1
0

test_ssh_auth.py 3.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115
  1. # -*- coding: utf-8 -*-
  2. """
  3. Test the ssh_auth states
  4. """
  5. # Import python libs
  6. from __future__ import absolute_import, print_function, unicode_literals
  7. import os
  8. # Import salt libs
  9. import salt.utils.files
  10. # Import Salt Testing libs
  11. from tests.support.case import ModuleCase
  12. from tests.support.helpers import (
  13. destructiveTest,
  14. skip_if_not_root,
  15. slowTest,
  16. with_system_user,
  17. )
  18. from tests.support.mixins import SaltReturnAssertsMixin
  19. from tests.support.runtests import RUNTIME_VARS
  20. class SSHAuthStateTests(ModuleCase, SaltReturnAssertsMixin):
  21. @destructiveTest
  22. @skip_if_not_root
  23. @with_system_user("issue_7409", on_existing="delete", delete=True)
  24. @slowTest
  25. def test_issue_7409_no_linebreaks_between_keys(self, username):
  26. userdetails = self.run_function("user.info", [username])
  27. user_ssh_dir = os.path.join(userdetails["home"], ".ssh")
  28. authorized_keys_file = os.path.join(user_ssh_dir, "authorized_keys")
  29. ret = self.run_state(
  30. "file.managed",
  31. name=authorized_keys_file,
  32. user=username,
  33. makedirs=True,
  34. contents_newline=False,
  35. # Explicit no ending line break
  36. contents="ssh-rsa AAAAB3NzaC1kc3MAAACBAL0sQ9fJ5bYTEyY== root",
  37. )
  38. ret = self.run_state(
  39. "ssh_auth.present",
  40. name="AAAAB3NzaC1kcQ9J5bYTEyZ==",
  41. enc="ssh-rsa",
  42. user=username,
  43. comment=username,
  44. )
  45. self.assertSaltTrueReturn(ret)
  46. self.assertSaltStateChangesEqual(ret, {"AAAAB3NzaC1kcQ9J5bYTEyZ==": "New"})
  47. with salt.utils.files.fopen(authorized_keys_file, "r") as fhr:
  48. self.assertEqual(
  49. fhr.read(),
  50. "ssh-rsa AAAAB3NzaC1kc3MAAACBAL0sQ9fJ5bYTEyY== root\n"
  51. "ssh-rsa AAAAB3NzaC1kcQ9J5bYTEyZ== {0}\n".format(username),
  52. )
  53. @destructiveTest
  54. @skip_if_not_root
  55. @with_system_user("issue_10198", on_existing="delete", delete=True)
  56. @slowTest
  57. def test_issue_10198_keyfile_from_another_env(self, username=None):
  58. userdetails = self.run_function("user.info", [username])
  59. user_ssh_dir = os.path.join(userdetails["home"], ".ssh")
  60. authorized_keys_file = os.path.join(user_ssh_dir, "authorized_keys")
  61. key_fname = "issue_10198.id_rsa.pub"
  62. # Create the keyfile that we expect to get back on the state call
  63. with salt.utils.files.fopen(
  64. os.path.join(RUNTIME_VARS.TMP_PRODENV_STATE_TREE, key_fname), "w"
  65. ) as kfh:
  66. kfh.write("ssh-rsa AAAAB3NzaC1kcQ9J5bYTEyZ== {0}\n".format(username))
  67. # Create a bogus key file on base environment
  68. with salt.utils.files.fopen(
  69. os.path.join(RUNTIME_VARS.TMP_STATE_TREE, key_fname), "w"
  70. ) as kfh:
  71. kfh.write("ssh-rsa BAAAB3NzaC1kcQ9J5bYTEyZ== {0}\n".format(username))
  72. ret = self.run_state(
  73. "ssh_auth.present",
  74. name="Setup Keys",
  75. source="salt://{0}?saltenv=prod".format(key_fname),
  76. enc="ssh-rsa",
  77. user=username,
  78. comment=username,
  79. )
  80. self.assertSaltTrueReturn(ret)
  81. with salt.utils.files.fopen(authorized_keys_file, "r") as fhr:
  82. self.assertEqual(
  83. fhr.read(), "ssh-rsa AAAAB3NzaC1kcQ9J5bYTEyZ== {0}\n".format(username)
  84. )
  85. os.unlink(authorized_keys_file)
  86. ret = self.run_state(
  87. "ssh_auth.present",
  88. name="Setup Keys",
  89. source="salt://{0}".format(key_fname),
  90. enc="ssh-rsa",
  91. user=username,
  92. comment=username,
  93. saltenv="prod",
  94. )
  95. self.assertSaltTrueReturn(ret)
  96. with salt.utils.files.fopen(authorized_keys_file, "r") as fhr:
  97. self.assertEqual(
  98. fhr.read(), "ssh-rsa AAAAB3NzaC1kcQ9J5bYTEyZ== {0}\n".format(username)
  99. )