On Tue, 28 Jan 2020, Antony Antony wrote:
If the nic does not need final.sh it can be sanitized away using ": ==== end ====" marker.
when does nic ever need to run final.sh ? Can you point to one test where it is actually used ? I don't know of any: paul@bofh:~/libreswan/testing/pluto (master)$ grep hostname */final.sh |grep nic | grep "&" paul@bofh:~/libreswan/testing/pluto (master)$
But majority of test cases where it is not needed, better use ": ==== end ===="
If there is really only one or two that need anything to be run on nic as part of the simple init/run/final set, perhaps just convert those to the 1/2/3/4 syntax?
And it is better split to nn-<host>[-foo*].sh tests.
Here is case with out ": ==== end ====" in nicinit.sh https://testing.libreswan.org/v3.28-1525-g757fa8d7c3-master/certoe-03-cop-whack/OUTPUT/nic.console.txt
right, there it is just needed like basically everywhere? Why do we not simple never run final.sh on nic ?
If we add acbcf816e6b3e commit to certoe-03-cop-whack that nic.console.txt will be much cleaner. and can avoid lines such as the following in the final.sh hostname | grep nic > /dev/null || ipsec whack --trafficstatus
I argue 8a628e94cbb7 "hostname | grep nic" is the wrong direction to go.
The reason for this is due to namespaces. In the part, lots of nic consoles were just run without :=== end === marker and the nic's console show "ipsec: file not found" when running kvm based tests. but with namespace based tests, nic's /usr/sbin is from the host and it does contain the ipsec command, so the output would change from "file not found" to "pluto not running" depending on the test type. Hence the above workaround to ensure the same output regardless of test type. All of that could be removed if we just not run final.sh on nic ever. Note that the only tests I know of that look for something "near the end" of a test on nic, are the OCSP tests that verify the ocsp server on nic was contacted. Those do not use final.sh but the numbered *.sh method.
For stats: grep "==== end ===" */nicinit.sh |wc -l 286 grep ausearch */nic.console.txt |wc -l 18 so why not use ": ==== end ===="? Why do you think it is a bad idea?
Why not never run final.sh on nic ?
AFIK markers are not part of test kvmrunner, afik it is part of the sanitizer. If my argument is correct, a logical step would be - the kvmrunner check for ": ==== end ====" in nicinit.sh, if it finds it can avoid running final.sh on nic, possibly can shave off a second or two. But that is minor optimization.
I agree not running final.sh on nic ever might shave of a few seconds and would be good. Paul _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
