tools-hardened: add test scripts for systemd stages
This commit is contained in:
parent
ea24197c96
commit
e9208fa931
61
tools-hardened/common.sh
Normal file
61
tools-hardened/common.sh
Normal file
|
@ -0,0 +1,61 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
source /etc/catalyst/catalyst.conf
|
||||||
|
|
||||||
|
mydate=`date +%Y%m%d`
|
||||||
|
|
||||||
|
|
||||||
|
undo_grsec() {
|
||||||
|
[[ -d /proc/sys/kernel/grsecurity ]] || return
|
||||||
|
for i in /proc/sys/kernel/grsecurity/chroot_* ; do
|
||||||
|
echo 0 > $i
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
banner() {
|
||||||
|
cat << EOF | tee -a zzz.log > stage$1-$2-systemd.log
|
||||||
|
|
||||||
|
************************************************************************
|
||||||
|
* stage$1-$2-systemd
|
||||||
|
************************************************************************"
|
||||||
|
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
do_stages() {
|
||||||
|
local arch=$1
|
||||||
|
|
||||||
|
for s in 1 2 3; do
|
||||||
|
local tgpath="${storedir}/builds/systemd/${arch}"
|
||||||
|
local target="stage${s}-${arch}-systemd-${mydate}.tar.bz2"
|
||||||
|
local tglink="stage${s}-${arch}-systemd.tar.bz2"
|
||||||
|
|
||||||
|
if [[ ! -f "${tgpath}/${tglink}" ]]; then
|
||||||
|
touch stage${s}-${arch}-systemd.log
|
||||||
|
echo "!!! ${tglink} at ${tgpath} doesn't exist" \
|
||||||
|
| tee -a zzz.log \
|
||||||
|
> stage${s}-${arch}-systemd.err
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
banner ${s} ${arch}
|
||||||
|
catalyst -f stage${s}-${arch}-systemd.conf \
|
||||||
|
| tee -a zzz.log \
|
||||||
|
> stage${s}-${arch}-systemd.log \
|
||||||
|
2> stage${s}-${arch}-systemd.err
|
||||||
|
|
||||||
|
if [[ -f "${tgpath}/${target}" ]]; then
|
||||||
|
rm -f "${tgpath}/${tglink}"
|
||||||
|
ln -s ${target} "${tgpath}/${tglink}"
|
||||||
|
else
|
||||||
|
echo "!!! ${target} was not generated" \
|
||||||
|
| tee -a zzz.log \
|
||||||
|
>stage${s}-${arch}-systemd.err
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
49
tools-hardened/run-systemd.sh
Normal file
49
tools-hardened/run-systemd.sh
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
source common.sh
|
||||||
|
|
||||||
|
prepare_confs() {
|
||||||
|
local arch=$1
|
||||||
|
|
||||||
|
for s in 1 2 3; do
|
||||||
|
|
||||||
|
local cstage=stage${s}
|
||||||
|
local p=$(( s - 1 ))
|
||||||
|
[[ $p == 0 ]] && p=3
|
||||||
|
local pstage=stage${p}
|
||||||
|
|
||||||
|
local parch="${arch}"
|
||||||
|
[[ "${arch}" == "i686" ]] && parch="x86"
|
||||||
|
|
||||||
|
cat stage-all.conf.template | \
|
||||||
|
sed -e "s:\(^version_stamp.*$\):\1-${mydate}:" \
|
||||||
|
-e "s:STAGE:${cstage}:g" \
|
||||||
|
-e "s:SARCH:${arch}:g" \
|
||||||
|
-e "s:PARCH:${parch}:g" \
|
||||||
|
> stage${s}-${arch}-systemd.conf
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
main() {
|
||||||
|
>zzz.log
|
||||||
|
|
||||||
|
undo_grsec
|
||||||
|
|
||||||
|
catalyst -s current | tee -a zzz.log >snapshot.log 2>snapshot.err
|
||||||
|
|
||||||
|
# for arch in amd64 i686; do
|
||||||
|
for arch in amd64; do
|
||||||
|
prepare_confs ${arch}
|
||||||
|
done
|
||||||
|
|
||||||
|
# The parallelization `( do_stages ... ) &` doesn't work here
|
||||||
|
# if catalyst is using snapcache, bug #519656
|
||||||
|
# for arch in amd64 i686; do
|
||||||
|
for arch in amd64; do
|
||||||
|
do_stages ${arch}
|
||||||
|
[[ $? == 1 ]] && echo "FAILURE at ${arch}" | tee zzz.log
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
main $1 &
|
7
tools-hardened/stage-all.conf.template
Normal file
7
tools-hardened/stage-all.conf.template
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
subarch: SARCH
|
||||||
|
target: STAGE
|
||||||
|
version_stamp: systemd
|
||||||
|
rel_type: systemd/SARCH
|
||||||
|
profile: default/linux/PARCH/13.0/systemd
|
||||||
|
snapshot: current
|
||||||
|
source_subpath: systemd/SARCH/STAGE-SARCH-systemd
|
Loading…
Reference in a new issue