84 lines
2.8 KiB
Python
84 lines
2.8 KiB
Python
import pytest
|
|
|
|
|
|
ZYPPER_IN_CMD = "zypper -n in openssh sudo && /usr/sbin/sshd-gen-keys-start"
|
|
|
|
|
|
@pytest.mark.parametrize(
|
|
"container_per_test,install_cmd",
|
|
(
|
|
("Tumbleweed", ZYPPER_IN_CMD),
|
|
("Leap-15.2", ZYPPER_IN_CMD),
|
|
("Leap-15.3", ZYPPER_IN_CMD),
|
|
("centos:stream8", "yum -y install openssh-server sudo && /usr/libexec/openssh/sshd-keygen ed25519")
|
|
),
|
|
indirect=["container_per_test"],
|
|
)
|
|
def test_configures_system_for_vagrant(container_per_test, install_cmd):
|
|
# unfortunately we have to do a bit of setup for vagrant
|
|
container_per_test.run_expect([0], install_cmd)
|
|
container_per_test.run_expect(
|
|
[0], "groupadd vagrant && useradd -g vagrant vagrant"
|
|
)
|
|
|
|
container_per_test.run_expect(
|
|
[0],
|
|
r"""cat <<EOF > /usr/bin/systemctl
|
|
#!/bin/bash
|
|
printf "%s " "\$@" >> /systemctl_params
|
|
echo >> /systemctl_params
|
|
EOF
|
|
chmod +x /usr/bin/systemctl
|
|
""",
|
|
)
|
|
|
|
container_per_test.run_expect(
|
|
[0], ". /bin/functions.sh && baseVagrantSetup"
|
|
)
|
|
|
|
# check vagrant user's ssh config
|
|
dot_ssh = container_per_test.file("/home/vagrant/.ssh")
|
|
assert dot_ssh.is_directory
|
|
assert dot_ssh.group == "vagrant"
|
|
assert dot_ssh.user == "vagrant"
|
|
assert dot_ssh.mode == 0o700
|
|
|
|
authorized_keys = container_per_test.file(
|
|
"/home/vagrant/.ssh/authorized_keys"
|
|
)
|
|
assert authorized_keys.is_file
|
|
assert authorized_keys.group == "vagrant"
|
|
assert authorized_keys.user == "vagrant"
|
|
assert authorized_keys.mode == 0o600
|
|
assert "vagrant insecure public key" in authorized_keys.content_string
|
|
|
|
# check the sshd config
|
|
sshd_config = container_per_test.run_expect([0], "sshd -T")
|
|
assert "UseDNS no".lower() in sshd_config.stdout
|
|
assert "GSSAPIAuthentication no".lower() in sshd_config.stdout
|
|
|
|
# check that the shared /vagrant folder is present and has the correct permissions
|
|
vagrant_shared_dir = container_per_test.file("/vagrant")
|
|
assert vagrant_shared_dir.is_directory
|
|
assert vagrant_shared_dir.group == "vagrant"
|
|
assert vagrant_shared_dir.user == "vagrant"
|
|
|
|
vagrant_sudoers = container_per_test.file("/etc/sudoers.d/vagrant")
|
|
if vagrant_sudoers.exists and vagrant_sudoers.is_file:
|
|
assert (
|
|
vagrant_sudoers.content_string.strip() == "vagrant ALL=(ALL) NOPASSWD: ALL"
|
|
)
|
|
assert vagrant_sudoers.mode == 0o440
|
|
assert vagrant_sudoers.user == "root"
|
|
assert vagrant_sudoers.group == "root"
|
|
else:
|
|
sudoers = container_per_test.file("/etc/sudoers")
|
|
assert sudoers.exists and sudoers.is_file
|
|
assert "vagrant ALL=(ALL) NOPASSWD: ALL" in sudoers.content_string
|
|
|
|
# check that systemctl was called enabling sshd
|
|
assert (
|
|
"enable sshd"
|
|
in container_per_test.file("/systemctl_params").content_string
|
|
)
|