Skip to content

Commit

Permalink
test_session_record_pipe_io_stdin: remove sshpass
Browse files Browse the repository at this point in the history
Removing reliance on sshpass by adding code in setup to generate an
ssh key and use it in the test code.
  • Loading branch information
spoore1 committed Jul 11, 2024
1 parent 661833d commit 6b09366
Show file tree
Hide file tree
Showing 3 changed files with 57 additions and 6 deletions.
33 changes: 28 additions & 5 deletions lib/tlitest/test_tlog_rec_session.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
import time
import inspect
from tempfile import mkdtemp
from subprocess import Popen, PIPE, STDOUT
from subprocess import Popen, PIPE, STDOUT, run
import pytest

from misc import check_recording, mklogfile, mkcfgfile, \
Expand All @@ -22,6 +22,25 @@ def utempter_enabled():
return 'libutempter.so' in stdout_data


@pytest.fixture
def gen_ssh_key(request):
def _del_ssh_key(user):
# Remove ssh key to ensure no tests affected later
run(f'sed -i "/stdin_test/d" ~{user}/.ssh/authorized_keys', shell=True)
run(f'rm -rf ~/.ssh/id_rsa_{user}*', shell=True)

def _gen_ssh_key(user):
# Generate SSH Key for test
run(f'rm -rf ~/.ssh/id_rsa_{user}*', shell=True)
run(f'ssh-keygen -t rsa -b 2048 -N "" -C stdin_test -f ~/.ssh/id_rsa_{user}', shell=True)
run(f"mkdir -p ~{user}/.ssh", shell=True)
run(f"cat ~/.ssh/id_rsa_{user}.pub >> ~{user}/.ssh/authorized_keys", shell=True)
run(f"chown -R {user}:{user} ~{user}/.ssh", shell=True)
request.addfinalizer(lambda: _del_ssh_key(user))

return _gen_ssh_key


class TestTlogRecSession:
""" Test tlog-rec-session functionality """
user = 'tlitestlocaluser2'
Expand Down Expand Up @@ -217,10 +236,14 @@ def test_session_record_pipe_io_stdin(self):
"""
text_in_stdio = 'print("hello world")\n'
text_out = "hello world"
p = Popen(['sshpass', '-p', 'Secret123', 'ssh', '-o',
'StrictHostKeyChecking=no',
'tlitestlocaluser2@localhost', 'python3'],
stdout=PIPE, stdin=PIPE, stderr=PIPE, encoding='utf8')

sessionclass = TlogRecSessionConfig(writer="syslog")
sessionclass.generate_config(SYSTEM_TLOG_REC_SESSION_CONF)

p = Popen(['ssh', '-i', f'~/.ssh/id_rsa_{self.user}',
'-o', 'StrictHostKeyChecking=no',
f'{self.user}@localhost', 'python3'],
stdout=PIPE, stdin=PIPE, stderr=PIPE, encoding='utf8')
stdout_data = p.communicate(input=text_in_stdio)[0]
assert text_out in stdout_data

Expand Down
19 changes: 18 additions & 1 deletion src/tlitest/tlitest-setup
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ python3-pytest
python3-pexpect
python3-systemd
tcsh
sshpass
"

[[ -z "${CONTAINER_ENV}" ]] && PKGS+="tlog"
Expand Down Expand Up @@ -61,3 +60,21 @@ echo "%wheel ALL=(ALL) NOPASSWD: ALL" > \
usermod tlitestlocaladmin1 -aG wheel,systemd-journal
usermod tlitestlocaluser1 -aG systemd-journal
usermod tlitestlocaluser2 -s /usr/bin/tlog-rec-session

# some environments disable password authentication
# tlog tests need this to run currently
echo "Adding sshd config to enable password authentication"
cat > /etc/ssh/sshd_config.d/00-tlog-override.conf <<EOF
PasswordAuthentication yes
EOF
chmod 600 /etc/ssh/sshd_config.d/00-tlog-override.conf
systemctl restart sshd

# Generate ssh key for testing
user="tlitestlocaluser2"
rm -rf ~/.ssh/id_rsa_${user}*
ssh-keygen -t rsa -b 2048 -N "" -C stdin_test -f ~/.ssh/id_rsa_${user}
user_dir=$(eval echo "~${user}")
mkdir -p ${user_dir}/.ssh
cat ~/.ssh/id_rsa_${user}.pub >> ${user_dir}/.ssh/authorized_keys
chown -R ${user}:${user} ${user_dir}/.ssh
11 changes: 11 additions & 0 deletions src/tlitest/tlitest-teardown
Original file line number Diff line number Diff line change
Expand Up @@ -48,3 +48,14 @@ if [ -f /etc/sudoers.d/01_wheel_nopass_tlitest ]; then
echo "Found test sudoers file...removing"
rm /etc/sudoers.d/01_wheel_nopass_tlitest
fi

if [ -f /etc/ssh/sshd_config.d/00-tlog-override.conf ]; then
echo "Found sshd config override for password authentication...removing"
rm /etc/ssh/sshd_config.d/00-tlog-override.conf
systemctl restart sshd
fi

user="tlitestlocaluser2"
if [ -f ~/.ssh/id_rsa_${user} ]; then
rm -rf ~/.ssh/id_rsa_${user}*
fi

0 comments on commit 6b09366

Please sign in to comment.