1
0

test_ssh_auth.py 3.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107
  1. # -*- coding: utf-8 -*-
  2. """
  3. Test the ssh_auth states
  4. """
  5. from __future__ import absolute_import, print_function, unicode_literals
  6. import os
  7. import pytest
  8. import salt.utils.files
  9. from tests.support.case import ModuleCase
  10. from tests.support.helpers import with_system_user
  11. from tests.support.mixins import SaltReturnAssertsMixin
  12. from tests.support.runtests import RUNTIME_VARS
  13. class SSHAuthStateTests(ModuleCase, SaltReturnAssertsMixin):
  14. @pytest.mark.destructive_test
  15. @pytest.mark.skip_if_not_root
  16. @with_system_user("issue_7409", on_existing="delete", delete=True)
  17. @pytest.mark.slow_test(seconds=10) # Test takes >5 and <=10 seconds
  18. def test_issue_7409_no_linebreaks_between_keys(self, username):
  19. userdetails = self.run_function("user.info", [username])
  20. user_ssh_dir = os.path.join(userdetails["home"], ".ssh")
  21. authorized_keys_file = os.path.join(user_ssh_dir, "authorized_keys")
  22. ret = self.run_state(
  23. "file.managed",
  24. name=authorized_keys_file,
  25. user=username,
  26. makedirs=True,
  27. contents_newline=False,
  28. # Explicit no ending line break
  29. contents="ssh-rsa AAAAB3NzaC1kc3MAAACBAL0sQ9fJ5bYTEyY== root",
  30. )
  31. ret = self.run_state(
  32. "ssh_auth.present",
  33. name="AAAAB3NzaC1kcQ9J5bYTEyZ==",
  34. enc="ssh-rsa",
  35. user=username,
  36. comment=username,
  37. )
  38. self.assertSaltTrueReturn(ret)
  39. self.assertSaltStateChangesEqual(ret, {"AAAAB3NzaC1kcQ9J5bYTEyZ==": "New"})
  40. with salt.utils.files.fopen(authorized_keys_file, "r") as fhr:
  41. self.assertEqual(
  42. fhr.read(),
  43. "ssh-rsa AAAAB3NzaC1kc3MAAACBAL0sQ9fJ5bYTEyY== root\n"
  44. "ssh-rsa AAAAB3NzaC1kcQ9J5bYTEyZ== {0}\n".format(username),
  45. )
  46. @pytest.mark.destructive_test
  47. @pytest.mark.skip_if_not_root
  48. @with_system_user("issue_10198", on_existing="delete", delete=True)
  49. @pytest.mark.slow_test(seconds=10) # Test takes >5 and <=10 seconds
  50. def test_issue_10198_keyfile_from_another_env(self, username=None):
  51. userdetails = self.run_function("user.info", [username])
  52. user_ssh_dir = os.path.join(userdetails["home"], ".ssh")
  53. authorized_keys_file = os.path.join(user_ssh_dir, "authorized_keys")
  54. key_fname = "issue_10198.id_rsa.pub"
  55. # Create the keyfile that we expect to get back on the state call
  56. with salt.utils.files.fopen(
  57. os.path.join(RUNTIME_VARS.TMP_PRODENV_STATE_TREE, key_fname), "w"
  58. ) as kfh:
  59. kfh.write("ssh-rsa AAAAB3NzaC1kcQ9J5bYTEyZ== {0}\n".format(username))
  60. # Create a bogus key file on base environment
  61. with salt.utils.files.fopen(
  62. os.path.join(RUNTIME_VARS.TMP_STATE_TREE, key_fname), "w"
  63. ) as kfh:
  64. kfh.write("ssh-rsa BAAAB3NzaC1kcQ9J5bYTEyZ== {0}\n".format(username))
  65. ret = self.run_state(
  66. "ssh_auth.present",
  67. name="Setup Keys",
  68. source="salt://{0}?saltenv=prod".format(key_fname),
  69. enc="ssh-rsa",
  70. user=username,
  71. comment=username,
  72. )
  73. self.assertSaltTrueReturn(ret)
  74. with salt.utils.files.fopen(authorized_keys_file, "r") as fhr:
  75. self.assertEqual(
  76. fhr.read(), "ssh-rsa AAAAB3NzaC1kcQ9J5bYTEyZ== {0}\n".format(username)
  77. )
  78. os.unlink(authorized_keys_file)
  79. ret = self.run_state(
  80. "ssh_auth.present",
  81. name="Setup Keys",
  82. source="salt://{0}".format(key_fname),
  83. enc="ssh-rsa",
  84. user=username,
  85. comment=username,
  86. saltenv="prod",
  87. )
  88. self.assertSaltTrueReturn(ret)
  89. with salt.utils.files.fopen(authorized_keys_file, "r") as fhr:
  90. self.assertEqual(
  91. fhr.read(), "ssh-rsa AAAAB3NzaC1kcQ9J5bYTEyZ== {0}\n".format(username)
  92. )