On Fri, 2017-09-08 at 10:46 +0200, Normand wrote: > Hello Adam, > I discovered this morning that the openQA running on openqa.stg has some > hack code (1) but this change is not visible in master or staging branch > on pagure. > So I am not able to identify if any other changes are present on the > machine. > > Would it be possible to have a remote read access to the openQA source > code used by openqa.stg to help for test failure investigation ? > > (1) > https://openqa.stg.fedoraproject.org/tests/156101/modules/server_cockpit_default/steps/1/src > === > sub run { > my $self = shift; > # HACK HACK HACK > assert_script_run "setenforce 0"; > # check cockpit appears to be enabled and running and firewall is > setup > assert_script_run 'systemctl is-enabled cockpit.socket'; > ===
Yeah, sorry about that, I tend to monkey patch staging quite often in cases like this. In theory when we're doing this we're supposed to commit the changes to the 'staging' branch so others can see what's going on, I'll try to be better at doing that. The current diff is quite small: [root@openqa-stg01 fedora][PROD]# git diff diff --git a/lib/utils.pm b/lib/utils.pm index b8e1c00..a49d0ec 100644 --- a/lib/utils.pm +++ b/lib/utils.pm @@ -196,6 +196,8 @@ sub do_bootloader { ofw => get_var("OFW"), @_ ); + # HACK HACK HACK + $args{params} .= " enforcing=0"; # if not postinstall not UEFI and not ofw, syslinux $args{bootloader} //= ($args{uefi} || $args{postinstall} || $args{ofw}) ? "grub" : "syslinux"; if ($args{uefi}) { diff --git a/tests/_support_server.pm b/tests/_support_server.pm index 60c88ec..075650c 100644 --- a/tests/_support_server.pm +++ b/tests/_support_server.pm @@ -7,6 +7,11 @@ use tapnet; sub run { my $self=shift; + # TEST TEST TEST + script_run "ip addr"; + script_run "ping -c 1 8.8.8.8"; + script_run "journalctl -b --no-pager"; + assert_script_run "ping -c 1 8.8.8.8"; ## DNS / DHCP (dnsmasq) # create config assert_script_run "printf 'domain=domain.local\ndhcp-range=10.0.2.112,10.0.2.199\ndhcp-option=option:router,10.0.2.2' > /etc/dnsmasq.conf"; diff --git a/tests/server_cockpit_basic.pm b/tests/server_cockpit_basic.pm index a725057..9e4b5e7 100644 --- a/tests/server_cockpit_basic.pm +++ b/tests/server_cockpit_basic.pm @@ -5,6 +5,8 @@ use utils; sub run { my $self=shift; + # HACK HACK HACK + assert_script_run "setenforce 0"; # run firefox and login to cockpit start_cockpit(1); # go to the logs screen diff --git a/tests/server_cockpit_default.pm b/tests/server_cockpit_default.pm index 8e47d68..db6d631 100644 --- a/tests/server_cockpit_default.pm +++ b/tests/server_cockpit_default.pm @@ -5,6 +5,8 @@ use utils; sub run { my $self = shift; + # HACK HACK HACK + assert_script_run "setenforce 0"; # check cockpit appears to be enabled and running and firewall is setup assert_script_run 'systemctl is-enabled cockpit.socket'; assert_script_run 'systemctl is-active cockpit.socket'; basically it's just causing SELinux to be set to permissive mode for quite a lot of the tests, the idea being to collect *all* the AVCs we encounter in those tests (whereas in enforcing mode, we only get as far as the *first* AVC that causes the test to fail). Oh, and that stuff in _support_server was where I started trying to diagnose the network problem on ppc64 last night... -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net _______________________________________________ qa-devel mailing list -- qa-devel@lists.fedoraproject.org To unsubscribe send an email to qa-devel-le...@lists.fedoraproject.org