forked from sig_core/toolkit
466 lines
18 KiB
Markdown
466 lines
18 KiB
Markdown
Release Engineering Core Functionality Testing
|
|
==============================================
|
|
|
|
These are a set of scripts that are designed to test the core functionality
|
|
of a Rocky Linux system. They are designed to work on current versions of
|
|
Rocky and are used to test a system as a Release Engineering self-QA but
|
|
can be used by others for their own personal testing (under the assumption
|
|
that you just want to see what happens, we don't judge :).
|
|
|
|
These tests *must* pass for a release to be considered "Core Validated"
|
|
Checking against the upstream repositories for package matches are not enough
|
|
and are/will be addressed by other tools.
|
|
|
|
* common -> Functions that our scripts and tests may or may not use. Templates
|
|
and other files should come here too under common/files and
|
|
scripts that use them should reference them as `./common/files/...`
|
|
* core -> Core functionality and testing. For example, packages and service
|
|
functionality.
|
|
* lib -> Library tests (these may be done elsewhere)
|
|
* log -> Log output. This repository has example logs of running on Rocky
|
|
Linux.
|
|
* modules -> Tests for module streams and their basic tests
|
|
* stacks -> Software stacks, think like LAMP.
|
|
|
|
How to Run
|
|
----------
|
|
|
|
There are two ways to run through the tests:
|
|
|
|
* By running `/bin/bash runtests.sh`
|
|
* Runs all tests
|
|
* By running `/bin/bash monotests.sh`
|
|
* Runs all tests one by one to help identify failures as they happen
|
|
|
|
Adding Tests
|
|
------------
|
|
|
|
So you want to add a few tests. Great! Before you add them, I want you to ask
|
|
yourself the following questions:
|
|
|
|
* Are my test(s) brand new?
|
|
* Are my test(s) actually for the "core" functionality of the system?
|
|
* Will my test(s) be going through a shellcheck?
|
|
* Were my tests running with SELinux enforcing?
|
|
|
|
If you've answered no to any of the above, the test may not be valid for this
|
|
project. If you are planning on changing a test or fixing a test to look or
|
|
work better, then a PR is more than welcome. Some things could definitely
|
|
use some touching up or improvements.
|
|
|
|
When creating tests, the below should be followed (at a minimum):
|
|
|
|
* Use functions from `./common/imports.sh`
|
|
* Global variables should be in `./common/exports.sh`
|
|
* Reusable files should be in `./common/files`
|
|
* Logging is enforced; use `r_log` where ever necessary
|
|
* Exits and status checks should be against `r_checkExitStatus`
|
|
* Place comments where `r_log` won't be descriptive enough
|
|
* With some exceptions, keep lines to a maximum of 80 characters
|
|
* Use fullpath to binaries when necessary
|
|
* Use shellcheck to verify the scripts are valid and compliant (some stuff that
|
|
shellcheck reports could be false - Just use a comment to turn off that test
|
|
for that particular line, but you need to ensure it's a false positive.)
|
|
* All filenames should start with a number and end with `.sh` (eg `00-foo.sh`)
|
|
* The executable bit should be set (except for scripts that are sourced)
|
|
|
|
**Note**: that if tests should be skipped, they should be placed into the
|
|
`skip.list` file so that way they won't run during the test phase. The file will
|
|
get a -x placed on it. Note that this is generally OK, since this repo will just
|
|
be cloned when being used anyway and won't be committed back. It is just
|
|
expected that all scripts are +x to begin with unless there's a valid reason.
|
|
There are a few tests we already have disabled because they're either not done
|
|
or they are acting strangely.
|
|
|
|
**Note**: If a package required additional modification (eg, dotnet) and it
|
|
it has a `.rocky` on the release tag, then it should be noted in the mods.list.
|
|
The same thing goes for the debrand list. Additionally, if certain patches
|
|
can change the output, it would be good to test for this (see `core/pkg_httpd`)
|
|
for an example.
|
|
|
|
Core Functionality
|
|
------------------
|
|
|
|
Everyone has their own idea of "core functionality." In the case of Release
|
|
Engineering, core functionality is simply us saying that with a basic
|
|
installation of Rocky Linux, we can run basic commands that any system admin,
|
|
developer, or casual user would run and expect to work on a regular basis.
|
|
|
|
Think about the software you probably use fairly regularly on any Linux system
|
|
that you've installed, ran, or are currently running. Now think about the
|
|
commands that you run day in, and day out. Now consider that what you're
|
|
running isn't niche and it's highly likely others use them too. If something
|
|
goes wrong with the build of your distribution, your tools might not work as
|
|
expected. Which is why the idea of doing basic testing of most, if not all of
|
|
the common stuff is a good thing to do.
|
|
|
|
While writing this, the things that come to mind are:
|
|
|
|
* archiving: zip, tar, gzip, etc
|
|
* file: head, tail, less, cat, diff, find, grep, vim, git
|
|
* network: ping, ip, ssh, wget, curl
|
|
* packaging: rpm, dnf
|
|
* system utilities: systemctl, top, sudo, ps
|
|
* web (packaging): httpd
|
|
|
|
Those are just off the top of my head. There's obviously a lot more, but with
|
|
that in mind, you now have the idea of what we're trying to accomplish with
|
|
this set of tests.
|
|
|
|
With that being said, there are obviously other tests being employed for things
|
|
that people may or may not use (LAMP stacks for example). It's not a core
|
|
function by any means, but it at least validates that a common thing or set of
|
|
things works as intended without extending the system or fixing the baseline
|
|
set of packages.
|
|
|
|
FAQ
|
|
---
|
|
|
|
### How do I know what some of these scripts do?
|
|
You can view the script and look at the various `r_log` lines or the comments
|
|
if they happen to be there. If you don't see a comment, look for an `r_log`.
|
|
|
|
### How do I disable a test?
|
|
A test can be disabled by running `chmod -x` on any given test. It's also
|
|
recommended to add it to `skip.list`
|
|
|
|
### Won't some of the tests have to change on (insert major release here)?
|
|
Yes and no. There are some tests will have to be altered to deal with it, but
|
|
the only way to really find out is to run the tests on a new major release
|
|
and see what happens.
|
|
|
|
### A test failed, what do I do?
|
|
Run a test manually to get the error. (Most) errors are not sent to the logs
|
|
as the logs are mainly to say if something was "PASSED", "FAILED", or "SKIPPED".
|
|
|
|
### A test isn't descriptive enough on r_log or comments, can I PR for that?
|
|
Absolutely - If you feel there is a gap, please fork and change what you feel
|
|
needs more information!
|
|
|
|
### Do I really need SELinux enforcing to run/add tests?
|
|
Yes.
|
|
|
|
### Why though?
|
|
Ensuring the tests work and operate under default conditions (firewall and
|
|
selinux are up) helps those who use our distribution in environments where
|
|
security is important, actually work and function correctly.
|
|
|
|
With that said, There is no reason to disable integral security layers on your
|
|
system.
|
|
|
|
Current Tree
|
|
------------
|
|
```
|
|
.
|
|
├── common
|
|
│ ├── exports.sh
|
|
│ ├── files
|
|
│ │ ├── correct-passwd
|
|
│ │ ├── correct-shadow
|
|
│ │ ├── dovecot-test-sasl
|
|
│ │ ├── hello.c
|
|
│ │ ├── hello.cpp
|
|
│ │ ├── incorrect-passwd
|
|
│ │ ├── incorrect-shadow
|
|
│ │ ├── lamp-sql
|
|
│ │ ├── lamp-sql-php
|
|
│ │ ├── malform-group
|
|
│ │ ├── malform-gshadow
|
|
│ │ ├── openssl-answers
|
|
│ │ ├── postfix-test-sasl
|
|
│ │ ├── postfix-test-tls
|
|
│ │ └── smb.conf
|
|
│ └── imports.sh
|
|
├── core
|
|
│ ├── pkg_acl
|
|
│ │ ├── 00-install-acl.sh
|
|
│ │ ├── 10-test-acl-functions.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_archive
|
|
│ │ ├── 00-install-formats.sh
|
|
│ │ ├── 10-bzip.sh
|
|
│ │ ├── 20-gzip-bin-test.sh
|
|
│ │ ├── 21-gzip-test.sh
|
|
│ │ ├── 22-gzexe.sh
|
|
│ │ ├── 23-zcmp-zdiff.sh
|
|
│ │ ├── 24-zforce.sh
|
|
│ │ ├── 25-zgrep.sh
|
|
│ │ ├── 25-zless.sh
|
|
│ │ ├── 26-zmore.sh
|
|
│ │ ├── 27-znew.sh
|
|
│ │ ├── 30-tar.sh
|
|
│ │ ├── 40-xzcmp-xzdiff.sh
|
|
│ │ ├── 40-zip.sh
|
|
│ │ ├── 50-lzop.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_attr
|
|
│ │ ├── 00-install-attr.sh
|
|
│ │ ├── 10-check-attr.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_auditd
|
|
│ │ ├── 00-install-auditd.sh
|
|
│ │ ├── 10-auditd-logs.sh
|
|
│ │ ├── 11-generate-events.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_bash
|
|
│ │ ├── 00-bash-version.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_bc
|
|
│ │ ├── 00-install-bc.sh
|
|
│ │ ├── 10-test-calculation.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_bind
|
|
│ │ ├── 00-install-bind.sh
|
|
│ │ ├── 10-test-lookup.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_coreutils
|
|
│ │ ├── 00-install-coreutils.sh
|
|
│ │ ├── 10-arch.sh
|
|
│ │ ├── 11-basename.sh
|
|
│ │ ├── 12-cat.sh
|
|
│ │ ├── 13-cut.sh
|
|
│ │ ├── 14-bool.sh
|
|
│ │ ├── 15-heads-tails.sh
|
|
│ │ ├── 16-pathchk.sh
|
|
│ │ ├── 17-readlink.sh
|
|
│ │ ├── 18-seq.sh
|
|
│ │ ├── 19-timeout.sh
|
|
│ │ ├── 20-hash.sh
|
|
│ │ ├── 21-touch-ls.sh
|
|
│ │ ├── 22-uniq.sh
|
|
│ │ ├── 23-wc.sh
|
|
│ │ ├── 24-yes.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_cpio
|
|
│ │ ├── 00-install-cpio.sh
|
|
│ │ ├── 10-cpio.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_cracklib
|
|
│ │ ├── 00-install-cracklib.sh
|
|
│ │ ├── 10-test-passwords.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_cron
|
|
│ │ ├── 00-install-cron.sh
|
|
│ │ ├── 10-dot-cron.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_curl
|
|
│ │ ├── 00-install-curl.sh
|
|
│ │ ├── 10-test-curl.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_diffutils
|
|
│ │ ├── 00-install-diff.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_dnf
|
|
│ │ ├── 10-remove-package.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_dovecot
|
|
│ │ ├── 00-install-dovecot.sh
|
|
│ │ ├── 01-configure-dovecot.sh
|
|
│ │ ├── 10-pop3-test.sh
|
|
│ │ ├── 11-imap-test.sh
|
|
│ │ ├── 12-dovecot-clean.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_file
|
|
│ │ ├── 00-install-file.sh
|
|
│ │ ├── 10-mime-check.sh
|
|
│ │ ├── 20-mime-image.sh
|
|
│ │ ├── 30-mime-symlink.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_findutils
|
|
│ │ ├── 00-install-findutils.sh
|
|
│ │ ├── 10-find.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_firefox
|
|
│ │ ├── 00-install-firefox.sh
|
|
│ │ ├── 10-check-firefox-start-page.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_firewalld
|
|
│ │ ├── 00-install-firewalld.sh
|
|
│ │ ├── 10-firewalld-check-rule.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_freeradius
|
|
│ │ ├── 00-install-freeradius.sh
|
|
│ │ ├── 10-test-freeradius.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_gcc
|
|
│ │ ├── 00-install-gcc.sh
|
|
│ │ ├── 10-gcc-build-simple.sh
|
|
│ │ ├── 11-gcc-build-cpp.sh
|
|
│ │ ├── 20-annobin-test-gcc.sh
|
|
│ │ ├── 21-annobin-test-gplusplus.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_git
|
|
│ │ ├── 00-install-git.sh
|
|
│ │ ├── 10-test-git.sh
|
|
│ │ ├── 11-test-clone-log.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_httpd
|
|
│ │ ├── 00-install-httpd.sh
|
|
│ │ ├── 10-httpd-branding.sh
|
|
│ │ ├── 20-test-basic-http.sh
|
|
│ │ ├── 21-test-basic-https.sh
|
|
│ │ ├── 30-test-basic-auth.sh
|
|
│ │ ├── 40-test-basic-vhost.sh
|
|
│ │ ├── 50-test-basic-php.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_kernel
|
|
│ │ ├── 10-test-kernel-keyring.sh
|
|
│ │ ├── 11-test-secure-boot.sh
|
|
│ │ ├── 12-test-debrand.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_lsb
|
|
│ │ ├── 00-install-lsb.sh
|
|
│ │ ├── 10-test-branding.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_lsof
|
|
│ │ ├── 00-install-lsof.sh
|
|
│ │ ├── 10-test-lsof.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_network
|
|
│ │ ├── 00-install-packages.sh
|
|
│ │ ├── 10-tracepath.sh
|
|
│ │ ├── 11-traceroute.sh
|
|
│ │ ├── 12-mtr.sh
|
|
│ │ ├── 13-iptraf.sh
|
|
│ │ ├── 20-configure-bridge.sh
|
|
│ │ ├── 30-test-arpwatch.sh
|
|
│ │ ├── imports.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_nfs
|
|
│ │ ├── 00-install-nfs.sh
|
|
│ │ ├── 10-prepare-nfs-ro.sh
|
|
│ │ ├── 11-prepare-nfs-rw.sh
|
|
│ │ ├── 12-prepare-autofs.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_openssl
|
|
│ │ ├── 00-install-openssl.sh
|
|
│ │ ├── 10-test-openssl.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_perl
|
|
│ │ ├── 00-install-perl.sh
|
|
│ │ ├── 10-test-perl.sh
|
|
│ │ ├── 11-test-perl-script.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_postfix
|
|
│ │ ├── 00-install-postfix.sh
|
|
│ │ ├── 10-test-helo.sh
|
|
│ │ ├── 20-mta.sh
|
|
│ │ ├── 30-postfix-sasl.sh
|
|
│ │ ├── 40-postfix-tls.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_python
|
|
│ │ ├── 00-install-python.sh
|
|
│ │ ├── 10-test-python3.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_release
|
|
│ │ ├── 00-install-file.sh
|
|
│ │ ├── 10-name-sanity-check.sh
|
|
│ │ ├── 20-check-gpg-keys.sh
|
|
│ │ ├── 30-os-release.sh
|
|
│ │ ├── 40-system-release.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_rootfiles
|
|
│ │ ├── 00-install-rootfiles.sh
|
|
│ │ └── 10-test-rootfiles.sh
|
|
│ ├── pkg_rsyslog
|
|
│ │ ├── 00-install-rsyslog.sh
|
|
│ │ ├── 10-test-syslog.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_samba
|
|
│ │ ├── 00-install-samba.sh
|
|
│ │ ├── 10-test-samba.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_secureboot
|
|
│ │ ├── 10-test-grub-secureboot.sh
|
|
│ │ ├── 11-test-shim-certs.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_selinux
|
|
│ │ ├── 00-install-selinux-tools.sh
|
|
│ │ ├── 10-check-alerts.sh
|
|
│ │ └── 20-check-policy-mismatch.sh
|
|
│ ├── pkg_setup
|
|
│ │ ├── 00-test-shells.sh
|
|
│ │ ├── 10-test-group-file.sh
|
|
│ │ ├── 20-test-passwd-file.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_shadow-utils
|
|
│ │ ├── 00-install.sh
|
|
│ │ ├── 10-files-verify.sh
|
|
│ │ ├── 20-user-tests.sh
|
|
│ │ ├── 30-group-tests.sh
|
|
│ │ ├── 40-pw.sh
|
|
│ │ ├── 90-clean.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_snmp
|
|
│ │ ├── 00-install-snmp.sh
|
|
│ │ ├── 10-test-snmp-1.sh
|
|
│ │ ├── 11-test-snmp-2.sh
|
|
│ │ ├── 12-test-snmp-3.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_sqlite
|
|
│ │ ├── 00-install-sqlite.sh
|
|
│ │ ├── 10-sqlite-tables.sh
|
|
│ │ ├── 20-sqlite-dump.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_strace
|
|
│ │ ├── 00-install-strace.sh
|
|
│ │ ├── 10-test-strace.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_sysstat
|
|
│ │ ├── 00-install-sysstat.sh
|
|
│ │ ├── 10-iostat.sh
|
|
│ │ ├── 11-cpu.sh
|
|
│ │ ├── 12-cpu-io.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_systemd
|
|
│ │ ├── 00-systemd-list-services.sh
|
|
│ │ ├── 10-systemd-list-non-native-sevices.sh
|
|
│ │ ├── 11-systemd-service-status.sh
|
|
│ │ ├── 20-systemd-journald.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_tcpdump
|
|
│ │ └── README.md
|
|
│ ├── pkg_telnet
|
|
│ │ ├── 00-install-telnet.sh
|
|
│ │ └── 10-test-telnet.sh
|
|
│ ├── pkg_vsftpd
|
|
│ │ ├── 00-install-vsftpd.sh
|
|
│ │ ├── 10-anonymous-vsftpd.sh
|
|
│ │ ├── 20-local-login.sh
|
|
│ │ ├── 30-cleanup.sh
|
|
│ │ └── README.md
|
|
│ ├── pkg_wget
|
|
│ │ ├── 00-install-wget.sh
|
|
│ │ ├── 10-test-wget.sh
|
|
│ │ └── README.md
|
|
│ └── pkg_which
|
|
│ ├── 00-install-which.sh
|
|
│ ├── 10-test-which.sh
|
|
│ └── README.md
|
|
├── debrand.list
|
|
├── lib
|
|
├── log
|
|
│ └── README.md
|
|
├── mods.list
|
|
├── modules
|
|
├── monotests.sh
|
|
├── README.md
|
|
├── runtests.sh
|
|
├── skip.list
|
|
└── stacks
|
|
├── ipa
|
|
│ ├── 00-ipa-pregame.sh
|
|
│ ├── 10-install-ipa.sh
|
|
│ ├── 11-configure-ipa.sh
|
|
│ ├── 12-verify-ipa.sh
|
|
│ ├── 20-ipa-user.sh
|
|
│ ├── 21-ipa-service.sh
|
|
│ ├── 22-ipa-dns.sh
|
|
│ ├── 23-ipa-sudo.sh
|
|
│ ├── 50-cleanup-ipa.sh
|
|
│ └── README.md
|
|
└── lamp
|
|
├── 00-install-lamp.sh
|
|
├── 01-verification.sh
|
|
└── 10-test-lamp.sh
|
|
```
|