File: example.ssh_policy

package info (click to toggle)
shellia 5.10
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 792 kB
  • sloc: sh: 7,840; makefile: 34
file content (132 lines) | stat: -rwxr-xr-x 4,432 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
 
#!/bin/sh
# Name:
#   example.ssh_policy - will be symlinked to example.ssh_policy_remote
# Description:
#   test possible policies and check-modes with ssh
# Prerequisites:
#   ssh to localhost needs to work without password

[ "$ia_logfile" -o "$ia_log_fd" ] || { ia_logfile=$0.log; rm -f $ia_logfile; }
. ./ia
UPDIR=$(realpath $(dirname $0)/..)
NAME=$(basename $0)

NAMES="example.ssh_policy|example.ssh_policy_remote"
CHECK_MODES="--check-mode-c|--check-mode-C"
POLICIES="--policy-stop|--policy-continue"
TESTCASES="--testcase-allgood|--testcase-local-stdout|--testcase-local-stderr|\
--testcase-local-bad-return|--testcase-local-bad-exit|\
--testcase-remote-stdout|--testcase-remote-stderr|\
--testcase-remote-bad-return|--testcase-remote-bad-exit"

help()
{
  cat <<END >&2
ia -c
  treats nonzero exit codes and unknown output as error
ia -c --learn
  treats nonzero exit codes as error
  treats unknown output as warnings

an error will lead to questions in interactive mode and will exit in silent mode
a warning, will be ignored and will not lead to questions in interactive mode
END
}

usage()
{
  echo >&2
  [ "$1" ] && { echo "ERROR: $1" >&2; echo >&2; }
  echo "USAGE: <name> [--sshopts <SSHOPTS>] <check_mode> <policy> <testcase>" >&2
  echo "  <name>: $NAMES" >&2
  echo "  <check_mode>: $CHECK_MODES" >&2
  echo "  <policy>: $POLICIES" >&2
  echo "  <testcase>:" >&2
  echo "$TESTCASES" | sed "s/|/ /g" | fold -w 76 -s | sed -e "s/ /|/g" -e "s/|$/|\\\/" -e "s/^/    /" >&2
  exit 1
}

info()
{
  [ "$ia_use_silent" ] && ia_log "$@" || ia_logerr "$@"
}

fatal()
{
  echo "FATAL ERROR: $1"
  exit 1
}

eval "$ia_init"

sshopts=""
if [ "$1" = "--sshopts" ]; then
  sshopts="$2"
  shift 2
fi

[ "$(echo "|$NAMES|" | grep -e "|$NAME|")" ] || usage "bad Name: $NAME"
for i in $*; do
  [ "$(echo "|$CHECK_MODES|$POLICIES|$TESTCASES|" | grep -e "|$i|")" ] || usage "unknown option $i"
done
[ $# -eq 3 ] || usage "need exact 3 options ($# given)"
[ "$(echo " $* " | grep -E -e " $CHECK_MODES ")" ] || usage "missing --check-mode..."
[ "$(echo " $* " | grep -E -e " $POLICIES ")" ] || usage "missing --policy..."
[ "$(echo " $* " | grep -E -e " $TESTCASES ")" ] || usage "missing --testcase..."

# MY_ADD <cmd>
# calls "ia_add <cmd>" and "ia_nocheck -f" before if "<-i>" is ued in <cmd>
# with -f we will also accept nonzero exit

### define MY_ADD() depending on policy
if [ "$(echo " $* " | grep -e " --policy-stop ")" ]; then
  # check stdout, stderr and exit codes
  # log warnings and errors
  # ask interactively, even if not started with -i
  # in silentmode stop
  LEARN=""
  MY_ADD()
  {
    [ "$(echo "$1" | grep -e "<-i>")" ] && ia_nocheck
    ia_add "$1"
  }
elif [ "$(echo " $* " | grep -e " --policy-continue ")" ]; then
  #   check stdout, stderr and exit codes
  #   log warnings and errors, but continue to run
  LEARN="--learn"
  MY_ADD()
  {
    # with -f ia_nocheck will also accept nonzero exit
    [ "$(echo "$1" | grep -e "<-i>")" ] && ia_nocheck -f
    ia_add "$1"
  }
else
  fatal "internal error, unreachable code reading policy option"
fi

MY_ADD "info \"$NAME: start message\""
if [ "$NAME" = "example.ssh_policy" ]; then
   MY_ADD "ia_ssh $<sshopts> localhost \"cd $UPDIR; ./tests/example.ssh_policy_remote <-i> $*\""
   [ "$(echo " $* " | grep -e " --testcase-local-stdout ")" ] && MY_ADD "echo \"$NAME: warning-stdout\""
   [ "$(echo " $* " | grep -e " --testcase-local-stderr ")" ] && MY_ADD "echo \"$NAME: warning-stderr\" >&2"
   [ "$(echo " $* " | grep -e " --testcase-local-bad-return ")" ] && MY_ADD "sh -c \"exit 11\""
   [ "$(echo " $* " | grep -e " --testcase-local-bad-exit ")" ] && MY_ADD "exit 12"
elif [ "$NAME" = "example.ssh_policy_remote" ]; then
   [ "$(echo " $* " | grep -e " --testcase-remote-stdout ")" ] && MY_ADD "echo \"$NAME: warning-stdout\""
   [ "$(echo " $* " | grep -e " --testcase-remote-stderr ")" ] && MY_ADD "echo \"$NAME: warning-stderr\" >&2"
   [ "$(echo " $* " | grep -e " --testcase-remote-bad-return ")" ] && MY_ADD "sh -c \"exit 13\""
   [ "$(echo " $* " | grep -e " --testcase-remote-bad-exit ")" ] && MY_ADD "exit 14"
else
  fatal "internal error, unreachable code checking NAME=($NAME)"
fi
MY_ADD "info \"$NAME: end message\""

if [ "$(echo " $* " | grep -e " --check-mode-c ")" ]; then
  C="-c"
elif [ "$(echo " $* " | grep -e " --check-mode-C ")" ]; then
  C="-C"
else
  fatal "internal error, unreachable code checking check-mode"
fi

ia $C $LEARN