knot-dns/tests-extra/README

Prerequisites:
--------------

python3
dnspython >=2.2.0 (python3-dnspython)
psutil            (python3-psutil)
bind9
dnssec-signzone   (bind9-utils)
dnssec-keygen     (bind9-utils)
dnssec-verify     (bind9-utils)
certtool          (gnutls-bin)
ldnsutils
lsof
gawk
objdump
(valgrind)
(gdb)

Python modules:
---------------

To install necessary Python modules using pip, run:
$ pip install -r requirements.txt

Optional loopback addresses configuration:
------------------------------------------

# for i in {1..64}; do sudo ip address add 127.0.1.$i/32 dev lo; done
# for i in {1..64}; do sudo ip address add ::1$i/128 dev lo; done

Ubuntu:
-------

Disable apparmor protection for system Bind:
$ sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.named
or
$ sudo ln -s /etc/apparmor.d/usr.sbin.named /etc/apparmor.d/disable/
$ sudo /etc/init.d/apparmor restart

Allow ptrace:
# echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope
or
# vim /etc/sysctl.d/10-ptrace.conf
# kernel.yama.ptrace_scope = 0

XDP:
----

XDP testing with Valgrind requires running under root. Testing with ASAN is
possible if lsof has two following capabilities:

$ sudo setcap "CAP_SYS_PTRACE,CAP_DAC_OVERRIDE+ep" `which lsof`

And knotd has set:

$ sudo setcap "CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_ADMIN,CAP_IPC_LOCK,CAP_SYS_PTRACE+ep" `readlink -f ../src/knotd`

Tcpdump:
--------

$ sudo setcap "CAP_NET_RAW+ep" `which tcpdump`
func-test: refine project 2013-10-15 05:08:50 -04:00			`Prerequisites:`
tests-extra: update dependencies, remove outdated Docker instructions 2019-02-15 08:59:46 -05:00			`--------------`
tests-extra: update requirements 2017-01-29 15:54:39 -05:00
tests-extra: update prerequisites in README 2024-11-14 02:26:41 -05:00			`python3`
			`dnspython >=2.2.0 (python3-dnspython)`
			`psutil (python3-psutil)`
			`bind9`
			`dnssec-signzone (bind9-utils)`
			`dnssec-keygen (bind9-utils)`
			`dnssec-verify (bind9-utils)`
			`certtool (gnutls-bin)`
tests-extra: add ldns-verify-zone to Zonefile.dnssec_verify() 2019-06-11 10:17:30 -04:00			`ldnsutils`
func-test: refine project 2013-10-15 05:08:50 -04:00			`lsof`
tests-extra: added gawk to the Dockerfile 2015-01-03 13:56:31 -05:00			`gawk`
tests-extra: update README with objdump dependency 2017-01-17 08:10:28 -05:00			`objdump`
func-tests: update README 2014-02-25 02:59:08 -05:00			`(valgrind)`
func-tests: add gdb backtrace dumping 2014-02-19 05:03:35 -05:00			`(gdb)`
func-test: refine project 2013-10-15 05:08:50 -04:00
tests: add dnspython from git into requirements 2014-08-11 04:48:24 -04:00			`Python modules:`
			`---------------`

			`To install necessary Python modules using pip, run:`
			`$ pip install -r requirements.txt`

tests-extra: add -a<NUM> parameter for using more loopback addresses The addresses must be configured in advance, e.g.: for i in {1..32}; do sudo ip address add 127.0.1.$i/32 dev lo; done for i in {1..32}; do sudo ip address add ::1$i/128 dev lo; done 2023-04-18 10:37:45 -04:00			`Optional loopback addresses configuration:`
			`------------------------------------------`

tests-extra: add -x parameter for XDP testing instead of root detection 2023-10-31 12:19:13 -04:00			`# for i in {1..64}; do sudo ip address add 127.0.1.$i/32 dev lo; done`
			`# for i in {1..64}; do sudo ip address add ::1$i/128 dev lo; done`
tests-extra: add -a<NUM> parameter for using more loopback addresses The addresses must be configured in advance, e.g.: for i in {1..32}; do sudo ip address add 127.0.1.$i/32 dev lo; done for i in {1..32}; do sudo ip address add ::1$i/128 dev lo; done 2023-04-18 10:37:45 -04:00
func-tests: add gdb backtrace dumping 2014-02-19 05:03:35 -05:00			`Ubuntu:`
			`-------`
tests-extra: update requirements 2017-01-29 15:54:39 -05:00
func-tests: add gdb backtrace dumping 2014-02-19 05:03:35 -05:00			`Disable apparmor protection for system Bind:`
tests-extra: add -x parameter for XDP testing instead of root detection 2023-10-31 12:19:13 -04:00			`$ sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.named`
tests-extra: update README and valgrind suppression file 2018-04-25 07:34:23 -04:00			`or`
tests-extra: add -x parameter for XDP testing instead of root detection 2023-10-31 12:19:13 -04:00			`$ sudo ln -s /etc/apparmor.d/usr.sbin.named /etc/apparmor.d/disable/`
			`$ sudo /etc/init.d/apparmor restart`
func-tests: add gdb backtrace dumping 2014-02-19 05:03:35 -05:00
			`Allow ptrace:`
func-tests: update README 2014-02-25 02:59:08 -05:00			`# echo 0 \| sudo tee /proc/sys/kernel/yama/ptrace_scope`
func-tests: add gdb backtrace dumping 2014-02-19 05:03:35 -05:00			`or`
tests-extra: update README and valgrind suppression file 2018-04-25 07:34:23 -04:00			`# vim /etc/sysctl.d/10-ptrace.conf`
			`# kernel.yama.ptrace_scope = 0`
tests-extra: add -x parameter for XDP testing instead of root detection 2023-10-31 12:19:13 -04:00
			`XDP:`
			`----`

			`XDP testing with Valgrind requires running under root. Testing with ASAN is`
			`possible if lsof has two following capabilities:`

			$ sudo setcap "CAP_SYS_PTRACE,CAP_DAC_OVERRIDE+ep" `which lsof`

			`And knotd has set:`

			$ sudo setcap "CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_ADMIN,CAP_IPC_LOCK,CAP_SYS_PTRACE+ep" `readlink -f ../src/knotd`
tests/quic/xfr: added debugging features: tcpdump, secrets.log, quic log 2024-01-12 10:28:22 -05:00
			`Tcpdump:`
			`--------`

			$ sudo setcap "CAP_NET_RAW+ep" `which tcpdump`