From: Lennart Poettering Date: Wed, 10 Jan 2024 10:28:23 +0000 (+0100) Subject: test: add testcase for ssh generator X-Git-Tag: v256-rc1~1185^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=52d863defcd05d0b676ce743b9eaf1060131f9a1;p=thirdparty%2Fsystemd.git test: add testcase for ssh generator --- diff --git a/test/TEST-74-AUX-UTILS/test.sh b/test/TEST-74-AUX-UTILS/test.sh index 2d17630d29e..d870d57dccf 100755 --- a/test/TEST-74-AUX-UTILS/test.sh +++ b/test/TEST-74-AUX-UTILS/test.sh @@ -11,6 +11,10 @@ NSPAWN_ARGUMENTS="--private-network" # (Hopefully) a temporary workaround for https://github.com/systemd/systemd/issues/30573 KERNEL_APPEND="${KERNEL_APPEND:-} SYSTEMD_DEFAULT_MOUNT_RATE_LIMIT_BURST=100" +# Make sure vsock is available in the VM +CID=$((RANDOM + 3)) +QEMU_OPTIONS+=" -device vhost-vsock-pci,guest-cid=$CID" + test_append_files() { local workspace="${1:?}" @@ -26,7 +30,15 @@ test_append_files() { generate_module_dependencies fi - image_install socat + inst_binary socat + inst_binary ssh + inst_binary sshd + inst_binary ssh-keygen + inst_binary usermod + instmods vmw_vsock_virtio_transport + instmods vsock_loopback + instmods vmw_vsock_vmci_transport + generate_module_dependencies } do_test "$@" diff --git a/test/units/testsuite-74.ssh.sh b/test/units/testsuite-74.ssh.sh new file mode 100755 index 00000000000..bf87a9bd3a6 --- /dev/null +++ b/test/units/testsuite-74.ssh.sh @@ -0,0 +1,58 @@ +#!/usr/bin/env bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -eux +set -o pipefail + +if ! command -v ssh &> /dev/null || ! command -v sshd &> /dev/null ; then + echo "ssh/sshd not found, skipping test." >&2 + exit 0 +fi + +systemctl -q is-active sshd-unix-local.socket + +if test -e /dev/vsock ; then + systemctl -q is-active sshd-vsock.socket +fi + +if test -d /run/host/unix-export ; then + systemctl -q is-active sshd-unix-export.socket +fi + +# FIXME: sshd seems to crash inside asan currently, skip the actual ssh test hence +if [[ -v ASAN_OPTIONS ]] ; then + exit 0 +fi + +ROOTID=$(mktemp -u) + +removesshid() { + rm -f "$ROOTID" "$ROOTID".pub +} + +ssh-keygen -N '' -C '' -t rsa -f "$ROOTID" + +mkdir -p 0700 /root/.ssh +cat "$ROOTID".pub >> /root/.ssh/authorized_keys + +# set root pw to "foo", just to set it to something valid +# shellcheck disable=SC2016 +usermod -p '$5$AAy6BYJ6rzz.QELv$6LpVEU3/RQmVz.svHu/33qoJWWWzZuJ3DM2fo9JgcUD' root +usermod -U root + +mkdir -p /etc/ssh +test -f /etc/ssh/ssh_host_rsa_key || ssh-keygen -t rsa -C '' -N '' -f /etc/ssh/ssh_host_rsa_key +echo "PermitRootLogin yes" >> /etc/ssh/sshd_config +echo "LogLevel DEBUG3" >> /etc/ssh/sshd_config + +test -f /etc/ssh/ssh_config || echo 'Include /etc/ssh/ssh_config.d/*.conf' > /etc/ssh/ssh_config + +# ssh wants this dir around, but distros cannot agree on a common name for it, let's just create all that are aware of distros use +mkdir -p /usr/share/empty.sshd /var/empty /var/empty/sshd + +ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" .host cat /etc/machine-id | cmp - /etc/machine-id +ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" unix/run/ssh-unix-local/socket cat /etc/machine-id | cmp - /etc/machine-id + +modprobe vsock_loopback ||: +if test -e /dev/vsock -a -d /sys/module/vsock_loopback ; then + ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" vsock/1 cat /etc/machine-id | cmp - /etc/machine-id +fi