diff --git a/tests/non-root-user-download/Makefile b/tests/non-root-user-download/Makefile new file mode 100644 index 0000000..9746b63 --- /dev/null +++ b/tests/non-root-user-download/Makefile @@ -0,0 +1,63 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/curl/Sanity/non-root-user-download +# Description: various download methods with non-root user +# Author: Karel Srot +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/curl/Sanity/non-root-user-download +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + test -x runtest.sh || chmod a+x runtest.sh + +clean: + rm -f *~ $(BUILT_FILES) + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Karel Srot " > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: various download methods with non-root user" >> $(METADATA) + @echo "Type: Sanity" >> $(METADATA) + @echo "TestTime: 5m" >> $(METADATA) + @echo "RunFor: curl" >> $(METADATA) + @echo "Requires: curl" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/non-root-user-download/PURPOSE b/tests/non-root-user-download/PURPOSE new file mode 100644 index 0000000..048ed68 --- /dev/null +++ b/tests/non-root-user-download/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/curl/Sanity/non-root-user-download +Description: various download methods with non-root user +Author: Karel Srot diff --git a/tests/non-root-user-download/runtest.sh b/tests/non-root-user-download/runtest.sh new file mode 100644 index 0000000..1b5f8f1 --- /dev/null +++ b/tests/non-root-user-download/runtest.sh @@ -0,0 +1,92 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/curl/Sanity/non-root-user-download +# Description: various download methods with non-root user +# Author: Karel Srot +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include Beaker environment +. /usr/bin/rhts-environment.sh || exit 1 +. /usr/share/beakerlib/beakerlib.sh || exit 1 + +PACKAGE="curl" + +FTP_URL=ftp://ftp.scientificlinux.org/linux/fedora/releases/18/Live/x86_64/Fedora-18-x86_64-Live-CHECKSUM +HTTP_URL=https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/18/Live/x86_64/Fedora-18-x86_64-Live-CHECKSUM +CONTENT=a276e06d244e04b765f0a35532d9036ad84f340b0bdcc32e0233a8fbc31d5bed +PASSWORD=pAssw0rd +OPTIONS="" +rlIsRHEL 7 && OPTIONS="--insecure" + +rlJournalStart + rlPhaseStartSetup + rlAssertRpm $PACKAGE + rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlRun "useradd -m curltester" 0 "Adding the test user" + rlRun "echo $PASSWORD | passwd --stdin curltester" 0 "Setting the password for the test user" + rlRun "su - curltester -c 'echo $CONTENT > ~/testfile'" 0 "Creating ~curltester/testfile" + [ -d $HOME/.ssh ] || ( mkdir $HOME/.ssh && restorecon HOME/.ssh ) + rlFileBackup $HOME/.ssh/known_hosts /etc/hosts + ssh-keygen -F localhost -f $HOME/.ssh/known_hosts || rlRun "ssh-keyscan localhost >> $HOME/.ssh/known_hosts" + rlPhaseEnd + + rlPhaseStartTest "http download" + rlRun "su - curltester -c 'curl $HTTP_URL' &> http.log" + cat http.log + rlAssertGrep "$CONTENT" http.log + rlPhaseEnd + + rlPhaseStartTest "ftp download" + rlRun "su - curltester -c 'curl $FTP_URL' &> ftp.log" + cat ftp.log + rlAssertGrep "$CONTENT" ftp.log + rlPhaseEnd + +if ! rlIsRHEL 5; then +# scp sftp not supported on RHEL5 + + rlPhaseStartTest "scp download" + rlRun "curl -u curltester:$PASSWORD $OPTIONS scp://localhost/home/curltester/testfile &> scp.log" + cat scp.log + rlAssertGrep "$CONTENT" scp.log + rlPhaseEnd + + rlPhaseStartTest "sftp download" + rlRun "curl -u curltester:$PASSWORD $OPTIONS sftp://localhost/home/curltester/testfile &> sftp.log" + cat sftp.log + rlAssertGrep "$CONTENT" sftp.log + rlPhaseEnd + +fi + + rlPhaseStartCleanup + rlRun "rm -f $HOME/.ssh/known_hosts" + rlFileRestore + rlRun "popd" + rlRun "rm -r $TmpDir" 0 "Removing tmp directory" + rlRun "userdel -r --force curltester" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd diff --git a/tests/non-root-user-download/runtest.yml b/tests/non-root-user-download/runtest.yml new file mode 100644 index 0000000..c03e729 --- /dev/null +++ b/tests/non-root-user-download/runtest.yml @@ -0,0 +1,64 @@ +- hosts: '{{ hosts | default("localhost") }}' + vars: + package: "curl" + tasks: + - name: "Set Content variables" + set_fact: + content: "a276e06d244e04b765f0a35532d9036ad84f340b0bdcc32e0233a8fbc31d5bed" + password: "pAssw0rd" + crypt_password: "$6$/5GE87XLYLLfB3qx$w84Kct34UZG/4buTSXWkaaVIsw2xGXSAdmnS2QYdG8TtRgTsBnHdFdSkhoy.tKIE6A6LKlxczIZjQbpB19k7B1" + - name: "Create user curltester" + user: + name: "curltester" + password: "{{ crypt_password }}" + - name: "Copy testfile" + copy: + dest: "/home/curltester/testfile" + content: "{{ content }}" + - block: + - name: "http download" + command: "curl https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/18/Live/x86_64/Fedora-18-x86_64-Live-CHECKSUM" + args: + warn: false + register: http + become: yes + become_user: curltester + - name: "Compare http output" + fail: + msg: "{{ content }} not in {{ http.stdout }}" + when: content not in http.stdout + - name: "ftp download" + command: "curl ftp://ftp.scientificlinux.org/linux/fedora/releases/18/Live/x86_64/Fedora-18-x86_64-Live-CHECKSUM" + args: + warn: false + register: ftp + become: yes + become_user: curltester + - name: "Compare ftp output" + fail: + msg: "{{ content }} not in {{ ftp.stdout }}" + when: content not in ftp.stdout + - name: "scp download" + command: "curl -u curltester:{{ password }} --insecure scp://localhost/home/curltester/testfile" + args: + warn: false + register: scp + - name: "Compare scp output" + fail: + msg: "{{ content }} not in {{ scp.stdout }}" + when: content not in scp.stdout + - name: "sftp download" + command: "curl -u curltester:{{ password }} --insecure sftp://localhost/home/curltester/testfile" + args: + warn: false + register: sftp + - name: "Compare sftp output" + fail: + msg: "{{ content }} not in {{ sftp.stdout }}" + when: content not in sftp.stdout + always: + - name: "Remove user curltester" + user: + name: "curltester" + remove: yes + state: absent diff --git a/tests/scp-and-sftp-download-test/Makefile b/tests/scp-and-sftp-download-test/Makefile new file mode 100644 index 0000000..b4d1c52 --- /dev/null +++ b/tests/scp-and-sftp-download-test/Makefile @@ -0,0 +1,63 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/curl/Sanity/scp-and-sftp-download-test +# Description: downloads test file through scp and sftp +# Author: Karel Srot +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2012 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/curl/Sanity/scp-and-sftp-download-test +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + test -x runtest.sh || chmod a+x runtest.sh + +clean: + rm -f *~ $(BUILT_FILES) + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Karel Srot " > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: downloads test file through scp and sftp" >> $(METADATA) + @echo "Type: Sanity" >> $(METADATA) + @echo "TestTime: 10m" >> $(METADATA) + @echo "RunFor: curl" >> $(METADATA) + @echo "Requires: curl openssh" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/scp-and-sftp-download-test/PURPOSE b/tests/scp-and-sftp-download-test/PURPOSE new file mode 100644 index 0000000..03adc4c --- /dev/null +++ b/tests/scp-and-sftp-download-test/PURPOSE @@ -0,0 +1,12 @@ +PURPOSE of /CoreOS/curl/Sanity/scp-and-sftp-download-test +Description: downloads test file through scp and sftp +Author: Karel Srot + +Test scenario: +- scp download +- sftp download +- scp upload +- sftp upload + +When PUBKEY_PARAM global variable is set to 'empty' or 'none', scenarios are executed +with empty --pubkey parameter (--pubkey "") or with the paramiter omitted diff --git a/tests/scp-and-sftp-download-test/runtest.sh b/tests/scp-and-sftp-download-test/runtest.sh new file mode 100644 index 0000000..6e5d748 --- /dev/null +++ b/tests/scp-and-sftp-download-test/runtest.sh @@ -0,0 +1,130 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/curl/Sanity/scp-and-sftp-download-test +# Description: downloads test file through scp and sftp +# Author: Karel Srot +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2012 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include Beaker environment +. /usr/bin/rhts-environment.sh +. /usr/lib/beakerlib/beakerlib.sh + +PACKAGE="curl" + +# GLOBAL/ENVIRONMENT VARIABLE: +# PUBKEY_PARAM + +if [ "$PUBKEY_PARAM" == 'none' ]; then + PUBKEY_PARAM="" +elif [ "$PUBKEY_PARAM" == 'empty' ]; then + PUBKEY_PARAM="--pubkey ''" +else + PUBKEY_PARAM='--pubkey /root/.ssh/id_rsa.pub' +fi + +FILESIZE=200 #MB +OPTIONS="" +rlIsRHEL 7 && OPTIONS="--insecure" + +rlJournalStart + rlPhaseStartSetup + rlAssertRpm $PACKAGE + rlFileBackup --clean /root/.ssh/known_hosts /root/.ssh + rlFileBackup --clean /etc/ssh/sshd_config + rlRun "useradd -m curltestuser" + + # In FIPS-140 we need to explicitly allow one of libssh2-implemented + # Kex algorithms (eg. DH14-SHA1). + rlRun "echo 'KexAlgorithms +diffie-hellman-group14-sha1' >> /etc/ssh/sshd_config" 0 + rlServiceStop "sshd" + rlRun "service sshd start && sleep 5" 0 + + # file for download test + rlRun "su - curltestuser -c 'dd if=/dev/zero of=testfile bs=1M count=200'" 0 "Creating $FILESIZE MB large test file" + SUM=`sha256sum /home/curltestuser/testfile | cut -d ' ' -f 1` + rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlRun "rm -vf /root/.ssh/*" + rlRun "ssh-keygen -t rsa -f /root/.ssh/id_rsa -N ''" 0 "Generate ssh key" + rlRun "mkdir /home/curltestuser/.ssh && cat /root/.ssh/id_rsa.pub > /home/curltestuser/.ssh/authorized_keys && chown -R curltestuser.curltestuser /home/curltestuser/.ssh/" 0 "Save the key to .ssh/authorized_keys" + + # this is a workaround as libssh2 is not able to use newer hashes + #rlRun "ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/root/.ssh/known_hosts curltestuser@localhost 'exit'" 0 "First ssh login to add localhost to known_hosts" + rlRun "ssh-keyscan localhost >>/root/.ssh/known_hosts" + + # files for upload test + rlRun "dd if=/dev/zero of=uploadfile1 bs=1M count=50" 0 "Creating 50 MB large test file" + UPSUM1=`sha256sum uploadfile1 | cut -d ' ' -f 1` + rlRun "dd if=/dev/zero of=uploadfile2 bs=1M count=20" 0 "Creating 20 MB large test file" + UPSUM2=`sha256sum uploadfile2 | cut -d ' ' -f 1` + rlPhaseEnd + + rlPhaseStartTest "scp download test" + rlRun "curl -o ./scp_file -u curltestuser: --key /root/.ssh/id_rsa $PUBKEY_PARAM $OPTIONS scp://localhost/home/curltestuser/testfile" 0 "Initiate curl scp download" + rlAssertExists scp_file + SCPSUM=`sha256sum ./scp_file | cut -d ' ' -f 1` + rlAssertEquals "Checking that whole file was properly downloaded" $SUM $SCPSUM + rm -f ./scp_file + rlPhaseEnd + + rlPhaseStartTest "sftp download test" + rlRun "curl -o ./sftp_file -u curltestuser: --key /root/.ssh/id_rsa $PUBKEY_PARAM $OPTIONS sftp://localhost/home/curltestuser/testfile" 0 "Initiate curl scp download" + rlAssertExists sftp_file + SFTPSUM=`sha256sum ./sftp_file | cut -d ' ' -f 1` + rlAssertEquals "Checking that whole file was properly downloaded" $SUM $SFTPSUM + rm -f ./sftp_file + rlPhaseEnd + + rlPhaseStartTest "scp upload test" + rlRun "curl -T '{uploadfile1,uploadfile2}' scp://localhost/home/curltestuser/ -u curltestuser: --key /root/.ssh/id_rsa $PUBKEY_PARAM $OPTIONS" 0 "Initiate curl scp upload" + rlAssertExists /home/curltestuser/uploadfile1 + rlAssertExists /home/curltestuser/uploadfile2 + SCPUPSUM1=`sha256sum /home/curltestuser/uploadfile1 | cut -d ' ' -f 1` + SCPUPSUM2=`sha256sum /home/curltestuser/uploadfile2 | cut -d ' ' -f 1` + rlAssertEquals "Checking that 1st file was properly uploaded" ${UPSUM1} ${SCPUPSUM1} + rlAssertEquals "Checking that 2nd file was properly uploaded" ${UPSUM2} ${SCPUPSUM2} + rm -f /home/curltestuser/uploadfile1 /home/curltestuser/uploadfile2 + rlPhaseEnd + + rlPhaseStartTest "sftp upload test" + rlRun "curl -T '{uploadfile1,uploadfile2}' sftp://localhost/home/curltestuser/ -u curltestuser: --key /root/.ssh/id_rsa $PUBKEY_PARAM $OPTIONS" 0 "Initiate curl sftp upload" + rlAssertExists /home/curltestuser/uploadfile1 + rlAssertExists /home/curltestuser/uploadfile2 + SFTPUPSUM1=`sha256sum /home/curltestuser/uploadfile1 | cut -d ' ' -f 1` + SFTPUPSUM2=`sha256sum /home/curltestuser/uploadfile2 | cut -d ' ' -f 1` + rlAssertEquals "Checking that 1st file was properly uploaded" ${UPSUM1} ${SFTPUPSUM1} + rlAssertEquals "Checking that 2nd file was properly uploaded" ${UPSUM2} ${SFTPUPSUM2} + rm -f /home/curltestuser/uploadfile1 /home/curltestuser/uploadfile2 + rlPhaseEnd + + + rlPhaseStartCleanup + rlRun "userdel -r --force curltestuser" + rlRun "popd" + rlRun "rm -r $TmpDir" 0 "Removing tmp directory" + rlFileRestore + rlServiceRestore "sshd" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd diff --git a/tests/tests.yml b/tests/tests.yml new file mode 100644 index 0000000..819d636 --- /dev/null +++ b/tests/tests.yml @@ -0,0 +1,26 @@ +--- +# Tests for Classic +- hosts: localhost + roles: + - role: standard-test-beakerlib + tags: + - classic + tests: + - scp-and-sftp-download-test + - non-root-user-download + required_packages: + - findutils # non-root-user-download needs find command + # scp-and-sftp-download-test needs find command + - passwd # non-root-user-download needs passwd command + - openssh-clients # non-root-user-download needs ssh-keyscan command + +# Tests for Atomic +- hosts: localhost + roles: + - role: standard-test-beakerlib + tags: + - atomic + tests: + - scp-and-sftp-download-test + - non-root-user-download +