File: task.yaml

package info (click to toggle)
snapd 2.72-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 80,412 kB
  • sloc: sh: 16,506; ansic: 16,211; python: 11,213; makefile: 1,919; exp: 190; awk: 58; xml: 22
file content (80 lines) | stat: -rw-r--r-- 3,232 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
 
summary: Ensure that the ssh-public-keys interface works.

details: |
    The ssh-public-keys interface allows to access public keys and
    make ssh connections.

environment:
    KEYSDIR: "/$HOME/.ssh"
    TESTKEY: "/$HOME/.ssh/testkey"
    TESTKEY_HOST_ECDSA: "/etc/ssh/ssh_host_ecdsa_key"
    TESTKEY_HOST_RSA: "/etc/ssh/ssh_host_rsa_key"
    TESTKEY_HOST_ED25519: "/etc/ssh/ssh_host_ed25519_key"


prepare: |
    "$TESTSTOOLS"/snaps-state install-local test-snapd-sh

    "$TESTSTOOLS"/fs-state mock-dir "$KEYSDIR"
    "$TESTSTOOLS"/fs-state mock-file "$TESTKEY"
    "$TESTSTOOLS"/fs-state mock-file "$TESTKEY".pub
    "$TESTSTOOLS"/fs-state mock-file "$TESTKEY_HOST_ECDSA"
    "$TESTSTOOLS"/fs-state mock-file "$TESTKEY_HOST_ECDSA".pub
    "$TESTSTOOLS"/fs-state mock-file "$TESTKEY_HOST_RSA"
    "$TESTSTOOLS"/fs-state mock-file "$TESTKEY_HOST_RSA".pub
    "$TESTSTOOLS"/fs-state mock-file "$TESTKEY_HOST_ED25519"
    "$TESTSTOOLS"/fs-state mock-file "$TESTKEY_HOST_ED25519".pub


restore: |
    "$TESTSTOOLS"/fs-state restore-dir "$KEYSDIR"
    "$TESTSTOOLS"/fs-state restore-file "$TESTKEY_HOST_ECDSA"
    "$TESTSTOOLS"/fs-state restore-file "$TESTKEY_HOST_ECDSA".pub
    "$TESTSTOOLS"/fs-state restore-file "$TESTKEY_HOST_RSA"
    "$TESTSTOOLS"/fs-state restore-file "$TESTKEY_HOST_RSA".pub
    "$TESTSTOOLS"/fs-state restore-file "$TESTKEY_HOST_ED25519"
    "$TESTSTOOLS"/fs-state restore-file "$TESTKEY_HOST_ED25519".pub

execute: |
    echo "The interface is not connected by default"
    snap interfaces -i ssh-public-keys | MATCH -- '^- +test-snapd-sh:ssh-public-keys'

    echo "When the interface is connected"
    snap connect test-snapd-sh:ssh-public-keys
    
    echo "Then the snap is able to see ssh version"
    test-snapd-sh.with-ssh-public-keys-plug -c "ssh -V"

    echo "And the snap is able to read a public key"
    test-snapd-sh.with-ssh-public-keys-plug -c "cat $TESTKEY.pub"

    echo "And the snap is able to read public host keys"
    test-snapd-sh.with-ssh-public-keys-plug -c "cat $TESTKEY_HOST_ECDSA.pub"
    test-snapd-sh.with-ssh-public-keys-plug -c "cat $TESTKEY_HOST_RSA.pub"
    test-snapd-sh.with-ssh-public-keys-plug -c "cat $TESTKEY_HOST_ED25519.pub"

    if [ "$(snap debug confinement)" = partial ]; then
        exit 0
    fi

    echo "And then the snap is not able to access to private keys"
    if test-snapd-sh.with-ssh-public-keys-plug -c "cat $TESTKEY" 2> call.error; then
        echo "Expected permission error accessing to ssh"
        exit 1
    fi
    MATCH "Permission denied" < call.error

    echo "Then the snap is not able to access the ssh private host keys"
    not test-snapd-sh.with-ssh-public-keys-plug -c "cat $TESTKEY_HOST_ECDSA"
    not test-snapd-sh.with-ssh-public-keys-plug -c "cat $TESTKEY_HOST_RSA"
    not test-snapd-sh.with-ssh-public-keys-plug -c "cat $TESTKEY_HOST_ED25519"

    echo "When the plug is disconnected"
    snap disconnect test-snapd-sh:ssh-public-keys
    
    echo "Then the snap is not able to access the ssh public keys"
    if test-snapd-sh.with-ssh-public-keys-plug -c "cat $TESTKEY.pub" 2> call.error; then
        echo "Expected permission error accessing to ssh"
        exit 1
    fi
    MATCH "Permission denied" < call.error