From 6b09366277ef945fa141ecce6244b2daf5a003d4 Mon Sep 17 00:00:00 2001 From: Scott Poore Date: Mon, 8 Jul 2024 10:31:37 -0500 Subject: [PATCH] test_session_record_pipe_io_stdin: remove sshpass Removing reliance on sshpass by adding code in setup to generate an ssh key and use it in the test code. --- lib/tlitest/test_tlog_rec_session.py | 33 +++++++++++++++++++++++----- src/tlitest/tlitest-setup | 19 +++++++++++++++- src/tlitest/tlitest-teardown | 11 ++++++++++ 3 files changed, 57 insertions(+), 6 deletions(-) diff --git a/lib/tlitest/test_tlog_rec_session.py b/lib/tlitest/test_tlog_rec_session.py index eba34d83..75c7492b 100644 --- a/lib/tlitest/test_tlog_rec_session.py +++ b/lib/tlitest/test_tlog_rec_session.py @@ -4,7 +4,7 @@ import time import inspect from tempfile import mkdtemp -from subprocess import Popen, PIPE, STDOUT +from subprocess import Popen, PIPE, STDOUT, run import pytest from misc import check_recording, mklogfile, mkcfgfile, \ @@ -22,6 +22,25 @@ def utempter_enabled(): return 'libutempter.so' in stdout_data +@pytest.fixture +def gen_ssh_key(request): + def _del_ssh_key(user): + # Remove ssh key to ensure no tests affected later + run(f'sed -i "/stdin_test/d" ~{user}/.ssh/authorized_keys', shell=True) + run(f'rm -rf ~/.ssh/id_rsa_{user}*', shell=True) + + def _gen_ssh_key(user): + # Generate SSH Key for test + run(f'rm -rf ~/.ssh/id_rsa_{user}*', shell=True) + run(f'ssh-keygen -t rsa -b 2048 -N "" -C stdin_test -f ~/.ssh/id_rsa_{user}', shell=True) + run(f"mkdir -p ~{user}/.ssh", shell=True) + run(f"cat ~/.ssh/id_rsa_{user}.pub >> ~{user}/.ssh/authorized_keys", shell=True) + run(f"chown -R {user}:{user} ~{user}/.ssh", shell=True) + request.addfinalizer(lambda: _del_ssh_key(user)) + + return _gen_ssh_key + + class TestTlogRecSession: """ Test tlog-rec-session functionality """ user = 'tlitestlocaluser2' @@ -217,10 +236,14 @@ def test_session_record_pipe_io_stdin(self): """ text_in_stdio = 'print("hello world")\n' text_out = "hello world" - p = Popen(['sshpass', '-p', 'Secret123', 'ssh', '-o', - 'StrictHostKeyChecking=no', - 'tlitestlocaluser2@localhost', 'python3'], - stdout=PIPE, stdin=PIPE, stderr=PIPE, encoding='utf8') + + sessionclass = TlogRecSessionConfig(writer="syslog") + sessionclass.generate_config(SYSTEM_TLOG_REC_SESSION_CONF) + + p = Popen(['ssh', '-i', f'~/.ssh/id_rsa_{self.user}', + '-o', 'StrictHostKeyChecking=no', + f'{self.user}@localhost', 'python3'], + stdout=PIPE, stdin=PIPE, stderr=PIPE, encoding='utf8') stdout_data = p.communicate(input=text_in_stdio)[0] assert text_out in stdout_data diff --git a/src/tlitest/tlitest-setup b/src/tlitest/tlitest-setup index 3749b952..168feb52 100755 --- a/src/tlitest/tlitest-setup +++ b/src/tlitest/tlitest-setup @@ -8,7 +8,6 @@ python3-pytest python3-pexpect python3-systemd tcsh -sshpass " [[ -z "${CONTAINER_ENV}" ]] && PKGS+="tlog" @@ -61,3 +60,21 @@ echo "%wheel ALL=(ALL) NOPASSWD: ALL" > \ usermod tlitestlocaladmin1 -aG wheel,systemd-journal usermod tlitestlocaluser1 -aG systemd-journal usermod tlitestlocaluser2 -s /usr/bin/tlog-rec-session + +# some environments disable password authentication +# tlog tests need this to run currently +echo "Adding sshd config to enable password authentication" +cat > /etc/ssh/sshd_config.d/00-tlog-override.conf <> ${user_dir}/.ssh/authorized_keys +chown -R ${user}:${user} ${user_dir}/.ssh diff --git a/src/tlitest/tlitest-teardown b/src/tlitest/tlitest-teardown index aa0fa8a7..26dc526e 100755 --- a/src/tlitest/tlitest-teardown +++ b/src/tlitest/tlitest-teardown @@ -48,3 +48,14 @@ if [ -f /etc/sudoers.d/01_wheel_nopass_tlitest ]; then echo "Found test sudoers file...removing" rm /etc/sudoers.d/01_wheel_nopass_tlitest fi + +if [ -f /etc/ssh/sshd_config.d/00-tlog-override.conf ]; then + echo "Found sshd config override for password authentication...removing" + rm /etc/ssh/sshd_config.d/00-tlog-override.conf + systemctl restart sshd +fi + +user="tlitestlocaluser2" +if [ -f ~/.ssh/id_rsa_${user} ]; then + rm -rf ~/.ssh/id_rsa_${user}* +fi