SME10.0 QA

From SME Server
Revision as of 21:38, 30 November 2020 by Gieres (talk | contribs) (→‎Raid)
Jump to navigation Jump to search


QUALITY ASSURANCE

Version 10.# Quality Assurance testing

This document lists tests that we need to do to get version 10.# to a final release. It's an attempt to invite as many testers as possible and to coordinate our testing work.

The document should be used as Work In Progress so please feel free to add additional test scenarios and comments.

All tests here should be based on the latest available version '10.# Beta X'. with updates including smeupdates-testing you have a preview of a work in progress

In general:

  • check the related logfile(s) for each test
  • don't hesitate to raise a bug if there is an issue or something suspicious but check the Bugtracker before whether this might already be reported
  • A list of currently reported bugs for SME Server 10.# is here: [1]

Test guidelines

The purpose of the page is mostly to verify features are working, you can list a bug number if you like but we don't intend to duplicate the tracking provided by bugzilla:

Executive Summary

There has not been enough testing to indicate how well SME Server 10.# is working.

Please report by adding [Pass] or [Fail], your name by using ~~~~, and release version ie SME10a1. You can also add a comment (Comment: used this software)

Verification

Create a test environment, either virtually or with spare hardware, cf. Testing Environments. Install the latest release, add some test users/ibays/domains/websites, send some internal e-mails, copy some files to/from ibays, perform a backup and restore. Perform as many functions that you can based on your knowledge and test environment abilities. Play and have fun :)

The scenario's should be as complex as needed, but also as simple as possible, testing one unique feature where possible.

For instance creating an ibay could mean something like this, perhaps even incomplete as I am doing this from the top of my head:

  • log in in server-manager
  • create ibay
  • test for directory created (-f /home/e-smith/ibays/ibayname)
  • check for account (ibayname) created
  • check for group (ibayname) created
  • analyze log for errors/exceptions

but also (and that is the most work mostly) test exceptions (names too long, starting with a number, containing a _, as well as all other exceptions):

  • log in in server-manager
  • create ibay with invalid name
  • check the error in the server-manager screen
  • check no account (ibayname) is created
  • check no group (ibayname) is created
  • check that the error is present in the log file

Test Schedule and Header codes

A sample test schedule is provided below. Check one feature at a time and add comments. We will use a shorthand in the header line so we can check progress quickly. The test list below starts with no headers since we start afresh. The intention is for testers to update this document to reflect their testing, thus avoiding duplication.

  • header blank = no header - unchecked
  • header ? - questions, or more to do [please provide your name for follow-up]
  • header BUG - there is a bug - provide Bug reference number, i.e [Bug xxxx]
  • header PASS - means the section has been tested and has passed [please provide your name for follow-up]

Some sample comments have been left from testing previous SME Server versions for information since they outline useful procedures, please add your own comments as applicable.

Installation

  • When installing, choice of keyboard, if fr-latin9 choosen, if « a » test, it is a « q » which appear in the little window. [BUG]bug 10925 [gieres]

Installation types

WARNING!!! NOT SUPPORTED YET AS SME10 alpha1

Different installation scenarios re. software RAID, LVM and NOSPARE usage, etc. Note that you need to test each scenario separately, meaning reinstalling from scratch for each test - you cannot modify a Raid configuration after a system has been installed.

Check this for each configuration:

/var/log/messages
server-console, item 5
cat /proc/mdstat (which is the same as server-console, item 5;)
  • RAID1 nodmraid

Comment:

  • RAID1 raid=1

Comments:

  • RAID1 nolvm spares=2

Comments:

  • RAID1 nolvm

Comments:

  • RAID5 (with lvm) spares=0

Comments:

  • RAID5 nolvm spares=2

Comments:

  • RAID6 (with lvm) spare=1 multipart

Comments:

  • RAIDx "nolvm"

Comments:

Upgrading

In-place upgrades are not supported from SME9.#. It is necessary to backup and then restore. /boot partition is always RAID 1.

In-place upgrades to SME 10.1" *are* supported - from 10.0 only.

Upgrade from older versions

In-place upgrades to SME 10.1" *are* supported - from 10.0 only.

Console

  • ...

Check Status

  • The server displays 'This server has been running for ...'

Comment: [PASS] [gieres]

Configure Server

  • Basic configuration works?, eg NIC's, password, host and domain names

password [PASS] [gieres] Comment: test pwd too simple, tou short (minous 7 digits), without special character, number, minuscul, majuscul

DHCP server

  • test IP allocation
for predefined MAC addresses (= 'static' IP allocation)
for dynamic IPs

Server-gateway

  • Check functionality

Server-only

  • Check functionality
Private server & gateway
Server-only [PASS] [gieres]
Server only with 2 identical NIC in bonding mode

Comments:

Test internet

  • Prompt displays, then 'The test was successful...'

[PASS] [gieres]

Reboot

  • Check each of the console options:
reboot
reconfigure
shutdown

[PASS] [gieres]

Raid

  • Check each of the following:
console, option 5, displays correctly for single disk [PASS] [gieres] : « Aucun périphérique RAID configuré ».
console, option 5, displays correctly for various RAID scenarios, all those combinations which we tested under SME10.0_QA#Installation_types
another disk added to a one disk system, open console, option 5, prompted to add drive, [FAILED] [gieres] : always « Aucun périphérique RAID configuré ».
drive added, option 5 states all drives in clean state 

Comment:

Access Server Manager

  • server-manager displays and navigation works

[PASS] [gieres]

View Support

  • The GPL text displays

Backup to USB

Check each of the following:
  • console restore
  • console backup

Server Manager

  • Accessing server-manager (local) -
  • Accessing server-manager (from remote location) - [PASS] [gieres]

Collaboration

Users

  • create new user account [PASS] [gieres]
  • reset user password [PASS] [gieres]
  • lock/unlock account [PASS] [gieres]
  • add/remove user to different groups [PASS] [gieres]
  • delete user account [PASS] [gieres]
  • re create deleted user account [PASS] [gieres]
  • reset user password user account [PASS] [gieres] Comment : what difference with item #2 ? [PASS] [gieres]

Groups

  • Add, modify and remove groups [PASS] [gieres]
Comments:

Quotas

  • Setting quota (soft:10MB / hard: 20MB) and going over hard limit works:
 # dd if=/dev/zero of=/mnt/user-a/user-a_21MB bs=22020096 count=1
 1+0 records in
 1+0 records out
 dd: closing output file `/mnt/user-a/user-a_21MB': No space left on device
  • Setting quota (soft:20MB / hard: 40MB) and going over soft limit works:
 To: User B <user-b@testdomain.lan>
 From: "Automated quota report" <do-not-reply@testdomain.lan>
 Subject: You have exceeded your disk quota
 
 Your current disk usage: 21.08 Mb
 Your maximum usage: 40.00 Mb
 Warnings start at: 20.00 Mb
 Grace period ends: Fri Oct  2 09:06:22 2009
 System name: sme8b4clean

Pseudonyms

  • Test the following:
created a pseudonym jane to sent to usera
created a pseudonym jane@test.org to userb
Comment: i.e. sent mail to both which was received as expected

Information Bays

User access via file sharing

  • basic smb file access working as expected
  • Permissions checked (smb) with several groups, users and all permission-combinations

Public access via web

  • Primary website access tested form public Internet. If not configured, the default (".. under construction ..") works
  • Ibay accessible for http(s) from outside network without password
  • Ibay accessible for http(s) from outside network with a password
  • Ibay accessible for http(s) from local network without password and outside network with a password

Local access via web

  • Primary website accessible for http(s) from the local network
  • Ibay not accessible for http(s) from local network when set to 'No Access'
  • Ibay accessible for http(s) from local network without password
  • Ibay accessible for http(s) from local network with a password


/var/log/httpd/error_log (Bug #5492): (still existing?)

 [Thu Sep 24 22:45:56 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
 [Thu Sep 24 22:45:56 2009] [warn] RSA server certificate CommonName (CN) `sme8b4clean.testdomain.lan' does NOT match server name!?

Public access via ftp

  • check functionality as applicable
Comment:

Local access via ftp

  • Primary & ibay not accessible when ftp set to 'No Access'
  • Primary ibay accessible anonymous for download, not upload
  • Ibay (no password required) accessible anonymous without password for download, not upload
  • Ibay (password required) accessible anonymous only with password for download, not upload
  • User homedir accessible with username+pass for download and upload
  • Ibay accessible with username+pass for download and upload (with ibay permissions correctly set)
  • Ibay accessible with username+pass for download and not upload (with ibay permissions correctly set)
  • Ibay not accessible with username+pass (with ibay permissions correctly set)

Dynamic content

  • PHP scripts in Primary ibay are interpreted and displayed
  • PHP scripts in ibay are/not interpreted and displayed when dynamic content is enabled/disabled
  • CGI scripts (cgi-bin)

Administration

Backup and restore

Backup

to desktop
to tape
to workstation
to usb disk

Restore

from desktop
from tape
from workstation
from usb disk

View log files

  • view log files works, [PASS] [gieres]

including filtering and highlighting

  • download logfile works [PASS] [gieres]

Mail log files

  • local mail delivery
  • external mail delivery

Reboot and shutdown

  • Test from server-manager for each of:
reboot [PASS] [gieres]
reconfigure [PASS] [gieres] Comment : it's not possible to see if reconfiguration is done
shutdown [PASS] [gieres]

Security

Remote access

VPN / PPTP

  • Check functionality


Remote management

SSH

Check the following:

  • remote access from local network on port other than 22 [PASS] [gieres]
  • installing pubkey on ~/.ssh/authorized_keys2 [PASS] [gieres]
  • remote access from local network without standard password [PASS] [gieres]
  • External user/password access denied (port 22 and other) when set to 'No access' or 'Local network'
  • External user/password access allowed (port 22 and other) when set to 'Entire internet'
  • External user/password access denied (port 22 and other) for root when 'allow administrative commandline' to 'No'
  • External user/password access allowed (port 22 and other) for user (if configured) when 'administrative commandline' to 'No'
  • External user/password access denied (port 22 and other) when 'allow standard password' set to 'No'
  • External certificate access denied (port 22 and other) for root when 'administrative commandline' to 'No' and 'allow standard password' set to 'No'
  • External certificate access allowed (port 22 and other) for root when 'administrative commandline' to 'Yes' and 'allow standard password' set to 'No'
  • External certificate access allowed (port 22 and other) for user (if configured) when 'administrative commandline' to 'No' and 'allow standard password' set to 'No'
  • External certificate access allowed (port 22 and other) for user (if configured) when 'administrative commandline' to 'Yes' and 'allow standard password' set to 'No'

FTP

  • Ftp access allowed for Primary, ibays and users when access set to 'Allow access ...'
  • Ftp access refused for Primary, ibays and users when access set to 'No Access'

Local Networks

Server-manager [PASS] [gieres] Comment: Access run with traditional warning message from browser before connecting window

Port forwarding

Check the following scenarios:

  • server gateway


  • server only


Proxy settings

Mail

  • Smtp proxy enabled
  • Smtp proxy disabled
  • Smtp proxy blocked (recently implemented)

Web

Check the following:

  • net access via the squid proxy works
  • net access is disabled via squid proxy if disabled

Configuration

Software Installer

Updates

  • updates via the panel work [PASS] (David Beveridge)

but first updates are very long and when it's time to reconfigure, this alarm show Rapport d'état de l'opération Erreur: le jeton CSRF est invalide ou expiré.

It's not possible to reconfigure. [BUG] bug 10926 [gieres]

  • the updates available warning displays on this page [PASS] (David Beveridge)

Settings

  • Settings can be changed

Button doesn't run. [BUG] bug 11186 [gieres]

  • Installing additional software works

Button doesn't run. [BUG] bug 11187 [gieres]

Examples:
Installing:
 wvdial               i386         1.54.0-5.2.2.1            base         131 k
Installing for dependencies:
 libwvstreams         i386         4.2.2-2.1                 base         657 k

and Removing

Removing:
 wvdial          i386          1.54.0-5.2.2.1          installed          264 k

Date and time

'Set Date and Time' manually works

'Configure Network Time Server' works if you enter a valid time server

Workgroup

Domain controller

Now also working for windows 7 PC's

  • PDC - setup Primary Domain Controller

Suggested steps:

  • join PC to domain (as user 'admin') and test domain user logon on that PC
  • join (another) PC to domain (as a different user from group 'Domain Admins', NOT user admin)

Comments: The user 'michael' is part of that group:

db accounts show domain-admin-group 
domain-admin-group=group
   Description=Domain Admins
   Gid=5010
   Members=admin,michael
   Uid=5010

Comments: i.e. log extract from /var/log/messages for the latest join:

Aug 30 07:04:52 mdo002sv esmith::event[20711]: Running event handler: /etc/e-smith/events/machine-account-create/S10create-machine-account 
Aug 30 07:04:52 mdo002sv /etc/e-smith/events/machine-account-create/S10create-machine-account[20712]: /home/e-smith/db/accounts: OLD twt042lt$ (undefined) 
Aug 30 07:04:52 mdo002sv /etc/e-smith/events/machine-account-create/S10create-machine-account[20712]: /home/e-smith/db/accounts: NEW twt042lt$=machine 
Aug 30 07:04:52 mdo002sv esmith::event[20711]: create-machine-account twt042lt$: Creating Unix user and group  
Aug 30 07:04:52 mdo002sv esmith::event[20711]: create-machine-account twt042lt$: Locking account  
Aug 30 07:04:52 mdo002sv esmith::event[20711]: Locking password for user twt042lt$.  
Aug 30 07:04:52 mdo002sv esmith::event[20711]: passwd: Success  
Aug 30 07:04:52 mdo002sv esmith::event[20711]: S10create-machine-account=action|Event|machine-account-create|Action|S10create-machine-account|Start|1251572692 236608|End|1251572692 708624|Elapsed|0.472016 
  • domain user password change via Ctrl-Alt-Del

Comments: i.e. several combinations tested, incl. invalid combinations (e.g. password too short); successfully changed; case sensitivity tested; testing was done with the following setting in place:

db configuration show passwordstrength
passwordstrength=configuration
   Admin=none
   Ibays=none
   Users=none

Might need more testing with better password strength.

Workgroup server

  • Connect to samba share


net use x: \\sme10a1\Primary /user:admin


Roaming profiles

  • Test with WinXP Pro clients
  • Test with WinVista Pro clients
  • Test with Win7 Pro clients
  • Test with Win8 Pro clients
  • Test with Win10 Pro clients


Directory

Check the following:

  • Directory (LDAP) access
  • Test access from various email clients, list client, platform, Operating system, local and or external:

In example:

Webmail (list address book contents via string like "mich" shows all Michael(s))
Thunderbird LDAP test on local network


Printers

Attached/created LTP,USB and network printer; Printing test page:

  • USB printer
  • LTP printer
  • Network printer

Hostnames

set a hostname to a remote server works

set a hostname to self works

set hostname for other host on the local network


Domains

  • 2nd domain added, web and email works
  • Test all DNS options

Email

Access

Test functionality for the following:

  • webmail


  • pop3(s)
  • imap(s)
  • check: /var/log/pop3(s)/current
  • check: /var/log/imap(s)/current

Filtering

Reception

Delivery

Antivirus

Database [PASS] [gieres] Database correctly reloaded (6813186 signatures) after first reload

Clam/email integration

  • Check: /var/log/qmail/current
  • Check: /var/log/spamd/current
  • Check: /var/log/qpsmtpd/current
  • Check: /var/log/clamd/current
  • Check: /var/log/clamd/smeserver-clamscan.log
  • Check: email headers

Comments:

  • Check regular Clam scans
  • Enable regular scanning in server-manager and check results (email to admin)

Comments:

Review

Basic server information is displayed

Miscellaneous

Support

The GPL text is displayed

Starter Website

[PASS] [gieres] "This web site is under construction" is readible