On Mon, Apr 17, 2023 at 08:29:24PM +0000, John Scott wrote: > Hi, > > As some of you might know if you've seen me around, I have had an obsession with DNS lately. I want to write high-quality self-contained autopkgtests that work offline and which leverage DNS records, especially less common ones. > > One way I was thinking about doing it was like this: > * Set the appropriate Restrictions in debian/tests/control (we may need several) > * Modify /etc/resolv.conf so that requests are resolved with a nameserver on the loopback interface > * Set up some kind of local nameserver that has the records I want to test (???) > * Run the program in question which uses DNS records and check that it's getting the appropriate records and using them correctly > > For example, if I wanted to test that DANE works with self-signed certificates with some program or library, I could create a _443._tcp.localhost TLSA record with the right information, spin up an HTTPS server, and check that the client program or library is able to do a download. > > My question mostly lies in the (???) part. How do I set up a DNS server that will resolve potentially bogus names of my choosing? I know this is the debian-ci list, but thought maybe you folks would know about how to test DNS software. You test can do whatever you want it to do, including installing a DNS server and mucking with it. You just need to declare the proper restrictions, in this case if you are installing a DNS server you should use at least needs-root and breaks-testbed.
Attachment:
signature.asc
Description: PGP signature