xref: /netbsd-src/external/mpl/bind/dist/bin/tests/system/runtime/tests.sh (revision 4439cfd0acf9c7dc90625e5cd83b2317a9ab8967) 
1#!/bin/sh
2
3# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
4#
5# SPDX-License-Identifier: MPL-2.0
6#
7# This Source Code Form is subject to the terms of the Mozilla Public
8# License, v. 2.0.  If a copy of the MPL was not distributed with this
9# file, you can obtain one at https://mozilla.org/MPL/2.0/.
10#
11# See the COPYRIGHT file distributed with this work for additional
12# information regarding copyright ownership.
13
14set -e
15
16# shellcheck source=conf.sh
17. ../conf.sh
18
19RNDCCMD="$RNDC -c ../_common/rndc.conf -p ${CONTROLPORT} -s"
20NAMED_DEFAULT_ARGS="-m record -d 99 -g -U 4"
21
22kill_named() {
23  pidfile="${1}"
24  if [ ! -r "${pidfile}" ]; then
25    return 1
26  fi
27
28  pid=$(cat "${pidfile}" 2>/dev/null)
29  if [ "${pid:+set}" = "set" ]; then
30    kill -15 "${pid}" >/dev/null 2>&1
31    retries=10
32    while [ "$retries" -gt 0 ]; do
33      if ! kill -0 "${pid}" >/dev/null 2>&1; then
34        break
35      fi
36      sleep 1
37      retries=$((retries - 1))
38    done
39    # Timed-out
40    if [ "$retries" -eq 0 ]; then
41      echo_i "failed to kill named ($pidfile)"
42      return 1
43    fi
44  fi
45  rm -f "${pidfile}"
46  return 0
47}
48
49check_named_log() {
50  grep "$@" >/dev/null 2>&1
51}
52
53run_named() (
54  dir="$1"
55  shift
56  run="$1"
57  shift
58  if cd "$dir" >/dev/null 2>&1; then
59    "${NAMED}" "$@" ${NAMED_DEFAULT_ARGS} >>"$run" 2>&1 &
60    echo $!
61  fi
62)
63
64check_pid() (
65  return $(! kill -0 "${1}" >/dev/null 2>&1)
66)
67
68status=0
69n=0
70
71n=$((n + 1))
72echo_i "verifying that named started normally ($n)"
73ret=0
74[ -s ns2/named.pid ] || ret=1
75grep "unable to listen on any configured interface" ns2/named.run >/dev/null && ret=1
76grep "another named process" ns2/named.run >/dev/null && ret=1
77if [ $ret -ne 0 ]; then echo_i "failed"; fi
78status=$((status + ret))
79
80n=$((n + 1))
81echo_i "verifying that named checks for conflicting named processes ($n)"
82ret=0
83test -f ns2/named.lock || ret=1
84testpid=$(run_named ns2 named$n.run -c named-alt2.conf -D runtime-ns2-extra-2 -X named.lock)
85test -n "$testpid" || ret=1
86retry_quiet 10 check_named_log "another named process" ns2/named$n.run || ret=1
87test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
88test -n "$testpid" && kill -15 $testpid >kill$n.out 2>&1 && ret=1
89test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
90test -f ns2/named.lock || ret=1
91if [ $ret -ne 0 ]; then echo_i "failed"; fi
92status=$((status + ret))
93
94n=$((n + 1))
95echo_i "verifying that 'lock-file none' disables process check ($n)"
96ret=0
97testpid=$(run_named ns2 named$n.run -c named-alt3.conf -D runtime-ns2-extra-3)
98test -n "$testpid" || ret=1
99retry_quiet 60 check_named_log "running$" ns2/named$n.run || ret=1
100grep "another named process" ns2/named$n.run >/dev/null && ret=1
101kill_named ns2/named-alt3.pid || ret=1
102test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
103if [ $ret -ne 0 ]; then echo_i "failed"; fi
104status=$((status + ret))
105
106n=$((n + 1))
107echo_i "checking that named refuses to reconfigure if working directory is not writable ($n)"
108ret=0
109copy_setports ns2/named-alt4.conf.in ns2/named.conf
110$RNDCCMD 10.53.0.2 reconfig >rndc.out.$n 2>&1 && ret=1
111grep "failed: permission denied" rndc.out.$n >/dev/null 2>&1 || ret=1
112sleep 1
113grep "[^-]directory './nope' is not writable" ns2/named.run >/dev/null 2>&1 || ret=1
114if [ $ret -ne 0 ]; then echo_i "failed"; fi
115status=$((status + ret))
116
117n=$((n + 1))
118echo_i "checking that named refuses to reconfigure if managed-keys-directory is not writable ($n)"
119ret=0
120copy_setports ns2/named-alt5.conf.in ns2/named.conf
121$RNDCCMD 10.53.0.2 reconfig >rndc.out.$n 2>&1 && ret=1
122grep "failed: permission denied" rndc.out.$n >/dev/null 2>&1 || ret=1
123sleep 1
124grep "managed-keys-directory './nope' is not writable" ns2/named.run >/dev/null 2>&1 || ret=1
125if [ $ret -ne 0 ]; then echo_i "failed"; fi
126status=$((status + ret))
127
128n=$((n + 1))
129echo_i "checking that named refuses to reconfigure if new-zones-directory is not writable ($n)"
130ret=0
131copy_setports ns2/named-alt6.conf.in ns2/named.conf
132$RNDCCMD 10.53.0.2 reconfig >rndc.out.$n 2>&1 && ret=1
133grep "failed: permission denied" rndc.out.$n >/dev/null 2>&1 || ret=1
134sleep 1
135grep "new-zones-directory './nope' is not writable" ns2/named.run >/dev/null 2>&1 || ret=1
136if [ $ret -ne 0 ]; then echo_i "failed"; fi
137status=$((status + ret))
138
139n=$((n + 1))
140echo_i "checking that named recovers when configuration file is valid again ($n)"
141ret=0
142copy_setports ns2/named1.conf.in ns2/named.conf
143$RNDCCMD 10.53.0.2 reconfig >rndc.out.$n 2>&1 || ret=1
144[ -s ns2/named.pid ] || ret=1
145kill_named ns2/named.pid || ret=1
146if [ $ret -ne 0 ]; then echo_i "failed"; fi
147status=$((status + ret))
148
149n=$((n + 1))
150echo_i "checking that named refuses to start if working directory is not writable ($n)"
151ret=0
152testpid=$(run_named ns2 named$n.run -c named-alt4.conf -D runtime-ns2-extra-4)
153test -n "$testpid" || ret=1
154retry_quiet 10 check_named_log "exiting (due to fatal error)" ns2/named$n.run || ret=1
155grep "[^-]directory './nope' is not writable" ns2/named$n.run >/dev/null 2>&1 || ret=1
156kill_named ns2/named.pid && ret=1
157test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
158if [ $ret -ne 0 ]; then echo_i "failed"; fi
159status=$((status + ret))
160
161n=$((n + 1))
162echo_i "checking that named refuses to start if managed-keys-directory is not writable ($n)"
163ret=0
164testpid=$(run_named ns2 named$n.run -c named-alt5.conf -D runtime-ns2-extra-5)
165test -n "$testpid" || ret=1
166retry_quiet 10 check_named_log "exiting (due to fatal error)" ns2/named$n.run || ret=1
167grep "managed-keys-directory './nope' is not writable" ns2/named$n.run >/dev/null 2>&1 || ret=1
168kill_named named.pid && ret=1
169test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
170if [ $ret -ne 0 ]; then echo_i "failed"; fi
171status=$((status + ret))
172
173n=$((n + 1))
174echo_i "checking that named refuses to start if new-zones-directory is not writable ($n)"
175ret=0
176testpid=$(run_named ns2 named$n.run -c named-alt6.conf -D runtime-ns2-extra-6)
177test -n "$testpid" || ret=1
178retry_quiet 10 check_named_log "exiting (due to fatal error)" ns2/named$n.run || ret=1
179grep "new-zones-directory './nope' is not writable" ns2/named$n.run >/dev/null 2>&1 || ret=1
180kill_named ns2/named.pid && ret=1
181test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
182if [ $ret -ne 0 ]; then echo_i "failed"; fi
183status=$((status + ret))
184
185n=$((n + 1))
186echo_i "checking that named logs control characters in octal notation ($n)"
187ret=0
188INSTANCE_NAME="runtime-ns2-extra-7-$(cat ctrl-chars)"
189testpid=$(run_named ns2 named$n.run -c named-alt7.conf -D "${INSTANCE_NAME}")
190test -n "$testpid" || ret=1
191retry_quiet 60 check_named_log "running$" ns2/named$n.run || ret=1
192grep 'running as.*\\177\\033' ns2/named$n.run >/dev/null || ret=1
193kill_named ns2/named.pid || ret=1
194test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
195if [ $ret -ne 0 ]; then echo_i "failed"; fi
196status=$((status + ret))
197
198n=$((n + 1))
199echo_i "checking that named escapes special characters in the logs ($n)"
200ret=0
201INSTANCE_NAME="runtime-ns2-extra-8-$;"
202testpid=$(run_named ns2 named$n.run -c named-alt7.conf -D "${INSTANCE_NAME}")
203test -n "$testpid" || ret=1
204retry_quiet 60 check_named_log "running$" ns2/named$n.run || ret=1
205grep 'running as.*\\$\\;' ns2/named$n.run >/dev/null || ret=1
206kill_named ns2/named.pid || ret=1
207test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
208if [ $ret -ne 0 ]; then echo_i "failed"; fi
209status=$((status + ret))
210
211n=$((n + 1))
212echo_i "checking that named logs an ellipsis when the command line is larger than 8k bytes ($n)"
213ret=0
214LONG_CMD_LINE=$(cat long-cmd-line)
215# shellcheck disable=SC2086
216testpid=$(run_named ns2 named$n.run $LONG_CMD_LINE -c "named-alt7.conf")
217test -n "$testpid" || ret=1
218retry_quiet 60 check_named_log "running$" ns2/named$n.run || ret=1
219grep "running as.*\.\.\.$" ns2/named$n.run >/dev/null || ret=1
220kill_named ns2/named.pid || ret=1
221test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
222if [ $ret -ne 0 ]; then echo_i "failed"; fi
223status=$((status + ret))
224
225n=$((n + 1))
226echo_i "checking that named log missing IPv4 primaries in -4 mode ($n)"
227ret=0
228INSTANCE_NAME="missing-primaries-ipv4-only-mode"
229testpid=$(run_named ns2 named$n.run -c named-alt8.conf -D "${INSTANCE_NAME}" -4)
230test -n "$testpid" || ret=1
231retry_quiet 60 check_named_log "running$" ns2/named$n.run || ret=1
232grep "IPv6 disabled and no IPv4 primaries" ns2/named$n.run >/dev/null || ret=1
233kill_named ns2/named.pid || ret=1
234test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
235if [ $ret -ne 0 ]; then echo_i "failed"; fi
236status=$((status + ret))
237
238n=$((n + 1))
239echo_i "checking that named log missing IPv6 primaries in -6 mode ($n)"
240ret=0
241INSTANCE_NAME="missing-primaries-ipv4-only-mode"
242testpid=$(run_named ns2 named$n.run -c named-alt8.conf -D "${INSTANCE_NAME}" -6)
243test -n "$testpid" || ret=1
244retry_quiet 60 check_named_log "running$" ns2/named$n.run || ret=1
245grep "IPv4 disabled and no IPv6 primaries" ns2/named$n.run >/dev/null || ret=1
246kill_named ns2/named.pid || ret=1
247test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
248if [ $ret -ne 0 ]; then echo_i "failed"; fi
249status=$((status + ret))
250
251n=$((n + 1))
252echo_i "verifying that named switches UID ($n)"
253if [ "$(id -u)" -eq 0 ]; then
254  ret=0
255  {
256    TEMP_NAMED_DIR=$(mktemp -d "$(pwd)/ns2/tmp.XXXXXXXX")
257    rc=$?
258  } || true
259  if [ "$rc" -eq 0 ]; then
260    copy_setports ns2/named-alt9.conf.in "${TEMP_NAMED_DIR}/named-alt9.conf"
261    chown -R nobody: "${TEMP_NAMED_DIR}"
262    chmod 0700 "${TEMP_NAMED_DIR}"
263    testpid=$(run_named "${TEMP_NAMED_DIR}" "${TEMP_NAMED_DIR}/named$n.run" -u nobody -c named-alt9.conf)
264    test -n "$testpid" || ret=1
265    retry_quiet 60 check_named_log "running$" "${TEMP_NAMED_DIR}/named$n.run" || ret=1
266    [ -s "${TEMP_NAMED_DIR}/named9.pid" ] || ret=1
267    grep "loading configuration: permission denied" "${TEMP_NAMED_DIR}/named$n.run" >/dev/null && ret=1
268    kill_named "${TEMP_NAMED_DIR}/named9.pid" || ret=1
269    test -n "$testpid" || ret=1
270    test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
271  else
272    echo_i "mktemp failed"
273    ret=1
274  fi
275  if [ $ret -ne 0 ]; then echo_i "failed"; fi
276  status=$((status + ret))
277else
278  echo_i "skipped, not running as root or running on Windows"
279fi
280
281echo_i "exit status: $status"
282[ $status -eq 0 ] || exit 1
283