$RANDFILE, i.e. bin/tests/system/random.data, should only be written to
if a system test requires support for cryptography and that file does
not already exist. Otherwise, when multiple system tests are run in
parallel, that file might get truncated due to bin/tools/genrandom.c
using fopen() with mode "w" when writing the destination file. With
unfortunate timing, this may cause system tests employing BIND tools
which need entropy (e.g. dnssec-keygen) to fail.
Make sure bin/tests/system/metadata/tests.sh no longer calls
bin/tools/genrandom since $RANDFILE is guaranteed to already be created
by the time bin/tools/genrandom is currently called because
bin/tests/system/metadata/prereq.sh uses bin/tests/system/testcrypto.sh.
Make sure bin/tests/system/sfcache/prereq.sh only writes to $RANDFILE if
it does not already exist.
(cherry picked from commit c12388f5e8)
Copyright (C) Internet Systems Consortium, Inc. ("ISC")
See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
The test setup for the SERVFAIL ncache tests has a secure root.
ns1 is the root server.
ns2 is an authoritative server for the various test domains.
ns5 is a caching-only server, configured with the an incorrect trusted
key for the root. It is used for testing failure cases.