I got permission to release the changes I've made at work to the run_image_tests.py disk image test framework that Nigel Kersten originally wrote (thanks Chris, for pushing them into svn for me) along with a bunch of example tests you can use. These are all the tests I use at work every time I make a new master disk image that are generic enough the be useful to others.
I don't bother to manually test any images that don't pass all of the unit tests first.
You can find them at the pymacadmin project site at Google Code.
All the unit tests descend from macdmgtest.DMGUnitTest. DMGUnitTest provides some handy utility functions that convert paths relative to / to the path relative to the mounted dmg you're testing.
dmgtestutilities.py provides some more convenience functions - there are functions to lint plists and load plists using Foundation so plistlib doesn't crap out when you try to load a binary plist.
Example tests:
applications_dir_test.py:
Ensures all applications in /Applications and /Applications/Utilities have sane ownership/permissions.
blacklist_test.py:
Confirms the absence of files in your blacklist. I mainly use this to confirm that various settings files that would contain information specific to the hardware model I ran InstaDMG on don't end up on my master images.
empty_directory_test.py:
Confirms that directories that you want to be empty on the generated image, actually are.
network_plist_test.py:
Confirms the absence of various network preference files. This prevents a problem we ran into when booting MacBook Airs from an image created on a machine that has built-in ethernet.
ouradmin_test.py:
Ensures that there's a local admin user on the image named ouradmin, and that it's a member of the admin, _lpadmin and _appserveradm groups. Also lints the appropriate plist files in /var/db/dslocal/nodes/Default to detect if your user creation package corrupted them.
skipsetup_test.py:
Makes sure the appropriate files have been touched on the image to prevent a newly imaged machine from playing the annoying welcome movie.
software_update_test.py:
If you're using a local software update server in your environment, you can use this to make sure the dmg has the correct settings to use it instead of the standard Apple servers.
zz_plint_test.py:
Lints every plist on the dmg and displays a list of any files that failed their lint check.
zz_suidguid_test.py:
Finds every suid/setguid file on the dmg and reports any that aren't in your whitelist. Handy for detecting crappy installers.
zz_world_writable_test.py:
Finds every file or directory that is world writable and reports any that aren't in your whitelist. Also useful for detecting poorly written installers.
I've also included the whitelists and blacklists I'm using for these tests for you to use as a base to customize your own, though I'd appreciate it if you'd email any additions you think are useful.