> On March 31, 2016, 6:11 p.m., Zameer Manji wrote:
> > The change and the tests LGTM.
> > 
> > I currently have great ideas on how to ensure end to end validation. The 
> > best idea that I can provide is make use of the shell checker in the e2e 
> > tests. The program executed by the shell checker should just return 1 if it 
> > is executed as root and return 0 if it isn't. The e2e test can check for 
> > task failure and infer that the command was run as root if the task fails.
> 
> Joshua Cohen wrote:
>     If we want something that would give us more certainty that the e2e test 
> behaved as expected, we could touch a file in /tmp as root (from the test 
> runner) and configure a shell health checker that tries to remove it. Then we 
> can assert that the health check failed and that the file still exists (thus 
> giving us confidence that the reason for the failure was permission-based and 
> not due to some other factor).
> 
> Bill Farner wrote:
>     I was thinking something along the lines of access as well.  How about a 
> check that tries to do something pseudo-malicious like delete `/etc/passwd`?
> 
> Zameer Manji wrote:
>     +1 deleting /etc/passwd or similar it a good test.
> 
> Dmitriy Shirchenko wrote:
>     Yea, e2e has a test which makes sure a failed health check rolls back the 
> update: 
> https://github.com/apache/aurora/blob/master/src/test/sh/org/apache/aurora/e2e/test_end_to_end.sh#L206
>     
>     Should be super easy to modify it to roll back on a file you aren't 
> supposed to delete.

Sounds good to me!


- Joshua


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/45506/#review126378
-----------------------------------------------------------


On March 31, 2016, 6:38 p.m., Bill Farner wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/45506/
> -----------------------------------------------------------
> 
> (Updated March 31, 2016, 6:38 p.m.)
> 
> 
> Review request for Aurora, Dmitriy Shirchenko and Zameer Manji.
> 
> 
> Bugs: AURORA-1641
>     https://issues.apache.org/jira/browse/AURORA-1641
> 
> 
> Repository: aurora
> 
> 
> Description
> -------
> 
> Here's a stab at this using `os` and `pwd` modules directly to demote health 
> checks to the target user.
> 
> 
> Diffs
> -----
> 
>   src/main/python/apache/aurora/common/health_check/shell.py 
> 6cb7dfc164f4e16143fc974d50c19a5887d32015 
>   src/main/python/apache/aurora/executor/common/health_checker.py 
> 28fd3ec3ef7d0b66621c0295804af0eb72c64b4a 
>   src/test/python/apache/aurora/common/health_check/test_shell.py 
> 7026af8c4671a40f4b517ecf12149eac34a552c8 
>   src/test/python/apache/aurora/executor/common/test_health_checker.py 
> 19c4f76347e34374c29974c182d1f4c118bcb18d 
> 
> Diff: https://reviews.apache.org/r/45506/diff/
> 
> 
> Testing
> -------
> 
> I haven't spent any time thinking of a test strategy for this, but i don't 
> think we should proceed without end-to-end validation.  I'm open to ideas 
> here.
> 
> 
> Thanks,
> 
> Bill Farner
> 
>

Reply via email to