Libguestfs - Oct 2016 - [PATCH] customize: Test that the --root-password parameter works.

This is the second half of the patch series posted yesterday (see:
"[PATCH 0/2] builder: Add test that a serial console is set up for
guest templates we supply.").

This checks that our code to change passwords works on real guests.

It creates a real guest using virt-builder with the --root-password
option, then boots it up and tries to log in with the root password.

Interaction with the guest is afforded by the perl Expect module.

Rich.

Add a slow test to ensure that the --root-password option
doesn't regress.
---
 .gitignore                 |   1 +
 customize/Makefile.am      |  28 ++++++++++
 customize/test-password.pl | 136 +++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 165 insertions(+)
 create mode 100755 customize/test-password.pl

diff --git a/.gitignore b/.gitignore
index 4b618f0..633b39d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -133,6 +133,7 @@ Makefile.in
 /customize/customize-synopsis.pod
 /customize/stamp-virt-customize.pod
 /customize/test-firstboot-*.sh
+/customize/test-password-*.sh
 /customize/test-settings-*.sh
 /customize/virt-customize
 /customize/virt-customize.1
diff --git a/customize/Makefile.am b/customize/Makefile.am
index 4f855f3..f2e1c15 100644
--- a/customize/Makefile.am
+++ b/customize/Makefile.am
@@ -22,6 +22,7 @@ EXTRA_DIST = \
 	$(SOURCES_MLI) $(SOURCES_ML) $(SOURCES_C) \
 	customize_main.ml \
 	test-firstboot.sh \
+	test-password.pl \
 	test-settings.sh \
 	test-virt-customize.sh \
 	test-virt-customize-docs.sh \
@@ -207,6 +208,7 @@ check-valgrind:
 
 SLOW_TESTS = \
 	$(firstboot_test_scripts) \
+	$(password_test_scripts) \
 	$(settings_test_scripts)
 
 check-slow:
@@ -235,6 +237,29 @@ test-firstboot-%.sh:
 	chmod 0755 $@-t
 	mv $@-t $@
 
+password_test_scripts := \
+	test-password-centos-7.2.sh \
+	test-password-debian-6.sh \
+	test-password-debian-7.sh \
+	test-password-debian-8.sh \
+	test-password-fedora-24.sh \
+	test-password-rhel-3.9.sh \
+	test-password-rhel-4.9.sh \
+	test-password-rhel-5.11.sh \
+	test-password-rhel-6.9.sh \
+	test-password-rhel-7.2.sh \
+	test-password-ubuntu-10.04.sh \
+	test-password-ubuntu-12.04.sh \
+	test-password-ubuntu-14.04.sh \
+	test-password-ubuntu-16.04.sh
+
+test-password-%.sh:
+	rm -f $@ $@-t
+	f=`echo "$@" | $(SED) 's/test-password-\(.*\).sh/\1/'`; \
+	echo 'script=$@ exec $$srcdir/test-password.pl' "$$f" >
$@-t
+	chmod 0755 $@-t
+	mv $@-t $@
+
 settings_test_scripts := \
 	test-settings-rhel-4.9.sh \
 	test-settings-rhel-5.11.sh \
@@ -260,8 +285,11 @@ test-settings-%.sh:
 
 CLEANFILES += \
 	$(firstboot_test_scripts) \
+	$(password_test_scripts) \
 	$(settings_test_scripts) \
 	firstboot-*.img \
+	password-*.img \
+	password-*.log \
 	settings-*.img
 
 # Dependencies.
diff --git a/customize/test-password.pl b/customize/test-password.pl
new file mode 100755
index 0000000..605f5a3
--- /dev/null
+++ b/customize/test-password.pl
@@ -0,0 +1,136 @@
+#!/usr/bin/env perl
+# libguestfs
+# Copyright (C) 2016 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+use strict;
+use warnings;
+
+use POSIX qw(uname);
+
+my $script = $ENV{script};
+
+# This test requires the perl 'Expect' module.  If it doesn't
+# exist, skip the test.
+eval "use Expect";
+
+unless (exists $INC{"Expect.pm"}) {
+    print STDERR "$script: test skipped because there is no perl Expect
module\n";
+    exit 77
+}
+
+die "$script: guestname parameter not set, don't run this test
directly"
+    unless @ARGV == 1;
+my $guestname = $ARGV[0];
+
+my $disk = "password-$guestname.img";
+eval { unlink $disk };
+
+my $logfile = "password-$guestname.log";
+eval { unlink $logfile };
+
+# If the guest doesn't exist in virt-builder, skip.  This is because
+# we test some RHEL guests which most users won't have access to.
+if (system ("virt-builder -l $guestname >/dev/null 2>&1")
!= 0) {
+    print STDERR "$script: test skipped because \"$guestname\"
not known to virt-builder.\n";
+    exit 77
+}
+
+# We can only run this test on x86_64.
+my ($sysname, $nodename, $release, $version, $machine) = uname ();
+if ($machine ne "x86_64") {
+    print STDERR "$script: test skipped because !x86_64\n";
+    exit 77
+}
+
+# Check qemu is installed.
+my $qemu = "qemu-system-x86_64";
+if (system ("$qemu -help >/dev/null 2>&1") != 0) {
+    print STDERR "$script: test skipped because $qemu not found.\n";
+    exit 77
+}
+
+# Some guests need special virt-builder parameters.
+# See virt-builder --notes $guestname and builder/test-console.sh
+my @extra = ();
+if ($guestname eq "debian-7") {
+    push @extra, "--edit",
+        '/etc/inittab: s,^#([1-9].*respawn.*/sbin/getty.*),$1,';
+}
+elsif ($guestname eq "debian-8" || $guestname eq
"ubuntu-16.04") {
+    # These commands are required to fix the serial console.
+    # See
https://askubuntu.com/questions/763908/ubuntu-16-04-has-no-vmware-console-access-once-booted-on-vmware-vsphere-5-5-clus/764476#764476
+    push @extra, "--edit",
+        '/etc/default/grub:
s/^GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT="console=tty0
console=ttyS0,115200n8"/';
+    push @extra, "--run-command", "update-grub";
+}
+
+# Set a random root password under our control.
+# http://www.perlmonks.org/?node_id=233023
+my @chars = ("a".."z", "0".."9");
+my $password = "";
+$password .= $chars[rand @chars] for 1..8;
+
+# Build the guest.
+system ("virt-builder", $guestname, "--quiet",
+        "-o", $disk,
+        "--root-password", "password:$password",
+        @extra) == 0
+    or die "$script: virt-builder failed, see previous errors";
+
+# Run qemu and make sure we get to the login prompt.
+my $exp = Expect->spawn ($qemu,
+                         "-nodefconfig", "-display",
"none",
+                         "-machine", "accel=kvm:tcg",
+                         "-m", "1024", "-boot",
"c",
+                         "-drive",
"file=$disk,format=raw,if=ide",
+                         "-serial", "stdio")
+    or die "$script: Expect could not spawn $qemu: $!\n";
+
+$exp->log_file ($logfile);
+
+my $timeout = 5 * 60;
+my $r;
+$r = $exp->expect ($timeout, 'login:');
+unless (defined $r) {
+    die "$script: guest did not print the 'login:' prompt
within\n$timeout seconds, or exited before getting to the prompt.\n";
+}
+
+# Try to log in.
+$exp->send ("root\n");
+$r = $exp->expect ($timeout, 'assword:');
+unless (defined $r) {
+    die "$script: guest did not print the password prompt within\n$timeout
seconds, or exited before getting to the prompt.\n";
+}
+$exp->send ("$password\n");
+
+# Send a simple command; try to find some expected output.
+$exp->send ("ls -1 /\n");
+
+$timeout = 60;
+$r = $exp->expect ($timeout, 'home');
+
+unless (defined $r) {
+    die "$script: guest did not respond to a simple 'ls' command,
the login probably failed\n";
+}
+
+$exp->hard_close ();
+
+# Successful exit, so remove disk image and log file.
+unlink $disk;
+unlink $logfile;
+
+exit 0
-- 
2.9.3

On Thursday, 20 October 2016 14:02:36 CEST Richard W.M. Jones
wrote:
> This is the second half of the patch series posted yesterday (see:
> "[PATCH 0/2] builder: Add test that a serial console is set up for
> guest templates we supply.").
> 
> This checks that our code to change passwords works on real guests.
> 
> It creates a real guest using virt-builder with the --root-password
> option, then boots it up and tries to log in with the root password.
> 
> Interaction with the guest is afforded by the perl Expect module.
LGTM.

Thanks,
-- 
Pino Toscano