commit: e9208fa931e35d9cb9ef21ebca08149b9c165e4e
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Wed Mar 2 20:51:20 2016 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Wed Mar 2 20:51:20 2016 +0000
URL: https://gitweb.gentoo.org/proj/releng.git/commit/?id=e9208fa9
tools-hardened: add test scripts for systemd stages
tools-hardened/common.sh | 61 ++++++++++++++++++++++++++++++++++
tools-hardened/run-systemd.sh | 49 +++++++++++++++++++++++++++
tools-hardened/stage-all.conf.template | 7 ++++
3 files changed, 117 insertions(+)
diff --git a/tools-hardened/common.sh b/tools-hardened/common.sh
new file mode 100644
index 0000000..9a0a03a
--- /dev/null
+++ b/tools-hardened/common.sh
@@ -0,0 +1,61 @@
+#!/bin/bash
+
+source /etc/catalyst/catalyst.conf
+
+mydate=`date +%Y%m%d`
+
+
+undo_grsec() {
+ [[ -d /proc/sys/kernel/grsecurity ]] || return
+ for i in /proc/sys/kernel/grsecurity/chroot_* ; do
+ echo 0 > $i
+ done
+}
+
+
+banner() {
+cat << EOF | tee -a zzz.log > stage$1-$2-systemd.log
+
+************************************************************************
+* stage$1-$2-systemd
+************************************************************************"
+
+EOF
+}
+
+
+do_stages() {
+ local arch=$1
+
+ for s in 1 2 3; do
+ local tgpath="${storedir}/builds/systemd/${arch}"
+ local target="stage${s}-${arch}-systemd-${mydate}.tar.bz2"
+ local tglink="stage${s}-${arch}-systemd.tar.bz2"
+
+ if [[ ! -f "${tgpath}/${tglink}" ]]; then
+ touch stage${s}-${arch}-systemd.log
+ echo "!!! ${tglink} at ${tgpath} doesn't exist" \
+ | tee -a zzz.log \
+ > stage${s}-${arch}-systemd.err
+ return 1
+ fi
+
+ banner ${s} ${arch}
+ catalyst -f stage${s}-${arch}-systemd.conf \
+ | tee -a zzz.log \
+ > stage${s}-${arch}-systemd.log \
+ 2> stage${s}-${arch}-systemd.err
+
+ if [[ -f "${tgpath}/${target}" ]]; then
+ rm -f "${tgpath}/${tglink}"
+ ln -s ${target} "${tgpath}/${tglink}"
+ else
+ echo "!!! ${target} was not generated" \
+ | tee -a zzz.log \
+ >stage${s}-${arch}-systemd.err
+ return 1
+ fi
+ done
+
+ return 0
+}
diff --git a/tools-hardened/run-systemd.sh b/tools-hardened/run-systemd.sh
new file mode 100644
index 0000000..94c57d1
--- /dev/null
+++ b/tools-hardened/run-systemd.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+source common.sh
+
+prepare_confs() {
+ local arch=$1
+
+ for s in 1 2 3; do
+
+ local cstage=stage${s}
+ local p=$(( s - 1 ))
+ [[ $p == 0 ]] && p=3
+ local pstage=stage${p}
+
+ local parch="${arch}"
+ [[ "${arch}" == "i686" ]] && parch="x86"
+
+ cat stage-all.conf.template | \
+ sed -e "s:\(^version_stamp.*$\):\1-${mydate}:" \
+ -e "s:STAGE:${cstage}:g" \
+ -e "s:SARCH:${arch}:g" \
+ -e "s:PARCH:${parch}:g" \
+ > stage${s}-${arch}-systemd.conf
+ done
+}
+
+
+main() {
+ >zzz.log
+
+ undo_grsec
+
+ catalyst -s current | tee -a zzz.log >snapshot.log 2>snapshot.err
+
+# for arch in amd64 i686; do
+ for arch in amd64; do
+ prepare_confs ${arch}
+ done
+
+ # The parallelization `( do_stages ... ) &` doesn't work here
+ # if catalyst is using snapcache, bug #519656
+# for arch in amd64 i686; do
+ for arch in amd64; do
+ do_stages ${arch}
+ [[ $? == 1 ]] && echo "FAILURE at ${arch}" | tee zzz.log
+ done
+}
+
+main $1 &
diff --git a/tools-hardened/stage-all.conf.template
b/tools-hardened/stage-all.conf.template
new file mode 100644
index 0000000..942ddc7
--- /dev/null
+++ b/tools-hardened/stage-all.conf.template
@@ -0,0 +1,7 @@
+subarch: SARCH
+target: STAGE
+version_stamp: systemd
+rel_type: systemd/SARCH
+profile: default/linux/PARCH/13.0/systemd
+snapshot: current
+source_subpath: systemd/SARCH/STAGE-SARCH-systemd
