1
0
mirror of https://github.com/pi-hole/pi-hole synced 2024-12-23 07:18:07 +00:00

[REVISIT] Remove test_installPihole_fresh_install_readableBlockpage for now. We may be able to recylcle it later, but I have my doubts

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
This commit is contained in:
Adam Warner 2023-01-15 13:58:05 +00:00
parent 414df5b372
commit 9bf372ef43
No known key found for this signature in database

View File

@ -255,231 +255,6 @@ def test_installPihole_fresh_install_readableFiles(host):
actual_rc = host.run(check_pihole).rc actual_rc = host.run(check_pihole).rc
@pytest.mark.parametrize("test_webpage", [True])
def test_installPihole_fresh_install_readableBlockpage(host, test_webpage):
"""
confirms all web page assets from Core repo are readable
by $LIGHTTPD_USER on a fresh build
"""
piholeWebpage = [
"127.0.0.1",
# "pi.hole"
]
# dialog returns Cancel for user prompt
mock_command("dialog", {"*": ("", "0")}, host)
# mock git pull
mock_command_passthrough("git", {"pull": ("", "0")}, host)
# mock systemctl to start lighttpd and FTL
ligthttpdcommand = dedent(
r'''\"\"
echo 'starting lighttpd with {}'
if [ command -v "apt-get" >/dev/null 2>&1 ]; then
LIGHTTPD_USER="www-data"
LIGHTTPD_GROUP="www-data"
else
LIGHTTPD_USER="lighttpd"
LIGHTTPD_GROUP="lighttpd"
fi
mkdir -p "{run}"
chown {usergroup} "{run}"
mkdir -p "{cache}"
chown {usergroup} "/var/cache"
chown {usergroup} "{cache}"
mkdir -p "{compress}"
chown {usergroup} "{compress}"
mkdir -p "{uploads}"
chown {usergroup} "{uploads}"
chmod 0777 /var
chmod 0777 /var/cache
chmod 0777 "{cache}"
find "{run}" -type d -exec chmod 0777 {chmodarg} \;;
find "{run}" -type f -exec chmod 0666 {chmodarg} \;;
find "{compress}" -type d -exec chmod 0777 {chmodarg} \;;
find "{compress}" -type f -exec chmod 0666 {chmodarg} \;;
find "{uploads}" -type d -exec chmod 0777 {chmodarg} \;;
find "{uploads}" -type f -exec chmod 0666 {chmodarg} \;;
/usr/sbin/lighttpd -tt -f '{config}'
/usr/sbin/lighttpd -f '{config}'
echo \"\"'''.format(
"{}",
usergroup="${{LIGHTTPD_USER}}:${{LIGHTTPD_GROUP}}",
chmodarg="{{}}",
config="/etc/lighttpd/lighttpd.conf",
run="/run/lighttpd",
cache="/var/cache/lighttpd",
uploads="/var/cache/lighttpd/uploads",
compress="/var/cache/lighttpd/compress",
)
)
FTLcommand = dedent(
'''\"\"
set -x
/etc/init.d/pihole-FTL restart
echo \"\"'''
)
mock_command_run(
"systemctl",
{
"enable lighttpd": ("", "0"),
"restart lighttpd": (ligthttpdcommand.format("restart"), "0"),
"start lighttpd": (ligthttpdcommand.format("start"), "0"),
"enable pihole-FTL": ("", "0"),
"restart pihole-FTL": (FTLcommand, "0"),
"start pihole-FTL": (FTLcommand, "0"),
"*": ('echo "systemctl call with $@"', "0"),
},
host,
)
# create configuration file
setup_var_file = "cat <<EOF> /etc/pihole/setupVars.conf\n"
for k, v in SETUPVARS.items():
setup_var_file += "{}={}\n".format(k, v)
setup_var_file += "INSTALL_WEB_SERVER=true\n"
setup_var_file += "INSTALL_WEB_INTERFACE=true\n"
setup_var_file += "EOF\n"
host.run(setup_var_file)
installWeb = host.run(
"""
export TERM=xterm
export DEBIAN_FRONTEND=noninteractive
umask 0027
runUnattended=true
useUpdateVars=true
source /opt/pihole/basic-install.sh > /dev/null
runUnattended=true
useUpdateVars=true
main
echo "LIGHTTPD_USER=${LIGHTTPD_USER}"
echo "webroot=${webroot}"
echo "INSTALL_WEB_INTERFACE=${INSTALL_WEB_INTERFACE}"
echo "INSTALL_WEB_SERVER=${INSTALL_WEB_SERVER}"
"""
)
assert 0 == installWeb.rc
piholeuser = "pihole"
webuser = ""
user = re.findall(r"^\s*LIGHTTPD_USER=.*$", installWeb.stdout, re.MULTILINE)
for match in user:
webuser = match.replace("LIGHTTPD_USER=", "").strip()
webroot = ""
user = re.findall(r"^\s*webroot=.*$", installWeb.stdout, re.MULTILINE)
for match in user:
webroot = match.replace("webroot=", "").strip()
if not webroot.strip():
webroot = "/var/www/html"
installWebInterface = True
interface = re.findall(
r"^\s*INSTALL_WEB_INTERFACE=.*$", installWeb.stdout, re.MULTILINE
)
for match in interface:
testvalue = match.replace("INSTALL_WEB_INTERFACE=", "").strip().lower()
if not testvalue.strip():
installWebInterface = testvalue == "true"
installWebServer = True
server = re.findall(r"^\s*INSTALL_WEB_SERVER=.*$", installWeb.stdout, re.MULTILINE)
for match in server:
testvalue = match.replace("INSTALL_WEB_SERVER=", "").strip().lower()
if not testvalue.strip():
installWebServer = testvalue == "true"
# if webserver install was not requested
# at least pihole must be able to read files
if installWebServer is False:
webuser = piholeuser
exit_status_success = 0
test_cmd = 'su --shell /bin/bash --command "test -{0} {1}" -p {2}'
# check files that need a running FTL to be created
# readable and writeable pihole-FTL.db
check_FTLconf = test_cmd.format("r", "/etc/pihole/pihole-FTL.db", piholeuser)
actual_rc = host.run(check_FTLconf).rc
assert exit_status_success == actual_rc
check_FTLconf = test_cmd.format("w", "/etc/pihole/pihole-FTL.db", piholeuser)
actual_rc = host.run(check_FTLconf).rc
assert exit_status_success == actual_rc
# check directories above $webroot for read and execute permission
check_var = test_cmd.format("r", "/var", webuser)
actual_rc = host.run(check_var).rc
assert exit_status_success == actual_rc
check_var = test_cmd.format("x", "/var", webuser)
actual_rc = host.run(check_var).rc
assert exit_status_success == actual_rc
check_www = test_cmd.format("r", "/var/www", webuser)
actual_rc = host.run(check_www).rc
assert exit_status_success == actual_rc
check_www = test_cmd.format("x", "/var/www", webuser)
actual_rc = host.run(check_www).rc
assert exit_status_success == actual_rc
check_html = test_cmd.format("r", "/var/www/html", webuser)
actual_rc = host.run(check_html).rc
assert exit_status_success == actual_rc
check_html = test_cmd.format("x", "/var/www/html", webuser)
actual_rc = host.run(check_html).rc
assert exit_status_success == actual_rc
# check directories below $webroot for read and execute permission
check_admin = test_cmd.format("r", webroot + "/admin", webuser)
actual_rc = host.run(check_admin).rc
assert exit_status_success == actual_rc
check_admin = test_cmd.format("x", webroot + "/admin", webuser)
actual_rc = host.run(check_admin).rc
assert exit_status_success == actual_rc
directories = get_directories_recursive(host, webroot + "/admin/")
for directory in directories:
check_pihole = test_cmd.format("r", directory, webuser)
actual_rc = host.run(check_pihole).rc
check_pihole = test_cmd.format("x", directory, webuser)
actual_rc = host.run(check_pihole).rc
findfiles = 'find "{}" -maxdepth 1 -type f -exec echo {{}} \\;;'
filelist = host.run(findfiles.format(directory))
files = list(filter(bool, filelist.stdout.splitlines()))
for file in files:
check_pihole = test_cmd.format("r", file, webuser)
actual_rc = host.run(check_pihole).rc
# check web interface files
# change nameserver to pi-hole
# setting nameserver in /etc/resolv.conf to pi-hole does
# not work here because of the way docker uses this file
ns = host.run(r"sed -i 's/nameserver.*/nameserver 127.0.0.1/' /etc/resolv.conf")
pihole_is_ns = ns.rc == 0
def is_ip(address):
m = re.match(r"(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})", address)
return bool(m)
if installWebInterface is True:
if test_webpage is True:
# check webpage for unreadable files
noPHPfopen = re.compile(
(
r"PHP Error(%d+):\s+fopen([^)]+):\s+"
+ r"failed to open stream: "
+ r"Permission denied in"
),
re.I,
)
# using cURL option --dns-servers is not possible
status = (
'curl -s --head "{}" | '
+ "head -n 1 | "
+ 'grep "HTTP/1.[01] [23].." > /dev/null'
)
digcommand = r"dig A +short {} @127.0.0.1 | head -n 1"
pagecontent = 'curl --verbose -L "{}"'
for page in piholeWebpage:
testpage = "http://" + page + "/admin/"
resolvesuccess = True
if is_ip(page) is False:
dig = host.run(digcommand.format(page))
testpage = "http://" + dig.stdout.strip() + "/admin/"
resolvesuccess = dig.rc == 0
if resolvesuccess or pihole_is_ns:
# check HTTP status of blockpage
actual_rc = host.run(status.format(testpage))
assert exit_status_success == actual_rc.rc
# check for PHP error
actual_output = host.run(pagecontent.format(testpage))
assert noPHPfopen.match(actual_output.stdout) is None
def test_update_package_cache_success_no_errors(host): def test_update_package_cache_success_no_errors(host):
""" """
confirms package cache was updated without any errors confirms package cache was updated without any errors