Enable automated testing

Rename unittest directory to tests to be more standard Install all required packages rather than placeholders Get a suitable version of "unshare"
2016-11-27 09:50:22 +00:00 · 2016-11-27 09:50:22 +00:00 · 0ec7817b99
parent 1557cb6b98
commit 0ec7817b99
91 changed files with 250 additions and 39 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -2,15 +2,8 @@
 #   https://docs.travis-ci.com/user/trusty-ci-environment/
 dist: trusty
 #
-# Use full virtualisation
+# Use full virtualisation to allow use of user namespaces
 sudo: true
-## Use docker image for speed
-## When pandoc whitelisted:
-##  https://github.com/travis-ci/apt-package-whitelist/blob/master/ubuntu-trusty
-## Issue here:
-##  https://github.com/travis-ci/apt-package-whitelist/issues/3762
-#sudo: false
-#group: beta
 #
 # C includes autotools and make by default
 language: c
@ -28,6 +21,8 @@ addons:
    - texlive-latex-recommended
    - lmodern
    - libxml2-utils
+    - traceroute
+    - ipset
 #
 # Setup environment
 before_install:
@ -40,11 +35,18 @@ before_install:
 # WARNING: Any changes to the above 5 lines should be monitored closely
 - ssh-keyscan -H firehol.org >> ~/.ssh/known_hosts
 #
- # Run-time dependencies that we don't strictly need to build source package
- # N.B. when we start running full testing, real tools will be needed
- - mkdir /tmp/fake-tools
- - for t in iprange traceroute ipset; do echo '#!/bin/sh' > /tmp/fake-tools/$t && echo 'echo 999.999.999' >> /tmp/fake-tools/$t && chmod +x /tmp/fake-tools/$t; done
- - export PATH=$PATH:/tmp/fake-tools
+ # Set up to ensure tests run:
+ #  - Ensure unprivileged user namespaces enabled 
+ #  - Get latest version of iprange from firehol project
+ #  - Get a version of util-linux which has the user namespace options
+ #  - Install required kernel modules
+ - sudo sysctl kernel.unprivileged_userns_clone=1
+ - sudo .travis/install-iprange
+ - sudo .travis/replace-unshare
+ - sudo modprobe ip6table_mangle
+ - sudo modprobe iptable_raw
+ - sudo modprobe ip6table_raw
+ - sudo modprobe ip6table_nat
 #
 # Run
 before_script:
@ -52,7 +54,8 @@ before_script:
 # Run the commit hooks in case the developer didn't
 - git diff 4b825dc642cb6eb9a060e54bf8d69288fbee4904 | ./packaging/check-files -
 script:
- - fakeroot ./packaging/git-build && ./configure && make check
+ - fakeroot ./packaging/git-build
+ - (test -f firehol*.tar.gz && mkdir -p build && tar xfzC firehol*.tar.gz build && cd build/firehol* && mkdir out-of-tree && cd out-of-tree && ../configure && make check)
 #
 # Deploy as required
 after_success:
--- a/.travis/install-iprange
+++ b/.travis/install-iprange
@ -0,0 +1,47 @@
+#!/bin/sh
+
+if ! MYTMP="`mktemp -d -t install-iprange-XXXXXX`"
+then
+            echo >&2
+            echo >&2
+            echo >&2 "Cannot create temporary directory."
+            echo >&2
+            exit 1
+fi
+export MYTMP
+
+myexit() {
+  rm -rf $MYTMP
+  exit 0
+}
+
+trap myexit INT
+trap myexit HUP
+trap myexit 0
+
+DIR=`pwd`/
+export DIR
+
+cd $MYTMP
+
+set -e
+
+curl -s -o json https://api.github.com/repos/firehol/iprange/releases/latest
+dl=$(sed -ne '/"browser_download_url":.*.tar.gz"/{s/.*"browser_download_url": *//;s/{.*//;s/",*//g;p;q}' json)
+dl=https://github.com/firehol/iprange/releases/download/v1.0.3/iprange-1.0.3.tar.gz
+
+if [ "$dl" = "" ]
+then
+  echo "Could not find download for latest iprange"
+  exit 1
+fi
+
+echo $dl
+curl -s -L -o iprange.tar.gz "$dl"
+
+mkdir build
+tar xfzC iprange.tar.gz build
+
+cd build/iprange*
+./configure --disable-man
+make install
--- a/.travis/replace-unshare
+++ b/.travis/replace-unshare
@ -0,0 +1,40 @@
+#!/bin/sh
+
+if ! MYTMP="`mktemp -d -t replace-unshare-XXXXXX`"
+then
+            echo >&2
+            echo >&2
+            echo >&2 "Cannot create temporary directory."
+            echo >&2
+            exit 1
+fi
+export MYTMP
+
+myexit() {
+  rm -rf $MYTMP
+  exit 0
+}
+
+trap myexit INT
+trap myexit HUP
+trap myexit 0
+
+DIR=`pwd`/
+export DIR
+
+cd $MYTMP
+
+set -e
+
+dl=https://launchpad.net/ubuntu/+archive/primary/+files/util-linux_2.27.1.orig.tar.xz
+
+echo $dl
+curl -s -L -o util-linux.tar.xz "$dl"
+
+mkdir build
+tar xfJC util-linux.tar.xz build
+
+cd build/util-*
+./configure --disable-all-programs --enable-unshare
+make
+make install
--- a/Makefile.am
+++ b/Makefile.am
@ -11,7 +11,7 @@ AUTOMAKE_OPTIONS = \
 AM_DISTCHECK_CONFIGURE_FLAGS = \
 	--disable-maintainer-mode

-SUBDIRS = sbin etc examples doc contrib html
+SUBDIRS = sbin etc examples doc contrib html tests

 DIST_SUBDIRS = $(SUBDIRS) m4

--- a/configure.ac
+++ b/configure.ac
@ -29,6 +29,7 @@ dnl Check for functioning symbolic links
 AC_PROG_LN_S

 AM_CONDITIONAL([GIT_TREE], [test -f "${srcdir}/README.md"])
+AM_CONDITIONAL([USERNS_ENABLED], [test "`cat /proc/sys/kernel/unprivileged_userns_clone`" = "1"])

 AX_FIREHOL_AUTOSAVE()
 AX_FIREHOL_AUTOSAVE6()
@ -391,6 +392,7 @@ AC_CONFIG_FILES([
 	html/Makefile
 	html/ipsets/Makefile
 	contrib/Makefile
+	tests/Makefile
 	])

 AC_OUTPUT
--- a/examples/Makefile.am
+++ b/examples/Makefile.am
@ -7,8 +7,7 @@ conffiles =
 if ENABLE_FIREHOL

 examples_SCRIPTS = \
-	adblock.sh \
-	newns.sh
+	adblock.sh

 conffiles += \
 	server-dmz.conf \
--- a/packaging/packaging.functions
+++ b/packaging/packaging.functions
@ -86,6 +86,8 @@ try_build() {
  git diff --staged | patch -p1 -d "$MYTMP/build"
  (cd $MYTMP/build; ./packaging/git-build || touch $MYTMP/fail)
  if [ -f $MYTMP/fail ]; then return 1; fi
+  (cd $MYTMP/build; make check || touch $MYTMP/fail)
+  if [ -f $MYTMP/fail ]; then return 1; fi
  (cd $MYTMP/build; ./packaging/tar-compare . *.tar.gz || touch $MYTMP/fail)
  if [ -f $MYTMP/fail ]; then return 1; fi
  touch $MYTMP/success
--- a/packaging/tar-compare
+++ b/packaging/tar-compare
@ -51,7 +51,7 @@ diff -r "$1" $MYTMP/unpack/* | grep "^Only" | sed \
 	-e '/: tmp-anchor-links$/d' \
 	-e '/: tmp-manproc$/d' \
 	-e '/: .*\.tar\.\(gz\|bz2\|xz\)$/d' \
-	-e '/: unittest$/d' > $MYTMP/out
+	> $MYTMP/out

 cat $MYTMP/out
 test -s $MYTMP/out && exit 1
--- a/unittest/.gitignore
+++ b/unittest/.gitignore
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@ -0,0 +1,112 @@
+# Process this file with automake to produce Makefile.in
+
+testargs =
+
+if ENABLE_FIREHOL
+testargs += $(srcdir)/firehol
+endif
+
+if ENABLE_FIREQOS
+testargs += $(srcdir)/fireqos
+endif
+
+if ENABLE_LINK_BALANCER
+testargs += $(srcdir)/link-balancer
+endif
+
+if ENABLE_UPDATE_IPSETS
+testargs += $(srcdir)/update-ipsets
+endif
+
+if ENABLE_VNETBUILD
+testargs += $(srcdir)/vnetbuild
+endif
+
+if USERNS_ENABLED
+check-local: unittest
+	$(srcdir)/unittest $(testargs)
+endif
+
+TOOLS = \
+  README.md \
+  tools/clean-class \
+  tools/clean-iptables \
+  tools/newns \
+  unittest \
+  update-audit
+
+# Generated with:
+#  find firehol fireqos link-balancer update-ipsets -type f | sed -e 's:.*:  & \\:' | sort
+TESTFILES = \
+  firehol/basics/empty.aud4 \
+  firehol/basics/empty.aud6 \
+  firehol/basics/empty.conf \
+  firehol/basics/interface46.aud4 \
+  firehol/basics/interface46.aud6 \
+  firehol/basics/interface46.conf \
+  firehol/basics/interface.aud4 \
+  firehol/basics/interface.aud6 \
+  firehol/basics/interface.conf \
+  firehol/basics/router46.aud4 \
+  firehol/basics/router46.aud6 \
+  firehol/basics/router46.conf \
+  firehol/basics/router.aud4 \
+  firehol/basics/router.aud6 \
+  firehol/basics/router.conf \
+  firehol/cmdline/panic-test.aud4 \
+  firehol/cmdline/panic-test.aud6 \
+  firehol/cmdline/panic-test.conf \
+  firehol/cmdline/panic-test.run.sh \
+  firehol/cmdline/stop-test.aud4 \
+  firehol/cmdline/stop-test.aud6 \
+  firehol/cmdline/stop-test.conf \
+  firehol/cmdline/stop-test.post.sh \
+  firehol/cmdline/stop-test.pre.sh \
+  firehol/cmdline/stop-test.run.sh \
+  firehol/cmdline/try-test.aud4 \
+  firehol/cmdline/try-test.aud6 \
+  firehol/cmdline/try-test.conf \
+  firehol/cmdline/try-test.post.sh \
+  firehol/cmdline/try-test.pre.sh \
+  firehol/cmdline/try-test.run.sh \
+  firehol/not-both/ipv4-disable-conf.aud4 \
+  firehol/not-both/ipv4-disable-conf.aud6 \
+  firehol/not-both/ipv4-disable-conf.conf \
+  firehol/not-both/ipv4-disable-defaults.aud4 \
+  firehol/not-both/ipv4-disable-defaults.aud6 \
+  firehol/not-both/ipv4-disable-defaults.conf \
+  firehol/not-both/ipv4-disable-defaults.pre.sh \
+  firehol/not-both/ipv6-disable-conf.aud4 \
+  firehol/not-both/ipv6-disable-conf.aud6 \
+  firehol/not-both/ipv6-disable-conf.conf \
+  firehol/not-both/ipv6-disable-defaults.aud4 \
+  firehol/not-both/ipv6-disable-defaults.aud6 \
+  firehol/not-both/ipv6-disable-defaults.conf \
+  firehol/not-both/ipv6-disable-defaults.pre.sh \
+  fireqos/basic/minimal-qos.class.aud \
+  fireqos/basic/minimal-qos.conf \
+  fireqos/basic/minimal-qos.filter.aud \
+  fireqos/basic/minimal-qos.qdisc.aud \
+  fireqos/cmdline/clear-all.class.aud \
+  fireqos/cmdline/clear-all.conf \
+  fireqos/cmdline/clear-all.filter.aud \
+  fireqos/cmdline/clear-all.post.sh \
+  fireqos/cmdline/clear-all.pre.sh \
+  fireqos/cmdline/clear-all.qdisc.aud \
+  fireqos/cmdline/clear-all.run.sh \
+  fireqos/cmdline/no-args.class.aud \
+  fireqos/cmdline/no-args.conf \
+  fireqos/cmdline/no-args.filter.aud \
+  fireqos/cmdline/no-args.qdisc.aud \
+  fireqos/cmdline/no-args.run.sh \
+  link-balancer/basics/simple.conf \
+  link-balancer/basics/simple.pre.sh \
+  link-balancer/basics/simple.rules.aud \
+  link-balancer/basics/simple.table.aud \
+  update-ipsets/basic/no-setup.conf \
+  update-ipsets/basic/no-setup.run.sh \
+  vnetbuild/basic/no-setup.conf \
+  vnetbuild/basic/no-setup.ns.aud \
+  vnetbuild/basic/no-setup.run.sh
+
+EXTRA_DIST = $(TOOLS) $(TESTFILES)
--- a/unittest/README.md
+++ b/unittest/README.md
@ -3,12 +3,13 @@ Unit Tests

 NOTE
 :   The `unittest` command uses namespaces to isolate itself and the
-    tests it runs from the running firewall.
+    tests it runs from the running firewall. It needs user namespaces
+    to be enabled.

 Run tests as:

 ~~~~
-sudo ./unittest directory-or-conffile...
+./unittest directory-or-conffile...
 ~~~~

 Any number of files and directories (in which case all .conf files found
--- a/unittest/firehol/basics/empty.aud4
+++ b/unittest/firehol/basics/empty.aud4
--- a/unittest/firehol/basics/empty.aud6
+++ b/unittest/firehol/basics/empty.aud6
--- a/unittest/firehol/basics/empty.conf
+++ b/unittest/firehol/basics/empty.conf
--- a/unittest/firehol/basics/interface.aud4
+++ b/unittest/firehol/basics/interface.aud4
--- a/unittest/firehol/basics/interface.aud6
+++ b/unittest/firehol/basics/interface.aud6
--- a/unittest/firehol/basics/interface.conf
+++ b/unittest/firehol/basics/interface.conf
--- a/unittest/firehol/basics/interface46.aud4
+++ b/unittest/firehol/basics/interface46.aud4
--- a/unittest/firehol/basics/interface46.aud6
+++ b/unittest/firehol/basics/interface46.aud6
--- a/unittest/firehol/basics/interface46.conf
+++ b/unittest/firehol/basics/interface46.conf
--- a/unittest/firehol/basics/router.aud4
+++ b/unittest/firehol/basics/router.aud4
--- a/unittest/firehol/basics/router.aud6
+++ b/unittest/firehol/basics/router.aud6
--- a/unittest/firehol/basics/router.conf
+++ b/unittest/firehol/basics/router.conf
--- a/unittest/firehol/basics/router46.aud4
+++ b/unittest/firehol/basics/router46.aud4
--- a/unittest/firehol/basics/router46.aud6
+++ b/unittest/firehol/basics/router46.aud6
--- a/unittest/firehol/basics/router46.conf
+++ b/unittest/firehol/basics/router46.conf
--- a/unittest/firehol/cmdline/panic-test.aud4
+++ b/unittest/firehol/cmdline/panic-test.aud4
--- a/unittest/firehol/cmdline/panic-test.aud6
+++ b/unittest/firehol/cmdline/panic-test.aud6
--- a/unittest/firehol/cmdline/panic-test.conf
+++ b/unittest/firehol/cmdline/panic-test.conf
--- a/unittest/firehol/cmdline/panic-test.run.sh
+++ b/unittest/firehol/cmdline/panic-test.run.sh
--- a/unittest/firehol/cmdline/stop-test.aud4
+++ b/unittest/firehol/cmdline/stop-test.aud4
--- a/unittest/firehol/cmdline/stop-test.aud6
+++ b/unittest/firehol/cmdline/stop-test.aud6
--- a/unittest/firehol/cmdline/stop-test.conf
+++ b/unittest/firehol/cmdline/stop-test.conf
--- a/unittest/firehol/cmdline/stop-test.post.sh
+++ b/unittest/firehol/cmdline/stop-test.post.sh
--- a/unittest/firehol/cmdline/stop-test.pre.sh
+++ b/unittest/firehol/cmdline/stop-test.pre.sh
--- a/unittest/firehol/cmdline/stop-test.run.sh
+++ b/unittest/firehol/cmdline/stop-test.run.sh
--- a/unittest/firehol/cmdline/try-test.aud4
+++ b/unittest/firehol/cmdline/try-test.aud4
--- a/unittest/firehol/cmdline/try-test.aud6
+++ b/unittest/firehol/cmdline/try-test.aud6
--- a/unittest/firehol/cmdline/try-test.conf
+++ b/unittest/firehol/cmdline/try-test.conf
--- a/unittest/firehol/cmdline/try-test.post.sh
+++ b/unittest/firehol/cmdline/try-test.post.sh
--- a/unittest/firehol/cmdline/try-test.pre.sh
+++ b/unittest/firehol/cmdline/try-test.pre.sh
--- a/unittest/firehol/cmdline/try-test.run.sh
+++ b/unittest/firehol/cmdline/try-test.run.sh
--- a/unittest/firehol/not-both/ipv4-disable-conf.aud4
+++ b/unittest/firehol/not-both/ipv4-disable-conf.aud4
--- a/unittest/firehol/not-both/ipv4-disable-conf.aud6
+++ b/unittest/firehol/not-both/ipv4-disable-conf.aud6
--- a/unittest/firehol/not-both/ipv4-disable-conf.conf
+++ b/unittest/firehol/not-both/ipv4-disable-conf.conf
--- a/unittest/firehol/not-both/ipv4-disable-defaults.aud4
+++ b/unittest/firehol/not-both/ipv4-disable-defaults.aud4
--- a/unittest/firehol/not-both/ipv4-disable-defaults.aud6
+++ b/unittest/firehol/not-both/ipv4-disable-defaults.aud6
--- a/unittest/firehol/not-both/ipv4-disable-defaults.conf
+++ b/unittest/firehol/not-both/ipv4-disable-defaults.conf
--- a/unittest/firehol/not-both/ipv4-disable-defaults.pre.sh
+++ b/unittest/firehol/not-both/ipv4-disable-defaults.pre.sh
--- a/unittest/firehol/not-both/ipv6-disable-conf.aud4
+++ b/unittest/firehol/not-both/ipv6-disable-conf.aud4
--- a/unittest/firehol/not-both/ipv6-disable-conf.aud6
+++ b/unittest/firehol/not-both/ipv6-disable-conf.aud6
--- a/unittest/firehol/not-both/ipv6-disable-conf.conf
+++ b/unittest/firehol/not-both/ipv6-disable-conf.conf
--- a/unittest/firehol/not-both/ipv6-disable-defaults.aud4
+++ b/unittest/firehol/not-both/ipv6-disable-defaults.aud4
--- a/unittest/firehol/not-both/ipv6-disable-defaults.aud6
+++ b/unittest/firehol/not-both/ipv6-disable-defaults.aud6
--- a/unittest/firehol/not-both/ipv6-disable-defaults.conf
+++ b/unittest/firehol/not-both/ipv6-disable-defaults.conf
--- a/unittest/firehol/not-both/ipv6-disable-defaults.pre.sh
+++ b/unittest/firehol/not-both/ipv6-disable-defaults.pre.sh
--- a/unittest/fireqos/basic/minimal-qos.class.aud
+++ b/unittest/fireqos/basic/minimal-qos.class.aud
--- a/unittest/fireqos/basic/minimal-qos.conf
+++ b/unittest/fireqos/basic/minimal-qos.conf
--- a/unittest/fireqos/basic/minimal-qos.filter.aud
+++ b/unittest/fireqos/basic/minimal-qos.filter.aud
--- a/unittest/fireqos/basic/minimal-qos.qdisc.aud
+++ b/unittest/fireqos/basic/minimal-qos.qdisc.aud
--- a/unittest/fireqos/cmdline/clear-all.class.aud
+++ b/unittest/fireqos/cmdline/clear-all.class.aud
--- a/unittest/fireqos/cmdline/clear-all.conf
+++ b/unittest/fireqos/cmdline/clear-all.conf
--- a/unittest/fireqos/cmdline/clear-all.filter.aud
+++ b/unittest/fireqos/cmdline/clear-all.filter.aud
--- a/unittest/fireqos/cmdline/clear-all.post.sh
+++ b/unittest/fireqos/cmdline/clear-all.post.sh
--- a/unittest/fireqos/cmdline/clear-all.pre.sh
+++ b/unittest/fireqos/cmdline/clear-all.pre.sh
--- a/unittest/fireqos/cmdline/clear-all.qdisc.aud
+++ b/unittest/fireqos/cmdline/clear-all.qdisc.aud
--- a/unittest/fireqos/cmdline/clear-all.run.sh
+++ b/unittest/fireqos/cmdline/clear-all.run.sh
--- a/unittest/fireqos/cmdline/no-args.class.aud
+++ b/unittest/fireqos/cmdline/no-args.class.aud
--- a/unittest/fireqos/cmdline/no-args.conf
+++ b/unittest/fireqos/cmdline/no-args.conf
--- a/unittest/fireqos/cmdline/no-args.filter.aud
+++ b/unittest/fireqos/cmdline/no-args.filter.aud
--- a/unittest/fireqos/cmdline/no-args.qdisc.aud
+++ b/unittest/fireqos/cmdline/no-args.qdisc.aud
--- a/unittest/fireqos/cmdline/no-args.run.sh
+++ b/unittest/fireqos/cmdline/no-args.run.sh
--- a/unittest/link-balancer/basics/simple.conf
+++ b/unittest/link-balancer/basics/simple.conf
--- a/unittest/link-balancer/basics/simple.pre.sh
+++ b/unittest/link-balancer/basics/simple.pre.sh
--- a/unittest/link-balancer/basics/simple.rules.aud
+++ b/unittest/link-balancer/basics/simple.rules.aud
--- a/unittest/link-balancer/basics/simple.table.aud
+++ b/unittest/link-balancer/basics/simple.table.aud
--- a/unittest/tools/clean-class
+++ b/unittest/tools/clean-class
--- a/unittest/tools/clean-iptables
+++ b/unittest/tools/clean-iptables
--- a/tests/tools/newns
+++ b/tests/tools/newns
--- a/unittest/unittest
+++ b/unittest/unittest
@ -12,7 +12,7 @@ then
    echo "Do not run as root. The unittest system uses user namespaces instead."
    exit 1
  fi
-  exec $dirname/../examples/newns.sh $0 "$@"
+  exec $dirname/tools/newns $0 "$@"
 fi

 haderror=""
@ -33,9 +33,9 @@ do
  done
 done

-if [ ! -x tools/clean-iptables ]
+if [ ! -x $dirname/tools/clean-iptables ]
 then
-  echo "Executable tools/clean-iptables script not found"
+  echo "Executable $dirname/tools/clean-iptables script not found"
  echo ""
  haderror="Y"
 fi
@ -65,7 +65,7 @@ fi
 if [ ! -r /proc/net/ip_tables_names ]
 then
  echo "Faking /proc/net/ip_tables_names"
-  $dirname/../examples/newns.sh --fake-proc || exit 1
+  $dirname/tools/newns --fake-proc || exit 1
 fi

 echo "Running in separate namespace"
@ -98,7 +98,7 @@ export TESTDIR
 export FIREHOL_OVERRIDE_PROGRAM_DIR=$MYTMP/prog
 mkdir -p "$FIREHOL_OVERRIDE_PROGRAM_DIR"
 sed -e "s#[@].*POST[@]#$MYTMP#" ../sbin/install.config.in > "$FIREHOL_OVERRIDE_PROGRAM_DIR/install.config"
-cp ../sbin/functions.* "$FIREHOL_OVERRIDE_PROGRAM_DIR"
+cp $dirname/../sbin/functions.* "$FIREHOL_OVERRIDE_PROGRAM_DIR"

 kcov=`which kcov 2> /dev/null`
 if [ "$kcov" ]
@ -227,20 +227,20 @@ do
  export audns=$(newext ns.aud $conf)

  case $conf in
-    firehol*)
+    *firehol/*/*.conf)
      clear_iptables
      program=firehol
    ;;
-    fireqos*)
+    *fireqos/*/*.conf)
      program=fireqos
    ;;
-    link-balancer*)
+    *link-balancer/*/*.conf)
      program=link-balancer
    ;;
-    vnetbuild*)
+    *vnetbuild/*/*.conf)
      program=vnetbuild
    ;;
-    update-ipsets*)
+    *update-ipsets/*/*.conf)
      program=update-ipsets
    ;;
    *)
@ -252,7 +252,7 @@ do
  then
    echo "Cannot determine program for $conf"
  else
-    script=../sbin/${program}
+    script=$dirname/../sbin/${program}
    export script
    total=$((total + 1))

@ -339,8 +339,8 @@ do
        firehol)
          iptables-save > "$out4".raw
          ip6tables-save > "$out6".raw
-          tools/clean-iptables "$out4".raw > "$out4"
-          tools/clean-iptables "$out6".raw > "$out6"
+          $dirname/tools/clean-iptables "$out4".raw > "$out4"
+          $dirname/tools/clean-iptables "$out6".raw > "$out6"
          if ! cmp "$aud4" "$out4"
          then
            errors=$((errors + 1))
@ -353,7 +353,7 @@ do
          tc qdisc show dev veth0 > "$outqdisc"
          tc class show dev veth0 > "$outclass".raw
          tc filter show dev veth0 > "$outfilter"
-          tools/clean-class "$outclass".raw > "$outclass"
+          $dirname/tools/clean-class "$outclass".raw > "$outclass"
          if ! cmp "$audqdisc" "$outqdisc"
          then
            errors=$((errors + 1))
--- a/unittest/update-audit
+++ b/unittest/update-audit
--- a/unittest/update-ipsets/basic/no-setup.conf
+++ b/unittest/update-ipsets/basic/no-setup.conf
--- a/unittest/update-ipsets/basic/no-setup.run.sh
+++ b/unittest/update-ipsets/basic/no-setup.run.sh
--- a/tests/vnetbuild/basic/no-setup.conf
+++ b/tests/vnetbuild/basic/no-setup.conf
--- a/tests/vnetbuild/basic/no-setup.ns.aud
+++ b/tests/vnetbuild/basic/no-setup.ns.aud
--- a/tests/vnetbuild/basic/no-setup.run.sh
+++ b/tests/vnetbuild/basic/no-setup.run.sh
@ -0,0 +1,10 @@
+#!/bin/sh
+
+$kcov $script
+status=$?
+if [ $status -eq 1 ]
+then
+  exit 0
+fi
+echo "Status: $status"
+exit 1
--- a/unittest/firehol/README
+++ b/unittest/firehol/README
@ -1 +0,0 @@
-FireHOL unit tests belong here
--- a/unittest/fireqos/README
+++ b/unittest/fireqos/README
@ -1 +0,0 @@
-FireQOS unit tests belong here
--- a/unittest/link-balancer/README
+++ b/unittest/link-balancer/README
@ -1 +0,0 @@
-link-balancer unit tests belong here
--- a/unittest/update-ipsets/README
+++ b/unittest/update-ipsets/README
@ -1 +0,0 @@
-update-ipsets unit tests belong here
--- a/unittest/vnetbuild/README
+++ b/unittest/vnetbuild/README
@ -1 +0,0 @@
-vnetbuild unit tests belong here