Checking EXPORT Block Parameters at Client End #26
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,223 @@ | ||
| #!/bin/sh | ||
| # | ||
| # Environment variables used: | ||
| # - SERVER: hostname or IP-address of the NFS-server | ||
| # - EXPORT: NFS-export to test (should start with "/") | ||
|
|
||
| # enable some more output | ||
| set -x | ||
|
|
||
| [ -n "${SERVER}" ] | ||
| [ -n "${EXPORT}" ] | ||
|
|
||
| if [ "$1" = "client_initialization" ] | ||
| then | ||
| # install build and runtime dependencies | ||
| yum -y install nfs-utils time | ||
|
|
||
| mkdir -p /mnt/ganesha | ||
|
|
||
| mount -t nfs -o vers=3 ${SERVER}:${EXPORT} /mnt/ganesha | ||
|
|
||
| echo "Client Initial Stage --- With All Rights To All Clients ( RO & RW ) " | ||
|
|
||
| cd /mnt/ganesha | ||
|
|
||
| echo "Trying To Write A File" | ||
| echo "Hello World" > testFile.txt | ||
| ret=$? | ||
| if [ $ret -eq 0 ] | ||
| then | ||
| echo "SUCCESS ON WRITING RIGHTS" | ||
| else | ||
| echo "FAILED ON WRITING RIGHTS" | ||
| exit ret | ||
| fi | ||
|
|
||
| echo "Trying To Read A File" | ||
| cat testFile.txt | ||
| ret=$? | ||
| if [ $ret -eq 0 ] | ||
| then | ||
| echo "SUCCESS" | ||
| else | ||
| echo "FAILED ON READING RIGHTS" | ||
| exit ret | ||
| fi | ||
|
|
||
| echo "Trying To Change File Ownership For Checking ROOT Rights" | ||
| sudo chown root testFile.txt | ||
| ret=$? | ||
| if [ $ret -eq 0 ] | ||
| then | ||
| echo "SUCCESS" | ||
| else | ||
| echo "FAILED ON ROOT RIGHTS" | ||
| exit ret | ||
| fi | ||
|
|
||
| cd / && umount /mnt/ganesha | ||
| fi | ||
|
|
||
| if [ "$1" = "client_stage1" ] | ||
| then | ||
| echo "Client Stage 1 --- With Only RO Rights To Clients " | ||
|
|
||
| mount -t nfs ${SERVER}:${EXPORT} /mnt/ganesha | ||
|
|
||
| cd /mnt/ganesha | ||
|
|
||
| echo "Trying To Write A File" | ||
| sed -i '1s/$/ From RedHat/' testFile.txt | ||
| ret=$? | ||
| if [ $ret -eq 0 ] | ||
| then | ||
| echo "FAILURE Since Write Permissions Were Not Blocked To The Client" | ||
| exit ret | ||
| else | ||
| echo "SUCCESS ON WRITE PERMISSIONS FAILURE" | ||
| fi | ||
|
|
||
| echo "Trying To Read A File" | ||
| cat testFile.txt | ||
| ret=$? | ||
| if [ $ret -eq 0 ] | ||
| then | ||
| echo "SUCCESS" | ||
| else | ||
| echo "FAILED ON READING RIGHTS" | ||
| exit ret | ||
| fi | ||
|
|
||
| cd / && umount /mnt/ganesha | ||
| fi | ||
|
|
||
|
|
||
| if [ "$1" = "client_stage2" ] | ||
| then | ||
| echo "Client Stage 2 --- With Only Rights For v3 Mount To Clients " | ||
|
|
||
| echo "Trying To Mount By vers=3" | ||
| mount -t nfs -o vers=3 ${SERVER}:${EXPORT} /mnt/ganesha | ||
| ret=$? | ||
| if [ $ret -eq 0 ] | ||
| then | ||
| echo "SUCCESS ON v3 MOUNT BY CLIENT" | ||
| else | ||
| echo "FAILURE ON v3 MOUNT BY CLIENT" | ||
| exit ret | ||
| fi | ||
|
|
||
| cd / && umount /mnt/ganesha | ||
|
|
||
| echo "Trying To Mount By vers=4.0" | ||
| mount -t nfs -o vers=4.0 ${SERVER}:${EXPORT} /mnt/ganesha | ||
| ret=$? | ||
| if [ $ret -eq 0 ] | ||
| then | ||
| echo "FAILURE Since v4.0 Permissions Were Not Given To The Client" | ||
| exit ret | ||
| else | ||
| echo "SUCCESS ON v4.0 MOUNT FAILURE" | ||
|
There was a problem hiding this comment. This should probably not use the word FAILURE |
||
| fi | ||
|
|
||
| cd / && umount /mnt/ganesha | ||
|
|
||
| echo "Trying To Mount By vers=4.1" | ||
| mount -t nfs -o vers=4.1 ${SERVER}:${EXPORT} /mnt/ganesha | ||
| ret=$? | ||
| if [ $ret -eq 0 ] | ||
| then | ||
| echo "FAILURE Since v4.1 Permissions Were Not Given To The Client" | ||
| exit ret | ||
| else | ||
| echo "SUCCESS ON v4.1 MOUNT FAILURE" | ||
|
There was a problem hiding this comment. This should probably not use the word FAILURE |
||
| fi | ||
|
|
||
| cd / && umount /mnt/ganesha | ||
|
|
||
| fi | ||
|
|
||
| if [ "$1" = "client_stage3" ] | ||
| then | ||
| echo "Client Stage 3 --- With Only Rights For v4.0 & v4.1 Mount To This Client " | ||
|
|
||
| echo "Trying To Mount By vers=3" | ||
| mount -t nfs -o vers=3 ${SERVER}:${EXPORT} /mnt/ganesha | ||
| ret=$? | ||
| if [ $ret -eq 0 ] | ||
| then | ||
| echo "FAILURE Since v3 Permissions Were Not Given To The Client" | ||
| exit ret | ||
| else | ||
| echo "SUCCESS ON v3 MOUNT FAILURE" | ||
|
There was a problem hiding this comment. This should probably not use the word FAILURE |
||
| fi | ||
|
|
||
| cd / && umount /mnt/ganesha | ||
|
|
||
| echo "Trying To Mount By vers=4.0 using normal path and not the pseudo path" | ||
| mount -t nfs -o vers=4.0 ${SERVER}:${EXPORT} /mnt/ganesha | ||
| ret=$? | ||
| if [ $ret -eq 0 ] | ||
| then | ||
| echo "FAILURE Since v4 Mounts Are To Use Pseudo Paths" | ||
| exit ret | ||
| else | ||
| echo "SUCCESS ON v4.0 MOUNT FAILURE DUE TO NOT USING PSEUDO PATH" | ||
|
There was a problem hiding this comment. This should probably not use the word FAILURE |
||
| fi | ||
|
|
||
| echo "Trying To Mount By vers=4.0" | ||
| mount -t nfs -o vers=4.0 ${SERVER}:/ppath /mnt/ganesha | ||
| ret=$? | ||
| if [ $ret -eq 0 ] | ||
| then | ||
| echo "SUCCESS ON v4.0 MOUNT BY CLIENT" | ||
| else | ||
| echo "FAILURE ON v4.0 MOUNT BY CLIENT" | ||
| exit ret | ||
| fi | ||
|
|
||
| cd / && umount /mnt/ganesha | ||
|
|
||
| echo "Trying To Mount By vers=4.1" | ||
| mount -t nfs -o vers=4.1 ${SERVER}:/ppath /mnt/ganesha | ||
| ret=$? | ||
| if [ $ret -eq 0 ] | ||
| then | ||
| echo "SUCCESS ON v4.1 MOUNT BY CLIENT" | ||
| else | ||
| echo "FAILURE ON v4.1 MOUNT BY CLIENT" | ||
| exit ret | ||
| fi | ||
|
|
||
| cd / && umount /mnt/ganesha | ||
|
|
||
| fi | ||
|
|
||
|
|
||
| if [ "$1" = "client_stage4" ] | ||
| then | ||
| echo "Client Stage 4 --- With Squashed Root Mount To Clients " | ||
|
|
||
| mount -t nfs ${SERVER}:${EXPORT} /mnt/ganesha | ||
|
|
||
| echo "Trying To Change Ownership Of The File testFile.txt in the mount" | ||
| sudo chown root /mnt/ganesha/testFile.txt | ||
|
|
||
| ret=$? | ||
| if [ $ret -eq 0 ] | ||
| then | ||
| echo "FAILURE Since Root Permissions Were Not Given To The Client" | ||
| exit ret | ||
| else | ||
| echo "SUCCESS ON chown Permission Denied" | ||
| fi | ||
|
|
||
| cd / && umount /mnt/ganesha | ||
|
|
||
| fi | ||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,148 @@ | ||
| # | ||
| # from: https://raw.githubusercontent.com/kbsingh/centos-ci-scripts/master/build_python_script.py | ||
| # | ||
| # This script uses the Duffy node management api to get fresh machines to run | ||
| # your CI tests on. Once allocated you will be able to ssh into that machine | ||
| # as the root user and setup the environ | ||
| # | ||
| # XXX: You need to add your own api key below, and also set the right cmd= line | ||
| # needed to run the tests | ||
| # | ||
| # Please note, this is a basic script, there is no error handling and there are | ||
| # no real tests for any exceptions. Patches welcome! | ||
|
|
||
| import json, urllib, subprocess, sys, os, time | ||
|
|
||
| url_base="http://admin.ci.centos.org:8080" | ||
| ver=os.getenv("CENTOS_VERSION") | ||
| arch=os.getenv("CENTOS_ARCH") | ||
| count=2 | ||
| server_script=os.getenv("SERVER_TEST_SCRIPT") | ||
| client_script=os.getenv("CLIENT_TEST_SCRIPT") | ||
|
|
||
| # delay for 5 minutes (duffy timeout for rate limiting) | ||
| retry_delay=300 | ||
| # retry maximum 3 hours, that is 3 x 60 x 60 seconds | ||
| max_retries=((3 * 60 * 60) / retry_delay) | ||
|
|
||
| # read the API key for Duffy from the ~/duffy.key file | ||
| fo=open("/home/nfs-ganesha/duffy.key") | ||
| api=fo.read().strip() | ||
| fo.close() | ||
|
|
||
| # build the URL to request the system(s) | ||
| get_nodes_url="%s/Node/get?key=%s&ver=%s&arch=%s&count=%s" % (url_base,api,ver,arch,count) | ||
|
|
||
| # request the system(s) | ||
| retries=0 | ||
| while retries < max_retries: | ||
| try: | ||
| dat=urllib.urlopen(get_nodes_url).read() | ||
| b=json.loads(dat) | ||
| # all is fine, break out of the loop | ||
| break | ||
| except ValueError, ve: | ||
| print("Failed to parse Duffy response: %s" % (dat)) | ||
| except Error, e: | ||
| print("An unexpected error occured: %s" % (e)) | ||
|
|
||
| retries+=1 | ||
| print("Waiting %d seconds before retrying #%d..." % (retry_delay, retries)) | ||
| time.sleep(retry_delay) | ||
|
|
||
|
|
||
| # NFS-Ganesha Server (parameters need double escape, passed on ssh commandline) | ||
| server_env="export GERRIT_HOST='%s'" % os.getenv("GERRIT_HOST") | ||
| server_env+=" GERRIT_PROJECT='%s'" % os.getenv("GERRIT_PROJECT") | ||
| server_env+=" GERRIT_REFSPEC='%s'" % os.getenv("GERRIT_REFSPEC") | ||
| server_env+=" YUM_REPO='%s'" % os.getenv("YUM_REPO", "") | ||
| server_env+=" GLUSTER_VOLUME='%s'" % os.getenv("EXPORT") | ||
| server_env+=" ENABLE_ACL='%s'" % os.getenv("ENABLE_ACL", "") | ||
| server_env+=" CLIENT='%s'" % b['hosts'][1] | ||
|
|
||
| # add the export with environment to ~/.bashrc | ||
| cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s ' | ||
| tee -a ~/.bashrc' <<< "%s" | ||
| """ % (b['hosts'][0], server_env) | ||
| subprocess.call(cmd, shell=True) | ||
|
|
||
| cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s ' | ||
| yum -y install curl && | ||
| curl -o server_script.sh %s && | ||
| bash server_script.sh server_initialization | ||
| '""" % (b['hosts'][0], server_script) | ||
| rtn_code=subprocess.call(cmd, shell=True) | ||
|
|
||
| # check rtn_code and skip client part after failure | ||
| if rtn_code == 0: | ||
| # NFS-Client (parameters need double escape, passed on ssh commandline) | ||
| client_env="export SERVER='%s'" % b['hosts'][0] | ||
| client_env+=" EXPORT='/%s'" % os.getenv("EXPORT") | ||
| client_env+=" TEST_PARAMETERS='%s'" % os.getenv("TEST_PARAMETERS", "") | ||
|
|
||
| # add the export with environment to ~/.bashrc | ||
| cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s ' | ||
| tee -a ~/.bashrc' <<< "%s" | ||
| """ % (b['hosts'][1], client_env) | ||
| subprocess.call(cmd, shell=True) | ||
|
|
||
| client_script = client_script.strip(" ") | ||
| if client_script.endswith(".py"): | ||
| interpreter_to_run = "python" | ||
| elif client_script.endswith(".sh"): | ||
| interpreter_to_run = "bash" | ||
|
|
||
| cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s ' | ||
| curl -o client_script %s && | ||
| %s client_script client_initialization | ||
| '""" % (b['hosts'][1], client_script, interpreter_to_run) | ||
| rtn_code=subprocess.call(cmd, shell=True) | ||
|
|
||
|
|
||
| cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s ' | ||
| bash server_script.sh server_stage1 | ||
| '""" % (b['hosts'][0]) | ||
| rtn_code=subprocess.call(cmd, shell=True) | ||
|
|
||
|
|
||
| cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s ' | ||
| %s client_script client_stage1 | ||
| '""" % (b['hosts'][1], interpreter_to_run) | ||
| rtn_code=subprocess.call(cmd, shell=True) | ||
|
|
||
| cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s ' | ||
| bash server_script.sh server_stage2 | ||
| '""" % (b['hosts'][0]) | ||
| rtn_code=subprocess.call(cmd, shell=True) | ||
|
|
||
| cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s ' | ||
| %s client_script client_stage2 | ||
| '""" % (b['hosts'][1], interpreter_to_run) | ||
| rtn_code=subprocess.call(cmd, shell=True) | ||
|
|
||
| cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s ' | ||
| bash server_script.sh server_stage3 | ||
| '""" % (b['hosts'][0]) | ||
| rtn_code=subprocess.call(cmd, shell=True) | ||
|
|
||
| cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s ' | ||
| %s client_script client_stage3 | ||
| '""" % (b['hosts'][1], interpreter_to_run) | ||
| rtn_code=subprocess.call(cmd, shell=True) | ||
|
|
||
| cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s ' | ||
| bash server_script.sh server_stage4 | ||
| '""" % (b['hosts'][0]) | ||
| rtn_code=subprocess.call(cmd, shell=True) | ||
|
|
||
| cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s ' | ||
| %s client_script client_stage4 | ||
| '""" % (b['hosts'][1], interpreter_to_run) | ||
| rtn_code=subprocess.call(cmd, shell=True) | ||
|
|
||
|
|
||
| # return the system(s) to duffy | ||
| done_nodes_url="%s/Node/done?key=%s&ssid=%s" % (url_base, api, b['ssid']) | ||
| das=urllib.urlopen(done_nodes_url).read() | ||
|
|
||
| sys.exit(rtn_code) |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should probably not include the word "FAILURE"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@dang
What I meant here is ... The expected output is that the write permissions should fail ....
Should I give a better wording like ... "SUCCESS ON WRITE PERMS DECLINED" ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That would be fine, yes. It's just that people (and CI frameworks) frequently look for FAIL and FAILURE in output, so see if a test failed. In this case, it is succeeding, so it shouldn't use the word FAIL. Anything else (like DECLINED) is fine.