From ea0dd841240c8b568c2119ac2af6846ff5737f7c Mon Sep 17 00:00:00 2001 From: libhe Date: Tue, 15 Oct 2024 08:43:19 +0800 Subject: [PATCH] some enhancements for running soomthly in s390. --- os_tests/data/guest-images/rogue.el10.lst | 5 ++ os_tests/data/guest-images/rogue.py | 92 ++++++++++++++++++++++ os_tests/data/guest-images/selinux.el9.lst | 1 + os_tests/tests/test_rhel_guest_image.py | 14 +++- 4 files changed, 108 insertions(+), 4 deletions(-) create mode 100644 os_tests/data/guest-images/rogue.py diff --git a/os_tests/data/guest-images/rogue.el10.lst b/os_tests/data/guest-images/rogue.el10.lst index c99ee95e..ed0bd106 100644 --- a/os_tests/data/guest-images/rogue.el10.lst +++ b/os_tests/data/guest-images/rogue.el10.lst @@ -96,3 +96,8 @@ /etc/systemd/system/sysinit.target.wants/systemd-confext.service /etc/systemd/system/sysinit.target.wants/systemd-sysext.service /etc/systemd/system/multi-user.target.wants/kdump.service +/boot/grub2/fonts/unicode.pf2 +/boot/grub2/grubenv +/etc/alternatives/libnssckbi.so.ppc64le +/etc/systemd/system/NetworkManager.service.wants/hcn-init.service +/etc/systemd/system/multi-user.target.wants/rtas_errd.service diff --git a/os_tests/data/guest-images/rogue.py b/os_tests/data/guest-images/rogue.py new file mode 100644 index 00000000..fcd11a08 --- /dev/null +++ b/os_tests/data/guest-images/rogue.py @@ -0,0 +1,92 @@ +import os +import subprocess +from pathlib import Path + +# Remove temporary files +tmp_files = ['/tmp/rpmdb', '/tmp/rpmdb.tmp', '/tmp/rogue', '/tmp/rogue.tmp'] +for tmp_file in tmp_files: + try: + os.remove(tmp_file) + except FileNotFoundError: + pass + +# Generate the list of files installed by RPM and resolve their real paths +with open('/tmp/rpmdb', 'w') as rpmdb_file: + subprocess.run(['rpm', '-qal'], stdout=rpmdb_file) + +with open('/tmp/rpmdb.tmp', 'w') as rpmdb_tmp_file, open('/tmp/rpmdb', 'r') as rpmdb_file: + for line in rpmdb_file: + try: + real_path = Path(line.strip()).resolve() + rpmdb_tmp_file.write(f"{real_path}\n") + except Exception: + pass # Ignore any exceptions, similar to `2>/dev/null` in the original script + +# Sort the RPM DB file and remove duplicates +subprocess.run(['sort', '-u', '/tmp/rpmdb.tmp', '-o', '/tmp/rpmdb']) + +# Find files not controlled by RPM (the rogue files) +excluded_paths = [ + '/dev/*', '/proc/*', '/run/*', '/selinux/*', '/srv/*', '/sys/*', + '/tmp/*', '/var/*', '/home/*', '/root/.bash_history', '/usr/share/mime/*' +] +find_command = ['find', '/', '!', '-type', 'd'] + [item for path in excluded_paths for item in ['! -path', path]] +result = subprocess.run(find_command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True) + +# Write rogue files to rogue.tmp +with open('/tmp/rogue.tmp', 'w') as rogue_tmp_file: + rogue_tmp_file.write(result.stdout) + +# Remove the old rogue file +try: + os.remove('/tmp/rogue') +except FileNotFoundError: + pass + +# Check which files are not owned by any RPM package +with open('/tmp/rogue.tmp', 'r') as rogue_tmp_file, open('/tmp/rogue', 'w') as rogue_file: + for line in rogue_tmp_file: + line = line.strip() + result = subprocess.run(['rpm', '-qf', line], stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True) + if 'is not owned by any package' in result.stdout: + rogue_file.write(f"{line}\n") + +# Perform the kernel filtering based on current kernel versions +kernel_versions = subprocess.run(['rpm', '-q', 'kernel'], stdout=subprocess.PIPE, text=True).stdout.splitlines() +for kernel in kernel_versions: + kernel_version = '-'.join(kernel.split('-')[1:]) # Extract kernel version + filter_paths = [ + f'/usr/lib/modules/{kernel_version}', + f'/usr/lib/firmware/{kernel_version}', + f'/lib/modules/{kernel_version}', + f'/boot/initramfs-{kernel_version}kdump.img', + f'/boot/initrd-{kernel_version}kdump.img' + ] + for path in filter_paths: + subprocess.run(['grep', '-v', path, '/tmp/rogue'], stdout=open('/tmp/rogue.tmp', 'w')) + os.replace('/tmp/rogue.tmp', '/tmp/rogue') + +# Additional filters +filter_patterns = [ + "/boot/initramfs-0-rescue-.*.img", + "/boot/vmlinuz-0-rescue-.*", + "/usr/lib/fontconfig/cache/.*.cache-7", + "/etc/sysconfig/network-scripts/ifcfg-en.*", + "/boot/grub2/[^/]*/.*mod", + "/boot/grub2/[^/]*/.*lst", + "/boot/grub2/[^/]*/.*elf", + "/boot/loader/entries/.*.conf", + "/etc/pki/ca-trust/extracted/pem/directory-hash/", + "/etc/NetworkManager/system-connections/cloud-init-.*.nmconnection" +] + +for pattern in filter_patterns: + subprocess.run(['grep', '-v', '-E', pattern, '/tmp/rogue'], stdout=open('/tmp/rogue.tmp', 'w')) + os.replace('/tmp/rogue.tmp', '/tmp/rogue') + +# Clean up temporary files +for tmp_file in ['/tmp/rpmdb', '/tmp/rpmdb.tmp', '/tmp/rogue.tmp']: + try: + os.remove(tmp_file) + except FileNotFoundError: + pass diff --git a/os_tests/data/guest-images/selinux.el9.lst b/os_tests/data/guest-images/selinux.el9.lst index 3b8f8ca9..e387b7b0 100644 --- a/os_tests/data/guest-images/selinux.el9.lst +++ b/os_tests/data/guest-images/selinux.el9.lst @@ -9,3 +9,4 @@ Would relabel /etc/insights-client/.insights-core-gpg-sig.etag from unconfined_u Would relabel /etc/insights-client/.cache.json.asc from unconfined_u:object_r:insights_client_etc_t:s0 to unconfined_u:object_r:insights_client_etc_rw_t:s0 Would relabel /etc/insights-client/.cache.json from unconfined_u:object_r:insights_client_etc_t:s0 to unconfined_u:object_r:insights_client_etc_rw_t:s0 Would relabel /etc/resolv.conf.orig from unconfined_u:object_r:etc_t:s0 to unconfined_u:object_r:net_conf_t:s0 +Would relabel /var/lib/random-seed from system_u:object_r:unlabeled_t:s0 to system_u:object_r:random_seed_t:s0 \ No newline at end of file diff --git a/os_tests/tests/test_rhel_guest_image.py b/os_tests/tests/test_rhel_guest_image.py index 5314fa06..69f587ee 100644 --- a/os_tests/tests/test_rhel_guest_image.py +++ b/os_tests/tests/test_rhel_guest_image.py @@ -489,6 +489,7 @@ def test_check_selinux_contexts(self): self, cmd, expect_ret=0, + timeout=300, msg="check selinux label through restorecon") cmd = "grep -vxFf {0} {1} > /tmp/cmp".format(dest_path, selinux_now) output = utils_lib.run_cmd(self, @@ -532,16 +533,21 @@ def test_check_files_controlled_by_rpm(self): """ product_id = utils_lib.get_product_id(self) data_file = "rogue.el%s.lst" % product_id.split('.')[0] - utils_script = "rogue.sh" + utils_script = "rogue.py" src_path = self.data_dir + '/guest-images/' + utils_script dest_path = '/tmp/' + utils_script self.SSH.put_file(local_file=src_path, rmt_file=dest_path) - cmd = "sudo sh -c 'chmod 755 %s && %s'" % (dest_path, dest_path) + cmd = "sudo python3 %s" % dest_path output = utils_lib.run_cmd(self, cmd, expect_ret=0, timeout=300, - msg="run rogue.sh") + msg="run rogue.py") + + cmd = "test -f /tmp/rogue && echo 'File exists' || echo 'File does not exist'" + output = utils_lib.run_cmd(self, cmd, expect_ret=0, msg="Check if /tmp/rogue exists") + self.assertEqual(output.strip(), 'File exists', "rogue.py failed to create /tmp/rogue") + src_path = self.data_dir + '/guest-images/' + data_file dest_path = '/tmp/' + data_file self.SSH.put_file(local_file=src_path, rmt_file=dest_path) @@ -653,7 +659,7 @@ def test_check_boot_cmdline_parameters(self): N/A """ for count in utils_lib.iterate_timeout( - 120, "Timed out waiting for getting IP address."): + 600, "Timed out waiting for getting IP address."): cmd = 'sudo systemctl is-active kdump' ret = utils_lib.run_cmd(self, cmd,