Difference between revisions of "EMI gLExec release test plan and report"
From PDP/Grid Wiki
Jump to navigationJump to search(14 intermediate revisions by 2 users not shown) | |||
Line 247: | Line 247: | ||
DESCRIPTION: glexec fails with a misleading error message if the configuration cannot be read | DESCRIPTION: glexec fails with a misleading error message if the configuration cannot be read | ||
− | REPRODUCE: install glexec in setuid mode | + | REPRODUCE: install glexec in setuid mode |
+ | -r-sr-sr-s root.glexec /usr/sbin/glexec | ||
+ | and the config file as | ||
+ | -r--r----- root.root /etc/glexec.conf | ||
CHECK: Error message | CHECK: Error message | ||
− | FAILED: Get | + | FAILED: Get |
+ | [gLExec]: The user, uid=502(tester), is not whitelisted. The calling user account is not privileged to execute and use gLExec. | ||
− | PASSED: [gLExec]: User tester (uid=502) is not whitelisted, i.e. may not invoke gLExec. | + | PASSED: |
− | If this is unexpected, ask the sysadmin to check the syslog and the | + | [gLExec]: User tester (uid=502) is not whitelisted, i.e. may not invoke gLExec. |
− | permissions of the config file. | + | If this is unexpected, ask the sysadmin to check the syslog and the |
+ | permissions of the config file. | ||
==== Savannah: https://savannah.cern.ch/bugs/?77767 ==== | ==== Savannah: https://savannah.cern.ch/bugs/?77767 ==== | ||
Line 267: | Line 272: | ||
PASSED: GLEXEC_LOCATION available and set | PASSED: GLEXEC_LOCATION available and set | ||
− | |||
==== Savannah: https://savannah.cern.ch/bugs/?82714 ==== | ==== Savannah: https://savannah.cern.ch/bugs/?82714 ==== | ||
Line 273: | Line 277: | ||
REPRODUCE: | REPRODUCE: | ||
− | + | * install and configure yaim-glexec-wn | |
− | + | * configure site-info.def to use ARGUS: set in <tt>siteinfo/services/glite-glexec_wn</tt> | |
GLEXEC_WN_ARGUS_ENABLED=yes | GLEXEC_WN_ARGUS_ENABLED=yes | ||
− | + | * run YAIM | |
− | + | ||
− | CHECK: contents of /etc/glexec.conf | + | CHECK: contents of <tt>/etc/glexec.conf</tt> |
− | FAILED: configuration file contains use_lcas = yes | + | FAILED: configuration file contains <tt>use_lcas = yes</tt> |
− | PASSED: configuration file must contain use_lcas = no (default is to use LCAS). | + | PASSED: configuration file must contain <tt>use_lcas = no</tt> (default is to use LCAS). |
==== Savannah: https://savannah.cern.ch/bugs/?86453 ==== | ==== Savannah: https://savannah.cern.ch/bugs/?86453 ==== | ||
Line 296: | Line 300: | ||
---s--x--x 1 root root 147456 Apr 3 02:59 /usr/sbin/glexec | ---s--x--x 1 root root 147456 Apr 3 02:59 /usr/sbin/glexec | ||
− | https://savannah.cern.ch/bugs/?88318 | + | ==== Savannah: https://savannah.cern.ch/bugs/?88318 ==== |
− | + | DESCRIPTION: LCMAPS excessive logging (2) | |
+ | |||
REPRODUCE: Normal installation with LCMAPS =<1.4.x, log with gLExec to Syslog, configure to log LOG_INFO | REPRODUCE: Normal installation with LCMAPS =<1.4.x, log with gLExec to Syslog, configure to log LOG_INFO | ||
+ | |||
CHECK: Amount of log lines | CHECK: Amount of log lines | ||
+ | |||
FAILED: More then O(10) log lines | FAILED: More then O(10) log lines | ||
+ | |||
PASSED: Less then O(10) log lines, provided that you didn�t configure all kinds of plug-ins that each failed to signify a false-positive | PASSED: Less then O(10) log lines, provided that you didn�t configure all kinds of plug-ins that each failed to signify a false-positive | ||
− | https://savannah.cern.ch/bugs/?89773 | + | ==== Savannah: https://savannah.cern.ch/bugs/?89773 ==== |
− | + | REFERENCES: | |
− | + | https://rt.egi.eu/rt/Ticket/Display.html?id=1474 | |
− | + | https://rt.egi.eu/rt/Ticket/Display.html?id=1475 | |
− | + | https://rt.egi.eu/rt/Ticket/Display.html?id=1476 | |
− | + | https://rt.egi.eu/rt/Ticket/Display.html?id=1641 | |
+ | Mirror bug for gLExec | ||
+ | |||
+ | ==== Savannah: https://savannah.cern.ch/bugs/?89792 ==== | ||
+ | DESCRIPTION: YAIM-gLExec-wn should let gLExec do the userswitch | ||
− | |||
− | |||
REPRODUCE: Run YAIM to observe the configuration in the glexec.conf and lcmaps.db | REPRODUCE: Run YAIM to observe the configuration in the glexec.conf and lcmaps.db | ||
− | CHECK: Check if the posix_enf plugin is NOT configured in the lcmaps.db and that the glexec.conf has the configuration: user_identity_switch_by = {glexec,lcmaps} to use �glexec� as the �switch by� setting. | + | |
+ | CHECK: Check if the posix_enf plugin is NOT configured in the lcmaps.db and that the glexec.conf has the configuration: user_identity_switch_by = {glexec,lcmaps} to use �glexec� as the �switch by� setting or has no setting at all (default is switch by glexec). | ||
+ | |||
FAILED: If the configuration in the glexec.conf or lcmaps.db does not reflect a working �user_identity_switch_by = glexec� configuration | FAILED: If the configuration in the glexec.conf or lcmaps.db does not reflect a working �user_identity_switch_by = glexec� configuration | ||
+ | |||
PASSED: On successful switch by glexec | PASSED: On successful switch by glexec | ||
− | https://savannah.cern.ch/bugs/?91835 | + | ==== Savannah: https://savannah.cern.ch/bugs/?91835 ==== |
− | + | REFERENCES: | |
− | + | https://savannah.cern.ch/bugs/index.php?72377 | |
− | + | https://savannah.cern.ch/bugs/index.php?72378 | |
− | + | https://rt.egi.eu/rt/Ticket/Display.html?id=465 | |
− | + | https://rt.egi.eu/rt/Ticket/Display.html?id=466 | |
+ | Mirror bug for gLExec | ||
+ | |||
+ | ==== Savannah: https://savannah.cern.ch/bugs/?91836 ==== | ||
+ | DESCRIPTION: Signal handling in gLExec 0.9.0 can hang up gLExec | ||
− | |||
− | |||
REPRODUCE: run glexec and flood it with signals after a very small delay, such that it traps signals e.g. during a syslog call. E.g. run several times: | REPRODUCE: run glexec and flood it with signals after a very small delay, such that it traps signals e.g. during a syslog call. E.g. run several times: | ||
+ | <pre> | ||
#!/bin/bash | #!/bin/bash | ||
export GLEXEC_CLIENT_CERT=/tmp/x509up_u`id -u` | export GLEXEC_CLIENT_CERT=/tmp/x509up_u`id -u` | ||
Line 334: | Line 350: | ||
ps -fp $pid | ps -fp $pid | ||
for ((i=1; i<100; i++));do | for ((i=1; i<100; i++));do | ||
− | + | s=$((i%64+1)) | |
− | + | ((s==9 || s==19 || s==32 || s==33)) && s=11 | |
− | + | kill -$s $pid | |
done | done | ||
+ | </pre> | ||
+ | |||
CHECK: gLExec does not hang up, even after many times. | CHECK: gLExec does not hang up, even after many times. | ||
− | FAIL: gLExec locks up and can only be killed with a kill -9, an strace will show gLExec hangs | + | |
+ | FAIL: gLExec locks up and can only be killed with a kill -9, an strace will show gLExec hangs in a lock. | ||
+ | |||
PASSED: gLExec will get interrupted or killed in a clean way. | PASSED: gLExec will get interrupted or killed in a clean way. | ||
− | https://savannah.cern.ch/bugs/?91963 | + | ==== Savannah: https://savannah.cern.ch/bugs/?91963 ==== |
− | + | DESCRIPTION: gLExec should check whether stdin/stdout/stderr exists | |
+ | |||
REPRODUCE: run in non-setuid mode: | REPRODUCE: run in non-setuid mode: | ||
− | /usr/sbin/glexec /bin/sleep 60 1>&- 2>&- 0<&- | + | /usr/sbin/glexec /bin/sleep 60 1>&- 2>&- 0<&- |
+ | |||
CHECK: run: | CHECK: run: | ||
− | ls -l /proc/`ps -o pid= -C glexec`/fd/[012] | + | ls -l /proc/`ps -o pid= -C glexec`/fd/[012] |
+ | |||
FAILED: e.g. filedescriptor 2 is missing, and filedescriptors 0 and 1 point to a socket (from syslog) | FAILED: e.g. filedescriptor 2 is missing, and filedescriptors 0 and 1 point to a socket (from syslog) | ||
+ | |||
PASSED: filedescriptors 0-2 point to /dev/null | PASSED: filedescriptors 0-2 point to /dev/null | ||
− | https://savannah.cern.ch/bugs/?92667 | + | ==== Savannah: https://savannah.cern.ch/bugs/?92667 ==== |
− | + | DESCRIPTION: gLExec 0.9.3 segfaults when preserve_env_variables is used in config | |
+ | |||
REMARKS: Bug is cross-platform, but segfault occurs on SL6 | REMARKS: Bug is cross-platform, but segfault occurs on SL6 | ||
+ | |||
REPRODUCE: install glexec-0.9.3 on RH6 system and add preserve_env_variables = anything to the /etc/glexec.conf, then run /usr/sbin/glexec /usr/bin/id | REPRODUCE: install glexec-0.9.3 on RH6 system and add preserve_env_variables = anything to the /etc/glexec.conf, then run /usr/sbin/glexec /usr/bin/id | ||
+ | |||
CHECK: with preserve_env_variables there should be no problem in running glexec | CHECK: with preserve_env_variables there should be no problem in running glexec | ||
− | |||
− | |||
− | https://savannah.cern.ch/bugs/?92812 | + | FAILED: |
− | + | [gLExec]: Premature exit due to signal, signal: 11 | |
+ | |||
+ | PASSED: no error message, normal execution. | ||
+ | |||
+ | ==== Savannah: https://savannah.cern.ch/bugs/?92812 ==== | ||
+ | DESCRIPTION: LCMAPS without GSI SIGABORTs in StoRM EMI 2 RC3 | ||
+ | |||
REPRODUCE: install lcmaps version 1.5.2 (EMI RC 3) | REPRODUCE: install lcmaps version 1.5.2 (EMI RC 3) | ||
+ | |||
CHECK: run llrun using the without GSI interface. | CHECK: run llrun using the without GSI interface. | ||
+ | |||
PASSED: On successful llrun | PASSED: On successful llrun | ||
+ | |||
FAILED: On segmentation fault or abort based on an invalid free. | FAILED: On segmentation fault or abort based on an invalid free. | ||
+ | |||
REMARKS: The 1.5.3 version and newer of LCMAPS fixes the problem observed here | REMARKS: The 1.5.3 version and newer of LCMAPS fixes the problem observed here | ||
− | https://savannah.cern.ch/bugs/?92818 | + | ==== Savannah: https://savannah.cern.ch/bugs/?92818 ==== |
− | + | DESCRIPTION: glite_wms_wmproxy_server crashes with a SEGV when using the LCMAPS 1.5.2 | |
+ | |||
REPRODUCE: install lcmaps version 1.5.2 (EMI RC 3) | REPRODUCE: install lcmaps version 1.5.2 (EMI RC 3) | ||
+ | |||
CHECK: run llrun using the without GSI interface. | CHECK: run llrun using the without GSI interface. | ||
+ | |||
PASSED: On successful llrun | PASSED: On successful llrun | ||
+ | |||
FAILED: On segmentation fault or abort based on an invalid free. | FAILED: On segmentation fault or abort based on an invalid free. | ||
+ | |||
REMARKS: The 1.5.3 version and newer of LCMAPS fixes the problem observed here | REMARKS: The 1.5.3 version and newer of LCMAPS fixes the problem observed here | ||
+ | |||
REMARKS: Similar to Savannah bug 92812 | REMARKS: Similar to Savannah bug 92812 | ||
− | https://savannah.cern.ch/bugs/?93187 | + | ==== Savannah: https://savannah.cern.ch/bugs/?93187 ==== |
− | + | DESCRIPTION: glexec-configure script contains some errors | |
+ | |||
+ | REPRODUCE: run | ||
+ | /usr/sbin/glexec-configure -o /tmp/glexec.conf -d /tmp/lcmaps.db argus argus.testbed | ||
+ | |||
+ | CHECK: the contents of /tmp/glexec.conf and /tmp/lcmaps.db | ||
+ | |||
+ | FAIL: e.g. endpoint line in pepc entry is missing a " at the end of the line | ||
+ | |||
+ | PASS: glexec-configure produces valid, working glexec.conf and lcmaps.db files | ||
+ | |||
+ | ==== Savannah: https://savannah.cern.ch/bugs/?93190 ==== | ||
+ | DESCRIPTION: LCMAPS gives misleading error when PDL parsing fails | ||
− | |||
− | |||
REPRODUCE: Remove an �-character from the lcmaps.db file | REPRODUCE: Remove an �-character from the lcmaps.db file | ||
+ | |||
CHECK: Error message from LCMAPS | CHECK: Error message from LCMAPS | ||
+ | |||
PASSED: Error message flags it as a parse error | PASSED: Error message flags it as a parse error | ||
+ | |||
FAILED: Error message flags it as an out of memory error | FAILED: Error message flags it as an out of memory error | ||
− | https://savannah.cern.ch/bugs/?93248 | + | ==== Savannah: https://savannah.cern.ch/bugs/?93248 ==== |
− | + | DESCRIPTION: gLExec in non-linger mode does not set umask() correctly. | |
+ | |||
REPRODUCE: Install glexec version 0.9.5 and disable linger mode (linger=no) | REPRODUCE: Install glexec version 0.9.5 and disable linger mode (linger=no) | ||
+ | |||
CHECK: | CHECK: | ||
− | umask 0123; /tmp/dummy/usr/sbin/glexec /bin/bash -c umask | + | umask 0123; /tmp/dummy/usr/sbin/glexec /bin/bash -c umask |
+ | |||
PASSED: output should be 0123 | PASSED: output should be 0123 | ||
+ | |||
FAILED: output is 0077 (internal umask setting for glexec) | FAILED: output is 0077 (internal umask setting for glexec) | ||
+ | |||
+ | ==== Savannah: https://savannah.cern.ch/bugs/?101238 ==== | ||
+ | DESCRIPTION: mkgltempdir -t option does not work | ||
+ | |||
+ | REPRODUCE: | ||
+ | export X509_USER_PROXY=<location of valid proxy> | ||
+ | export GLEXEC_CLIENT_CERT=$X509_USER_PROXY | ||
+ | gldir=`/usr/sbin/mkgltempdir -t 404` && ls -ld $gldir && /usr/sbin/mkgltempdir -r $gldir | ||
+ | |||
+ | PASSED: lists directory with permissions dr-----r-- | ||
+ | |||
+ | FAILED: gives error messages starting with /bin/chmod: cannot access `<directory name>': Permission denied |