From mboxrd@z Thu Jan 1 00:00:00 1970 From: Chris Marusich Subject: Adding a TOR system test - confusing results Date: Sun, 22 Jul 2018 17:14:42 -0700 Message-ID: <87k1pmhkp9.fsf@gmail.com> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:50072) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fhOV4-00079i-Qv for guix-devel@gnu.org; Sun, 22 Jul 2018 20:14:56 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fhOV0-0007Dl-EF for guix-devel@gnu.org; Sun, 22 Jul 2018 20:14:53 -0400 Received: from mail-pg1-x533.google.com ([2607:f8b0:4864:20::533]:42901) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fhOV0-0007CR-1W for guix-devel@gnu.org; Sun, 22 Jul 2018 20:14:50 -0400 Received: by mail-pg1-x533.google.com with SMTP id y4-v6so10912980pgp.9 for ; Sun, 22 Jul 2018 17:14:49 -0700 (PDT) List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hi Guix, In response to a recent email thread [1], I'd like to update our TOR service to allow users to run TOR over a UNIX-domain socket. I discovered that TOR has no system tests, so I decided to start by creating a basic system test to protect against regressions I might accidentally introduce. Unfortunately, the system test I've added behaves mysteriously. It succeeds when I think it obviously should not. Could you please help me understand what's going on? Let's examine the problem. I've attached two patches to this email. They apply cleanly to 889e7fab3c04be98a59b880bf44fbdaa6ddf0a4e. To begin, let's apply the first patch ("Add system tests for the TOR service."). Then run the test: =2D-8<---------------cut here---------------start------------->8--- $ make -j1 check-system TESTS=3Dtor [...] # of expected passes 1 @ build-succeeded /gnu/store/zdh97qnh4b69yr23yp5js16hw9lvjhzm-tor-test.drv - TOTAL: 1 PASS: /gnu/store/c3f0y7jbqi1qw8s63p3jbp5mrwl1bxnc-tor-test =2D-8<---------------cut here---------------end--------------->8--- It passed! Great! Now, let's make sure it also detects failures correctly: Let's break TOR by applying the second patch ("For testing purposes, break the TOR service."). Then run it again: =2D-8<---------------cut here---------------start------------->8--- $ make -j1 check-system TESTS=3Dtor [...] This is the GNU system. Welcome. komputilo login: exec of "/gnu/store/5jhlsv29n6kx76na1kkgfarznrl5kjjg-tor-0= .3.3.9DOES-NOT-EXIST" failed: No such file or directory QEMU runs as PID 4 connected to QEMU's monitor read QEMU monitor prompt connected to guest REPL %%%% Starting test tor (Writing full log to "tor.log") marionette is ready # of expected passes 1 @ build-succeeded /gnu/store/z8q9y8zivsipaq9fdj7yhhcvqgfq8ryl-tor-test.drv - TOTAL: 1 PASS: /gnu/store/r84kh8x3d9ypqi6nl6r9xkqpk9i8jgk2-tor-test [0] [env] marusich@garuda.local:~/guix $=20 =2D-8<---------------cut here---------------end--------------->8--- The test still passes, but I can't figure out why. There is even an error message in there, complaining that we can't exec the path to the TOR program. What is going on? I've already tried rebuilding everything from a clean slate, so that isn't the issue. Any help would be greatly appreciated! Thank you in advance, Footnotes:=20 [1] https://lists.gnu.org/archive/html/help-guix/2018-07/msg00087.html =2D-=20 Chris --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=0001-Add-system-tests-for-the-TOR-service.patch Content-Transfer-Encoding: quoted-printable From=2063f84210927bc45ad0d239b4b92aaf028fa5c5ac Mon Sep 17 00:00:00 2001 From: Chris Marusich Date: Sun, 22 Jul 2018 16:23:53 -0700 Subject: [PATCH 1/2] Add system tests for the TOR service. =2D-- gnu/tests/networking.scm | 55 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 54 insertions(+), 1 deletion(-) diff --git a/gnu/tests/networking.scm b/gnu/tests/networking.scm index 323679e7f..1128e3448 100644 =2D-- a/gnu/tests/networking.scm +++ b/gnu/tests/networking.scm @@ -30,7 +30,7 @@ #:use-module (gnu packages bash) #:use-module (gnu packages networking) #:use-module (gnu services shepherd) =2D #:export (%test-inetd %test-openvswitch %test-dhcpd)) + #:export (%test-inetd %test-openvswitch %test-dhcpd %test-tor)) =20 (define %inetd-os ;; Operating system with 2 inetd services. @@ -339,3 +339,56 @@ subnet 192.168.1.0 netmask 255.255.255.0 { (name "dhcpd") (description "Test a running DHCP daemon configuration.") (value (run-dhcpd-test)))) + + +;;; +;;; Services related to TOR +;;; + +(define %tor-os + (simple-operating-system + (tor-service))) + +(define (run-tor-test) + (define os + (marionette-operating-system %tor-os + #:imported-modules '((gnu services herd))= )) + + (define test + (with-imported-modules '((gnu build marionette)) + #~(begin + (use-modules (gnu build marionette) + (ice-9 popen) + (ice-9 rdelim) + (srfi srfi-64)) + + (define marionette + (make-marionette (list #$(virtual-machine os)))) + + (mkdir #$output) + (chdir #$output) + + (test-begin "tor") + + (test-assert "tor is alive" + (marionette-eval + '(begin + (use-modules (gnu services herd) + (srfi srfi-1)) + (live-service-running + (find (lambda (live) + (memq 'tor + (live-service-provision live))) + (current-services)))) + marionette)) + + (test-end) + (exit (=3D (test-runner-fail-count (test-runner-current)) 0))))) + + (gexp->derivation "tor-test" test)) + +(define %test-tor + (system-test + (name "tor") + (description "Test a running TOR daemon configuration.") + (value (run-tor-test)))) =2D-=20 2.18.0 --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=0002-For-testing-purposes-break-the-TOR-service.patch Content-Transfer-Encoding: quoted-printable From=20f2ac689f2d1cc308eb7b4371130b4b2a5ea1a393 Mon Sep 17 00:00:00 2001 From: Chris Marusich Date: Sun, 22 Jul 2018 16:38:23 -0700 Subject: [PATCH 2/2] For testing purposes, break the TOR service. =2D-- gnu/services/networking.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index d5d0cf9d1..7996aae7e 100644 =2D-- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -657,7 +657,7 @@ HiddenServicePort ~a ~a~%" (gnu system file-systems))) =20 (start #~(make-forkexec-constructor/container =2D (list #$(file-append tor "/bin/tor") "-f" #$to= rrc) + (list #$(file-append tor "DOES-NOT-EXIST") "-f" = #$torrc) =20 #:mappings (list (file-system-mapping (source "/var/lib/tor") =2D-=20 2.18.0 --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEy/WXVcvn5+/vGD+x3UCaFdgiRp0FAltVHfIACgkQ3UCaFdgi Rp2KlRAA0gMVCEp7zV4ODppOO2V59WonS4ENgOB93eVyDAyYRINHlbcL/ejn1J01 cefRFgCA1YjxUWKSO1x+DPpqEy1v1aOqsMvUWn7VvZheNfIXnVZokRVRAABXfq0u m1LIuZatEYSij06YcRtMxXxqEqrn9IdtZ+M0ObinAuzDsLbWZhwuk5wxBc5H2Wno KW+CB9ekahznXNE73GxpJdaZb1p0mZQmqPshu86xs+3JcJRDlMliLAPKNF38AcSK X6VA1/mlUOn6nBnjK1Vfh7oOokahhqVUorgaWsh4th8jXTmr71QZ3ifN1TPbv0dz weddU3NCLz4/c4YJr6b2aUxchoDYzbtaNOg9k6j7eaxiBKXHE+Y60vsOo1QpXQPm HPs9E1S9Vfmwfn2gVHU84pOwABIBN1yMTsk7PVfH83maWD2QJItzVModwyspvN9E jhZfHOeOqUIzS3D8IM3suANUb7akGXnszywLznxaI6fPy0PQMeKD61SJCpr+X6x5 qF7EOEi59gF3GyhvFoGkchiRfJLbRcpiodfM1p9QStXQRlVR+KsnTg56NWcNKxaS NFUgJi0TVi8A8mYfWhBnhKIu7u8a7FRXAaDtSDCXoQNuo2bhSyggmA4Y6aMjk33S CmWnKSJ6ifTzkRze8fiAgtyjx4m+0u1Yvgd2dI+DFfCAoTrpINI= =UiQP -----END PGP SIGNATURE----- --==-=-=--