File: task.yaml

package info (click to toggle)
snapd 2.71-3
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 79,536 kB
  • sloc: ansic: 16,114; sh: 16,105; python: 9,941; makefile: 1,890; exp: 190; awk: 40; xml: 22
file content (61 lines) | stat: -rw-r--r-- 2,177 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
 
summary: Ensure that the ssh-keys interface works.

details: |
    The ssh-keys interface allows to access ssh configuration, keys and
    make ssh connections.

environment:
    KEYSDIR: "$HOME/.ssh"
    TESTKEY: "$HOME/.ssh/testkey"
    CONFDIR: "/etc/ssh/ssh_config.d"

prepare: |
    "$TESTSTOOLS"/snaps-state install-local test-snapd-sh

    "$TESTSTOOLS"/fs-state mock-dir "$KEYSDIR"
    "$TESTSTOOLS"/fs-state mock-file "$TESTKEY"
    "$TESTSTOOLS"/fs-state mock-file "$TESTKEY".pub
    "$TESTSTOOLS"/fs-state mock-dir "$CONFDIR"
    "$TESTSTOOLS"/fs-state mock-file "$CONFDIR/.spread-created"
    "$TESTSTOOLS"/fs-state mock-file "$CONFDIR/test.conf"

restore: |
    "$TESTSTOOLS"/fs-state restore-dir "$KEYSDIR"
    "$TESTSTOOLS"/fs-state restore-dir "$CONFDIR"

execute: |
    echo "The interface is not connected by default"
    snap interfaces -i ssh-keys | MATCH -- '^- +test-snapd-sh:ssh-keys'

    echo "When the interface is connected"
    snap connect test-snapd-sh:ssh-keys

    echo "Then the snap is able to check the ssh version"
    test-snapd-sh.with-ssh-keys-plug -c "ssh -V"

    echo "And the snap is able to read public/private keys and ssh configuration files as well"
    test-snapd-sh.with-ssh-keys-plug -c "cat $TESTKEY"
    test-snapd-sh.with-ssh-keys-plug -c "cat $TESTKEY.pub"
    if ! os.query is-opensuse tumbleweed; then
        test-snapd-sh.with-ssh-keys-plug -c "cat /etc/ssh/ssh_config"
    else
        # Tumbleweed: since updating to openssh 8.4p1, the vendor config files
        # are at /usr/etc/ssh which is not accessible to snaps;
        # make sure that is still the case
        test -f /usr/etc/ssh/ssh_config
    fi
    test-snapd-sh.with-ssh-keys-plug -c "cat /etc/ssh/ssh_config.d/test.conf"

    if [ "$(snap debug confinement)" = partial ] ; then
        exit 0
    fi

    echo "When the plug is disconnected"
    snap disconnect test-snapd-sh:ssh-keys

    echo "Then the snap is not able to read a ssh private key"
    if test-snapd-sh.with-ssh-keys-plug -c "cat $TESTKEY" 2> call.error; then
        echo "Expected permission error accessing to ssh"
        exit 1
    fi
    MATCH "Permission denied" < call.error