Penguin Taming: How to Test Linux-based Applications
Jan 8, 2015 - This article provides a testing tutorial for testing applications that run on servers operated by a Unix-like distribution. This is useful for both newcomers who have never tested these kinds of applications, as well as for experienced testers who may discover some new tricks.
All Linux-based applications in development go through testers’ hands. Even though Linux is considered the safest operation system, all the software developed for Linux is tested the same way as Microsoft applications. To introduce the difference in testing applications that run on servers operated by a Unix-like distribution, we have developed a testing tutorial, which is useful for both newcomers who have never tested these kinds of applications, as well as for experienced testers who might discover some new tricks.
Even though Linux has a relatively small percentage of desktop users, that small percentage must be provided with well-developed and tested software. That means testers all over the world should be ready to fulfill any customer whim, including testing Linux-based applications. This is where the following tutorial comes in – to help prepare for this scenario.
The Great Battle of Linux and Windows
Unlike the majority of operating systems, Linux is a free one. It does not require any license to purchase it and can be downloaded at no charge. A lot of available software is developed for Linux, so a user doesn’t experience any inconvenience when choosing Linux over Microsoft.
The main difference between Linux and Windows is the superior flexibility Linux provides. While Windows has the same settings for all users, Linux settings and configurations can be easily adjusted to fit each user’s preferences. This is why every user has a unique system, which can’t be said about Windows. It is these standard Windows settings that most PCs have that make Microsoft PCs more vulnerable than Linux systems.
Being a stable system, Linux is also well-known for its extremely high security. Despite many attempts hackers have made to break the system, Linux has managed to remain secure.
Another important Linux characteristic is the productivity it supports. If you run two identical programs on two identical computers with the only difference being the OS (Windows or Linux), you’ll find the Linux OS operates faster. Consider the statistics; more than 95 percent of supercomputers are operated by *nix, and a significant number of servers are run on Linux distributions.
Linux Standard Base (LSB) Testing
Unlike Microsoft, Linux doesn’t have hundreds of hired developers and quality engineers to maintain the quality of software produced for its users. Regardless, the community of Linux volunteers has found a way to underpin long-term compatibility guarantees and comprehensive compatibility testing.
Together, the Linux Foundation and the Institute for System Programming of the Russian Academy of Sciences are putting huge resources toward developing new tools and technologies to break through LSB testing challenges. These resources, known collectively as the LSB Testing Framework, include such components as Linux Application Checker, Distribution Testkit (DTK) Manager, AZOV Shallow Test Development Framework, T2C Normal Test Development Framework and UniTESK Deep Test Development Framework.
Also, a great number of paid-for tools are developed for testing software that runs Linux distributions. Now we can move on to the technical differences testers should be aware of when it comes to Linux.
Introduction to *nix
To distinguish between two operating systems we’d like to share some hints to help avoid their specific singularities. We suggest every novice Linux user start with the “isman” command, which displays online manual pages for specified commands. If you put “man ls,” for instance, this will return info regarding the command you may want to learn: Name, Synopsis, Description, Options.
Pay attention to the fact that command names, paths and file names are case-sensitive. For example, “test.log” and “TEST.log” could be different files in the same directory.
Spaces were originally used for pointing multiple arguments of the command, so if you use them in file names within the terminal (console), that will cause incorrect behavior. Therefore, you should use underscore or CamelCase (PascalCase) instead (e.g. “test_log” or “testLog” instead of “test log”).
The “mv” command should be used if you need to rename a file: mv test.tar.gz temptest.tar.gz. That will change the name of “test.tar.gz” to “temptest.tar.gz.”
Overwritten or modified files couldn’t be restored to their original state in Linux, since this OS doesn’t have an “undo” function. The same thing happens if you need to restore a file that was deleted earlier. Linux has neither a “Trash” nor “Recycle” bin. Moreover, you have no chance to restore deleted files and folder using standard tools in most Unix distributions. This is why you should be careful when working with Linux. You have to make sure you delete files you really don’t need; specify unique parameters for the rm command. For example: rm -i test*.txt (user will be prompted). Finally, the alias command will help to reconfigure the rm command call if you really care about data loss (which most of us do).
You should always keep in mind shortcuts: current directory (.) and parent directory (..). Never miss them and do not run: rm -r .* This command will delete the parent directory (the expression matches “..”).
Be aware of the autocomplete function for command or file names if you work within a console: type a few first characters of the name and press the Tab key.
If you need access to recent command history, you can use up and down arrows on the keyboard to browse commands you previously ran.
What are the limits?
Next, let’s explore path types as well as name length limitations in the *nix OS. It’s best to start with common terms.
There are two types of paths: absolute and relative. An absolute path is the location of a file or directory from the root directory (top level): e.g. /var/log/protocol/log. Relative path means path related to the current directory (pwd). For example, you are located in /var/log and you want to go to the directory /var/log/protocol/log/. You can use relative path here, so apply: cd protocol/log/.
As for limitations applied to folder and file names in *nix, there are 256 characters for a name and 1,024 characters for an absolute path (these limitations should also be checked during the test of your web application).
When working on Linux, you cannot log in as the root user (technically, the top level user or administrator), which is either prohibited or impossible due to an unknown or hidden password used as part of the security policy. At the same time, most of daily routine administrative tasks require administrator permissions: web app start/stop, database restarting/cleaning, new build deployments and so on.
To complete those tasks, you have another solution: use sudo commands (requires a password as well – stands for super user do). Just use sudo followed by the required command to perform activities with so-called super user permissions: sudo apt-get install shellutilities.
Shortcuts for managing
The administration of the Linux host (where your web application runs) requires frequent job and process managing activities. A few must-knows are listed below.
To interrupt a job, use a shortcut Ctrl-C. When you need to resume a job, use a shortcut Ctrl-Z. The command fg restarts the job, while bg places a job to the background, allowing you to perform additional tasks at the same time. Also add an ampersand (“&”) to your command in the end of the string to start it in the background.
When you need to view currently running processes, run “ps.” While all jobs have unique process IDs displayed in the first column of the output, rest assured there are some more useful options here to modify its result view.
If you need to end a required job, run “kill/killall” followed by the process ID or process name (kill 22064; killall java, for example).
The grep command will help to find a specific job you might need. It is an efficient search tool with a large scope of configurations (for example, ps -aux | grep java). The ps returns the list of all processes. The grep filters the list according your search criteria.
Installing new software
What should we expect when installing new software in Linux OS? This can be a challenging task among former Windows users. Usually it can be done by following these methods: installing RPM packages, installing DEB packages or installing from tarballs (esp. source code).
On top of that, when starting working with Linux, you should always keep in mind software repositories, which provide storage for packages (both source and binary) accessible via Internet to install any required software on your computer. It’s up to you whether to use a certain repository or create your own. See examples for two of the most popular utilities: YUM in files repo in the directory/etc/yum.repos.d/ and APT in file /etc/apt/sources.list and in the files in the directory/etc/apt/source.list.d/.
Types of Software
As for testing itself, there are basic instruments for testing Linux applications you will definitely need. Most of these solutions are applicable to the majority of Unix-based systems and are console-based, which makes them easier to automate.
There are three types of software in Linux: Core (Kernel), User applications (userspace level), and Core + User applications. Core applications include the core itself, the kernel modules and user space level for kernel control (meaning the / proc and / sys interfaces). Since the kernel itself is written on C and ASM, C is the preference for testing. Usually these are small test kernel modules, checking some functions or module with different parameters + script.
Based on many years of testing experience, it is recommended you avoid using one module that checks the entire “feature.” This is why many modules are used to check each of the functions separately. Also keep in mind that you have to check all possible functions return codes.
User applications can be considered any application running on Linux. However, if the application is written in Java, you’ll need to own Java, at least in order to make sure that the program is working.
Core + User applications are the most popular to be used in Linux. If you are dealing with this type of application, it means the core driver provides low-level communication with any device and the user program.
Testing Tools for Linux
Since all Linux tools are either present in any distributive or can be freely downloaded, Linux is a convenient OS both for programming and testing. Basic tools for testing Linux applications are as follows:
Among other common tools, it would good to mention such as netperf (utility to verify the network performance), ircp, irdump, openobex (utilities for infrared checking), and telnet, ssh (a remote shell). If you need to enter same commands frequently, you can use expect, which is available in any distributive). A more detailed comprehensive list of tools commonly used for testing the various components of Linux can be found here.
Hackers’ Security Distribution
Linux also has its own distributions for testing. Backtrack-Linux.org is a good example of a specialized Linux distribution that has just one purpose – to test your network, devices and systems for security vulnerabilities. The last version of Backtrack was released in August of 2012.
Backtrack all started with earlier versions of live Linux such distributions such as Whoppix, IWHAX, and Auditor. As it’s said at Offensive Security, after years of development, penetration tests, and unprecedented help from the security community, it evolved to what is now known as a GPL-compliant Linux distribution built by penetration testers for penetration testers with development staff consisting of individuals spanning different languages, regions, industries and nationalities.
Backtrack consists of more than 300 security open source tools and utilities. While there are many commercial programs available, many security professionals prefer BackTrack tools. The interesting thing is that BackTrack is also popular among hackers because of its anonymity; when installing this distribution, you don't have to register.
Many security practitioners use BackTrack to perform their security assessments. BackTrack is an open-source, Linux-based penetration testing toolset. It makes performing a security assessment easier, because all of the common tools that you need are all packaged into one nice distribution and ready to go at a moment's notice. As with other Linux distributions, BackTrack is supported and developed by a community of users that range from skilled penetration testers in the information security field, government entities, information technology experts, security enthusiasts and individuals new to the security community.
The above should provide a good overview of some of the basic Linux tools, singularities, process management, specific limitations, etc., that are vital for quality assurance services involving Linux. However, this is just the tip of the iceberg when it comes to Linux, the most stable, efficient, safe and legal operating system ever.
About Alexander Panchenko
Alexander Panchenko works as the Head of the Complex Web QA Department for A1QA. He has gained a breadth of experience through his work on various projects involving backup and recovery applications, projects with complex business logic (e.g. corporate portals based on Share Point), banking systems and government portals. For A1QA, he leads several teams and manages a division of 30+ engineers.
Copyright Engineers Edge, LLC 2015