Difference between revisions of "SME10.0 QA"
(→SSH) |
|||
Line 54: | Line 54: | ||
=Installation= | =Installation= | ||
− | + | *When installing, choice of keyboard, if fr-latin9 choosen, if « a » test, it is a « q » which appear in the little window. [BUG] [gieres] | |
==Installation types== | ==Installation types== | ||
Revision as of 21:12, 13 April 2020
QUALITY ASSURANCE
Version 10.# Quality Assurance testing
This document lists tests that we need to do to get version 10.# to a final release. It's an attempt to invite as many testers as possible and to coordinate our testing work.
The document should be used as Work In Progress so please feel free to add additional test scenarios and comments.
All tests here should be based on the latest available version '10.# Beta X'. with updates including smeupdates-testing you have a preview of a work in progress
In general:
- check the related logfile(s) for each test
- don't hesitate to raise a bug if there is an issue or something suspicious but check the Bugtracker before whether this might already be reported
- A list of currently reported bugs for SME Server 10.# is here: [1]
Test guidelines
The purpose of the page is mostly to verify features are working, you can list a bug number if you like but we don't intend to duplicate the tracking provided by bugzilla:
Executive Summary
There has not been enough testing to indicate how well SME Server 10.# is working.
Please report by adding [Pass] or [Fail], your name by using ~~~~, and release version ie SME10a1. You can also add a comment (Comment: used this software)
Verification
Create a test environment, either virtually or with spare hardware. Install the latest release, add some test users/ibays/domains/websites, send some internal e-mails, copy some files to/from ibays, perform a backup and restore. Perform as many functions that you can based on your knowledge and test environment abilities. Play and have fun :)
The scenario's should be as complex as needed, but also as simple as possible, testing one unique feature where possible.
For instance creating an ibay could mean something like this, perhaps even incomplete as I am doing this from the top of my head:
- log in in server-manager
- create ibay
- test for directory created (-f /home/e-smith/ibays/ibayname)
- check for account (ibayname) created
- check for group (ibayname) created
- analyze log for errors/exceptions
but also (and that is the most work mostly) test exceptions (names too long, starting with a number, containing a _, as well as all other exceptions):
- log in in server-manager
- create ibay with invalid name
- check the error in the server-manager screen
- check no account (ibayname) is created
- check no group (ibayname) is created
- check that the error is present in the log file
Test Schedule and Header codes
A sample test schedule is provided below. Check one feature at a time and add comments. We will use a shorthand in the header line so we can check progress quickly. The test list below starts with no headers since we start afresh. The intention is for testers to update this document to reflect their testing, thus avoiding duplication.
- header blank = no header - unchecked
- header ? - questions, or more to do [please provide your name for follow-up]
- header BUG - there is a bug - provide Bug reference number, i.e [Bug xxxx]
- header PASS - means the section has been tested and has passed [please provide your name for follow-up]
Some sample comments have been left from testing previous SME Server versions for information since they outline useful procedures, please add your own comments as applicable.
Installation
- When installing, choice of keyboard, if fr-latin9 choosen, if « a » test, it is a « q » which appear in the little window. [BUG] [gieres]
Installation types
WARNING!!! NOT SUPPORTED YET AS SME10 alpha1 |
Different installation scenarios re. software RAID, LVM and NOSPARE usage, etc. Note that you need to test each scenario separately, meaning reinstalling from scratch for each test - you cannot modify a Raid configuration after a system has been installed.
Check this for each configuration:
- /var/log/messages
- server-console, item 5
- cat /proc/mdstat (which is the same as server-console, item 5;)
- RAID1 nodmraid
Comment:
- RAID1 raid=1
Comments:
- RAID1 nolvm spares=2
Comments:
- RAID1 nolvm
Comments:
- RAID5 (with lvm) spares=0
Comments:
- RAID5 nolvm spares=2
Comments:
- RAID6 (with lvm) spare=1 multipart
Comments:
- RAIDx "nolvm"
Comments:
Upgrading
In-place upgrades are not supported from SME9.#. It is necessary to backup and then restore. /boot partition is always RAID 1.
In-place upgrades to SME 10.1" *are* supported - from 10.0 only.
Upgrade from older versions
In-place upgrades to SME 10.1" *are* supported - from 10.0 only.
Console
- ...
Check Status
- The server displays 'This server has been running for ...'
Comment: [PASS] [gieres]
Configure Server
- Basic configuration works?, eg NIC's, password, host and domain names
password [PASS] [gieres] Comment: test pwd too simple, tou short (minous 7 digits), without special character, number, minuscul, majuscul
DHCP server
- test IP allocation
- for predefined MAC addresses (= 'static' IP allocation)
- for dynamic IPs
Server-gateway
- Check functionality
Server-only
- Check functionality
- Private server & gateway
- Server-only [PASS] [gieres]
- Server only with 2 identical NIC in bonding mode
Comments:
Test internet
- Prompt displays, then 'The test was successful...'
[PASS] [gieres]
Reboot
- Check each of the console options:
- reboot
- reconfigure
- shutdown
Raid
- Check each of the following:
- console, option 5, displays correctly for single disk
- console, option 5, displays correctly for various RAID scenarios, all those combinations which we tested under SME10.0_QA#Installation_types
- another disk added to a one disk system, open console, option 5, prompted to add drive, drive added, option 5 states all drives in clean state
Comment:
Access Server Manager
- server-manager displays and navigation works
[PASS] [gieres]
View Support
- The GPL text displays
Backup to USB
- Check each of the following:
- console restore
- console backup
Server Manager
- Accessing server-manager (local) -
- Accessing server-manager (from remote location) -
Collaboration
Users
- create new user account
- reset user password
- lock/unlock account
- add/remove user to different groups
- delete user account
- re create deleted user account
- reset user password user account
Groups
- Add, modify and remove groups
- Comments:
Quotas
- Setting quota (soft:10MB / hard: 20MB) and going over hard limit works:
# dd if=/dev/zero of=/mnt/user-a/user-a_21MB bs=22020096 count=1 1+0 records in 1+0 records out dd: closing output file `/mnt/user-a/user-a_21MB': No space left on device
- Setting quota (soft:20MB / hard: 40MB) and going over soft limit works:
To: User B <user-b@testdomain.lan> From: "Automated quota report" <do-not-reply@testdomain.lan> Subject: You have exceeded your disk quota Your current disk usage: 21.08 Mb Your maximum usage: 40.00 Mb Warnings start at: 20.00 Mb Grace period ends: Fri Oct 2 09:06:22 2009 System name: sme8b4clean
Pseudonyms
- Test the following:
- created a pseudonym jane to sent to usera
- created a pseudonym jane@test.org to userb
- Comment: i.e. sent mail to both which was received as expected
Information Bays
User access via file sharing
- basic smb file access working as expected
- Permissions checked (smb) with several groups, users and all permission-combinations
Public access via web
- Primary website access tested form public Internet. If not configured, the default (".. under construction ..") works
- Ibay accessible for http(s) from outside network without password
- Ibay accessible for http(s) from outside network with a password
- Ibay accessible for http(s) from local network without password and outside network with a password
Local access via web
- Primary website accessible for http(s) from the local network
- Ibay not accessible for http(s) from local network when set to 'No Access'
- Ibay accessible for http(s) from local network without password
- Ibay accessible for http(s) from local network with a password
/var/log/httpd/error_log (Bug #5492): (still existing?)
[Thu Sep 24 22:45:56 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu Sep 24 22:45:56 2009] [warn] RSA server certificate CommonName (CN) `sme8b4clean.testdomain.lan' does NOT match server name!?
Public access via ftp
- check functionality as applicable
- Comment:
Local access via ftp
- Primary & ibay not accessible when ftp set to 'No Access'
- Primary ibay accessible anonymous for download, not upload
- Ibay (no password required) accessible anonymous without password for download, not upload
- Ibay (password required) accessible anonymous only with password for download, not upload
- User homedir accessible with username+pass for download and upload
- Ibay accessible with username+pass for download and upload (with ibay permissions correctly set)
- Ibay accessible with username+pass for download and not upload (with ibay permissions correctly set)
- Ibay not accessible with username+pass (with ibay permissions correctly set)
Dynamic content
- PHP scripts in Primary ibay are interpreted and displayed
- PHP scripts in ibay are/not interpreted and displayed when dynamic content is enabled/disabled
- CGI scripts (cgi-bin)
Administration
Backup and restore
Backup
to desktop
to tape
to workstation
to usb disk
Restore
from desktop
from tape
from workstation
from usb disk
View log files
- view log files works, including filtering and highlighting
- download logfile works
Mail log files
- local mail delivery
- external mail delivery
Reboot and shutdown
- Test from server-manager for each of:
- reboot
- reconfigure
- shutdown
Security
Remote access
VPN / PPTP
- Check functionality
Remote management
SSH
Check the following:
- remote access from local network on port other than 22 [PASS] [gieres]
- installing pubkey on ~/.ssh/authorized_keys2 [PASS] [gieres]
- remote access from local network without standard password [PASS] [gieres]
- External user/password access denied (port 22 and other) when set to 'No access' or 'Local network'
- External user/password access allowed (port 22 and other) when set to 'Entire internet'
- External user/password access denied (port 22 and other) for root when 'allow administrative commandline' to 'No'
- External user/password access allowed (port 22 and other) for user (if configured) when 'administrative commandline' to 'No'
- External user/password access denied (port 22 and other) when 'allow standard password' set to 'No'
- External certificate access denied (port 22 and other) for root when 'administrative commandline' to 'No' and 'allow standard password' set to 'No'
- External certificate access allowed (port 22 and other) for root when 'administrative commandline' to 'Yes' and 'allow standard password' set to 'No'
- External certificate access allowed (port 22 and other) for user (if configured) when 'administrative commandline' to 'No' and 'allow standard password' set to 'No'
- External certificate access allowed (port 22 and other) for user (if configured) when 'administrative commandline' to 'Yes' and 'allow standard password' set to 'No'
FTP
- Ftp access allowed for Primary, ibays and users when access set to 'Allow access ...'
- Ftp access refused for Primary, ibays and users when access set to 'No Access'
Local Networks
Server-manager [PASS] [gieres] Comment: Access run with traditional warning message from browser before connecting window
Port forwarding
Check the following scenarios:
- server gateway
- server only
Proxy settings
- Smtp proxy enabled
- Smtp proxy disabled
- Smtp proxy blocked (recently implemented)
Web
Check the following:
- net access via the squid proxy works
- net access is disabled via squid proxy if disabled
Configuration
Software Installer
Updates
- updates via the panel work [PASS] (David Beveridge)
- the updates available warning displays on this page [PASS] (David Beveridge)
Settings
- Settings can be changed
- Installing additional software works
- Examples:
Installing: wvdial i386 1.54.0-5.2.2.1 base 131 k Installing for dependencies: libwvstreams i386 4.2.2-2.1 base 657 k
and Removing
Removing: wvdial i386 1.54.0-5.2.2.1 installed 264 k
Date and time
'Set Date and Time' manually works
'Configure Network Time Server' works if you enter a valid time server
Workgroup
Domain controller
Now also working for windows 7 PC's
- PDC - setup Primary Domain Controller
Suggested steps:
- join PC to domain (as user 'admin') and test domain user logon on that PC
- join (another) PC to domain (as a different user from group 'Domain Admins', NOT user admin)
Comments: The user 'michael' is part of that group:
db accounts show domain-admin-group domain-admin-group=group Description=Domain Admins Gid=5010 Members=admin,michael Uid=5010
Comments: i.e. log extract from /var/log/messages for the latest join:
Aug 30 07:04:52 mdo002sv esmith::event[20711]: Running event handler: /etc/e-smith/events/machine-account-create/S10create-machine-account Aug 30 07:04:52 mdo002sv /etc/e-smith/events/machine-account-create/S10create-machine-account[20712]: /home/e-smith/db/accounts: OLD twt042lt$ (undefined) Aug 30 07:04:52 mdo002sv /etc/e-smith/events/machine-account-create/S10create-machine-account[20712]: /home/e-smith/db/accounts: NEW twt042lt$=machine Aug 30 07:04:52 mdo002sv esmith::event[20711]: create-machine-account twt042lt$: Creating Unix user and group Aug 30 07:04:52 mdo002sv esmith::event[20711]: create-machine-account twt042lt$: Locking account Aug 30 07:04:52 mdo002sv esmith::event[20711]: Locking password for user twt042lt$. Aug 30 07:04:52 mdo002sv esmith::event[20711]: passwd: Success Aug 30 07:04:52 mdo002sv esmith::event[20711]: S10create-machine-account=action|Event|machine-account-create|Action|S10create-machine-account|Start|1251572692 236608|End|1251572692 708624|Elapsed|0.472016
- domain user password change via Ctrl-Alt-Del
Comments: i.e. several combinations tested, incl. invalid combinations (e.g. password too short); successfully changed; case sensitivity tested; testing was done with the following setting in place:
db configuration show passwordstrength passwordstrength=configuration Admin=none Ibays=none Users=none
Might need more testing with better password strength.
Workgroup server
- Connect to samba share
net use x: \\sme10a1\Primary /user:admin
Roaming profiles
- Test with WinXP Pro clients
- Test with WinVista Pro clients
- Test with Win7 Pro clients
- Test with Win8 Pro clients
- Test with Win10 Pro clients
Directory
Check the following:
- Directory (LDAP) access
- Test access from various email clients, list client, platform, Operating system, local and or external:
In example:
- Webmail (list address book contents via string like "mich" shows all Michael(s))
- Thunderbird LDAP test on local network
Printers
Attached/created LTP,USB and network printer; Printing test page:
- USB printer
- LTP printer
- Network printer
Hostnames
set a hostname to a remote server works
set a hostname to self works
set hostname for other host on the local network
Domains
- 2nd domain added, web and email works
- Test all DNS options
Access
Test functionality for the following:
- webmail
- pop3(s)
- imap(s)
- check: /var/log/pop3(s)/current
- check: /var/log/imap(s)/current
Filtering
Reception
Delivery
Antivirus
Database [PASS] [gieres] Database correctly reloaded (6813186 signatures) after first reload
Clam/email integration
- Check: /var/log/qmail/current
- Check: /var/log/spamd/current
- Check: /var/log/qpsmtpd/current
- Check: /var/log/clamd/current
- Check: /var/log/clamd/smeserver-clamscan.log
- Check: email headers
Comments:
- Check regular Clam scans
- Enable regular scanning in server-manager and check results (email to admin)
Comments:
Review
Basic server information is displayed
Miscellaneous
Support
The GPL text is displayed
Starter Website
[PASS] [gieres] "This web site is under construction" is readible