Richard W.M. Jones
2016-Oct-20 13:02 UTC
[Libguestfs] [PATCH] customize: Test that the --root-password parameter works.
This is the second half of the patch series posted yesterday (see: "[PATCH 0/2] builder: Add test that a serial console is set up for guest templates we supply."). This checks that our code to change passwords works on real guests. It creates a real guest using virt-builder with the --root-password option, then boots it up and tries to log in with the root password. Interaction with the guest is afforded by the perl Expect module. Rich.
Richard W.M. Jones
2016-Oct-20 13:02 UTC
[Libguestfs] [PATCH] customize: Test that the --root-password parameter works.
Add a slow test to ensure that the --root-password option doesn't regress. --- .gitignore | 1 + customize/Makefile.am | 28 ++++++++++ customize/test-password.pl | 136 +++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 165 insertions(+) create mode 100755 customize/test-password.pl diff --git a/.gitignore b/.gitignore index 4b618f0..633b39d 100644 --- a/.gitignore +++ b/.gitignore @@ -133,6 +133,7 @@ Makefile.in /customize/customize-synopsis.pod /customize/stamp-virt-customize.pod /customize/test-firstboot-*.sh +/customize/test-password-*.sh /customize/test-settings-*.sh /customize/virt-customize /customize/virt-customize.1 diff --git a/customize/Makefile.am b/customize/Makefile.am index 4f855f3..f2e1c15 100644 --- a/customize/Makefile.am +++ b/customize/Makefile.am @@ -22,6 +22,7 @@ EXTRA_DIST = \ $(SOURCES_MLI) $(SOURCES_ML) $(SOURCES_C) \ customize_main.ml \ test-firstboot.sh \ + test-password.pl \ test-settings.sh \ test-virt-customize.sh \ test-virt-customize-docs.sh \ @@ -207,6 +208,7 @@ check-valgrind: SLOW_TESTS = \ $(firstboot_test_scripts) \ + $(password_test_scripts) \ $(settings_test_scripts) check-slow: @@ -235,6 +237,29 @@ test-firstboot-%.sh: chmod 0755 $@-t mv $@-t $@ +password_test_scripts := \ + test-password-centos-7.2.sh \ + test-password-debian-6.sh \ + test-password-debian-7.sh \ + test-password-debian-8.sh \ + test-password-fedora-24.sh \ + test-password-rhel-3.9.sh \ + test-password-rhel-4.9.sh \ + test-password-rhel-5.11.sh \ + test-password-rhel-6.9.sh \ + test-password-rhel-7.2.sh \ + test-password-ubuntu-10.04.sh \ + test-password-ubuntu-12.04.sh \ + test-password-ubuntu-14.04.sh \ + test-password-ubuntu-16.04.sh + +test-password-%.sh: + rm -f $@ $@-t + f=`echo "$@" | $(SED) 's/test-password-\(.*\).sh/\1/'`; \ + echo 'script=$@ exec $$srcdir/test-password.pl' "$$f" > $@-t + chmod 0755 $@-t + mv $@-t $@ + settings_test_scripts := \ test-settings-rhel-4.9.sh \ test-settings-rhel-5.11.sh \ @@ -260,8 +285,11 @@ test-settings-%.sh: CLEANFILES += \ $(firstboot_test_scripts) \ + $(password_test_scripts) \ $(settings_test_scripts) \ firstboot-*.img \ + password-*.img \ + password-*.log \ settings-*.img # Dependencies. diff --git a/customize/test-password.pl b/customize/test-password.pl new file mode 100755 index 0000000..605f5a3 --- /dev/null +++ b/customize/test-password.pl @@ -0,0 +1,136 @@ +#!/usr/bin/env perl +# libguestfs +# Copyright (C) 2016 Red Hat Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +use strict; +use warnings; + +use POSIX qw(uname); + +my $script = $ENV{script}; + +# This test requires the perl 'Expect' module. If it doesn't +# exist, skip the test. +eval "use Expect"; + +unless (exists $INC{"Expect.pm"}) { + print STDERR "$script: test skipped because there is no perl Expect module\n"; + exit 77 +} + +die "$script: guestname parameter not set, don't run this test directly" + unless @ARGV == 1; +my $guestname = $ARGV[0]; + +my $disk = "password-$guestname.img"; +eval { unlink $disk }; + +my $logfile = "password-$guestname.log"; +eval { unlink $logfile }; + +# If the guest doesn't exist in virt-builder, skip. This is because +# we test some RHEL guests which most users won't have access to. +if (system ("virt-builder -l $guestname >/dev/null 2>&1") != 0) { + print STDERR "$script: test skipped because \"$guestname\" not known to virt-builder.\n"; + exit 77 +} + +# We can only run this test on x86_64. +my ($sysname, $nodename, $release, $version, $machine) = uname (); +if ($machine ne "x86_64") { + print STDERR "$script: test skipped because !x86_64\n"; + exit 77 +} + +# Check qemu is installed. +my $qemu = "qemu-system-x86_64"; +if (system ("$qemu -help >/dev/null 2>&1") != 0) { + print STDERR "$script: test skipped because $qemu not found.\n"; + exit 77 +} + +# Some guests need special virt-builder parameters. +# See virt-builder --notes $guestname and builder/test-console.sh +my @extra = (); +if ($guestname eq "debian-7") { + push @extra, "--edit", + '/etc/inittab: s,^#([1-9].*respawn.*/sbin/getty.*),$1,'; +} +elsif ($guestname eq "debian-8" || $guestname eq "ubuntu-16.04") { + # These commands are required to fix the serial console. + # See https://askubuntu.com/questions/763908/ubuntu-16-04-has-no-vmware-console-access-once-booted-on-vmware-vsphere-5-5-clus/764476#764476 + push @extra, "--edit", + '/etc/default/grub: s/^GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT="console=tty0 console=ttyS0,115200n8"/'; + push @extra, "--run-command", "update-grub"; +} + +# Set a random root password under our control. +# http://www.perlmonks.org/?node_id=233023 +my @chars = ("a".."z", "0".."9"); +my $password = ""; +$password .= $chars[rand @chars] for 1..8; + +# Build the guest. +system ("virt-builder", $guestname, "--quiet", + "-o", $disk, + "--root-password", "password:$password", + @extra) == 0 + or die "$script: virt-builder failed, see previous errors"; + +# Run qemu and make sure we get to the login prompt. +my $exp = Expect->spawn ($qemu, + "-nodefconfig", "-display", "none", + "-machine", "accel=kvm:tcg", + "-m", "1024", "-boot", "c", + "-drive", "file=$disk,format=raw,if=ide", + "-serial", "stdio") + or die "$script: Expect could not spawn $qemu: $!\n"; + +$exp->log_file ($logfile); + +my $timeout = 5 * 60; +my $r; +$r = $exp->expect ($timeout, 'login:'); +unless (defined $r) { + die "$script: guest did not print the 'login:' prompt within\n$timeout seconds, or exited before getting to the prompt.\n"; +} + +# Try to log in. +$exp->send ("root\n"); +$r = $exp->expect ($timeout, 'assword:'); +unless (defined $r) { + die "$script: guest did not print the password prompt within\n$timeout seconds, or exited before getting to the prompt.\n"; +} +$exp->send ("$password\n"); + +# Send a simple command; try to find some expected output. +$exp->send ("ls -1 /\n"); + +$timeout = 60; +$r = $exp->expect ($timeout, 'home'); + +unless (defined $r) { + die "$script: guest did not respond to a simple 'ls' command, the login probably failed\n"; +} + +$exp->hard_close (); + +# Successful exit, so remove disk image and log file. +unlink $disk; +unlink $logfile; + +exit 0 -- 2.9.3
Pino Toscano
2016-Oct-20 15:26 UTC
Re: [Libguestfs] [PATCH] customize: Test that the --root-password parameter works.
On Thursday, 20 October 2016 14:02:36 CEST Richard W.M. Jones wrote:> This is the second half of the patch series posted yesterday (see: > "[PATCH 0/2] builder: Add test that a serial console is set up for > guest templates we supply."). > > This checks that our code to change passwords works on real guests. > > It creates a real guest using virt-builder with the --root-password > option, then boots it up and tries to log in with the root password. > > Interaction with the guest is afforded by the perl Expect module.LGTM. Thanks, -- Pino Toscano
Reasonably Related Threads
- [PATCH 0/2] customize: Fix hostname setting in Debian/Ubuntu.
- [PATCH] customize: allow missing SELINUXTYPE in SELinux config
- [PATCH 1/2] customize: Fix firstboot scripts on Debian 6 & 7 (RHBZ#1019388).
- [PATCH 0/2] builder: Add test that a serial console is set up for guest templates we supply.
- p2v: Various cleanups.