver
export rl_arch export rl_arch
export rl_minor_ver
export -f r_log export -f r_log
export -f r_checkExitStatus export -f r_checkExitStatus
export -f r_processor export -f r_processor
export -f r_checkEPELEnabled
export -f r_checkTmpNoExec
export -f p_installPackageNormal export -f p_installPackageNormal
export -f p_installPackageNoWeaks export -f p_installPackageNoWeaks
export -f p_removePackage export -f p_removePackage
@ -240,7 +218,6 @@ export -f p_resetModule
export -f p_getPackageRelease export -f p_getPackageRelease
export -f p_getPackageArch export -f p_getPackageArch
export -f p_getDist export -f p_getDist
export -f p_getMinorVersion
export -f m_serviceCycler export -f m_serviceCycler
export -f m_checkForPort export -f m_checkForPort
export -f m_assertCleanExit export -f m_assertCleanExit

1
func/core/o_basic/README.md
View File

@ -1 +0,0 @@
Basic tests, such as repos

56
func/core/o_basic/repos.py
View File

@ -1,56 +0,0 @@
#!/usr/bin/env python3
# label <label@rockylinux.org>
import datetime
import sys
import dnf
import dnf.exceptions
# pylint: disable=unnecessary-lambda-assignment
now = datetime.datetime.today().strftime("%m-%d-%Y %T")
class DnfQuiet(dnf.Base):
"""
DNF object
This is in the event we need special functions
"""
def __init__(self):
dnf.Base.__init__(self)
def main():
"""
Main run
"""
dnfobj = DnfQuiet()
releasever = dnfobj.conf.releasever
try:
dnfobj.read_all_repos()
# pylint: disable=bare-except
except:
print(f'[-] {now} -> Could not read repos', file=sys.stderr)
sys.exit(1)
rocky_default_repos = {
'8': ['baseos', 'appstream', 'extras'],
'9': ['baseos', 'appstream', 'extras']
}.get(releasever, None)
if not rocky_default_repos:
print(f'[-] {now} -> Not a Rocky Linux system')
sys.exit(1)
print(f'[-] {now} -> Checking if non-default repo is enabled')
_not_allowed=False
for repo in list(dnfobj.repos.iter_enabled()):
if not repo.id in rocky_default_repos:
print(f'[-] {now} -> {repo.id} is enabled and should be disabled')
_not_allowed=True
if _not_allowed:
print(f'[-] {now} -> FAIL - There are extra repos enabled')
sys.exit(1)
print(f'[-] {now} -> PASS')
sys.exit(0)
if __name__ == "__main__":
main()

6
func/core/pkg_acl/00-install-acl.sh
View File

@ -1,8 +1,6 @@
#!/bin/bash #!/bin/bash
r_log "acl" "Install the acl package" r_log "acl" "Install the acl package"
p_installPackageNormal acl p_installPackageNormal acl
p_installPackageNormal attr r_log "acl" "Remount filesystems with ACL support (this normally should not be needed)"
# This normally is not needed. mount -o remount,acl /
#r_log "acl" "Remount filesystems with ACL support"
#mount -o remount,acl /
sleep 3 sleep 3

2
func/core/pkg_acl/10-test-acl-functions.sh
View File

@ -2,7 +2,6 @@
ACLFILE=/tmp/testfile_acl ACLFILE=/tmp/testfile_acl
r_log "acl" "Test that the acl get and set functions work" r_log "acl" "Test that the acl get and set functions work"
touch "${ACLFILE}" touch "${ACLFILE}"
trap '/bin/rm -f ${ACLFILE}' EXIT
# Use setfacl for readonly # Use setfacl for readonly
r_log "acl" "Set readonly ACL for the user nobody" r_log "acl" "Set readonly ACL for the user nobody"
@ -13,3 +12,4 @@ r_log "acl" "Verifying that the nobody user is set to read only"
getfacl "${ACLFILE}" | grep -q 'user:nobody:r--' getfacl "${ACLFILE}" | grep -q 'user:nobody:r--'
r_checkExitStatus $? r_checkExitStatus $?
/bin/rm -f "${ACLFILE}"

22
func/core/pkg_acl/11-test-acl-xattr.sh
View File

@ -1,22 +0,0 @@
#!/bin/bash
ACLIMG=/tmp/testacl.img
r_log "acl" "Test the use of xattr"
touch "${ACLIMG}"
trap '/bin/rm -f ${ACLIMG}' EXIT
# Use setfacl for readonly
r_log "acl" "Create image"
dd if=/dev/zero of=${ACLIMG} bs=1024000 count=100
echo -e 'y\n' | mkfs.ext3 "${ACLIMG}"
mkdir /mnt/xattr
mount -t ext3 -o loop,user_xattr "${ACLIMG}" /mnt/xattr
touch /mnt/xattr/testfile
r_log "acl" "Apply attrs as needed"
setfattr -n user.nobody /mnt/xattr/testfile
getfattr /mnt/xattr/testfile | grep -q 'user.nobody'
final_status=$?
umount /mnt/xattr
r_checkExitStatus $final_status

2
func/core/pkg_archive/00-install-formats.sh
View File

@ -2,4 +2,4 @@
r_log "archive" "Installing appropriate archive formats" r_log "archive" "Installing appropriate archive formats"
# We might need expect for zmore - does anyone actually use zmore? # We might need expect for zmore - does anyone actually use zmore?
p_installPackageNormal bzip2 diffutils gzip less tar unzip util-linux-ng zip lzop p_installPackageNormal bzip2 diffutils gzip less ncompress tar unzip util-linux-ng zip lzop

3
func/core/pkg_archive/10-bzip.sh
View File

@ -1,7 +1,6 @@
#!/bin/bash #!/bin/bash
r_log "archive" "Test bzip/bzcat/bunzip" r_log "archive" "Test bzip/bzcat/bunzip"
FILE=/var/tmp/bziptest.txt FILE=/var/tmp/bziptest.txt
trap '/bin/rm -f ${FILE}' EXIT
cat > "$FILE" <<EOF cat > "$FILE" <<EOF
testing text testing text
@ -24,3 +23,5 @@ fi
grep -q 'testing text' "${FILE}" grep -q 'testing text' "${FILE}"
r_checkExitStatus $? r_checkExitStatus $?
/bin/rm -f "${FILE}*"

3
func/core/pkg_archive/20-gzip-bin-test.sh
View File

@ -1,9 +1,8 @@
#!/bin/bash #!/bin/bash
r_log "archive" "Verifying gzip binaries" r_log "archive" "Verifying gzip binaries"
echo -n "Processing; "
for bin in gunzip gzexe gzip zcat zcmp zdiff zegrep zfgrep zforce zgrep zless zmore znew; do for bin in gunzip gzexe gzip zcat zcmp zdiff zegrep zfgrep zforce zgrep zless zmore znew; do
echo -n "$bin " echo -n "$bin"
r_log "archive" "$bin" r_log "archive" "$bin"
$bin --version &> /dev/null || r_checkExitStatus 1 $bin --version &> /dev/null || r_checkExitStatus 1
done done

15
func/core/pkg_archive/21-gzip-test.sh
View File

@ -4,9 +4,6 @@ r_log "archive" "Test gzip/zcat/gunzip"
FILE=/var/tmp/gzip-test.txt FILE=/var/tmp/gzip-test.txt
MD5HASH=e6331c582fbad6653832860f469f7d1b MD5HASH=e6331c582fbad6653832860f469f7d1b
# clean up
trap '/bin/rm $FILE* &> /dev/null && /bin/rm -rf /var/tmp/gziptest &> /dev/null' EXIT
# Double check that stuff is cleared out # Double check that stuff is cleared out
/bin/rm $FILE* &> /dev/null /bin/rm $FILE* &> /dev/null
/bin/rm -rf /var/tmp/gziptest &> /dev/null /bin/rm -rf /var/tmp/gziptest &> /dev/null
@ -92,12 +89,8 @@ gzip $FILE $FILE.1 || r_checkExitStatus 1
r_log "archive" "Verify that .Z files can be handled" r_log "archive" "Verify that .Z files can be handled"
gunzip $FILE.gz gunzip $FILE.gz
ls -l /var/tmp >> $FILE ls -l /var/tmp >> $FILE
if [ "$RL_VER" -eq 8 ]; then compress $FILE || r_checkExitStatus 1
compress $FILE || r_checkExitStatus 1 gunzip $FILE.Z || r_checkExitStatus 1
gunzip $FILE.Z || r_checkExitStatus 1
else
r_log "archive" "Skipping for 9"
fi
# handle some zip files # handle some zip files
r_log "archive" "Verify that .zip files can be handled" r_log "archive" "Verify that .zip files can be handled"
@ -110,3 +103,7 @@ tar -czf $FILE.tgz $FILE &> /dev/null
gunzip $FILE.tgz gunzip $FILE.tgz
[ -e $FILE.tar ] [ -e $FILE.tar ]
r_checkExitStatus $? r_checkExitStatus $?
# clean up
/bin/rm $FILE* &> /dev/null
/bin/rm -rf /var/tmp/gziptest &> /dev/null

4
func/core/pkg_archive/22-gzexe.sh
View File

@ -2,8 +2,6 @@
r_log "archive" "Checking gzexe" r_log "archive" "Checking gzexe"
r_log "archive" "Creating archive" r_log "archive" "Creating archive"
FILE=/var/tmp/gzexe-test-script FILE=/var/tmp/gzexe-test-script
trap '/bin/rm -f $FILE* 2>/dev/null' EXIT
/bin/rm -f $FILE* &>/dev/null /bin/rm -f $FILE* &>/dev/null
cat > $FILE <<EOF cat > $FILE <<EOF
@ -20,3 +18,5 @@ r_log "archive" "Test gzexe"
r_log "archive" "Check that it actually runs" r_log "archive" "Check that it actually runs"
$FILE | grep -q "Hello!" $FILE | grep -q "Hello!"
r_checkExitStatus $? r_checkExitStatus $?
/bin/rm -f $FILE* 2>/dev/null

3
func/core/pkg_archive/23-zcmp-zdiff.sh
View File

@ -1,7 +1,6 @@
#!/bin/bash #!/bin/bash
r_log "archive" "Check zcmp and zdiff" r_log "archive" "Check zcmp and zdiff"
BASEFILE="/var/tmp/gziptest" BASEFILE="/var/tmp/gziptest"
trap '/bin/rm -f ${BASEFILE}*' EXIT
/bin/rm -f ${BASEFILE} /bin/rm -f ${BASEFILE}
cat > ${BASEFILE}.1 <<EOF cat > ${BASEFILE}.1 <<EOF
@ -16,3 +15,5 @@ r_log "archive" "Check zcmp"
r_log "archive" "Check zdiff" r_log "archive" "Check zdiff"
/bin/zdiff ${BASEFILE}.1.gz ${BASEFILE}.2.gz || r_checkExitStatus 1 /bin/zdiff ${BASEFILE}.1.gz ${BASEFILE}.2.gz || r_checkExitStatus 1
/bin/rm -f ${BASEFILE}*

3
func/core/pkg_archive/24-zforce.sh
View File

@ -2,7 +2,6 @@
r_log "archive" "Testing zforce" r_log "archive" "Testing zforce"
BASEFILE="/var/tmp/abcdefg" BASEFILE="/var/tmp/abcdefg"
trap '/bin/rm "$BASEFILE.gz"' EXIT
/bin/rm $BASEFILE* &>/dev/null /bin/rm $BASEFILE* &>/dev/null
cat > $BASEFILE <<EOF cat > $BASEFILE <<EOF
@ -15,3 +14,5 @@ mv $BASEFILE.gz $BASEFILE
zforce $BASEFILE || r_checkExitStatus 1 zforce $BASEFILE || r_checkExitStatus 1
[ -e "$BASEFILE.gz" ] [ -e "$BASEFILE.gz" ]
r_checkExitStatus $? r_checkExitStatus $?
/bin/rm "$BASEFILE.gz"

3
func/core/pkg_archive/25-zgrep.sh
View File

@ -1,7 +1,6 @@
#!/bin/bash #!/bin/bash
r_log "archive" "Testing zgrep" r_log "archive" "Testing zgrep"
BASEFILE=/var/tmp/zgreptest BASEFILE=/var/tmp/zgreptest
trap '/bin/rm $BASEFILE*' EXIT
/bin/rm $BASEFILE* &> /dev/null /bin/rm $BASEFILE* &> /dev/null
cat > $BASEFILE <<EOF cat > $BASEFILE <<EOF
@ -12,3 +11,5 @@ gzip $BASEFILE
zgrep -q 'Green Obsidian' $BASEFILE.gz zgrep -q 'Green Obsidian' $BASEFILE.gz
r_checkExitStatus $? r_checkExitStatus $?
/bin/rm $BASEFILE*

0
func/core/pkg_archive/27-znew.sh Normal file → Executable file
View File

3
func/core/pkg_archive/30-tar.sh
View File

@ -4,7 +4,6 @@ r_log "archive" "Test tar create and extract"
TARDIR="/var/tmp/tartest" TARDIR="/var/tmp/tartest"
FILE1="$TARDIR/test.1.txt" FILE1="$TARDIR/test.1.txt"
FILE2="$TARDIR/test.2.txt" FILE2="$TARDIR/test.2.txt"
trap '/bin/rm -rf /var/tmp/tarfile.tar $TARDIR' EXIT
mkdir -p $TARDIR mkdir -p $TARDIR
cat > $FILE1 <<EOF cat > $FILE1 <<EOF
@ -33,3 +32,5 @@ if [ $RES1 == 0 ] && [ $RES2 == 0 ]; then
fi fi
r_checkExitStatus $ret_val r_checkExitStatus $ret_val
/bin/rm -rf /var/tmp/tarfile.tar $TARDIR

3
func/core/pkg_archive/40-xzcmp-xzdiff.sh
View File

@ -1,7 +1,6 @@
#!/bin/bash #!/bin/bash
r_log "archive" "Check xzcmp and xzdiff" r_log "archive" "Check xzcmp and xzdiff"
BASEFILE="/var/tmp/xztest" BASEFILE="/var/tmp/xztest"
trap '/bin/rm -f ${BASEFILE}*' EXIT
/bin/rm -f ${BASEFILE} /bin/rm -f ${BASEFILE}
cat > ${BASEFILE}.1 <<EOF cat > ${BASEFILE}.1 <<EOF
@ -16,3 +15,5 @@ r_log "archive" "Check xzcmp"
r_log "archive" "Check xzdiff" r_log "archive" "Check xzdiff"
/bin/zdiff ${BASEFILE}.1.xz ${BASEFILE}.2.xz || r_checkExitStatus 1 /bin/zdiff ${BASEFILE}.1.xz ${BASEFILE}.2.xz || r_checkExitStatus 1
/bin/rm -f ${BASEFILE}*

5
func/core/pkg_archive/40-zip.sh
View File

@ -4,7 +4,6 @@ r_log "archive" "Test zip create and extract"
ZIPDIR="/var/tmp/ziptest" ZIPDIR="/var/tmp/ziptest"
FILE1="$ZIPDIR/test.1.txt" FILE1="$ZIPDIR/test.1.txt"
FILE2="$ZIPDIR/test.2.txt" FILE2="$ZIPDIR/test.2.txt"
trap '/bin/rm -rf /var/tmp/zipfile.zip $ZIPDIR' EXIT
mkdir -p $ZIPDIR mkdir -p $ZIPDIR
cat > $FILE1 <<EOF cat > $FILE1 <<EOF
@ -32,4 +31,6 @@ if [ $RES1 == 0 ] && [ $RES2 == 0 ]; then
ret_val=0 ret_val=0
fi fi
r_checkExitStatus "$ret_val" r_checkExitStatus $ret_val
/bin/rm -rf /var/tmp/zipfile.zip $ZIPDIR

5
func/core/pkg_archive/50-lzop.sh
View File

@ -2,7 +2,6 @@
r_log "archive" "Testing lzop compress and decompress" r_log "archive" "Testing lzop compress and decompress"
LZOFILE=/var/tmp/obsidian.txt LZOFILE=/var/tmp/obsidian.txt
trap '/bin/rm ${LZOFILE}' EXIT
echo 'Green Obsidian is the release name' > ${LZOFILE} echo 'Green Obsidian is the release name' > ${LZOFILE}
@ -14,5 +13,5 @@ lzop -d ${LZOFILE}.lzo -o ${LZOFILE}
/bin/rm ${LZOFILE}.lzo /bin/rm ${LZOFILE}.lzo
grep -q 'Green Obsidian' ${LZOFILE} grep -q 'Green Obsidian' ${LZOFILE}
ret_val="$?"
r_checkExitStatus "$ret_val" /bin/rm ${LZOFILE}

7
func/core/pkg_attr/10-check-attr.sh
View File

@ -2,8 +2,6 @@
ATTRTEST="/var/tmp/attrtest.img" ATTRTEST="/var/tmp/attrtest.img"
ATTRMNT="/mnt/attrtest" ATTRMNT="/mnt/attrtest"
trap 'umount /mnt/attrtest ; /bin/rm -f ${ATTRTEST} ; /bin/rm -rf ${ATTRMNT}' EXIT
r_log "attr" "Checking that *attr works" r_log "attr" "Checking that *attr works"
dd if=/dev/zero of="${ATTRTEST}" bs=1024000 count=100 &>/dev/null dd if=/dev/zero of="${ATTRTEST}" bs=1024000 count=100 &>/dev/null
r_checkExitStatus $? r_checkExitStatus $?
@ -16,3 +14,8 @@ setfattr -n user.test "${ATTRMNT}/testfile"
getfattr "${ATTRMNT}/testfile" | grep -oq "user.test" getfattr "${ATTRMNT}/testfile" | grep -oq "user.test"
r_checkExitStatus $? r_checkExitStatus $?
# Cleanup
umount /mnt/attrtest
/bin/rm -f "${ATTRTEST}"
/bin/rm -rf "${ATTRMNT}"

3
func/core/pkg_coreutils/12-cat.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash #!/bin/bash
r_log "coreutils" "Testing cat" r_log "coreutils" "Testing cat"
trap "/bin/rm /var/tmp/cattest" EXIT
cat > /var/tmp/cattest <<EOF cat > /var/tmp/cattest <<EOF
Green Obsidian Green Obsidian
@ -8,3 +7,5 @@ EOF
grep -q "Green Obsidian" /var/tmp/cattest grep -q "Green Obsidian" /var/tmp/cattest
r_checkExitStatus $? r_checkExitStatus $?
/bin/rm /var/tmp/cattest

2
func/core/pkg_coreutils/17-readlink.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
r_log "coreutils" "Testing readlink" r_log "coreutils" "Testing readlink"
trap "/bin/rm /var/tmp/listen" EXIT
ln -s /var/tmp/talk /var/tmp/listen ln -s /var/tmp/talk /var/tmp/listen
readlink /var/tmp/listen | grep -q "/var/tmp/talk" readlink /var/tmp/listen | grep -q "/var/tmp/talk"
r_checkExitStatus $? r_checkExitStatus $?
/bin/rm /var/tmp/listen

3
func/core/pkg_coreutils/20-hash.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash #!/bin/bash
r_log "coreutils" "Test hash sum tools" r_log "coreutils" "Test hash sum tools"
trap '/bin/rm ${HASHFILE}' EXIT
HASHFILE=/var/tmp/obsidian HASHFILE=/var/tmp/obsidian
echo "Green Obsidian is our release name" > ${HASHFILE} echo "Green Obsidian is our release name" > ${HASHFILE}
@ -23,3 +22,5 @@ r_checkExitStatus $?
r_log "coreutils" "Test sha512sum" r_log "coreutils" "Test sha512sum"
/usr/bin/sha512sum ${HASHFILE} | grep -q e50554c29a5cb7bd04279d3c0918e486024c79c4b305a2e360a97d4021dacf56ce0d17fa6e6a0e81ad03d5fb74fbe2d50cce6081c2c277f22b958cdae978a2f5 /usr/bin/sha512sum ${HASHFILE} | grep -q e50554c29a5cb7bd04279d3c0918e486024c79c4b305a2e360a97d4021dacf56ce0d17fa6e6a0e81ad03d5fb74fbe2d50cce6081c2c277f22b958cdae978a2f5
r_checkExitStatus $? r_checkExitStatus $?
/bin/rm ${HASHFILE}

3
func/core/pkg_coreutils/21-touch-ls.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash #!/bin/bash
r_log "coreutils" "Testing touch and ls" r_log "coreutils" "Testing touch and ls"
trap '/bin/rm /tmp/touch-?' EXIT
r_log "coreutils" "Touch files with specific dates" r_log "coreutils" "Touch files with specific dates"
touch -t 199104230420 /tmp/touch-1 touch -t 199104230420 /tmp/touch-1
@ -11,3 +10,5 @@ r_log "coreutils" "Verify that the oldest file is last"
ls -lt /tmp/touch-? | tail -n 1 | grep -q 'touch-1' ls -lt /tmp/touch-? | tail -n 1 | grep -q 'touch-1'
r_checkExitStatus $? r_checkExitStatus $?
/bin/rm /tmp/touch-?

2
func/core/pkg_coreutils/22-uniq.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash #!/bin/bash
r_log "coreutils" "Ensure uniq works as expected" r_log "coreutils" "Ensure uniq works as expected"
trap '/bin/rm /var/tmp/uniq' EXIT
cat > /var/tmp/uniq <<EOF cat > /var/tmp/uniq <<EOF
Rocky Rocky
@ -15,3 +14,4 @@ EOF
uniq -d /var/tmp/uniq | wc -l | grep -q 2 && uniq -u /var/tmp/uniq | wc -l | grep -q 4 uniq -d /var/tmp/uniq | wc -l | grep -q 2 && uniq -u /var/tmp/uniq | wc -l | grep -q 4
r_checkExitStatus $? r_checkExitStatus $?
/bin/rm /var/tmp/uniq

3
func/core/pkg_coreutils/23-wc.sh
View File

@ -2,7 +2,6 @@
r_log "coreutils" "Ensure wc works as expected" r_log "coreutils" "Ensure wc works as expected"
r_log "coreutils" "This should have already been done with uniq" r_log "coreutils" "This should have already been done with uniq"
# Context: we should probably test some switches... # Context: we should probably test some switches...
trap "/bin/rm /var/tmp/wc" EXIT
cat > /var/tmp/wc <<EOF cat > /var/tmp/wc <<EOF
Rocky Rocky
@ -22,3 +21,5 @@ wc -L /var/tmp/wc | grep -q 8 && \
wc -w /var/tmp/wc | grep -q 8 wc -w /var/tmp/wc | grep -q 8
r_checkExitStatus $? r_checkExitStatus $?
/bin/rm /var/tmp/wc

8
func/core/pkg_cpio/10-cpio.sh
View File

@ -5,18 +5,14 @@ OUTTER=/var/tmp/cpio/out
INNER=/var/tmp/cpio/in INNER=/var/tmp/cpio/in
PASSER=/var/tmp/cpio/pass PASSER=/var/tmp/cpio/pass
trap '/bin/rm -rf /var/tmp/cpio' EXIT
# Nothing should be here. Clean up first. # Nothing should be here. Clean up first.
[ -d /var/tmp/cpio ] && /bin/rm -rf /var/tmp/cpio [ -d /var/tmp/cpio ] && /bin/rm -rf /var/tmp/cpio
r_log "cpio" "Test basic copy out" r_log "cpio" "Test basic copy out"
mkdir -p "$OUTTER" "$INNER" "$PASSER" mkdir -p "$OUTTER" "$INNER" "$PASSER"
# Ensure at least one file exists in /tmp to prevent errors.
echo 1 > $(mktemp)
# shellcheck disable=2012 # shellcheck disable=2012
find /tmp -type f | cpio -o > "$OUTTER"/cpio.out 2> /dev/null ls /tmp | cpio -o > "$OUTTER"/cpio.out
r_checkExitStatus $? r_checkExitStatus $?
r_log "cpio" "Test basic copy in" r_log "cpio" "Test basic copy in"
@ -27,7 +23,7 @@ popd || exit 1
r_log "cpio" "Test basic passthrough" r_log "cpio" "Test basic passthrough"
pushd "$INNER" || exit 1 pushd "$INNER" || exit 1
find . | cpio -pd "$PASSER" find /tmp | cpio -pd "$PASSER"
r_checkExitStatus $? r_checkExitStatus $?
popd || exit 1 popd || exit 1

1
func/core/pkg_cracklib/10-test-passwords.sh
View File

@ -15,4 +15,3 @@ r_checkExitStatus $?
r_log "cracklib" "Testing a complicated password" r_log "cracklib" "Testing a complicated password"
echo -e "2948_Obaym-" | cracklib-check | grep -q "OK" echo -e "2948_Obaym-" | cracklib-check | grep -q "OK"
r_checkExitStatus $?

4
func/core/pkg_cron/10-dot-cron.sh
View File

@ -1,8 +1,6 @@
#!/bin/bash #!/bin/bash
r_log "cron" "Testing hourly cron jobs" r_log "cron" "Testing hourly cron jobs"
trap '/bin/rm /etc/cron.{weekly,daily,hourly}/rocky.sh' EXIT
cat > /etc/cron.hourly/rocky.sh <<EOF cat > /etc/cron.hourly/rocky.sh <<EOF
#!/bin/bash #!/bin/bash
echo "obsidian" echo "obsidian"
@ -36,3 +34,5 @@ chmod +x /etc/cron.weekly/rocky.sh
run-parts /etc/cron.weekly | grep -q "obsidian" run-parts /etc/cron.weekly | grep -q "obsidian"
r_checkExitStatus $? r_checkExitStatus $?
/bin/rm /etc/cron.{weekly,daily,hourly}/rocky.sh

3
func/core/pkg_file/30-mime-symlink.sh
View File

@ -1,8 +1,9 @@
#!/bin/bash #!/bin/bash
r_log "file" "Check that we can see a symlink" r_log "file" "Check that we can see a symlink"
FILE_PATH=/var/tmp/linktest FILE_PATH=/var/tmp/linktest
trap '/bin/rm ${FILE_PATH}' EXIT
MIME="inode/symlink" MIME="inode/symlink"
ln -s /etc/issue $FILE_PATH ln -s /etc/issue $FILE_PATH
file -i $FILE_PATH | grep -q "${MIME}" file -i $FILE_PATH | grep -q "${MIME}"
r_checkExitStatus $? r_checkExitStatus $?
/bin/rm /var/tmp/linktest

9
func/core/pkg_findutils/10-find.sh
View File

@ -2,7 +2,6 @@
r_log "findutils" "Testing basic find stuff" r_log "findutils" "Testing basic find stuff"
TMPDIR=/var/tmp/find TMPDIR=/var/tmp/find
trap '/bin/rm -rf $TMPDIR' EXIT
[ -e $TMPDIR ] && rm -rf "$TMPDIR" [ -e $TMPDIR ] && rm -rf "$TMPDIR"
@ -38,8 +37,8 @@ r_log "findutils" "Perform for xargs test: fails with spaces in the name"
# shellcheck disable=SC2038 # shellcheck disable=SC2038
find "$TMPDIR" -type f | xargs ls &> /dev/null && { r_log "findutils" "Why did this get a 0 exit?"; exit "$FAIL"; } find "$TMPDIR" -type f | xargs ls &> /dev/null && { r_log "findutils" "Why did this get a 0 exit?"; exit "$FAIL"; }
ret_val=$? ret_val=$?
if [ "$ret_val" -ne "0" ]; then if [ "$ret_val" -ne 0 ]; then
r_checkExitStatus 0 r_checkExitStatus $?
else
r_checkExitStatus 1
fi fi
rm -rf "$TMPDIR"

2
func/core/pkg_firefox/10-check-firefox-start-page.sh
View File

@ -9,7 +9,7 @@ fi
COUNTS="$(grep -c rockylinux.org $FIREPATH)" COUNTS="$(grep -c rockylinux.org $FIREPATH)"
if [ "$COUNTS" -ge 2 ]; then if [ "$COUNTS" -eq 2 ]; then
r_checkExitStatus 0 r_checkExitStatus 0
else else
r_checkExitStatus 1 r_checkExitStatus 1

13
func/core/pkg_freeradius/10-test-freeradius.sh
View File

@ -1,14 +1,7 @@
#!/bin/bash #!/bin/bash
function cleanup() {
cp /etc/raddb/users.backup /etc/raddb/users
rm -rf /etc/raddb/users.backup
systemctl stop radiusd.service
}
r_log "freeradius" "Test basic freeradius functionality" r_log "freeradius" "Test basic freeradius functionality"
r_log "freeradius" "Configure freeradius"
trap cleanup EXIT
r_log "freeradius" "Configure freeradius"
cp /etc/raddb/users /etc/raddb/users.backup cp /etc/raddb/users /etc/raddb/users.backup
cat >> /etc/raddb/users << EOF cat >> /etc/raddb/users << EOF
rocky Cleartext-Password := "rocky" rocky Cleartext-Password := "rocky"
@ -20,3 +13,7 @@ systemctl start radiusd.service
sleep 1 sleep 1
echo "User-Name=rocky,User-Password=rocky " | radclient -x localhost:1812 auth testing123 | grep -q 'Access-Accept' echo "User-Name=rocky,User-Password=rocky " | radclient -x localhost:1812 auth testing123 | grep -q 'Access-Accept'
r_checkExitStatus $? r_checkExitStatus $?
cp /etc/raddb/users.backup /etc/raddb/users
rm -rf /etc/raddb/users.backup
systemctl stop radiusd.service

1
func/core/pkg_git/11-test-clone-log.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash #!/bin/bash
r_log "git" "Test basic git clones" r_log "git" "Test basic git clones"
trap 'rm -rf $TMPREPO' EXIT
WORKDIR=$(pwd) WORKDIR=$(pwd)
TMPREPO=/var/tmp/repo TMPREPO=/var/tmp/repo

2
func/core/pkg_httpd/10-httpd-branding.sh
View File

@ -2,7 +2,7 @@
r_log "httpd" "Verify httpd branding" r_log "httpd" "Verify httpd branding"
r_log "httpd" "Token" r_log "httpd" "Token"
curl -sI http://localhost/ | grep -i "Server:\ Apache.*\ (Rocky Linux)" > /dev/null 2>&1 curl -sI http://localhost/ | grep -i "Server:\ Apache.*\ (Rocky)" > /dev/null 2>&1
r_checkExitStatus $? r_checkExitStatus $?
r_log "httpd" "index" r_log "httpd" "index"

6
func/core/pkg_httpd/30-test-basic-auth.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash #!/bin/bash
r_log "httpd" "Test basic authentication functionality" r_log "httpd" "Test basic authentication functionality"
trap "rm /etc/httpd/conf.d/test-basic-auth.conf ; m_serviceCycler httpd reload" EXIT
cat > /etc/httpd/conf.d/test-basic-auth.conf <<EOF cat > /etc/httpd/conf.d/test-basic-auth.conf <<EOF
## Core basic auth test ## Core basic auth test
@ -16,8 +15,9 @@ EOF
htpasswd -c -b /etc/httpd/htpasswd tester tester htpasswd -c -b /etc/httpd/htpasswd tester tester
mkdir -p /var/www/html/basic_auth mkdir -p /var/www/html/basic_auth
echo "Basic Auth Test" > /var/www/html/basic_auth/index.html echo "Basic Auth Test" > /var/www/html/basic_auth/index.html
# This isn't normally needed, it should just work
restorecon -R /var/www/html
m_serviceCycler httpd cycle m_serviceCycler httpd cycle
curl -s -u tester:tester http://localhost/basic_auth/ | grep -q 'Basic Auth Test' > /dev/null 2>&1 curl -s -u tester:tester http://localhost/basic_auth/ | grep -q 'Basic Auth Test' > /dev/null 2>&1
r_checkExitStatus $? r_checkExitStatus $?
rm /etc/httpd/conf.d/test-basic-auth.conf
m_serviceCycler httpd reload

13
func/core/pkg_httpd/40-test-basic-vhost.sh
View File

@ -1,12 +1,5 @@
#!/bin/bash #!/bin/bash
function cleanup() {
rm /etc/httpd/conf.d/vhost.conf
sed -i '/127.0.0.1 coretest/d' /etc/hosts
m_serviceCycler httpd reload
}
r_log "httpd" "Test basic vhost functionality" r_log "httpd" "Test basic vhost functionality"
trap cleanup EXIT
echo "127.0.0.1 coretest" >> /etc/hosts echo "127.0.0.1 coretest" >> /etc/hosts
cat > /etc/httpd/conf.d/vhost.conf << EOF cat > /etc/httpd/conf.d/vhost.conf << EOF
@ -21,10 +14,12 @@ EOF
mkdir -p /var/www/vhost/coretest mkdir -p /var/www/vhost/coretest
echo "core vhost test page" > /var/www/vhost/coretest/index.html echo "core vhost test page" > /var/www/vhost/coretest/index.html
# This isn't normally needed, it should just work
restorecon -R /var/www/vhost
m_serviceCycler httpd cycle m_serviceCycler httpd cycle
curl -s http://coretest/ | grep -q 'core vhost test page' > /dev/null 2>&1 curl -s http://coretest/ | grep -q 'core vhost test page' > /dev/null 2>&1
r_checkExitStatus $? r_checkExitStatus $?
rm /etc/httpd/conf.d/vhost.conf
sed -i '/127.0.0.1 coretest/d' /etc/hosts
m_serviceCycler httpd reload

2
func/core/pkg_httpd/50-test-basic-php.sh
View File

@ -2,8 +2,6 @@
r_log "httpd" "Test basic php" r_log "httpd" "Test basic php"
echo "<?php echo phpinfo(); ?>" > /var/www/html/test.php echo "<?php echo phpinfo(); ?>" > /var/www/html/test.php
# This isn't normally needed, it should just work
restorecon -R /var/www/html
curl -s http://localhost/test.php | grep -q 'PHP Version' > /dev/null 2>&1 curl -s http://localhost/test.php | grep -q 'PHP Version' > /dev/null 2>&1
r_checkExitStatus $? r_checkExitStatus $?

5
func/core/pkg_lsb/00-install-lsb.sh
View File

@ -1,8 +1,3 @@
#!/bin/bash #!/bin/bash
r_log "lsb" "Install LSB package" r_log "lsb" "Install LSB package"
if [ "$RL_VER" -ge 8 ]; then
r_log "lsb" "redhat-lsb is not in EL9"
exit $PASS
fi
p_installPackageNormal redhat-lsb p_installPackageNormal redhat-lsb

5
func/core/pkg_lsb/10-test-branding.sh
View File

@ -1,10 +1,5 @@
#!/bin/bash #!/bin/bash
r_log "lsb" "Test LSB branding" r_log "lsb" "Test LSB branding"
if [ "$RL_VER" -ge 8 ]; then
r_log "lsb" "redhat-lsb is not in EL9"
exit $PASS
fi
lsb_release -i | grep -q "Rocky" lsb_release -i | grep -q "Rocky"
r_checkExitStatus $? r_checkExitStatus $?
lsb_release -d | grep -q "Rocky" lsb_release -d | grep -q "Rocky"

3
func/core/pkg_mdadm/00-install-mdadm.sh
View File

@ -1,3 +0,0 @@
#!/bin/bash
r_log "mdadm" "Install mdadm"
p_installPackageNormal mdadm

13
func/core/pkg_mdadm/01-test-mdadm.sh
View File

@ -1,13 +0,0 @@
#!/bin/bash
r_log "mdadm" "Check that mdadm will operate and return the right exit codes"
[ ${EUID} -eq 0 ] || { r_log "mdadm" "Not running as root. Skipping." ; exit "$PASS"; }
MDADM=$(which mdadm)
[ -z "${MDADM}" ] && { r_log "mdadm" "which reported the binary but it doesn't exist, why?"; exit "$FAIL"; }
${MDADM} --detail --scan &> /dev/null
ret_val=$?
[ "$ret_val" -eq 0 ] || { r_log "mdadm" "There was a non-zero exit. This is likely fatal."; exit "$FAIL"; }
r_checkExitStatus $ret_val

6
func/core/pkg_network/00-install-packages.sh
View File

@ -1,7 +1,3 @@
#!/bin/bash #!/bin/bash
r_log "network" "Install necessary network packages and utilities" r_log "network" "Install necessary network packages and utilities"
pkgs=(traceroute iputils iproute mtr psmisc net-tools which iptraf) p_installPackageNormal traceroute iputils iproute mtr arpwatch psmisc net-tools which iptraf
if [ "$RL_VER" -eq 8 ]; then
pkgs+=( arpwatch )
fi
p_installPackageNormal "${pkgs[@]}"

0
func/core/pkg_network/30-test-arpwatch.sh Normal file → Executable file
View File

3
func/core/pkg_openssh/00-install-openssh.sh
View File

@ -1,3 +0,0 @@
#!/bin/bash
r_log "openssh" "Install openssh"
p_installPackageNormal openssh-clients openssh-server sshpass

5
func/core/pkg_openssh/01-test-ssh-listen.sh
View File

@ -1,5 +0,0 @@
#!/bin/bash
r_log "openssh" "Ensure ssh is listening"
echo "" > /dev/tcp/localhost/22
r_checkExitStatus $?

16
func/core/pkg_openssh/10-test-login.sh
View File

@ -1,16 +0,0 @@
#!/bin/bash
r_log "openssh" "Testing basic login (using sshpass)"
trap 'userdel -rf sshpasstest; unset SSHPASS' EXIT
if sshd -T | grep -q "passwordauthentication yes"; then
r_log "openssh" "Creating test user"
export SSHPASS="Blu30nyx!"
useradd sshpasstest
echo "${SSHPASS}" | passwd --stdin sshpasstest
r_log "openssh" "Testing login"
sshpass -e ssh sshpasstest@localhost echo 'hello'
r_checkExitStatus $?
else
r_log "openssh" "Skipping test"
exit 0
fi

32
func/core/pkg_openssh/11-test-key.sh
View File

@ -1,32 +0,0 @@
#!/bin/bash
r_log "openssh" "Testing key login (using sshpass)"
case $RL_VER in
8)
KEYTYPES="rsa ecdsa ed25519"
;;
9)
KEYTYPES="rsa ecdsa ed25519"
;;
*)
KEYTYPES="ed25519"
;;
esac
r_log "openssh" "Creating test user"
useradd sshkeytest
echo "Blu30nyx!" | passwd --stdin sshkeytest
for KEYTYPE in $KEYTYPES; do
r_log "openssh" "Creating key: ${KEYTYPE}"
runuser -l sshkeytest -c "echo | ssh-keygen -q -t ${KEYTYPE} -b 4096 -f ~/.ssh/id_${KEYTYPE}" > /dev/null
runuser -l sshkeytest -c "cat ~/.ssh/*pub > ~/.ssh/authorized_keys && chmod 600 ~/.ssh/*keys" > /dev/null
STRINGTEST=$(mktemp -u)
echo "${STRINGTEST}" > /home/sshkeytest/test_file
r_log "openssh" "Testing key: ${KEYTYPE}"
runuser -l sshkeytest -c "ssh -i ~/.ssh/id_${KEYTYPE} localhost | grep -q ${STRINGTEST} /home/sshkeytest/test_file"
ret_val=$?
r_checkExitStatus $ret_val
done
userdel -rf sshkeytest

4
func/core/pkg_podman/00-install-podman.sh
View File

@ -1,4 +0,0 @@
#!/bin/bash
#
r_log "podman" "Installing podman"
p_installPackageNormal podman

32
func/core/pkg_podman/10-test-podman.sh
View File

@ -1,32 +0,0 @@
#!/bin/bash
r_log "podman" "Testing podman"
test_to_run=(
"podman version"
"podman info"
"podman run --rm quay.io/rockylinux/rockylinux:${RL_VER}"
"podman system service -t 1"
"touch ${HOME}/test.txt && \
podman run --rm --privileged -v ${HOME}/test.txt:/test.txt quay.io/rockylinux/rockylinux:${RL_VER} bash -c 'echo HELLO > /test.txt' && \
grep -qe 'HELLO' ${HOME}/test.txt && \
rm -f ${HOME}/test.txt"
"printf \"FROM quay.io/rockylinux/rockylinux:${RL_VER}\nCMD echo 'HELLO'\n\" > ${HOME}/Containerfile && \
podman build -t test:latest -f ${HOME}/Containerfile && \
podman image rm localhost/test:latest && \
rm -rf ${HOME}/Containerfile"
)
tmpoutput="$(mktemp)"
trap 'rm -f ${tmpoutput}' EXIT
for command in "${test_to_run[@]}"; do
r_log "podman" "Running $0: ${command}"
if ! eval "${command}" > "${tmpoutput}" 2>&1; then
r_log "podman" "${command} has failed."
cat "${tmpoutput}"
exit 1
else
r_checkExitStatus 0
fi
done

31
func/core/pkg_podman/11-test-podman-socket.sh
View File

@ -1,31 +0,0 @@
#!/bin/bash
r_log "podman" "Testing podman sockets"
useradd podman-remote
loginctl enable-linger podman-remote
tmpoutput="$(mktemp)"
trap 'loginctl terminate-user podman-remote && loginctl disable-linger podman-remote && sleep 1 && userdel -r podman-remote && rm -f ${tmpoutput}' EXIT
sleep 3
su -l podman-remote > "${tmpoutput}" 2>&1 <<EOF
set -e
export XDG_RUNTIME_DIR=/run/user/\$(id -u)
systemctl --user enable --now podman.socket
podman --url unix://run/user/\$(id -u)/podman/podman.sock run --name port-mapping-test -d -p 8080:80 docker.io/nginx
pid=\$(systemctl --user show --property MainPID --value podman.service)
while [ "\${pid}" -ne 0 ] && [ -d /proc/\${pid} ]; do sleep 1; echo "Waiting for podman to exit"; done
podman --url unix://run/user/\$(id -u)/podman/podman.sock ps | grep -q -e port-mapping-test
podman --url unix://run/user/\$(id -u)/podman/podman.sock container rm -f port-mapping-test
systemctl --user disable --now podman.socket
EOF
ret_val=$?
if [ "$ret_val" -ne 0 ]; then
cat "${tmpoutput}"
r_checkExitStatus 1
fi
r_checkExitStatus 0

1
func/core/pkg_postfix/00-install-postfix.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash #!/bin/bash
r_log "postfix" "Install postfix (requires stop of other pieces)" r_log "postfix" "Install postfix (requires stop of other pieces)"
# This is OK if it fails - This is also not logged except in stderr
m_serviceCycler sendmail stop m_serviceCycler sendmail stop
p_installPackageNormal postfix nc dovecot openssl p_installPackageNormal postfix nc dovecot openssl
m_serviceCycler postfix enable m_serviceCycler postfix enable

3
func/core/pkg_postfix/30-postfix-sasl.sh
View File

@ -18,3 +18,6 @@ mv /etc/dovecot/dovecot.conf.backup /etc/dovecot/dovecot.conf
mv /etc/postfix/main.cf.backup /etc/postfix/main.cf mv /etc/postfix/main.cf.backup /etc/postfix/main.cf
r_checkExitStatus $ret_val r_checkExitStatus $ret_val
cp -a /etc/postfix/main.cf.backup /etc/postfix/main.cf
cp -a /etc/dovecot/dovecot.conf.backup /etc/dovecot/dovecot.conf

20
func/core/pkg_postfix/40-postfix-tls.sh
View File

@ -2,17 +2,6 @@
r_log "postfix" "Test postfix with TLS" r_log "postfix" "Test postfix with TLS"
DROPDIR=/var/tmp/postfix DROPDIR=/var/tmp/postfix
function cleanup() {
mv /etc/postfix/main.cf.backup /etc/postfix/main.cf
mv /etc/dovecot/dovecot.conf.backup /etc/dovecot/dovecot.conf
rm /etc/pki/tls/certs/mail.crt
rm /etc/pki/tls/private/mail.key
rm -rf $DROPDIR/mail.*
rm -rf /var/tmp/postfix
}
trap cleanup EXIT
cp -a /etc/postfix/main.cf /etc/postfix/main.cf.backup cp -a /etc/postfix/main.cf /etc/postfix/main.cf.backup
cp -a /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.backup cp -a /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.backup
@ -70,4 +59,11 @@ r_log "postfix" "Testing that postfix offers STARTTLS"
echo "ehlo test" | nc -w 3 127.0.0.1 25 | grep -q "STARTTLS" echo "ehlo test" | nc -w 3 127.0.0.1 25 | grep -q "STARTTLS"
ret_val=$? ret_val=$?
r_checkExitStatus $ret_val mv /etc/postfix/main.cf.backup /etc/postfix/main.cf
mv /etc/dovecot/dovecot.conf.backup /etc/dovecot/dovecot.conf
rm /etc/pki/tls/certs/mail.crt
rm /etc/pki/tls/certs/mail.key
rm -rf $DROPDIR/mail.*
rm -rf /var/tmp/postfix
r_checkExitStatus $?

3
func/core/pkg_postgresql/00-install-postgresql.sh
View File

@ -1,3 +0,0 @@
#!/bin/bash
r_log "postgresql" "Installing postgresql"
p_installPackageNormal postgresql-server postgresql

5
func/core/pkg_postgresql/01-configure-postgresql.sh
View File

@ -1,5 +0,0 @@
#!/bin/bash
r_log "postgresql" "Initialize postgresql"
postgresql-setup --initdb
m_serviceCycler postgresql cycle
sleep 15

4
func/core/pkg_postgresql/10-create-db.sh
View File

@ -1,4 +0,0 @@
#!/bin/bash
r_log "postgresql" "Creating db"
su - postgres -c 'createdb pg_test'
r_checkExitStatus $?

4
func/core/pkg_postgresql/11-create-user.sh
View File

@ -1,4 +0,0 @@
#!/bin/bash
r_log "postgresql" "Creating user"
su - postgres -c 'createuser -S -R -D testuser' > /dev/null 2>&1
r_checkExitStatus $?

4
func/core/pkg_postgresql/20-drop-db.sh
View File

@ -1,4 +0,0 @@
#!/bin/bash
r_log "postgresql" "Dropping database"
su - postgres -c 'dropdb pg_test' > /dev/null 2>&1
r_checkExitStatus $?

4
func/core/pkg_postgresql/21-drop-user.sh
View File

@ -1,4 +0,0 @@
#!/bin/bash
r_log "postgresql" "Dropping user"
su - postgres -c 'dropuser testuser' > /dev/null 2>&1
r_checkExitStatus $?

4
func/core/pkg_release/20-check-gpg-keys.sh
View File

@ -4,8 +4,8 @@ if [ "$RL_VER" -eq 8 ]; then
file /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial > /dev/null 2>&1 && \ file /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial > /dev/null 2>&1 && \
file /etc/pki/rpm-gpg/RPM-GPG-KEY-rockytesting > /dev/null 2>&1 file /etc/pki/rpm-gpg/RPM-GPG-KEY-rockytesting > /dev/null 2>&1
else else
file "/etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-${RL_VER}" > /dev/null 2>&1 && \ file "/etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-${RL_VER}" > /ev/null 2>&1 && \
file "/etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-${RL_VER}-Testing" > /dev/null 2>&1 file "/etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-${RL_VER}-Testing" > /ev/null 2>&1
fi fi
r_checkExitStatus $? r_checkExitStatus $?

6
func/core/pkg_release/30-os-release.sh
View File

@ -4,10 +4,10 @@ r_log "rocky" "Check /etc/os-release stuff"
r_log "rocky" "Verify support directives" r_log "rocky" "Verify support directives"
for s in NAME=\"Rocky\ Linux\" \ for s in NAME=\"Rocky\ Linux\" \
ID=\"rocky\" \ ID=\"rocky\" \
ROCKY_SUPPORT_PRODUCT=\"Rocky-Linux-$RL_VER\" \ ROCKY_SUPPORT_PRODUCT=\"Rocky\ Linux\" \
ROCKY_SUPPORT_PRODUCT_VERSION=\"$RL_VER\..*\"; do ROCKY_SUPPORT_PRODUCT_VERSION=\"$RL_VER\"; do
if ! grep -q "$s" /etc/os-release; then if ! grep -q "$s" /etc/os-release; then
r_log "rocky" "Missing string ($s) in /etc/os-release" r_log "rocky" "Missing string in /etc/os-release"
r_checkExitStatus 1 r_checkExitStatus 1
fi fi
done done

19
func/core/pkg_release/50-release-ver.sh
View File

@ -1,19 +0,0 @@
#!/bin/bash
# Check that the release package is 1.X
r_log "rocky release" "Checking that the package is at least X.Y-1.B"
RELEASE_VER="$(rpm -q rocky-release --qf '%{RELEASE}')"
RELNUM="${RELEASE_VER:0:1}"
if [ "${RELNUM}" -ge "1" ]; then
if [[ "${RELEASE_VER:0:3}" =~ ^${RELNUM}.[[:digit:]] ]]; then
ret_val="0"
else
r_log "rocky release" "FAIL: The release package is not in X.Y-A.B format"
ret_val="1"
fi
else
r_log "rocky release" "FAIL: The release package likely starts with 0 and is not considered production ready."
ret_val="1"
fi
r_checkExitStatus $ret_val

11
func/core/pkg_secureboot/11-test-shim-certs.sh
View File

@ -8,12 +8,7 @@ if [ ! -d /sys/firmware/efi ]; then
exit 0 exit 0
fi fi
else else
if [[ "$rl_arch" == "x86_64" ]]; then p_installPackageNormal pesign
p_installPackageNormal pesign pesign --show-signature --in /boot/efi/EFI/rocky/shim.efi | grep -Eq "Microsoft Windows UEFI Driver Publisher"
pesign --show-signature --in /boot/efi/EFI/rocky/shim.efi | grep -Eq "Microsoft Windows UEFI Driver Publisher" r_checkExitStatus $?
r_checkExitStatus $?
else
r_log "secureboot" "x86_64 is the only supported secureboot arch at this time"
exit 0
fi
fi fi

2
func/core/pkg_shadow-utils/30-group-tests.sh
View File

@ -110,6 +110,6 @@ r_log "shadow" "Test sg"
sg onyxuser "touch /var/tmp/onyxsg" sg onyxuser "touch /var/tmp/onyxsg"
r_checkExitStatus $? r_checkExitStatus $?
r_log "shadow" "Verify sg worked" r_log "shadow" "Verify sg worked"
stat --format="%G" /var/tmp/onyxsg | grep -q onyxuser stat --format="%U" /var/tmp/onyxsg | grep -q onyxuser
r_checkExitStatus $? r_checkExitStatus $?
rm /var/tmp/onyxsg rm /var/tmp/onyxsg

13
func/core/pkg_shadow-utils/40-pw.sh
View File

@ -1,11 +1,4 @@
#!/bin/bash #!/bin/bash
function cleanup() {
pwconv
rm -rf /var/tmp/pwunconv /var/tmp/pwconv
}
trap cleanup EXIT
r_log "shadow" "Check that pwck can use correct files" r_log "shadow" "Check that pwck can use correct files"
pwck -rq ./common/files/correct-passwd ./common/files/correct-shadow pwck -rq ./common/files/correct-passwd ./common/files/correct-shadow
r_checkExitStatus $? r_checkExitStatus $?
@ -15,11 +8,9 @@ pwck -rq ./common/files/incorrect-passwd ./common/files/incorrect-shadow
ret_val=$? ret_val=$?
if [ "$ret_val" -eq 0 ]; then if [ "$ret_val" -eq 0 ]; then
r_log "shadow" "They're correct." r_log "shadow" "They're correct."
r_checkExitStatus 1 exit 1
else
r_log "shadow" "They're incorrect."
r_checkExitStatus 0
fi fi
r_checkExitStatus 0
r_log "shadow" "Check that pwconv is functional" r_log "shadow" "Check that pwconv is functional"
mkdir -p /var/tmp/pwconv mkdir -p /var/tmp/pwconv

3
func/core/pkg_tftp-server/00-install-tftp.sh
View File

@ -1,3 +0,0 @@
#!/bin/bash
r_log "tftp" "Installing packages"
p_installPackageNormal tftp-server tftp

23
func/core/pkg_tftp-server/01-configure-tftp.sh
View File

@ -1,23 +0,0 @@
#!/bin/bash
r_log "tftp" "Configure tftp"
if [ "$RL_VER" -eq 8 ]; then
cat <<EOF > /etc/xinetd.d/tftp
service tftp
{
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -s /var/lib/tftpboot
disable = no
per_source = 11
cps = 100 2
flags = IPv4
}
EOF
fi
m_serviceCycler tftp.socket start

10
func/core/pkg_tftp-server/10-get-test.sh
View File

@ -1,10 +0,0 @@
#!/bin/bash
r_log "tftp" "Getting a file from tftp"
chmod 777 /var/lib/tftpboot
echo "rocky func" > /var/lib/tftpboot/tftptest
tftp 127.0.0.1 -c get tftptest
grep -q "rocky func" tftptest
r_checkExitStatus $?
/bin/rm tftptest

14
func/core/pkg_tftp-server/11-put-test.sh
View File

@ -1,14 +0,0 @@
#!/bin/bash
r_log "tftp" "Testing anon write"
TFTPDIR=/var/lib/tftpboot
setsebool tftp_anon_write 1
chmod 777 $TFTPDIR
echo "rocky func" > puttest
touch $TFTPDIR > $TFTPDIR/puttest
chmod 666 $TFTPDIR/puttest
tftp 127.0.0.1 -c put puttest
sleep 2
grep -q 'rocky func' $TFTPDIR/puttest
r_checkExitStatus $?
/bin/rm puttest
/bin/rm $TFTPDIR/puttest

59
func/ipa.sh
View File

@ -1,59 +0,0 @@
#!/bin/bash
# Release Engineering Core Functionality Testing
# Louis Abel <label@rockylinux.org> @nazunalika
################################################################################
# Settings and variables
# Exits on any non-zero exit status - Disabled for now.
#set -e
# Undefined variables will cause an exit
set -u
COMMON_EXPORTS='./common/exports.sh'
COMMON_IMPORTS='./common/imports.sh'
SELINUX=$(getenforce)
# End
################################################################################
# shellcheck source=/dev/null disable=SC2015
[ -f $COMMON_EXPORTS ] && source $COMMON_EXPORTS || { echo -e "\n[-] $(date): Variables cannot be sourced."; exit 1; }
# shellcheck source=/dev/null disable=SC2015
[ -f $COMMON_IMPORTS ] && source $COMMON_IMPORTS || { echo -e "\n[-] $(date): Functions cannot be sourced."; exit 1; }
# Init log
# shellcheck disable=SC2015
[ -e "$LOGFILE" ] && m_recycleLog || touch "$LOGFILE"
# SELinux check
if [ "$SELINUX" != "Enforcing" ]; then
echo -e "\n[-] $(date): SELinux is not enforcing."
exit 1
fi
r_log "internal" "Starting Release Engineering Core Tests"
################################################################################
# Script Work
# Skip tests in a list - some tests are already -x, so it won't be an issue
if [ -e skip.list ]; then
r_log "internal" "Disabling tests"
# shellcheck disable=SC2162
grep -E "^${RL_VER}" skip.list | while read line; do
# shellcheck disable=SC2086
testFile="$(echo $line | cut -d '|' -f 2)"
r_log "internal" "SKIP ${testFile}"
chmod -x "${testFile}"
done
r_log "internal" "WARNING: Tests above were disabled."
fi
# TODO: should we let $1 judge what directory is ran?
# TODO: get some stacks and lib in there
#r_processor <(/usr/bin/find ./core -type f | sort -t'/')
#r_processor <(/usr/bin/find ./lib -type f | sort -t'/')
r_processor <(/usr/bin/find ./stacks/ipa -type f | sort -t'/')
r_log "internal" "Core Tests completed"
exit 0

3
func/lib/pdf/00-install-pdf-utils.sh
View File

@ -1,3 +0,0 @@
#!/bin/bash
r_log "pdf" "Install enscript, ghostscript, and poppler"
p_installPackageNormal fontconfig @fonts enscript ghostscript poppler-utils

23
func/lib/pdf/10-test-pdf.sh
View File

@ -1,23 +0,0 @@
#!/bin/bash
r_log "pdf" "Create a PDF from postscript from text, convert it back to text and check"
trap 'rm -rf $PSFILE $PDFFILE $TESTFILE' EXIT
TOFIND="BlueOnyx"
PSFILE="/var/tmp/test.ps"
PDFFILE="/var/tmp/test.pdf"
TESTFILE="/var/tmp/psresult"
encript -q -p $PSFILE /etc/rocky-release
r_log "pdf" "Check created file"
grep -q $TOFIND $PSFILE
pdf_ret_val=$?
r_checkExitStatus $pdf_ret_val
ps2pdf $PSFILE $PDFFILE
pdftotext -q $PDFFILE $TESTFILE
r_log "pdf" "Checking after conversion to text"
grep -q $TOFIND $TESTFILE
text_ret_val=$?
r_checkExitStatus $text_ret_val

12
func/runtests.sh
View File

@ -30,16 +30,6 @@ if [ "$SELINUX" != "Enforcing" ]; then
exit 1 exit 1
fi fi
r_checkEPELEnabled
is_epel=$?
if [[ "$is_epel" == "0" ]]; then
echo "EPEL enabled. Stop."
r_log "internal" "EPEL enabled. Stop."
exit 1
fi
r_checkTmpNoExec
r_log "internal" "Starting Release Engineering Core Tests" r_log "internal" "Starting Release Engineering Core Tests"
################################################################################ ################################################################################
@ -62,7 +52,7 @@ fi
# TODO: get some stacks and lib in there # TODO: get some stacks and lib in there
r_processor <(/usr/bin/find ./core -type f | sort -t'/') r_processor <(/usr/bin/find ./core -type f | sort -t'/')
r_processor <(/usr/bin/find ./lib -type f | sort -t'/') #r_processor <(/usr/bin/find ./lib -type f | sort -t'/')
#r_processor <(/usr/bin/find ./stacks -type f | sort -t'/') #r_processor <(/usr/bin/find ./stacks -type f | sort -t'/')
r_log "internal" "Core Tests completed" r_log "internal" "Core Tests completed"

3
func/skip.list
View File

@ -10,12 +10,9 @@
# -> Must be a URL to bugs.rl.o, a github issue number, or a code, such as: # -> Must be a URL to bugs.rl.o, a github issue number, or a code, such as:
# * NEEDINFO # * NEEDINFO
# * NOTREADY # * NOTREADY
# * NOPKG
8|./core/pkg_archive/26-zmore.sh|nazunalika|NEEDINFO 8|./core/pkg_archive/26-zmore.sh|nazunalika|NEEDINFO
8|./core/pkg_nfs/12-prepare-autofs.sh|nazunalika|NEEDINFO 8|./core/pkg_nfs/12-prepare-autofs.sh|nazunalika|NEEDINFO
8|./core/pkg_diffutils/00-install-diff.sh|nazunalika|NOTREADY 8|./core/pkg_diffutils/00-install-diff.sh|nazunalika|NOTREADY
8|./core/pkg_snmp/12-test-snmp-3.sh|nazunalika|NOTWORKING 8|./core/pkg_snmp/12-test-snmp-3.sh|nazunalika|NOTWORKING
8|./core/pkg_samba/00-install-samba.sh|nazunalika|NOTWORKING 8|./core/pkg_samba/00-install-samba.sh|nazunalika|NOTWORKING
8|./core/pkg_samba/10-test-samba.sh|nazunalika|NOTWORKING 8|./core/pkg_samba/10-test-samba.sh|nazunalika|NOTWORKING
9|./core/pkg_archive/27-znew.sh|nazunalika|NOPKG
9|./core/pkg_network/30-test-arpwatch.sh|nazunalika|NOPKG

59
func/stacks.sh
View File

@ -1,59 +0,0 @@
#!/bin/bash
# Release Engineering Core Functionality Testing
# Louis Abel <label@rockylinux.org> @nazunalika
################################################################################
# Settings and variables
# Exits on any non-zero exit status - Disabled for now.
#set -e
# Undefined variables will cause an exit
set -u
COMMON_EXPORTS='./common/exports.sh'
COMMON_IMPORTS='./common/imports.sh'
SELINUX=$(getenforce)
# End
################################################################################
# shellcheck source=/dev/null disable=SC2015
[ -f $COMMON_EXPORTS ] && source $COMMON_EXPORTS || { echo -e "\n[-] $(date): Variables cannot be sourced."; exit 1; }
# shellcheck source=/dev/null disable=SC2015
[ -f $COMMON_IMPORTS ] && source $COMMON_IMPORTS || { echo -e "\n[-] $(date): Functions cannot be sourced."; exit 1; }
# Init log
# shellcheck disable=SC2015
[ -e "$LOGFILE" ] && m_recycleLog || touch "$LOGFILE"
# SELinux check
if [ "$SELINUX" != "Enforcing" ]; then
echo -e "\n[-] $(date): SELinux is not enforcing."
exit 1
fi
r_log "internal" "Starting Release Engineering Core Tests"
################################################################################
# Script Work
# Skip tests in a list - some tests are already -x, so it won't be an issue
if [ -e skip.list ]; then
r_log "internal" "Disabling tests"
# shellcheck disable=SC2162
grep -E "^${RL_VER}" skip.list | while read line; do
# shellcheck disable=SC2086
testFile="$(echo $line | cut -d '|' -f 2)"
r_log "internal" "SKIP ${testFile}"
chmod -x "${testFile}"
done
r_log "internal" "WARNING: Tests above were disabled."
fi
# TODO: should we let $1 judge what directory is ran?
# TODO: get some stacks and lib in there
#r_processor <(/usr/bin/find ./core -type f | sort -t'/')
#r_processor <(/usr/bin/find ./lib -type f | sort -t'/')
r_processor <(/usr/bin/find ./stacks -type f | sort -t'/')
r_log "internal" "Core Tests completed"
exit 0

0
func/stacks/ipa/00-ipa-pregame.sh Executable file → Normal file
View File

3
func/stacks/ipa/10-install-ipa.sh Executable file → Normal file
View File

@ -9,6 +9,5 @@ fi
# going to be the same thing or not so this check is there just in case. # going to be the same thing or not so this check is there just in case.
if [ "$RL_VER" -eq 8 ]; then if [ "$RL_VER" -eq 8 ]; then
p_enableModule idm:DL1/{client,common,dns,server} p_enableModule idm:DL1/{client,common,dns,server}
p_installPackageNormal ipa-server ipa-server-dns
fi fi
p_installPackageNormal ipa-server ipa-server-dns expect

0
func/stacks/ipa/11-configure-ipa.sh Executable file → Normal file
View File

0
func/stacks/ipa/12-verify-ipa.sh Executable file → Normal file
View File

72
func/stacks/ipa/20-ipa-user.sh Executable file → Normal file
View File

@ -4,78 +4,8 @@ if m_getArch aarch64 | grep -qE 'aarch64'; then
exit 0 exit 0
fi fi
if [ "$IPAINSTALLED" -eq 1 ]; then if [ "$IPAINSTALLED" -eq 1 ]; then
r_log "ipa" "IPA was not successfully installed. Aborting." r_log "ipa" "IPA was not successfully installed. Aborting."
r_checkExitStatus 1 r_checkExitStatus 1
fi fi
kdestroy &> /dev/null
klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)" &> /dev/null
r_checkExitStatus $?
echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL
klist | grep "admin@RLIPA.LOCAL" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Test adding a user"
ipa user-add --first=test --last=user --random ipatestuser > /tmp/ipatestuser
grep -q 'Added user "ipatestuser"' /tmp/ipatestuser
ret_val=$?
if [ "$ret_val" -ne 0 ]; then
r_log "ipa" "User was not created, this is considered fatal"
r_checkExitStatus 1
exit 1
fi
sed -i 's|^ ||g' /tmp/ipatestuser
grep -q 'First name: test' /tmp/ipatestuser
r_checkExitStatus $?
grep -q 'Last name: user' /tmp/ipatestuser
r_checkExitStatus $?
grep -q 'Full name: test user' /tmp/ipatestuser
r_checkExitStatus $?
grep -q 'Home directory: /home/ipatestuser' /tmp/ipatestuser
r_checkExitStatus $?
r_log "ipa" "Changing password of the user"
kdestroy &> /dev/null
userPassword="$(awk '/Random password/ { print $3 }' /tmp/ipatestuser)"
/bin/rm /tmp/ipatestuser
expect -f - <<EOF
set send_human {.1 .3 1 .05 2}
spawn kinit ipatestuser
sleep 1
expect "Password for ipatestuser@RLIPA.LOCAL: "
send -h -- "$(echo "$userPassword")\r"
sleep 1
expect "Enter new password: "
send -h -- "gr@YAm3thy5st!\r"
sleep 1
expect "Enter it again: "
send -h -- "gr@YAm3thy5st!\r"
sleep 5
close
EOF
r_log "ipa" "Re-doing a kinit"
expect -f - <<EOF
set send_human {.1 .3 1 .05 2}
spawn kinit ipatestuser
sleep 1
expect "Password for ipatestuser@C6IPA.LOCAL:"
send -h "gr@YAm3thy5st!\r"
sleep 1
close
EOF
klist | grep "ipatestuser@RLIPA.LOCAL" &> /dev/null
r_checkExitStatus $?
kdestroy &> /dev/null
r_log "ipa" "Testing for user in getent"
getent passwd ipatestuser &> /dev/null
r_checkExitStatus $?

52
func/stacks/ipa/21-ipa-service.sh Executable file → Normal file
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
if m_getArch aarch64 | grep -qE 'aarch64'; then if m_getArch aarch64 | grep -qE 'aarch64'; then
r_log "ipa" "Skipping for aarch64" r_log "ipa -bash" "Skipping for aarch64"
exit 0 exit 0
fi fi
@ -9,53 +9,3 @@ if [ "$IPAINSTALLED" -eq 1 ]; then
r_checkExitStatus 1 r_checkExitStatus 1
fi fi
kdestroy &> /dev/null
klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)" &> /dev/null
r_checkExitStatus $?
echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL
klist | grep "admin@RLIPA.LOCAL" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Adding test service"
ipa service-add testservice/onyxtest.rlipa.local &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Getting keytab for service"
ipa-getkeytab -s onyxtest.rlipa.local -p testservice/onyxtest.rlipa.local -k /tmp/testservice.keytab &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Getting a certificate for service"
ipa-getcert request -K testservice/onyxtest.rlipa.local -D onyxtest.rlipa.local -f /etc/pki/tls/certs/testservice.crt -k /etc/pki/tls/private/testservice.key &> /dev/null
r_checkExitStatus $?
while true; do
entry="$(ipa-getcert list -r | sed -n '/Request ID/,/auto-renew: yes/p')"
if [[ $entry =~ "status:" ]] && [[ $entry =~ "CA_REJECTED" ]]; then
r_checkExitStatus 1
break
fi
if [[ $entry =~ "" ]]; then
r_checkExitStatus 0
break
fi
sleep 1
done
while ! stat /etc/pki/tls/certs/testservice.crt &> /dev/null; do
sync
sleep 1
done
r_log "ipa" "Verifying keytab"
klist -k /tmp/testservice.keytab | grep "testservice/onyxtest.rlipa.local" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Verifying key matches the certificate"
diff <(openssl x509 -in /etc/pki/tls/certs/testservice.crt -noout -modulus 2>&1 ) <(openssl rsa -in /etc/pki/tls/private/testservice.key -noout -modulus 2>&1 )
r_checkExitStatus $?
r_log "ipa" "Verifying the certificate against our CA"
openssl verify -CAfile /etc/ipa/ca.crt /etc/pki/tls/certs/testservice.crt | grep "/etc/pki/tls/certs/testservice.crt: OK" &> /dev/null
r_checkExitStatus $?

35
func/stacks/ipa/22-ipa-dns.sh Executable file → Normal file
View File

@ -9,38 +9,3 @@ if [ "$IPAINSTALLED" -eq 1 ]; then
r_checkExitStatus 1 r_checkExitStatus 1
fi fi
kdestroy &> /dev/null
klist 2>&1 | grep -qE "(No credentials|Credentials cache .* not found)" &> /dev/null
r_checkExitStatus $?
echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL
klist | grep "admin@RLIPA.LOCAL" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Adding testzone subdomain"
ipa dnszone-add --name-server=onyxtest.rlipa.local. --admin-email=hostmaster.testzone.rlipa.local. testzone.rlipa.local &> /dev/null
r_checkExitStatus $?
sleep 5
r_log "ipa" "Get SOA from testzone subdomain"
dig @localhost SOA testzone.rlipa.local | grep -q "status: NOERROR" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Adding a CNAME record to the primary domain"
ipa dnsrecord-add rlipa.local testrecord --cname-hostname=onyxtest &> /dev/null
r_checkExitStatus $?
sleep 5
r_log "ipa" "Retrieving CNAME record"
dig @localhost CNAME testrecord.rlipa.local | grep -q "status: NOERROR" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Adding a CNAME to subdomain"
ipa dnsrecord-add testzone.rlipa.local testrecord --cname-hostname=onyxtest.rlipa.local. &> /dev/null
r_checkExitStatus $?
sleep 5
r_log "ipa" "Testing can retrieve record from subdomain"
dig @localhost CNAME testrecord.testzone.rlipa.local | grep -q "status: NOERROR" &> /dev/null
r_checkExitStatus $?

48
func/stacks/ipa/23-ipa-sudo.sh Executable file → Normal file
View File

@ -9,51 +9,3 @@ if [ "$IPAINSTALLED" -eq 1 ]; then
r_checkExitStatus 1 r_checkExitStatus 1
fi fi
kdestroy -A
klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)"
r_checkExitStatus $?
echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL
klist | grep -q "admin@RLIPA.LOCAL"
r_checkExitStatus $?
r_log "ipa" "Creating a test sudo rule"
ipa sudorule-add testrule --desc="Test rule in IPA" --hostcat=all --cmdcat=all --runasusercat=all --runasgroupcat=all &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Adding user to test sudo rule"
ipa sudorule-add-user testrule --users="ipatestuser" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Verifying rule..."
ipa sudorule-show testrule > /tmp/testrule
grep -q 'Rule name: testrule' /tmp/testrule
r_checkExitStatus $?
grep -q 'Description: Test rule in IPA' /tmp/testrule
r_checkExitStatus $?
grep -q 'Enabled: TRUE' /tmp/testrule
r_checkExitStatus $?
grep -q 'Host category: all' /tmp/testrule
r_checkExitStatus $?
grep -q 'Command category: all' /tmp/testrule
r_checkExitStatus $?
grep -q 'RunAs User category: all' /tmp/testrule
r_checkExitStatus $?
grep -q 'RunAs Group category: all' /tmp/testrule
r_checkExitStatus $?
grep -q 'Users: ipatestuser' /tmp/testrule
r_checkExitStatus $?
m_serviceCycler sssd stop
rm -rf /var/lib/sss/db/*
m_serviceCycler sssd start
sleep 5
r_log "ipa" "Verifying sudo abilities"
sudo -l -U ipatestuser > /tmp/sudooutput
grep -q 'ipatestuser may run the following commands' /tmp/sudooutput
r_checkExitStatus $?
grep -q 'ALL) ALL' /tmp/sudooutput
r_checkExitStatus $?

2
func/stacks/ipa/50-cleanup-ipa.sh Executable file → Normal file
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
if m_getArch aarch64 | grep -qE 'aarch64'; then if m_getArch aarch64 | grep -qE 'aarch64'; then
r_log "ipa" "Skipping for aarch64" r_log "ipa -bash" "Skipping for aarch64"
exit 0 exit 0
fi fi

5
func/stacks/ipa/README.md
View File

@ -1,2 +1,7 @@
While not considered a "stack", it's a combination of many things at once. So While not considered a "stack", it's a combination of many things at once. So
it is being tested as a stack. it is being tested as a stack.
We will be testing mainly against EL8. It is not clear if EL9 will keep idm as
a module in 9. However, certain tests will be checking for the release just in
case that the modules will disappear. (I can only hope that it does and that
it just goes back to what Fedora is doing and what EL7 does). -label

0
func/stacks/lamp/00-install-lamp.sh Normal file → Executable file
View File

0
func/stacks/lamp/01-verification.sh Normal file → Executable file
View File

0
func/stacks/lamp/10-test-lamp.sh Normal file → Executable file
View File

1
iso/empanadas/.gitignore vendored
View File

@ -2,4 +2,3 @@ __pycache__/
*.py[cod] *.py[cod]
*$py.class *$py.class
*.so *.so
Containerfile*.devel

2
iso/empanadas/Containerfile
View File

@ -56,7 +56,7 @@ RUN rm -rf /etc/yum.repos.d/*.repo
RUN useradd -o -d /var/peridot -u 1002 peridotbuilder && usermod -a -G mock peridotbuilder RUN useradd -o -d /var/peridot -u 1002 peridotbuilder && usermod -a -G mock peridotbuilder
RUN chown peridotbuilder:mock /etc/yum.conf && chown -R peridotbuilder:mock /etc/dnf && chown -R peridotbuilder:mock /etc/rpm && chown -R peridotbuilder:mock /etc/yum.repos.d RUN chown peridotbuilder:mock /etc/yum.conf && chown -R peridotbuilder:mock /etc/dnf && chown -R peridotbuilder:mock /etc/rpm && chown -R peridotbuilder:mock /etc/yum.repos.d
RUN pip install 'git+https://git.resf.org/sig_core/toolkit.git@devel#egg=empanadas&subdirectory=iso/empanadas' RUN pip install 'git+https://git.rockylinux.org/release-engineering/public/toolkit.git@feature/iso-kube#egg=empanadas&subdirectory=iso/empanadas'
RUN pip install awscli RUN pip install awscli

68
iso/empanadas/Containerfile.imagefactory
View File

@ -1,68 +0,0 @@
FROM docker.io/fedora:36
ADD images/get_arch /get_arch
ENV TINI_VERSION v0.19.0
RUN curl -o /tini -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-$(/get_arch)"
RUN chmod +x /tini
RUN dnf install -y \
bash \
bzip2 \
cpio \
diffutils \
findutils \
gawk \
gcc \
gcc-c++ \
git \
grep \
gzip \
info \
make \
patch \
python3 \
redhat-rpm-config \
rpm-build \
scl-utils-build \
sed \
shadow-utils \
tar \
unzip \
util-linux \
which \
xz \
dnf-plugins-core \
createrepo_c \
rpm-sign \
sudo \
mock \
python-pip \
imagefactory \
imagefactory-plugins*
RUN sed -i -e 's/# memory = 1024/memory = 2048/' /etc/oz/oz.cfg
COPY imagefactory.patch /
COPY oz.rpm /
RUN dnf -y install /oz.rpm
RUN (cd /usr/lib/python3.10/site-packages/; patch -p1 </imagefactory.patch)
RUN ssh-keygen -t rsa -q -f "$HOME/.ssh/id_rsa" -N ""
RUN dnf clean all
RUN rm -rf /etc/yum.repos.d/*.repo /get_arch
# RUN useradd -o -d /var/peridot -u 1002 peridotbuilder && usermod -a -G mock peridotbuilder
# RUN chown -R peridotbuilder:mock /etc/dnf && chown -R peridotbuilder:mock /etc/rpm && chown -R peridotbuilder:mock /etc/yum.repos.d && chown -R peridotbuilder:mock /var/lib/imagefactory/storage
RUN pip install awscli
RUN pip install 'git+https://git.resf.org/sig_core/toolkit.git@devel#egg=empanadas&subdirectory=iso/empanadas'
ENV LIBGUESTFS_BACKEND direct
COPY prep-azure.sh /prep-azure.sh
RUN chmod +x /prep-azure.sh
ENTRYPOINT ["/tini", "--"]

Some files were not shown because too many files have changed in this diff Show More