diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 18:37:14 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 18:37:14 +0000 |
| commit | ea648e70a989cca190cd7403fe892fd2dcc290b4 (patch) | |
| tree | e2b6b1c647da68b0d4d66082835e256eb30970e8 /bin/tests/system/runtime | |
| parent | Initial commit. (diff) | |
| download | bind9-upstream.tar.xz bind9-upstream.zip | |
Adding upstream version 1:9.11.5.P4+dfsg.upstream/1%9.11.5.P4+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
| -rw-r--r-- | bin/tests/system/runtime/README | 6 | ||||
| -rw-r--r-- | bin/tests/system/runtime/clean.sh | 20 | ||||
| -rw-r--r-- | bin/tests/system/runtime/ns2/named-alt1.conf.in | 33 | ||||
| -rw-r--r-- | bin/tests/system/runtime/ns2/named-alt2.conf.in | 33 | ||||
| -rw-r--r-- | bin/tests/system/runtime/ns2/named-alt3.conf.in | 34 | ||||
| -rw-r--r-- | bin/tests/system/runtime/ns2/named-alt4.conf.in | 30 | ||||
| -rw-r--r-- | bin/tests/system/runtime/ns2/named-alt5.conf.in | 29 | ||||
| -rw-r--r-- | bin/tests/system/runtime/ns2/named-alt6.conf.in | 30 | ||||
| -rw-r--r-- | bin/tests/system/runtime/ns2/named1.conf.in | 33 | ||||
| -rw-r--r-- | bin/tests/system/runtime/setup.sh | 35 | ||||
| -rw-r--r-- | bin/tests/system/runtime/tests.sh | 153 |
11 files changed, 436 insertions, 0 deletions
diff --git a/bin/tests/system/runtime/README b/bin/tests/system/runtime/README new file mode 100644 index 0000000..11429a2 --- /dev/null +++ b/bin/tests/system/runtime/README @@ -0,0 +1,6 @@ +Copyright (C) Internet Systems Consortium, Inc. ("ISC") + +See COPYRIGHT in the source root or http://isc.org/copyright.html for terms. + +Tests of runtime checks, e.g., that named prevents duplicate processes +from running. diff --git a/bin/tests/system/runtime/clean.sh b/bin/tests/system/runtime/clean.sh new file mode 100644 index 0000000..e98d0f3 --- /dev/null +++ b/bin/tests/system/runtime/clean.sh @@ -0,0 +1,20 @@ +#!/bin/sh +# +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +rm -f ns2/named.conf ns2/named-alt*.conf +rm -f */named.memstats +rm -f */named*.run +rm -f ns*/named.lock ns*/named*.pid ns*/other.lock +rm -f *.pid +rm -f rndc.out* +[ -d ns2/nope ] && chmod 755 ns2/nope +rm -rf ns2/nope +rm -f ns2/dir ns2/nopedir ns2/mkd ns2/nopemkd diff --git a/bin/tests/system/runtime/ns2/named-alt1.conf.in b/bin/tests/system/runtime/ns2/named-alt1.conf.in new file mode 100644 index 0000000..87ff94c --- /dev/null +++ b/bin/tests/system/runtime/ns2/named-alt1.conf.in @@ -0,0 +1,33 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + port @PORT@; + pid-file "named2.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + notify yes; + dnssec-enable no; + dnssec-validation no; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; +}; diff --git a/bin/tests/system/runtime/ns2/named-alt2.conf.in b/bin/tests/system/runtime/ns2/named-alt2.conf.in new file mode 100644 index 0000000..9191e42 --- /dev/null +++ b/bin/tests/system/runtime/ns2/named-alt2.conf.in @@ -0,0 +1,33 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + port @PORT@; + pid-file "named3.pid"; + listen-on { 10.53.0.2; 10.53.0.3; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + notify yes; + dnssec-enable no; + dnssec-validation no; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; +}; diff --git a/bin/tests/system/runtime/ns2/named-alt3.conf.in b/bin/tests/system/runtime/ns2/named-alt3.conf.in new file mode 100644 index 0000000..ce3eab4 --- /dev/null +++ b/bin/tests/system/runtime/ns2/named-alt3.conf.in @@ -0,0 +1,34 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + port @PORT@; + pid-file "named4.pid"; + lock-file none; + listen-on { 10.53.0.2; 10.53.0.3; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + notify yes; + dnssec-enable no; + dnssec-validation no; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; +}; diff --git a/bin/tests/system/runtime/ns2/named-alt4.conf.in b/bin/tests/system/runtime/ns2/named-alt4.conf.in new file mode 100644 index 0000000..a0b79c3 --- /dev/null +++ b/bin/tests/system/runtime/ns2/named-alt4.conf.in @@ -0,0 +1,30 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + include "dir"; + include "nopemkd"; + port @PORT@; + pid-file "../named4.pid"; + listen-on { 127.0.0.1; }; + listen-on-v6 { none; }; + recursion yes; + dnssec-validation auto; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; +}; diff --git a/bin/tests/system/runtime/ns2/named-alt5.conf.in b/bin/tests/system/runtime/ns2/named-alt5.conf.in new file mode 100644 index 0000000..82e95b1 --- /dev/null +++ b/bin/tests/system/runtime/ns2/named-alt5.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + include "nopedir"; + port @PORT@; + pid-file "../named5.pid"; + listen-on { 127.0.0.1; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation auto; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; +}; diff --git a/bin/tests/system/runtime/ns2/named-alt6.conf.in b/bin/tests/system/runtime/ns2/named-alt6.conf.in new file mode 100644 index 0000000..548f3c2 --- /dev/null +++ b/bin/tests/system/runtime/ns2/named-alt6.conf.in @@ -0,0 +1,30 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + include "../nopedir"; + include "../mkd"; + port @PORT@; + pid-file "../named6.pid"; + listen-on { 127.0.0.1; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation auto; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; +}; diff --git a/bin/tests/system/runtime/ns2/named1.conf.in b/bin/tests/system/runtime/ns2/named1.conf.in new file mode 100644 index 0000000..7eb7f6c --- /dev/null +++ b/bin/tests/system/runtime/ns2/named1.conf.in @@ -0,0 +1,33 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + notify yes; + dnssec-enable no; + dnssec-validation no; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; diff --git a/bin/tests/system/runtime/setup.sh b/bin/tests/system/runtime/setup.sh new file mode 100644 index 0000000..04cb026 --- /dev/null +++ b/bin/tests/system/runtime/setup.sh @@ -0,0 +1,35 @@ +#!/bin/sh -e +# +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh + +copy_setports ns2/named1.conf.in ns2/named.conf + +copy_setports ns2/named-alt1.conf.in ns2/named-alt1.conf +copy_setports ns2/named-alt2.conf.in ns2/named-alt2.conf +copy_setports ns2/named-alt3.conf.in ns2/named-alt3.conf + +mkdir ns2/nope + +if [ 1 = "${CYGWIN:-0}" ] +then + setfacl -s user::r-x,group::r-x,other::r-x ns2/nope +else + chmod 555 ns2/nope +fi + +echo "directory \"`pwd`/ns2\";" > ns2/dir +echo "directory \"`pwd`/ns2/nope\";" > ns2/nopedir +echo "managed-keys-directory \"`pwd`/ns2\";" > ns2/mkd +echo "managed-keys-directory \"`pwd`/ns2/nope\";" > ns2/nopemkd diff --git a/bin/tests/system/runtime/tests.sh b/bin/tests/system/runtime/tests.sh new file mode 100644 index 0000000..abb603c --- /dev/null +++ b/bin/tests/system/runtime/tests.sh @@ -0,0 +1,153 @@ +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + +status=0 +n=0 + +n=`expr $n + 1` +echo_i "verifying that named started normally ($n)" +ret=0 +[ -s ns2/named.pid ] || ret=1 +grep "unable to listen on any configured interface" ns2/named.run > /dev/null && ret=1 +grep "another named process" ns2/named.run > /dev/null && ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +if [ ! "$CYGWIN" ]; then + n=`expr $n + 1` + echo_i "verifying that named checks for conflicting listeners ($n)" + ret=0 + (cd ns2; $NAMED -c named-alt1.conf -D ns2-extra-1 -X other.lock -m record,size,mctx -d 99 -g -U 4 >> named2.run 2>&1 & ) + for i in 1 2 3 4 5 6 7 8 9 + do + grep "unable to listen on any configured interface" ns2/named2.run > /dev/null && break + sleep 1 + done + grep "unable to listen on any configured interface" ns2/named2.run > /dev/null || ret=1 + for i in 1 2 3 4 5 6 7 8 9 + do + grep "exiting (due to fatal error)" ns2/named2.run > /dev/null && break + sleep 1 + done + pid=`cat ns2/named2.pid 2>/dev/null` + test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 + if [ $ret != 0 ]; then echo_i "failed"; fi + status=`expr $status + $ret` +fi + +n=`expr $n + 1` +echo_i "verifying that named checks for conflicting named processes ($n)" +ret=0 +(cd ns2; $NAMED -c named-alt2.conf -D ns2-extra-2 -X named.lock -m record,size,mctx -d 99 -g -U 4 >> named3.run 2>&1 & ) +sleep 2 +grep "another named process" ns2/named3.run > /dev/null || ret=1 +pid=`cat ns2/named3.pid 2>/dev/null` +test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "verifying that 'lock-file none' disables process check ($n)" +ret=0 +(cd ns2; $NAMED -c named-alt3.conf -D ns2-extra-3 -m record,size,mctx -d 99 -g -U 4 >> named4.run 2>&1 & ) +sleep 2 +grep "another named process" ns2/named4.run > /dev/null && ret=1 +pid=`cat ns2/named4.pid 2>/dev/null` +test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +if $SHELL ../testcrypto.sh -q +then + n=`expr $n + 1` + echo_i "checking that named refuses to reconfigure if managed-keys-directory is set and not writable ($n)" + ret=0 + copy_setports ns2/named-alt4.conf.in ns2/named.conf + $RNDCCMD 10.53.0.2 reconfig > rndc.out.$n 2>&1 + grep "failed:" rndc.out.$n > /dev/null 2>&1 || ret=1 + sleep 1 + grep "managed-keys-directory '.*' is not writable" ns2/named.run > /dev/null 2>&1 || ret=1 + if [ $ret != 0 ]; then echo_i "failed"; fi + status=`expr $status + $ret` + + n=`expr $n + 1` + echo_i "checking that named refuses to reconfigure if managed-keys-directory is unset and working directory is not writable ($n)" + ret=0 + copy_setports ns2/named-alt5.conf.in ns2/named.conf + $RNDCCMD 10.53.0.2 reconfig > rndc.out.$n 2>&1 + grep "failed:" rndc.out.$n > /dev/null 2>&1 || ret=1 + sleep 1 + grep "working directory '.*' is not writable" ns2/named.run > /dev/null 2>&1 || ret=1 + if [ $ret != 0 ]; then echo_i "failed"; fi + status=`expr $status + $ret` + + n=`expr $n + 1` + echo_i "checking that named reconfigures if working directory is not writable but managed-keys-directory is ($n)" + ret=0 + copy_setports ns2/named-alt6.conf.in ns2/named.conf + $RNDCCMD 10.53.0.2 reconfig > rndc.out.$n 2>&1 + grep "failed:" rndc.out.$n > /dev/null 2>&1 && ret=1 + if [ $ret != 0 ]; then echo_i "failed"; fi + status=`expr $status + $ret` + + echo_i "shutting down existing named" + pid=`cat named4.pid 2>/dev/null` + test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 + pid=`cat named5.pid 2>/dev/null` + test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 + pid=`cat named6.pid 2>/dev/null` + test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 +fi + +n=`expr $n + 1` +echo_i "checking that named refuses to start if managed-keys-directory is set and not writable ($n)" +ret=0 +cd ns2 +$NAMED -c named-alt4.conf -d 99 -g > named4.run 2>&1 & +sleep 2 +grep "exiting (due to fatal error)" named4.run > /dev/null || ret=1 +pid=`cat named4.pid 2>/dev/null` +test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 +cd .. +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking that named refuses to start if managed-keys-directory is unset and working directory is not writable ($n)" +ret=0 +cd ns2 +$NAMED -c named-alt5.conf -d 99 -g > named5.run 2>&1 & +sleep 2 +grep "exiting (due to fatal error)" named5.run > /dev/null || ret=1 +pid=`cat named5.pid 2>/dev/null` +test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 +cd .. +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking that named starts if managed-keys-directory is writable and working directory is not writable ($n)" +ret=0 +cd ns2 +$NAMED -c named-alt6.conf -d 99 -g > named6.run 2>&1 & +sleep 2 +grep "exiting (due to fatal error)" named6.run > /dev/null || ret=1 +pid=`cat named6.pid 2>/dev/null` +test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 +cd .. +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +echo_i "exit status: $status" +[ $status -eq 0 ] || exit 1 |