From f38b278b5087decdcf04fb660af742225f1a1a06 Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Wed, 21 Oct 2015 22:52:41 +0200 Subject: [PATCH 01/21] setup test-kitchen workflow --- Gemfile | 4 +- Rakefile | 6 +++ bin/vulcano | 2 +- test/integration/.kitchen.yml | 41 +++++++++++++++++++ test/integration/Berksfile | 4 ++ .../cookbooks/os_prepare/metadata.rb | 6 +++ .../cookbooks/os_prepare/recipes/default.rb | 5 +++ test/integration/default/_debug_spec.rb | 1 + 8 files changed, 67 insertions(+), 2 deletions(-) create mode 100644 test/integration/.kitchen.yml create mode 100644 test/integration/Berksfile create mode 100644 test/integration/cookbooks/os_prepare/metadata.rb create mode 100644 test/integration/cookbooks/os_prepare/recipes/default.rb create mode 100644 test/integration/default/_debug_spec.rb diff --git a/Gemfile b/Gemfile index da8596284..9eadff9c2 100644 --- a/Gemfile +++ b/Gemfile @@ -13,8 +13,10 @@ group :test do end group :integration do - gem 'test-kitchen', '~> 1.4' + gem 'berkshelf', '~> 4.0' + gem 'test-kitchen', git: 'https://github.com/chris-rock/test-kitchen', branch: 'test-path' gem 'kitchen-vagrant' + gem 'kitchen-inspec', git: 'git@github.com:chef/kitchen-inspec.git' gem 'concurrent-ruby', '~> 0.9' end diff --git a/Rakefile b/Rakefile index 39a5aa44b..55f588612 100644 --- a/Rakefile +++ b/Rakefile @@ -37,4 +37,10 @@ namespace :test do return if tests.empty? sh(Gem.ruby, 'test/docker_test.rb', *tests) end + + task :vm do + concurrency = ENV['CONCURRENCY'] || 4 + path = File.join(File.dirname(__FILE__), 'test', 'integration') + sh('sh', '-c', "cd #{path} && bundle exec kitchen test -c #{concurrency} -t .") + end end diff --git a/bin/vulcano b/bin/vulcano index 3aeba4d3f..b000a0841 100755 --- a/bin/vulcano +++ b/bin/vulcano @@ -57,7 +57,7 @@ class VulcanoCLI < Thor desc: 'The login user for a remote scan.' option :password, type: :string, default: nil, desc: 'Login password for a remote scan, if required.' - option :key, type: :string, default: nil, + option :key_files, type: :array, default: nil, desc: 'Login key or certificate file for a remote scan.' option :path, type: :string, default: nil, desc: 'Login path to use when connecting to the target.' diff --git a/test/integration/.kitchen.yml b/test/integration/.kitchen.yml new file mode 100644 index 000000000..27e5dc5aa --- /dev/null +++ b/test/integration/.kitchen.yml @@ -0,0 +1,41 @@ +--- +driver: + name: vagrant + +provisioner: + name: chef_solo + +verifier: + name: InSpec + +platforms: + - name: centos-7.1 + - name: centos-6.7 + - name: centos-6.7-i386 + - name: centos-5.11 + - name: centos-5.11-i386 + - name: debian-6.0.10 + - name: debian-6.0.10-i386 + - name: debian-7.8 + - name: debian-7.8-i386 + - name: debian-8.1 + - name: debian-8.1-i386 + - name: fedora-21 + - name: fedora-21-i386 + - name: fedora-22 + - name: freebsd-9.3 + - name: freebsd-10.2 + - name: opensuse-13.2-x86_64 + - name: opensuse-13.2-i386 + - name: ubuntu-14.04 + - name: ubuntu-14.04-i386 + - name: ubuntu-12.04 + - name: ubuntu-12.04-i386 + - name: ubuntu-10.04 + - name: ubuntu-10.04-i386 + +suites: + - name: default + run_list: + - recipe[os_prepare] + attributes: diff --git a/test/integration/Berksfile b/test/integration/Berksfile new file mode 100644 index 000000000..76967d3b7 --- /dev/null +++ b/test/integration/Berksfile @@ -0,0 +1,4 @@ +source 'https://supermarket.chef.io' + +cookbook 'apt' +cookbook 'os_prepare', path: './cookbooks/os_prepare' diff --git a/test/integration/cookbooks/os_prepare/metadata.rb b/test/integration/cookbooks/os_prepare/metadata.rb new file mode 100644 index 000000000..06c4055b1 --- /dev/null +++ b/test/integration/cookbooks/os_prepare/metadata.rb @@ -0,0 +1,6 @@ +# encoding: utf-8 +name 'os_prepare' +maintainer 'Chef Software, Inc.' +maintainer_email 'support@chef.io' +description 'This cookbook prepares the test operating systems' +version '1.0.0' diff --git a/test/integration/cookbooks/os_prepare/recipes/default.rb b/test/integration/cookbooks/os_prepare/recipes/default.rb new file mode 100644 index 000000000..23755abde --- /dev/null +++ b/test/integration/cookbooks/os_prepare/recipes/default.rb @@ -0,0 +1,5 @@ +# encoding: utf-8 +# author: Christoph Hartmann +# author: Dominik Richter +# +# prepare all operating systems with the required configuration diff --git a/test/integration/default/_debug_spec.rb b/test/integration/default/_debug_spec.rb new file mode 100644 index 000000000..cd3b41f6f --- /dev/null +++ b/test/integration/default/_debug_spec.rb @@ -0,0 +1 @@ +p "You are currently running on OS family: #{os[:family] || 'unknown'}, OS release: #{os[:release] || 'unknown'}" From 7d909f01dddfa29e75f54f5baa4d9109ed2632eb Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 13:57:29 +0200 Subject: [PATCH 02/21] run test with sudo --- test/integration/.kitchen.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/test/integration/.kitchen.yml b/test/integration/.kitchen.yml index 27e5dc5aa..8eaee7470 100644 --- a/test/integration/.kitchen.yml +++ b/test/integration/.kitchen.yml @@ -7,6 +7,7 @@ provisioner: verifier: name: InSpec + sudo: true platforms: - name: centos-7.1 From 836697585bf7190d6bcbbf6d0a41c4f781dc04d6 Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 14:06:32 +0200 Subject: [PATCH 03/21] bugfix: Ubuntu 10.04 initctl does not support show-config --- lib/resources/service.rb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lib/resources/service.rb b/lib/resources/service.rb index c8c30b60d..54ab6f24c 100644 --- a/lib/resources/service.rb +++ b/lib/resources/service.rb @@ -159,10 +159,15 @@ class Upstart < ServiceManager # check if a service is enabled # http://upstart.ubuntu.com/cookbook/#determine-if-a-job-is-disabled # $ initctl show-config $job | grep -q "^ start on" && echo enabled || echo disabled + # Ubuntu 10.04 show-config is not supported + # @see http://manpages.ubuntu.com/manpages/maverick/man8/initctl.8.html config = @vulcano.command("initctl show-config #{service_name}") match_enabled = /^\s*start on/.match(config.stdout) !match_enabled.nil? ? (enabled = true) : (enabled = false) + # implement fallback for Ubuntu 10.04 + enabled = true if @vulcano.os[:family] == 'ubuntu' && @vulcano.os[:release].to_f >= 10.04 && @vulcano.os[:release].to_f < 12.04 && cmd.exit_status == 0 + { name: service_name, description: nil, From eca6476ceded9c42d17f0bc4238fb834278ffbfb Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 14:07:29 +0200 Subject: [PATCH 04/21] bugfix: use absolute path for SysV service to work well with sudo on CentOS 5 --- lib/resources/service.rb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/resources/service.rb b/lib/resources/service.rb index 54ab6f24c..d623cd239 100644 --- a/lib/resources/service.rb +++ b/lib/resources/service.rb @@ -204,9 +204,8 @@ class SysV < ServiceManager # check if service is really running # service throws an exit code if the service is not installed or # not enabled - cmd = @vulcano.command("service #{service_name} status") + cmd = @vulcano.command("/sbin/service #{service_name} status") cmd.exit_status == 0 ? (running = true) : (running = false) - { name: service_name, description: nil, From 807ee03e8b13521726fd036eea8662cc1ca34337 Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 14:26:06 +0200 Subject: [PATCH 05/21] bugfix: fix regular expression to detect services on freebsd --- lib/resources/service.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/resources/service.rb b/lib/resources/service.rb index d623cd239..52e49b452 100644 --- a/lib/resources/service.rb +++ b/lib/resources/service.rb @@ -231,7 +231,7 @@ class BSDInit < ServiceManager return nil if cmd.exit_status != 0 # search for the service - srv = /(^.*#{service_name}.*)/.match(cmd.stdout) + srv = /(^.*#{service_name}$)/.match(cmd.stdout) return nil if srv.nil? || srv[0].nil? enabled = true From 28c497a49282b6da00305403cd68da38235b2f23 Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 16:20:35 +0200 Subject: [PATCH 06/21] bugfix: support for sudo and service on debian --- lib/resources/service.rb | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/resources/service.rb b/lib/resources/service.rb index 52e49b452..a852d0bef 100644 --- a/lib/resources/service.rb +++ b/lib/resources/service.rb @@ -204,7 +204,13 @@ class SysV < ServiceManager # check if service is really running # service throws an exit code if the service is not installed or # not enabled - cmd = @vulcano.command("/sbin/service #{service_name} status") + + # on debian service is located /usr/sbin/service, on centos it is located here /sbin/service + service_cmd = 'service' + service_cmd = '/usr/sbin/service' if @vulcano.os[:family] == 'debian' + service_cmd = '/sbin/service' if @vulcano.os[:family] == 'centos' + + cmd = @vulcano.command("#{service_cmd} #{service_name} status") cmd.exit_status == 0 ? (running = true) : (running = false) { name: service_name, From 773bd0e971a59f0bf06036e3494c8851951b1913 Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 16:45:09 +0200 Subject: [PATCH 07/21] improvement: add opensuse support for service resource --- lib/resources/service.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/resources/service.rb b/lib/resources/service.rb index a852d0bef..66aa62957 100644 --- a/lib/resources/service.rb +++ b/lib/resources/service.rb @@ -68,7 +68,7 @@ class Service < Vulcano.resource(1) @service_mgmt = WindowsSrv.new(vulcano) when 'freebsd' @service_mgmt = BSDInit.new(vulcano) - when 'arch' + when 'arch', 'opensuse' @service_mgmt = Systemd.new(vulcano) end From b7f179ae55986534a19d1de02b81781ec2ff1892 Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 16:59:56 +0200 Subject: [PATCH 08/21] add tests for service --- test/integration/default/service_spec.rb | 28 ++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 test/integration/default/service_spec.rb diff --git a/test/integration/default/service_spec.rb b/test/integration/default/service_spec.rb new file mode 100644 index 000000000..502b598a8 --- /dev/null +++ b/test/integration/default/service_spec.rb @@ -0,0 +1,28 @@ +# encoding: utf-8 + +# based on operating system we select the available service +if ['centos', 'fedora', 'freebsd', 'opensuse'].include?(os[:family]) + # CentOS, Fedora + unavailable_service = 'ssh' + available_service = 'sshd' +elsif ['debian'].include?(os[:family]) + # Debian + unavailable_service = 'clamav' + available_service = 'ssh' +else + # Ubuntu, Freebsd, Debian + unavailable_service = 'sshd' + available_service = 'ssh' +end + +describe service(unavailable_service) do + it { should_not be_enabled } + it { should_not be_installed } + it { should_not be_running } +end + +describe service(available_service) do + it { should be_enabled } + it { should be_installed } + it { should be_running } +end From 65761233baf205ffe1f02bf9ee8920c9b853f80a Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 19:55:13 +0200 Subject: [PATCH 09/21] update comments --- test/integration/default/service_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/integration/default/service_spec.rb b/test/integration/default/service_spec.rb index 502b598a8..8009d5d44 100644 --- a/test/integration/default/service_spec.rb +++ b/test/integration/default/service_spec.rb @@ -10,7 +10,7 @@ elsif ['debian'].include?(os[:family]) unavailable_service = 'clamav' available_service = 'ssh' else - # Ubuntu, Freebsd, Debian + # Ubuntu unavailable_service = 'sshd' available_service = 'ssh' end From 86bdb9903b4ee1c3690a26fab902f7283baad5a6 Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 19:31:55 +0200 Subject: [PATCH 10/21] bugfix: only return true and false for package installed? --- lib/resources/package.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/resources/package.rb b/lib/resources/package.rb index 21907ba60..c3dfa12ec 100644 --- a/lib/resources/package.rb +++ b/lib/resources/package.rb @@ -36,7 +36,8 @@ class Package < Vulcano.resource(1) # returns true if the package is installed def installed?(_provider = nil, _version = nil) - !info.nil? + return false if info.nil? + info[:installed] == true end # returns the package description From 022ec315298d28922fe8f7e5e7cd7e609dac9881 Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 19:32:54 +0200 Subject: [PATCH 11/21] bugfix: rpm does not return exit code if package is not available, work around that --- lib/resources/package.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/resources/package.rb b/lib/resources/package.rb index c3dfa12ec..8476b130d 100644 --- a/lib/resources/package.rb +++ b/lib/resources/package.rb @@ -89,7 +89,9 @@ end class Rpm < PkgManagement def info(package_name) cmd = @vulcano.command("rpm -qia #{package_name}") - return nil if cmd.exit_status.to_i != 0 + # CentOS does not return an error code if the package is not installed, + # therefore we need to check for emptyness + return nil if cmd.exit_status.to_i != 0 || cmd.stdout.chomp.empty? params = SimpleConfig.new( cmd.stdout.chomp, assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/, From 20afebc1a67a974f30f2cdc181f8f967d34e0ea9 Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 19:33:14 +0200 Subject: [PATCH 12/21] improvement: support package for opensuse --- lib/resources/package.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/resources/package.rb b/lib/resources/package.rb index 8476b130d..4a17c589d 100644 --- a/lib/resources/package.rb +++ b/lib/resources/package.rb @@ -21,7 +21,7 @@ class Package < Vulcano.resource(1) case vulcano.os[:family] when 'ubuntu', 'debian' @pkgman = Deb.new(vulcano) - when 'redhat', 'fedora', 'centos' + when 'redhat', 'fedora', 'centos', 'opensuse' @pkgman = Rpm.new(vulcano) when 'arch' @pkgman = Pacman.new(vulcano) From f15d05fd22719304879b599b09c49f582b48b81e Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 19:55:42 +0200 Subject: [PATCH 13/21] add package tests --- test/integration/default/package_spec.rb | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 test/integration/default/package_spec.rb diff --git a/test/integration/default/package_spec.rb b/test/integration/default/package_spec.rb new file mode 100644 index 000000000..aba113e5c --- /dev/null +++ b/test/integration/default/package_spec.rb @@ -0,0 +1,11 @@ +# encoding: utf-8 + +if ['centos', 'fedora', 'opensuse', 'debian', 'ubuntu'].include?(os[:family]) + describe package('curl') do + it { should be_installed } + end + + describe package('nginx') do + it { should_not be_installed } + end +end From ea0814939afac01e609df8a3ef6abbe1c02e13a8 Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 19:57:17 +0200 Subject: [PATCH 14/21] add prepare cookbook for package integration test --- .../cookbooks/os_prepare/metadata.rb | 2 ++ .../cookbooks/os_prepare/recipes/default.rb | 2 ++ .../cookbooks/os_prepare/recipes/package.rb | 26 +++++++++++++++++++ 3 files changed, 30 insertions(+) create mode 100644 test/integration/cookbooks/os_prepare/recipes/package.rb diff --git a/test/integration/cookbooks/os_prepare/metadata.rb b/test/integration/cookbooks/os_prepare/metadata.rb index 06c4055b1..a874318ef 100644 --- a/test/integration/cookbooks/os_prepare/metadata.rb +++ b/test/integration/cookbooks/os_prepare/metadata.rb @@ -4,3 +4,5 @@ maintainer 'Chef Software, Inc.' maintainer_email 'support@chef.io' description 'This cookbook prepares the test operating systems' version '1.0.0' +depends 'apt' +depends 'yum' diff --git a/test/integration/cookbooks/os_prepare/recipes/default.rb b/test/integration/cookbooks/os_prepare/recipes/default.rb index 23755abde..316e79549 100644 --- a/test/integration/cookbooks/os_prepare/recipes/default.rb +++ b/test/integration/cookbooks/os_prepare/recipes/default.rb @@ -3,3 +3,5 @@ # author: Dominik Richter # # prepare all operating systems with the required configuration + +include_recipe('os_prepare::package') diff --git a/test/integration/cookbooks/os_prepare/recipes/package.rb b/test/integration/cookbooks/os_prepare/recipes/package.rb new file mode 100644 index 000000000..8d8c03ce7 --- /dev/null +++ b/test/integration/cookbooks/os_prepare/recipes/package.rb @@ -0,0 +1,26 @@ +# encoding: utf-8 +# author: Christoph Hartmann +# author: Dominik Richter +# +# installs everything to do the package test + +case node['platform'] +when 'ubuntu' + include_recipe('apt') + + package 'curl' +when 'rhel', 'centos', 'fedora' + include_recipe('yum') + + # TODO: support DNF natively + # Special care for fedora 22, since dnf is not officially supported yet + # https://github.com/chef/chef/issues/3201 + if node['platform_version'] == 22 + execute 'dnf install -y yum' + end + + package 'curl' +when 'freebsd' + # do nothing + # TODO: implement Freebsd packages +end From c177a511fab6daecd5d10e512fe07d51266b6574 Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 23:53:50 +0200 Subject: [PATCH 15/21] add opensuse support for user resource --- lib/resources/user.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/resources/user.rb b/lib/resources/user.rb index 36a7a7c67..f3b1a9fbb 100644 --- a/lib/resources/user.rb +++ b/lib/resources/user.rb @@ -47,7 +47,7 @@ class User < Vulcano.resource(1) # select package manager @user_provider = nil case vulcano.os[:family] - when 'ubuntu', 'debian', 'redhat', 'fedora', 'centos', 'arch' + when 'ubuntu', 'debian', 'redhat', 'fedora', 'centos', 'arch', 'opensuse' @user_provider = LinuxUser.new(vulcano) when 'windows' @user_provider = WindowsUser.new(vulcano) From 191ef73c65e63cbc7aa4df70baaa18dc1867143e Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Thu, 22 Oct 2015 23:54:24 +0200 Subject: [PATCH 16/21] add integration test for user resource --- test/integration/default/user_spec.rb | 44 +++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 test/integration/default/user_spec.rb diff --git a/test/integration/default/user_spec.rb b/test/integration/default/user_spec.rb new file mode 100644 index 000000000..2bcd9c2bb --- /dev/null +++ b/test/integration/default/user_spec.rb @@ -0,0 +1,44 @@ +# encoding: utf-8 + +# root test +if ['centos', 'fedora', 'opensuse', 'debian', 'ubuntu'].include?(os[:family]) + + userinfo = { + name: 'root', + group: 'root', + uid: 0, + gid: 0, + groups: ["root"], + home: '/root', + shell: '/bin/bash', + } + + # different groupset for centos 5 + userinfo[:groups] = ["root", "bin", "daemon", "sys", "adm", "disk", "wheel"] if os[:release].to_i == 5 + +elsif ['freebsd'].include?(os[:family]) + + userinfo = { + name: 'root', + group: 'wheel', + uid: 0, + gid: 0, + groups: ["wheel", "operator"], + home: '/root', + shell: '/bin/csh', + } + +else + userinfo = {} +end + +describe user(userinfo[:name]) do + it { should exist } + it { should belong_to_group userinfo[:group] } + its('uid') { should eq userinfo[:uid] } + its('gid') { should eq userinfo[:gid] } + its('group') { should eq userinfo[:group] } + its('groups') { should eq userinfo[:groups] } + its('home') { should eq userinfo[:home] } + its('shell') { should eq userinfo[:shell] } +end From 4574c0795491872c3c629ee667911ef7d44365ca Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Fri, 23 Oct 2015 13:30:14 +0200 Subject: [PATCH 17/21] improvement: support all linux os for kernel_parameter --- lib/resources/kernel_parameter.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/resources/kernel_parameter.rb b/lib/resources/kernel_parameter.rb index f472cf659..5856af00b 100644 --- a/lib/resources/kernel_parameter.rb +++ b/lib/resources/kernel_parameter.rb @@ -13,7 +13,7 @@ class KernelParameter < Vulcano.resource(1) @parameter = parameter # this resource is only supported on Linux - return skip_resource 'The `kernel_module` resource is not supported on your OS.' if !%w{ubuntu debian redhat fedora arch}.include? vulcano.os[:family] + return skip_resource 'The `kernel_parameter` resource is not supported on your OS.' if !vulcano.os.linux? end def value From 1d61c0e042b0a8914c4aa53060a48b7bb2045633 Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Fri, 23 Oct 2015 13:44:20 +0200 Subject: [PATCH 18/21] add integration test for kernel_parameter --- .../default/kernel_parameter_spec.rb | 56 +++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 test/integration/default/kernel_parameter_spec.rb diff --git a/test/integration/default/kernel_parameter_spec.rb b/test/integration/default/kernel_parameter_spec.rb new file mode 100644 index 000000000..332902795 --- /dev/null +++ b/test/integration/default/kernel_parameter_spec.rb @@ -0,0 +1,56 @@ +# encoding: utf-8 + +# prepare values +if ['ubuntu', 'centos', 'fedora', 'opensuse', 'debian'].include?(os[:family]) + test_values = { + kernel_panic: 0, + ip_local_port_range: "32768\t61000", + forwarding: 0, + sched_autogroup_enabled: 1, + nf_log: 'NONE', + } + + # configue parameter derivations for different OS + test_values[:sched_autogroup_enabled] = 0 if ['centos', 'debian'].include?(os[:family]) + + if (os[:family] == 'ubuntu' && os[:release].to_f == 10.04) || + (os[:family] == 'debian' && os[:release].to_i == 6) || + (os[:family] == 'centos' && os[:release].to_i == 5) || + (os[:family] == 'opensuse') + test_values[:sched_autogroup_enabled] = nil + end + + test_values[:nf_log] = nil if os[:family] == 'centos' && os[:release].to_i == 5 + test_values[:kernel_panic] = 90 if os[:family] == 'opensuse' + +else + test_values = {} +end + +# test on all linux systems +if os.linux? + describe kernel_parameter('kernel.panic') do + its(:value) { should eq test_values[:kernel_panic] } + end + + describe kernel_parameter('net.netfilter.nf_log.0') do + its(:value) { should eq test_values[:nf_log] } + end + + describe kernel_parameter('kernel.sched_autogroup_enabled') do + its(:value) { should eq test_values[:sched_autogroup_enabled] } + end + + describe kernel_parameter('net.ipv4.ip_local_port_range') do + its(:value) { should eq test_values[:ip_local_port_range] } + end + + describe kernel_parameter('net.ipv4.conf.all.forwarding') do + its(:value) { should eq test_values[:forwarding] } + end + + # serverspec compatability + describe linux_kernel_parameter('net.ipv4.conf.all.forwarding') do + its(:value) { should eq test_values[:forwarding] } + end +end From 66a2be7f33fed8ad0470d593cc5b2a3f2dafcb8c Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Fri, 23 Oct 2015 13:57:03 +0200 Subject: [PATCH 19/21] improvement: add complete linux support for kernel_module --- lib/resources/kernel_module.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/resources/kernel_module.rb b/lib/resources/kernel_module.rb index 2b7ed5eaa..0e9a3eba9 100644 --- a/lib/resources/kernel_module.rb +++ b/lib/resources/kernel_module.rb @@ -15,7 +15,7 @@ class KernelModule < Vulcano.resource(1) @module = modulename # this resource is only supported on Linux - return skip_resource 'The `kernel_module` resource is not supported on your OS.' if !%w{ubuntu debian redhat fedora arch}.include? vulcano.os[:family] + return skip_resource 'The `kernel_parameter` resource is not supported on your OS.' if !vulcano.os.linux? end def loaded? From 0bbb70302d9800619989321fd43fd2ac36f28d45 Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Fri, 23 Oct 2015 13:57:37 +0200 Subject: [PATCH 20/21] bugfix: fix kernel_module in combination with CentOS 5 & sudo --- lib/resources/kernel_module.rb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/resources/kernel_module.rb b/lib/resources/kernel_module.rb index 0e9a3eba9..826829c35 100644 --- a/lib/resources/kernel_module.rb +++ b/lib/resources/kernel_module.rb @@ -19,8 +19,13 @@ class KernelModule < Vulcano.resource(1) end def loaded? + # default lsmod command + lsmod_cmd = 'lsmod' + # special care for CentOS 5 and sudo + lsmod_cmd = '/sbin/lsmod' if vulcano.os[:family] == 'centos' && vulcano.os[:release].to_i == 5 + # get list of all modules - cmd = vulcano.command('lsmod') + cmd = vulcano.command(lsmod_cmd) return false if cmd.exit_status != 0 # check if module is loaded From 857e5ed28e537ef715de3b77a91b7366e419990a Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Fri, 23 Oct 2015 13:58:20 +0200 Subject: [PATCH 21/21] add kernel_module integration tests --- test/integration/default/kernel_module_spec.rb | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 test/integration/default/kernel_module_spec.rb diff --git a/test/integration/default/kernel_module_spec.rb b/test/integration/default/kernel_module_spec.rb new file mode 100644 index 000000000..8744d55fe --- /dev/null +++ b/test/integration/default/kernel_module_spec.rb @@ -0,0 +1,17 @@ +# encoding: utf-8 + +# Test kernel modules on all linux systems +if os.linux? + + describe kernel_module('video') do + it { should be_loaded } + end + + describe kernel_module('bridge') do + it { should_not be_loaded } + end + + describe kernel_module('dhcp') do + it { should_not be_loaded } + end +end