From: muradm <mail@muradm.net>
To: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Cc: 56608@debbugs.gnu.org
Subject: [bug#56608] [PATCH v2 2/2] gnu: tests: Add fail2ban tests.
Date: Tue, 23 Aug 2022 21:51:57 +0300 [thread overview]
Message-ID: <87r116ybj4.fsf@muradm.net> (raw)
In-Reply-To: <87edx8gkhm.fsf@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 4044 bytes --]
Hi,
Squashed patch will come later on.
Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:
> Hi,
>
> muradm <mail@muradm.net> writes:
>
> [...]
>
>> --- /dev/null
>> +++ b/gnu/tests/security.scm
>
> I'd keep the tests with the introductory commit (squashed in
> preceding
> one).
>
Done.
[...]
>> +(define (run-fail2ban-basic-test)
>> +
>> + (define os
>> + (marionette-operating-system
>> + (simple-operating-system
>> + (service fail2ban-service-type))
>> + #:imported-modules '((gnu services herd)
>> + (guix combinators))))
> ^ (guix combinators) seems unused
>
Done including other places.
>> + (define vm
>> + (virtual-machine
>> + (operating-system os)
>> + (port-forwardings '())))
>
> (define vm (virtual-machine (operating-system os))) should be
> sufficient.
>
For me it does not work without specfying port-forwardings.
I get wierd error like following:
gnu/tests/security.scm:47:5: error: os: invalid field specifier
I suppose it is something todo with virtual-machine.
So I'm leaving port-forwardings as is.
[...]
>> + (define (wait-for-unix-socket-m socket)
>> + (wait-for-unix-socket socket marionette))
>
> Overkill as used once in scope.
>
Done including other places.
>> +
>> + (test-runner-current (system-test-runner #$output))
>> + (test-begin "fail2ban-basic-test")
>> +
>> + (test-assert "fail2ban running"
>> + (marionette-eval
>> + '(begin
>> + (use-modules (gnu services herd))
>> + (start-service 'fail2ban))
>> + marionette))
>
> I like to test that services can be restarted too, as in my
> experience
> there can be races and other situations that may cause them to
> fail
> restarting.
>
Done.
[...]
>> + (test-equal "fail2ban sshd jail running"
>> + '("Status for the jail: sshd"
>> + "|- Filter"
>> + "| |- Currently failed:\t0"
>> + "| |- Total failed:\t0"
>> + "| `- File list:\t/var/log/secure"
>> + "`- Actions"
>> + " |- Currently banned:\t0"
>> + " |- Total banned:\t0"
>> + " `- Banned IP list:\t"
>> + "")
>> + (marionette-eval
>> + '(begin
>> + (use-modules (ice-9 rdelim) (ice-9 popen)
>> (rnrs io ports))
>> + (let ((call-command
>> + (lambda (cmd)
>> + (let* ((err-cons (pipe))
>> + (port (with-error-to-port (cdr
>> err-cons)
>> + (lambda ()
>> (open-input-pipe cmd))))
>> + (_ (setvbuf (car err-cons)
>> 'block
>> + (* 1024 1024 16)))
>> + (result (read-delimited ""
>> port)))
>> + (close-port (cdr err-cons))
>> + (values result (read-delimited ""
>> (car err-cons)))))))
>> + (string-split
>> + (call-command
>> + (string-join (list #$%fail2ban-server-cmd
>> "status" "sshd") " "))
>> + #\newline)))
>> + marionette))
>
> Perhaps this could be turned into an Shepherd action, and the
> Guile
> procedure could do the above to return the text output; to
> simplify the
> test and reduce boilerplate, while providing value to the user.
>
[...]
>> + (gexp->derivation "fail2ban-extending-test" test))
>> +
>> +(define %test-fail2ban-extending
>
> Perhaps %test-fail2ban-extension ?
Done, s/extending/extension/.
> Otherwise, that last test seems to
> test exactly the same things as the preceding one, so there
> should be a
> procedure to generate the test, taking the OS as an argument to
> avoid
> code duplication.
>
Done, refactored with define-syntax-rule.
> Thanks for working on this!
>
> Maxim
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
next prev parent reply other threads:[~2022-08-23 20:02 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-17 2:32 [bug#56608] [PATCH] gnu: security: Add fail2ban-service-type muradm
2022-08-03 16:09 ` Maxim Cournoyer
2022-08-22 17:26 ` [bug#56608] [PATCH v2 0/2] " muradm
2022-08-22 17:26 ` [bug#56608] [PATCH v2 1/2] gnu: security: " muradm
2022-08-22 18:53 ` Maxim Cournoyer
2022-08-23 18:22 ` muradm
2022-08-22 17:26 ` [bug#56608] [PATCH v2 2/2] gnu: tests: Add fail2ban tests muradm
2022-08-22 19:13 ` Maxim Cournoyer
2022-08-23 18:51 ` muradm [this message]
2022-08-23 20:13 ` [bug#56608] [PATCH v3] gnu: security: Add fail2ban-service-type muradm
2022-08-29 2:01 ` bug#56608: " Maxim Cournoyer
2022-08-23 20:19 ` [bug#56608] [PATCH v2 2/2] gnu: tests: Add fail2ban tests muradm
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87r116ybj4.fsf@muradm.net \
--to=mail@muradm.net \
--cc=56608@debbugs.gnu.org \
--cc=maxim.cournoyer@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.