From f38e22b10e801d86d339ce649c6aa777393c3c69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20R=C5=AF=C5=BEi=C4=8Dka?= Date: Fri, 26 Apr 2024 14:52:36 +0200 Subject: [PATCH] Rewrite partly for SSH. --- tests/applications/keyring/aaa_setup.pm | 92 ++++++++-------------- tests/applications/keyring/keyring_init.pm | 83 +++++++++++++++++++ 2 files changed, 114 insertions(+), 61 deletions(-) create mode 100644 tests/applications/keyring/keyring_init.pm diff --git a/tests/applications/keyring/aaa_setup.pm b/tests/applications/keyring/aaa_setup.pm index 68690252..120b114b 100644 --- a/tests/applications/keyring/aaa_setup.pm +++ b/tests/applications/keyring/aaa_setup.pm @@ -5,85 +5,55 @@ use utils; # This script will install the necessary things to test the Desktop Keyring on Gnome # and KDE, i.e.: -# - we will install an FTP server. -# - we will set it up so that logins can be made. -# - we will log into the FTP server and make the system to remember the credentials. -# - we will restart the machine and check that the credentials are still remembered. -# - we will open SeaHorse or KDE Wallet to check that the credentials are stored. +# - we will set up the SSHd to accept connections with an SSH key +# - we will create the ssh key for the user sub run { my $self = shift; my $desktop = get_var("DESKTOP"); + my $user = get_var("USER") || "test"; + # Switch to console $self->root_console(tty => 3); # We install the necessary packages. - assert_script_run("dnf -y install pure-ftpd"); if ($desktop eq "gnome") { assert_script_run("dnf -y install seahorse"); } - # Download the configuration file for FTP and unpack it. - download_testdata("configuration"); - assert_script_run("mv -f /home/test/configuration/pure-ftpd.conf /etc/pure-ftpd/"); - assert_script_run("chown root:root /etc/pure-ftpd/pure-ftpd.conf"); - assert_script_run("chmod 644 /etc/pure-ftpd/pure-ftpd.conf"); + # Set up the SSH daemon + # Create a drop-in configuration file. + enter_cmd("touch /etc/ssh/ssh_config.d/30-passwordless.conf"); + enter_cmd(\qq(echo "Host *" >> /etc/ssh/ssh_config.d/30-passwordless.conf)); + enter_cmd(\qq(echo " PasswordAuthentication no" >> /etc/ssh/ssh_config.d/30-passwordless.conf)); - # Set up the system. - # Add a group for the FTP and the user that will own the FTP stuff - assert_script_run("groupadd ftpusers"); - assert_script_run("useradd -g ftpusers -d /dev/null -s /sbin/nologin ftpuser"); - # Create a directory to hold the FTP content, set rights and create the content. - assert_script_run("mkdir /ftpdata"); - assert_script_run("chown -R ftpuser:ftpusers /ftpdata"); - assert_script_run("echo 'This is a test file' > /ftpdata/testfile.txt"); - # Enable the FTP service in the firewall. - assert_script_run("firewall-cmd --add-service=ftp --permanent"); - assert_script_run("firewall-cmd --reload"); - - # Set up the FTP server. - # Create a virtual FTP user called tucnak. - enter_cmd("pure-pw useradd tucnak -u ftpuser -g ftpusers -d /ftpdata"); - sleep(2); - # Set its password, wait between attempts so that the system has time - # to react to the input. - type_string("weakpassword\n"); # To pass the password entry. - sleep(2); - type_string("weakpassword\n"); - sleep(2); - # Create PureFTP database to the settings. - assert_script_run("pure-pw mkdb"); - # Check that the settings are done correctly - assert_script_run("pure-pw list | egrep 'tucnak\\s+/ftpdata'"); - assert_script_run("pure-pw show tucnak"); - - # Enable and start the server. - assert_script_run("systemctl enable pure-ftpd.service --now"); + # Enable and start SSHd. + assert_script_run("systemctl enable sshd.service --now"); # Check that it is running (the assertion will fail if not) - assert_script_run("systemctl status pure-ftpd.service --no-pager"); + assert_script_run("systemctl status sshd.service --no-pager"); + + # Create the SSH keys for the user. + # Change to the normal user + enter_cmd("su -l $user"); + # Create the SSH key. + enter_cmd("ssh-keygen"); + # Confirm the location of the key. + send_key("ret"); + sleep 1; + # Create a password for the key. + type_very_safely("sshkeypass\n"); + sleep 1; + type_very_safely("sshkeypass\n"); + sleep 1; + + # Authorize the SSH key. + enter_cmd(\q(echo $(cat ~/.ssh/id_ed25519.pub) > ~./ssh/authorized_keys)); + + enter_cmd("exit"); # Return to desktop desktop_vt(); - - # Start the file explorer application based on what system we are - # running, Gnome or KDE. - my $app = "nautilus"; - my $key = "up"; - if (get_var("DESKTOP") eq "kde") { - $app = "dolphin"; - $key = "pgup"; - } - menu_launch_type($app); - send_key("super-$key"); - wait_still_screen(3); - # Check that it has started - if (get_var("DESKTOP") eq "kde") { - assert_screen("dolphin_runs"); - } - else { - assert_screen("apps_run_files"); - } } sub test_flags { diff --git a/tests/applications/keyring/keyring_init.pm b/tests/applications/keyring/keyring_init.pm new file mode 100644 index 00000000..654d94af --- /dev/null +++ b/tests/applications/keyring/keyring_init.pm @@ -0,0 +1,83 @@ +use base "installedtest"; +use strict; +use testapi; +use utils; + +# This script will check that the password has been added +# to the system keyring. We will start a wallet application +# and check that the password is listed in that application. + +sub ssh_login_localhost { + my ($user, $pass, $cli) = @_; + menu_launch_type($cli); + if ($cli eq "gnome") { + assert_screen("apps_run_terminal"); + } + else { + assert_screen("konsole_runs"); + } + + # Log to the localhost using the SSH. + enter_cmd("ssh ${user}@localhost"); + # Confirm to safe the host to known hosts. + type_very_safely("yes\n"); + sleep 1; + # Type the password + type_very_safely("$pass\n"); + sleep 1; + enter_cmd("clear"); + # Check who is logged in. + enter_cmd("who"); + # Check that multiple instances are logged in. + assert_screen("keyring_multiple_instances"); + # Log out of ssh + enter_cmd("exit"); +} + +sub run { + my $self = shift; + my $desktop = get_var("DESKTOP"); + my $user = get_var("USER_LOGIN", "test"); + + if ($desktop eq "kde") { + # Start the Konsole + # Start the KDE wallet application and maximize it. + menu_launch_type("kwalletmanager"); + assert_screen("kwalletmanager_runs"); + send_key("super-pgup"); + + # Navigate to the stored entry and check that + # the credentials are stored there. + assert_and_dclick("keyring_passwords_unfold"); + assert_and_dclick("keyring_maps_unfold"); + assert_and_click("keyring_ftp_localhost"); + assert_and_click("keyring_show_values"); + assert_screen("keyring_keys_values"); + } + else { + # Start the Seahorse application and maximize it. + menu_launch_type("seahorse"); + assert_screen("apps_run_seahorse"); + send_key("super-up"); + + # Navigate to the stored entry and check + # that the credentials are stored there. + assert_and_click("keyring_seahorse_login"); + assert_and_dclick("keyring_seahorse_details"); + assert_screen("keyring_seahorse_details_shown"); + assert_and_click("keyring_seahorse_show_password"); + assert_screen("keyring_seahorse_password_shown"); + } + + # Reboot the machine. + $self->root_console(tty => 3); + enter_cmd("reboot"); +} + +sub test_flags { + return {fatal => 1, milestone => 1}; +} + +1; + +# vim: set sw=4 et: