1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
#!/usr/bin/env bats
load test_helper
setup() {
create_user
create_test_key $TEST_KEY_NAME
}
teardown() {
delete_user
delete_test_keys
}
check_authorized_keys_entry() {
local KEYFILE_NAME="$1"
local ENTRY_ID="$2"
run bash -c "sed -n 's/.*\(NAME=\\\\\"${ENTRY_ID}\\\\\"\).*/\1/p' /home/${TEST_USER}/.ssh/authorized_keys"
echo "entry: " $(grep $ENTRY_ID /home/${TEST_USER}/.ssh/authorized_keys)
echo "output: "$output
echo "status: "$status
assert_output "NAME=\\\"$ENTRY_ID\\\""
}
@test "(core) sshcommand create" {
delete_user
run bash -c "sshcommand create $TEST_USER ls > /dev/null"
echo "output: "$output
echo "status: "$status
assert_success
run bash -c "test -f ~${TEST_USER}/.ssh/authorized_keys"
echo "output: "$output
echo "status: "$status
assert_success
run bash -c "grep -F ls ~${TEST_USER}/.sshcommand"
echo "output: "$output
echo "status: "$status
assert_success
}
@test "(core) sshcommand acl-add" {
run bash -c "cat ${TEST_KEY_DIR}/${TEST_KEY_NAME}.pub | sshcommand acl-add $TEST_USER user1"
echo "output: "$output
echo "status: "$status
assert_success
create_test_key new_key
run bash -c "cat ${TEST_KEY_DIR}/new_key.pub | sshcommand acl-add $TEST_USER user2"
echo "output: "$output
echo "status: "$status
assert_success
check_authorized_keys_entry $TEST_KEY_NAME user1
check_authorized_keys_entry new_key user2
}
@test "(core) sshcommand acl-add (bad key failure)" {
run bash -c "echo test_key | sshcommand acl-add $TEST_USER user1"
echo "output: "$output
echo "status: "$status
assert_failure
}
@test "(core) sshcommand acl-add (with identifier space)" {
run bash -c "cat ${TEST_KEY_DIR}/${TEST_KEY_NAME}.pub | sshcommand acl-add $TEST_USER 'broken user'"
echo "output: "$output
echo "status: "$status
assert_success
check_authorized_keys_entry $TEST_KEY_NAME 'broken user'
}
@test "(core) sshcommand acl-remove" {
run bash -c "cat ${TEST_KEY_DIR}/${TEST_KEY_NAME}.pub | sshcommand acl-add $TEST_USER user1"
echo "output: "$output
echo "status: "$status
assert_success
run bash -c "grep -F \"$(< ${TEST_KEY_DIR}/${TEST_KEY_NAME}.pub)\" ~${TEST_USER}/.ssh/authorized_keys | grep user1"
echo "output: "$output
echo "status: "$status
assert_success
run bash -c "sshcommand acl-remove $TEST_USER user1"
echo "output: "$output
echo "status: "$status
assert_success
run bash -c "grep -F \"$(< ${TEST_KEY_DIR}/${TEST_KEY_NAME}.pub)\" ~${TEST_USER}/.ssh/authorized_keys | grep user1"
echo "output: "$output
echo "status: "$status
assert_failure
}
@test "(core) sshcommand help" {
run bash -c "sshcommand help | wc -l"
echo "output: "$output
echo "status: "$status
[[ "$output" -ge 4 ]]
}
|
