On Fri, 2017-09-08 at 10:46 +0200, Normand wrote:
> Hello Adam,
> I discovered this morning that the openQA running on openqa.stg has some
> hack code (1) but this change is not visible in master or staging branch
> on pagure.
> So I am not able to identify if any other changes are present on the
> machine.
>
> Would it be possible to have a remote read access to the openQA source
> code used by openqa.stg to help for test failure investigation ?
>
> (1)
> https://openqa.stg.fedoraproject.org/tests/156101/modules/server_cockpit_default/steps/1/src
> ===
> sub run {
> my $self = shift;
> # HACK HACK HACK
> assert_script_run "setenforce 0";
> # check cockpit appears to be enabled and running and firewall is
> setup
> assert_script_run 'systemctl is-enabled cockpit.socket';
> ===
Yeah, sorry about that, I tend to monkey patch staging quite often in
cases like this. In theory when we're doing this we're supposed to
commit the changes to the 'staging' branch so others can see what's
going on, I'll try to be better at doing that. The current diff is
quite small:
[root@openqa-stg01 fedora][PROD]# git diff
diff --git a/lib/utils.pm b/lib/utils.pm
index b8e1c00..a49d0ec 100644
--- a/lib/utils.pm
+++ b/lib/utils.pm
@@ -196,6 +196,8 @@ sub do_bootloader {
ofw => get_var("OFW"),
@_
);
+ # HACK HACK HACK
+ $args{params} .= " enforcing=0";
# if not postinstall not UEFI and not ofw, syslinux
$args{bootloader} //= ($args{uefi} || $args{postinstall} || $args{ofw}) ?
"grub" : "syslinux";
if ($args{uefi}) {
diff --git a/tests/_support_server.pm b/tests/_support_server.pm
index 60c88ec..075650c 100644
--- a/tests/_support_server.pm
+++ b/tests/_support_server.pm
@@ -7,6 +7,11 @@ use tapnet;
sub run {
my $self=shift;
+ # TEST TEST TEST
+ script_run "ip addr";
+ script_run "ping -c 1 8.8.8.8";
+ script_run "journalctl -b --no-pager";
+ assert_script_run "ping -c 1 8.8.8.8";
## DNS / DHCP (dnsmasq)
# create config
assert_script_run "printf
'domain=domain.local\ndhcp-range=10.0.2.112,10.0.2.199\ndhcp-option=option:router,10.0.2.2'
> /etc/dnsmasq.conf";
diff --git a/tests/server_cockpit_basic.pm b/tests/server_cockpit_basic.pm
index a725057..9e4b5e7 100644
--- a/tests/server_cockpit_basic.pm
+++ b/tests/server_cockpit_basic.pm
@@ -5,6 +5,8 @@ use utils;
sub run {
my $self=shift;
+ # HACK HACK HACK
+ assert_script_run "setenforce 0";
# run firefox and login to cockpit
start_cockpit(1);
# go to the logs screen
diff --git a/tests/server_cockpit_default.pm b/tests/server_cockpit_default.pm
index 8e47d68..db6d631 100644
--- a/tests/server_cockpit_default.pm
+++ b/tests/server_cockpit_default.pm
@@ -5,6 +5,8 @@ use utils;
sub run {
my $self = shift;
+ # HACK HACK HACK
+ assert_script_run "setenforce 0";
# check cockpit appears to be enabled and running and firewall is setup
assert_script_run 'systemctl is-enabled cockpit.socket';
assert_script_run 'systemctl is-active cockpit.socket';
basically it's just causing SELinux to be set to permissive mode for
quite a lot of the tests, the idea being to collect *all* the AVCs we
encounter in those tests (whereas in enforcing mode, we only get as far
as the *first* AVC that causes the test to fail).
Oh, and that stuff in _support_server was where I started trying to
diagnose the network problem on ppc64 last night...
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net
_______________________________________________
qa-devel mailing list -- qa-devel@lists.fedoraproject.org
To unsubscribe send an email to qa-devel-le...@lists.fedoraproject.org
