QA Regression Testing

~sbeattie/qa-regression-testing:glibc-security-tests

  1. Git
  2. lp:~sbeattie/qa-regression-testing
  3. glibc-security-tests
Last commit made on 2023-11-01
Get this branch:
git clone -b glibc-security-tests https://git.launchpad.net/~sbeattie/qa-regression-testing
Only Steve Beattie can upload to this branch. If you are Steve Beattie please log in for upload directions.

Branch merges

Branch information

Name:
glibc-security-tests
Repository:
lp:~sbeattie/qa-regression-testing

Recent commits

a46634c... by Steve Beattie

test-kernel-security: add simple shared library for LD_* tests

In jammy and other systemd based releases, preloading libmemusage ends
up conflicting (I suspect) with systemd's allocation routines, in such a
way that the pam_systemd either throws an assert in its json handling
code (wtf?!) or segfaults.

This commit creates a simple library for use as a LD_PRELOAD and
LD_AUDIT target, and switched the test to use it. *Ideally* it
should get temporarily installed in one of the system libraries,
as the loader will do some magic around that for setuid binaries,
but the kernel should get there first.

Signed-off-by: Steve Beattie <email address hidden>

Succeeded
[SUCCEEDED] imagemagick:0 (build)
[SUCCEEDED] imagemagick:1 (build)
[SUCCEEDED] imagemagick:2 (build)
[SUCCEEDED] gcc-security:0 (build)
[SUCCEEDED] gcc-security:1 (build)
[SUCCEEDED] gcc-security:2 (build)
[SUCCEEDED] glibc:0 (build)
[SUCCEEDED] glibc:1 (build)
[SUCCEEDED] glibc:2 (build)
[SUCCEEDED] glibc-security:0 (build)
[SUCCEEDED] glibc-security:1 (build)
[SUCCEEDED] glibc-security:2 (build)
[SUCCEEDED] gnupg:0 (build)
[SUCCEEDED] gnupg:1 (build)
[SUCCEEDED] gnupg:2 (build)
[SUCCEEDED] sudo:0 (build)
[SUCCEEDED] sudo:1 (build)
[SUCCEEDED] sudo:2 (build)
[SUCCEEDED] git:0 (build)
[SUCCEEDED] git:1 (build)
[SUCCEEDED] git:2 (build)
[SUCCEEDED] ghostscript:0 (build)
[SUCCEEDED] ghostscript:1 (build)
[SUCCEEDED] ghostscript:2 (build)
[SUCCEEDED] busybox:0 (build)
[SUCCEEDED] busybox:1 (build)
[SUCCEEDED] busybox:2 (build)
[SUCCEEDED] coreutils:0 (build)
[SUCCEEDED] coreutils:1 (build)
[SUCCEEDED] coreutils:2 (build)
[SUCCEEDED] util-linux:0 (build)
[SUCCEEDED] util-linux:1 (build)
[SUCCEEDED] util-linux:2 (build)
133 of 33 results FirstPreviousNextLast
c45b3ef... by Steve Beattie

test-glibc-security.py: create test user for shadow test

In some CI environments, there may not be a user with a password set, so
we'll create a test user to ensure one exists.

Signed-off-by: Steve Beattie <email address hidden>

Failed
[SUCCEEDED] imagemagick:0 (build)
[SUCCEEDED] imagemagick:1 (build)
[SUCCEEDED] imagemagick:2 (build)
[SUCCEEDED] gcc-security:0 (build)
[SUCCEEDED] gcc-security:1 (build)
[SUCCEEDED] gcc-security:2 (build)
[SUCCEEDED] glibc:0 (build)
[SUCCEEDED] glibc:1 (build)
[SUCCEEDED] glibc:2 (build)
[FAILED] glibc-security:0 (build)
[FAILED] glibc-security:1 (build)
[FAILED] glibc-security:2 (build)
[WAITING] gnupg:0 (build)
[WAITING] gnupg:1 (build)
[WAITING] gnupg:2 (build)
[WAITING] sudo:0 (build)
[WAITING] sudo:1 (build)
[WAITING] sudo:2 (build)
[WAITING] git:0 (build)
[WAITING] git:1 (build)
[WAITING] git:2 (build)
[WAITING] ghostscript:0 (build)
[WAITING] ghostscript:1 (build)
[WAITING] ghostscript:2 (build)
[WAITING] busybox:0 (build)
[WAITING] busybox:1 (build)
[WAITING] busybox:2 (build)
[WAITING] coreutils:0 (build)
[WAITING] coreutils:1 (build)
[WAITING] coreutils:2 (build)
[WAITING] util-linux:0 (build)
[WAITING] util-linux:1 (build)
[WAITING] util-linux:2 (build)
133 of 33 results FirstPreviousNextLast
3aedbbc... by Steve Beattie

test-glibc-security: split out env tests into subtests

Signed-off-by: Steve Beattie <email address hidden>

Failed
[SUCCEEDED] imagemagick:0 (build)
[SUCCEEDED] imagemagick:1 (build)
[SUCCEEDED] imagemagick:2 (build)
[SUCCEEDED] gcc-security:0 (build)
[SUCCEEDED] gcc-security:1 (build)
[SUCCEEDED] gcc-security:2 (build)
[SUCCEEDED] glibc:0 (build)
[SUCCEEDED] glibc:1 (build)
[SUCCEEDED] glibc:2 (build)
[FAILED] glibc-security:0 (build)
[FAILED] glibc-security:1 (build)
[FAILED] glibc-security:2 (build)
[WAITING] gnupg:0 (build)
[WAITING] gnupg:1 (build)
[WAITING] gnupg:2 (build)
[WAITING] sudo:0 (build)
[WAITING] sudo:1 (build)
[WAITING] sudo:2 (build)
[WAITING] git:0 (build)
[WAITING] git:1 (build)
[WAITING] git:2 (build)
[WAITING] ghostscript:0 (build)
[WAITING] ghostscript:1 (build)
[WAITING] ghostscript:2 (build)
[WAITING] busybox:0 (build)
[WAITING] busybox:1 (build)
[WAITING] busybox:2 (build)
[WAITING] coreutils:0 (build)
[WAITING] coreutils:1 (build)
[WAITING] coreutils:2 (build)
[WAITING] util-linux:0 (build)
[WAITING] util-linux:1 (build)
[WAITING] util-linux:2 (build)
133 of 33 results FirstPreviousNextLast
30003c7... by Steve Beattie

test-glibc-security: split password hash alg tests

Split them into independent tests that verify:

- what the hash algorithm in the pam configuration is
- what the hash algorithms in use in /etc/shadow are

Signed-off-by: Steve Beattie <email address hidden>

86ba98c... by Steve Beattie

launchpad.yaml: add glibc-security tests

Signed-off-by: Steve Beattie <email address hidden>

Failed
[SUCCEEDED] imagemagick:0 (build)
[SUCCEEDED] imagemagick:1 (build)
[SUCCEEDED] imagemagick:2 (build)
[SUCCEEDED] gcc-security:0 (build)
[SUCCEEDED] gcc-security:1 (build)
[SUCCEEDED] gcc-security:2 (build)
[SUCCEEDED] glibc:0 (build)
[SUCCEEDED] glibc:1 (build)
[SUCCEEDED] glibc:2 (build)
[FAILED] glibc-security:0 (build)
[FAILED] glibc-security:1 (build)
[FAILED] glibc-security:2 (build)
[WAITING] gnupg:0 (build)
[WAITING] gnupg:1 (build)
[WAITING] gnupg:2 (build)
[WAITING] sudo:0 (build)
[WAITING] sudo:1 (build)
[WAITING] sudo:2 (build)
[WAITING] git:0 (build)
[WAITING] git:1 (build)
[WAITING] git:2 (build)
[WAITING] ghostscript:0 (build)
[WAITING] ghostscript:1 (build)
[WAITING] ghostscript:2 (build)
[WAITING] busybox:0 (build)
[WAITING] busybox:1 (build)
[WAITING] busybox:2 (build)
[WAITING] coreutils:0 (build)
[WAITING] coreutils:1 (build)
[WAITING] coreutils:2 (build)
[WAITING] util-linux:0 (build)
[WAITING] util-linux:1 (build)
[WAITING] util-linux:2 (build)
133 of 33 results FirstPreviousNextLast
dbd3fa1... by Steve Beattie

test-glibc-security.abort_msg: avoid truncated output from readelf

Somewhere between focal and jammy, readelf started truncating symbol
names by default. Pass the `--wide` command line argument to get
non-truncated versions of the output; the argument is supported back
to trusty (14.04 LTS).

Signed-off-by: Steve Beattie <email address hidden>

e37d1f7... by Steve Beattie

test-glibc-security: yescrypt is default pw hash for 22.04 and newer

Signed-off-by: Steve Beattie <email address hidden>

4ff9439... by Jorge Sancho Larraz

deactivate test-iperf3 from lpci as most tests check for cves only fixed in esm

42d9f05... by Jorge Sancho Larraz

Create new tests for iperf3 package and add them to .launchpad.yaml

4c6b7fc... by Jorge Sancho Larraz

Add test-iperf3 to .launchpad.yaml