Add testing support for OpenSUSE Tumbleweed

.gitignore

@@ -59,6 +59,7 @@ Makefile.in
 /tags
 /test-*
 /test_rsa_key
+/Test[A-Z]*
 /tmp-dist
 /tmp/
 /tsconfig.tsbuildinfo

pkg/lib/kernelopt.sh

@@ -14,8 +14,8 @@ error() {
 grub() {
     key="${2%=*}"  # split off optional =value
 
-    # For the non-BLS case, or if someone overrides those with grub2-mkconfig
-    # or update-grub, change it in /etc/default/grub
+    # For the non-BLS case, or if someone overrides those with grub2-mkconfig,
+    # update-grub or update-bootloader, change it in /etc/default/grub
     if [ -e /etc/default/grub ]; then
         if [ "$1" = set ]; then
             # replace existing argument, otherwise append it
@@ -37,6 +37,11 @@ grub() {
     elif [ -e /etc/default/grub ] && type update-grub >/dev/null 2>&1; then
         update-grub
 
+    # on Suse platforms, use update-bootloader
+    # Since earlier we updated /etc/default/grub we can just run update-bootloader
+    elif type update-bootloader >/dev/null 2>&1; then
+        update-bootloader
+
     # on OSTree, the kernel config is inside the image
     elif cur=$(rpm-ostree kargs 2>&1); then
         if [ "$1" = set ]; then
@@ -50,7 +55,7 @@ grub() {
             rpm-ostree kargs --delete="$key"
         fi
     else
-        error "No supported grub update mechanism found (grubby, update-grub, or rpm-ostree)"
+        error "No supported grub update mechanism found (grubby, update-grub, update-bootloader or rpm-ostree)"
     fi
 }
 

pkg/metrics/manifest.json

@@ -12,7 +12,8 @@
     "config": {
         "redis_package": {
             "fedora": "valkey",
-            "platform:el10": "valkey"
+            "platform:el10": "valkey",
+            "opensuse-tumbleweed": "valkey"
         }
     }
 }

pkg/metrics/metrics.jsx

@@ -1323,12 +1323,12 @@ const wait_cond = (cond, objects) => {
 
 const PCPConfigDialog = ({
     firewalldRequest,
-    s_pmlogger, s_pmproxy, s_redis, s_redis_server, s_valkey,
-    packageInstallCallback,
+    s_pmlogger, s_pmproxy, s_redis, s_redis_server, s_valkey, s_valkey_target,
+    packageInstallCallback
 }) => {
     const Dialogs = useDialogs();
     const dialogInitialProxyValue = runningService(s_pmproxy) && (
-        runningService(s_redis) || runningService(s_redis_server) || runningService(s_valkey));
+        runningService(s_redis) || runningService(s_redis_server) || runningService(s_valkey) || runningService(s_valkey_target));
     const [dialogError, setDialogError] = useState(null);
     const [dialogLoggerValue, setDialogLoggerValue] = useState(runningService(s_pmlogger));
     const [dialogProxyValue, setDialogProxyValue] = useState(dialogInitialProxyValue);
@@ -1343,7 +1343,7 @@ const PCPConfigDialog = ({
         if (dialogLoggerValue && !s_pmlogger.exists) {
             missing.push(...await get_pcp_packages());
         }
-        const redisExists = () => s_redis.exists || s_redis_server.exists || s_valkey.exists;
+        const redisExists = () => s_redis.exists || s_redis_server.exists || s_valkey.exists || s_valkey_target.exists;
         if (dialogProxyValue && !redisExists()) {
             const os_release = await read_os_release();
             missing.push(get_manifest_config_matchlist("metrics", "redis_package", "redis",
@@ -1357,7 +1357,7 @@ const PCPConfigDialog = ({
             debug("PCPConfig: package installation successful");
             await wait_cond(() => (s_pmlogger.exists &&
                                    (!dialogProxyValue || (s_pmproxy.exists && redisExists()))),
-                            [s_pmlogger, s_pmproxy, s_redis, s_redis_server, s_valkey]);
+                            [s_pmlogger, s_pmproxy, s_redis, s_redis_server, s_valkey, s_valkey_target]);
         }
     };
 
@@ -1373,6 +1373,9 @@ const PCPConfigDialog = ({
                     if (s_valkey.exists && s_valkey.unit?.UnitFileState !== 'masked') {
                         real_redis = s_valkey;
                         redis_name = "valkey.service";
+                    } else if (s_valkey_target.exists && s_valkey_target.unit?.UnitFileState !== 'masked') {
+                        real_redis = s_valkey_target;
+                        redis_name = "valkey.target";
                     } else if (s_redis_server.exists && s_redis_server.unit?.UnitFileState !== 'masked') {
                         real_redis = s_redis_server;
                         redis_name = "redis-server.service";
@@ -1498,19 +1501,22 @@ const PCPConfig = ({ buttonVariant, firewalldRequest }) => {
     const s_redis = useObject(() => service.proxy("redis.service"), null, []);
     const s_redis_server = useObject(() => service.proxy("redis-server.service"), null, []);
     const s_valkey = useObject(() => service.proxy("valkey.service"), null, []);
+    const s_valkey_target = useObject(() => service.proxy("valkey.target"), null, []);
 
     useEvent(superuser, "changed");
     useEvent(s_pmlogger, "changed");
     useEvent(s_pmproxy, "changed");
     useEvent(s_redis, "changed");
     useEvent(s_redis_server, "changed");
     useEvent(s_valkey, "changed");
+    useEvent(s_valkey_target, "changed");
 
     debug("PCPConfig s_pmlogger.state", s_pmlogger.state);
     debug("PCPConfig s_pmproxy state", s_pmproxy.state,
           "redis exists", s_redis.exists, "state", s_redis.state,
           "redis-server exists", s_redis_server.exists, "state", s_redis_server.state,
-          "valkey exists", s_valkey.exists, "state", s_valkey.state);
+          "valkey exists", s_valkey.exists, "state", s_valkey.state,
+          "valkey-target exists", s_valkey_target.exists, "state", s_valkey_target.state);
 
     if (!superuser.allowed)
         return null;
@@ -1521,13 +1527,14 @@ const PCPConfig = ({ buttonVariant, firewalldRequest }) => {
                                       s_pmlogger={s_pmlogger}
                                       s_pmproxy={s_pmproxy}
                                       s_redis={s_redis} s_redis_server={s_redis_server} s_valkey={s_valkey}
+                                      s_valkey_target={s_valkey_target}
                                       packageInstallCallback={() => setPackageInstallStatus("done")} />);
     }
 
     return (
         <Button variant={buttonVariant} icon={<CogIcon />}
                 isDisabled={ invalidService(s_pmlogger) || invalidService(s_pmproxy) ||
-                             invalidService(s_redis) || invalidService(s_redis_server) || invalidService(s_valkey) }
+                             invalidService(s_redis) || invalidService(s_redis_server) || invalidService(s_valkey) || invalidService(s_valkey_target) }
                 onClick={show_dialog}
                 data-test-install-finished={packageInstallStatus}>
             { _("Metrics settings") }

pkg/networkmanager/firewall.jsx

@@ -556,10 +556,24 @@ class AddEditServicesModal extends React.Component {
     componentDidMount() {
         firewall.getAvailableServices()
                 .then(services => this.setState({ services }));
-        cockpit.file('/etc/services').read()
-                .then(content => this.setState({
-                    avail_services: this.parseServices(content)
-                }));
+        async function fetchServices(component) {
+            try {
+                await cockpit.spawn(["test", "-e", "/usr/etc/services"], { err: "ignore" });
+                cockpit.file('/usr/etc/services').read()
+                        .then(content => component.setState({
+                            avail_services: component.parseServices(content)
+                        }));
+            } catch (err1) {
+                cockpit.file('/etc/services').read()
+                        .then(content => component.setState({
+                            avail_services: component.parseServices(content)
+                        }));
+            }
+        }
+
+        if (this.state.avail_services === null) {
+            fetchServices(this);
+        }
     }
 
     onFilterChanged(value) {

pkg/storaged/multipath.jsx

@@ -50,17 +50,29 @@ export class MultipathAlert extends React.Component {
         const multipathd_running = !this.multipathd_service.state || this.multipathd_service.state === "running";
         const multipath_broken = client.broken_multipath_present === true;
 
-        function activate(event) {
+        async function activate(event) {
             if (!event || event.button !== 0)
                 return;
-            cockpit.spawn(["mpathconf", "--enable", "--with_multipathd", "y"],
-                          { superuser: "try" })
-                    .catch(function (error) {
-                        dialog_open({
-                            Title: _("Error"),
-                            Body: error.toString()
+            try {
+                await cockpit.spawn(["type", "mpathconf"], { err: "ignore" });
+                cockpit.spawn(["mpathconf", "--enable", "--with_multipathd", "y"],
+                              { superuser: "try" })
+                        .catch(function (error) {
+                            dialog_open({
+                                Title: _("Error"),
+                                Body: error.toString()
+                            });
                         });
-                    });
+            } catch (err1) {
+                cockpit.spawn(["systemctl", "enable", "--now", "multipathd.service"],
+                              { superuser: "try" })
+                        .catch(function (error) {
+                            dialog_open({
+                                Title: _("Error"),
+                                Body: error.toString()
+                            });
+                        });
+            }
         }
 
         if (multipath_broken && !multipathd_running)

pkg/users/users.js

@@ -91,7 +91,14 @@ function AccountsPage() {
         const handleShadow = cockpit.file("/etc/shadow", { superuser: "try" });
         handleShadow.watch(() => debouncedGetLoginDetails(), { read: false });
 
-        const handleLogindef = cockpit.file("/etc/login.defs");
+        let handleLogindef;
+        try {
+            await cockpit.spawn(["test", "-e", "/etc/login.defs"], { err: "ignore" });
+            handleLogindef = cockpit.file("/etc/login.defs");
+        } catch (err1) {
+            handleLogindef = cockpit.file("/usr/etc/login.defs");
+        }
+
         handleLogindef.watch((logindef) => {
             if (logindef === null)
                 return;

src/common/cockpitconf.c

@@ -76,7 +76,7 @@ regcompx (regex_t *preg, const char *regex, int cflags)
 /* For optimization, this modifies string; the returned array has pointers into string
  * The array itself gets allocated and must be freed after use. */
 static const char **
-strsplit (char *string, char delimiter)
+strsplit (char *string, char delimiter, unsigned *len_out)
 {
   const char ** parts = reallocarrayx (NULL, 2, sizeof (char*));
   char *cur = string;
@@ -104,6 +104,10 @@ strsplit (char *string, char delimiter)
     }
 
   parts[len] = NULL;
+
+  if (len_out)
+    *len_out = len;
+
   return parts;
 }
 
@@ -299,9 +303,21 @@ cockpit_conf_get_dirs (void)
       env = getenv ("XDG_CONFIG_DIRS");
       if (env && env[0])
         {
+          unsigned len_out;
+
+          const char ** xdg_config_dirs = NULL;
+          unsigned len = sizeof (cockpit_config_dirs) / sizeof (char*);
+          system_config_dirs = reallocarrayx (NULL, len, sizeof (char*));
+          memcpy (system_config_dirs, cockpit_config_dirs, sizeof (cockpit_config_dirs));
+
           /* strsplit() modifies the string inline, so copy and keep a ref */
           env = strdup (env);
-          system_config_dirs = strsplit (env, ':');
+          xdg_config_dirs = strsplit (env, ':', &len_out);
+
+          system_config_dirs = reallocarrayx (system_config_dirs, len + len_out + 1, sizeof (char*));
+          memcpy (system_config_dirs + (len-1), xdg_config_dirs, len_out * sizeof (char*));
+          system_config_dirs[len - 1 + len_out] = NULL;
+          free (xdg_config_dirs);
         }
     }
 
@@ -348,7 +364,7 @@ cockpit_conf_strv (const char *section,
       entry->strv_value = strdupx (entry->value);
       for (char *c = entry->strv_value + strlen (entry->strv_value) - 1; c >= entry->strv_value && isspace (*c); --c)
         *c = '\0';
-      entry->strv_cache = strsplit (entry->strv_value, delimiter);
+      entry->strv_cache = strsplit (entry->strv_value, delimiter, NULL);
       entry->strv_delimiter = delimiter;
     }
 

src/common/test-config.c

@@ -139,7 +139,7 @@ test_load_dir (void)
   cockpit_config_file = "cockpit.conf";
 
   g_assert_cmpstr (cockpit_conf_string ("Section2", "value1"), ==, "string");
-  g_assert_cmpstr (cockpit_conf_get_dirs ()[1], ==, SRCDIR "/src/ws/mock-config");
+  g_assert_cmpstr (cockpit_conf_get_dirs ()[2], ==, SRCDIR "/src/ws/mock-config");
   cockpit_conf_cleanup ();
 }
 

test/common/netlib.py

@@ -44,8 +44,11 @@ def add_veth(self, name, dhcp_cidr=None, dhcp_range=None):
         if dhcp_cidr:
             # up the remote end, give it an IP, and start DHCP server
             self.machine.execute(f"ip a add {dhcp_cidr} dev v_{name}; ip link set v_{name} up")
-            server = self.machine.spawn("dnsmasq --keep-in-foreground --log-queries --log-facility=- "
-                                        f"--conf-file=/dev/null --dhcp-leasefile=/tmp/leases.{name} --no-resolv "
+
+            # TODO: Consider running all env's through /run/dnsmasq
+            lease_path = "/run/dnsmasq" if "suse" in self.machine.image else "/tmp"
+            server = self.machine.spawn(f"mkdir -p {lease_path}; dnsmasq --keep-in-foreground --log-queries --log-facility=- "
+                                        f"--conf-file=/dev/null --dhcp-leasefile={lease_path}/leases.{name} --no-resolv "
                                         f"--bind-interfaces --except-interface=lo --interface=v_{name} --dhcp-range={dhcp_range[0]},{dhcp_range[1]},4h",
                                         f"dhcp-{name}.log")
             self.addCleanup(self.machine.execute, "kill %i" % server)

test/common/packagelib.py

@@ -46,6 +46,10 @@ def setUp(self):
             self.backend = "dnf5"
             self.primary_arch = "noarch"
             self.secondary_arch = "x86_64"
+        elif "suse" in self.machine.image:
+            self.backend = "zypper"
+            self.primary_arch = "noarch"
+            self.secondary_arch = "x86_64"
         elif self.machine.image == "arch":
             self.backend = "alpm"
             self.primary_arch = "any"
@@ -157,7 +161,7 @@ def createPackage(self, name, version, release, install=False,
         else:
             self.createRpm(name, version, release, depends, postinst, install, content, arch, provides)
         if updateinfo:
-            self.updateInfo[(name, version, release)] = updateinfo
+            self.updateInfo[name, version, release] = updateinfo
 
     def createDeb(self, name, version, depends, postinst, install, content, arch, provides):
         """Create a dummy deb in repo_dir on self.machine
@@ -262,6 +266,13 @@ def createRpm(self, name, version, release, requires, post, install, content, ar
 cp ~/rpmbuild/RPMS/{4}/*.rpm {0}
 rm -rf ~/rpmbuild
 """
+        if self.backend == "zypper":
+            cmd = """
+rpmbuild --quiet -bb /tmp/spec
+mkdir -p {0}
+cp /usr/src/packages/RPMS/{4}/*.rpm {0}
+"""
+
         if install:
             cmd += "rpm -i {0}/{1}-{2}-{3}.*.rpm"
         self.machine.execute(cmd.format(self.repo_dir, name, version, release, arch))
@@ -435,6 +446,10 @@ def enableRepo(self):
             self.machine.write("/etc/pacman.conf", config)
             self.machine.execute("pacman -Sy")
 
+        elif self.backend == "zypper":
+            # Need to work out how zypper handles repo changelogs so we can handle that here
+            self.machine.execute(f"zypper ar --no-gpgcheck --refresh {self.repo_dir} local")
+
         else:
             # HACK - https://bugzilla.redhat.com/show_bug.cgi?id=2306114
             # We need to explicitly create /var/cache/libdnf5 to make "dnf clean" happy.

test/common/testlib.py

@@ -1094,7 +1094,7 @@ def become_superuser(
 
             # In (open)SUSE images, superuser access always requires the root password
             if user is None:
-                user = "root" if "suse" in self.machine.image else "admin"
+                user = get_superuser(self.machine.image)
 
             if passwordless:
                 self.wait_in_text("div[role=dialog]", "Administrative access")
@@ -1776,7 +1776,7 @@ def setUp(self, restrict: bool = True) -> None:
             self.sshd_socket = 'ssh.socket'
         else:
             self.sshd_service = 'sshd.service'
-            if image == 'arch':
+            if image == 'arch' or "suse" in image:
                 self.sshd_socket = None
             else:
                 self.sshd_socket = 'sshd.socket'
@@ -1785,7 +1785,7 @@ def setUp(self, restrict: bool = True) -> None:
         # only enabled by default on released OSes; see pkg/shell/manifest.json
         self.multihost_enabled = image.startswith(("rhel-9", "centos-9")) or image in [
                 "ubuntu-2204", "ubuntu-2404", "debian-stable",
-                "fedora-39", "fedora-40"]
+                "fedora-39", "fedora-40", "opensuse-tumbleweed"]
         # Transitional code while we move ubuntu-stable from 24.04 to 24.10
         if image == "ubuntu-stable" and m.execute(". /etc/os-release; echo $VERSION_ID").strip() == "24.04":
             self.multihost_enabled = True
@@ -2052,6 +2052,12 @@ def login_and_go(
 
         # timedatex.service shuts down after timeout, runs into race condition with property watching
         ".*org.freedesktop.timedate1: couldn't get all properties.*Error:org.freedesktop.DBus.Error.NoReply.*",
+
+        # https://github.com/cockpit-project/cockpit/issues/19235
+        "invalid non-UTF8 @data passed as text to web_socket_connection_send.*",
+
+        # Noise from btmp file missing systems where it doesn't exists
+        r"cockpit-session: open\(\/var\/log\/btmp\) failed: No such file or directory",
     ]
 
     default_allowed_messages += os.environ.get("TEST_ALLOW_JOURNAL_MESSAGES", "").split(",")
@@ -2467,6 +2473,15 @@ def get_decorator(method: object, _class: object, name: str, default: Any = None
     return getattr(method, attr, getattr(_class, attr, default))
 
 
+def get_superuser(image: str) -> str:
+    # In (open)SUSE images, superuser access always requires the root password
+    return "root" if "suse" in image else "admin"
+
+
+def get_sshd_config_path(image: str) -> str:
+    # In (open)SUSE images, superuser access always requires the root password
+    return "/usr/etc/ssh/sshd_config" if "suse" in image else "/etc/ssh/sshd_config"
+
 ###########################
 # Test decorators
 #