test_session_record_pipe_io_stdin: remove sshpass

Removing reliance on sshpass by adding code in setup to generate an
ssh key and use it in the test code.

Author: spoore1

lib/tlitest/test_tlog_rec_session.py

@@ -4,7 +4,7 @@
 import time
 import inspect
 from tempfile import mkdtemp
-from subprocess import Popen, PIPE, STDOUT
+from subprocess import Popen, PIPE, STDOUT, run
 import pytest
 
 from misc import check_recording, mklogfile, mkcfgfile, \
@@ -22,6 +22,25 @@ def utempter_enabled():
     return 'libutempter.so' in stdout_data
 
 
+@pytest.fixture
+def gen_ssh_key(request):
+    def _del_ssh_key(user):
+        # Remove ssh key to ensure no tests affected later
+        run(f'sed -i "/stdin_test/d" ~{user}/.ssh/authorized_keys', shell=True)
+        run(f'rm -rf ~/.ssh/id_rsa_{user}*', shell=True)
+
+    def _gen_ssh_key(user):
+        # Generate SSH Key for test
+        run(f'rm -rf ~/.ssh/id_rsa_{user}*', shell=True)
+        run(f'ssh-keygen -t rsa -b 2048 -N "" -C stdin_test -f ~/.ssh/id_rsa_{user}', shell=True)
+        run(f"mkdir -p ~{user}/.ssh", shell=True)
+        run(f"cat ~/.ssh/id_rsa_{user}.pub >> ~{user}/.ssh/authorized_keys", shell=True)
+        run(f"chown -R {user}:{user} ~{user}/.ssh", shell=True)
+        request.addfinalizer(lambda: _del_ssh_key(user))
+
+    return _gen_ssh_key
+
+
 class TestTlogRecSession:
     """ Test tlog-rec-session functionality """
     user = 'tlitestlocaluser2'
@@ -217,10 +236,14 @@ def test_session_record_pipe_io_stdin(self):
         """
         text_in_stdio = 'print("hello world")\n'
         text_out = "hello world"
-        p = Popen(['sshpass', '-p', 'Secret123', 'ssh', '-o',
-                   'StrictHostKeyChecking=no',
-                   'tlitestlocaluser2@localhost', 'python3'],
-        stdout=PIPE, stdin=PIPE, stderr=PIPE, encoding='utf8')
+
+        sessionclass = TlogRecSessionConfig(writer="syslog")
+        sessionclass.generate_config(SYSTEM_TLOG_REC_SESSION_CONF)
+
+        p = Popen(['ssh', '-i', f'~/.ssh/id_rsa_{self.user}',
+                   '-o', 'StrictHostKeyChecking=no',
+                   f'{self.user}@localhost', 'python3'],
+                  stdout=PIPE, stdin=PIPE, stderr=PIPE, encoding='utf8')
         stdout_data = p.communicate(input=text_in_stdio)[0]
         assert text_out in stdout_data
 

src/tlitest/tlitest-setup

@@ -8,7 +8,6 @@ python3-pytest
 python3-pexpect
 python3-systemd
 tcsh
-sshpass
 "
 
 [[ -z "${CONTAINER_ENV}" ]] && PKGS+="tlog"
@@ -61,3 +60,20 @@ echo "%wheel        ALL=(ALL)       NOPASSWD: ALL" > \
 usermod tlitestlocaladmin1 -aG wheel,systemd-journal
 usermod tlitestlocaluser1 -aG systemd-journal
 usermod tlitestlocaluser2 -s /usr/bin/tlog-rec-session
+
+# some environments disable password authentication
+# tlog tests need this to run currently
+echo "Adding sshd config to enable password authentication"
+cat > /etc/ssh/sshd_config.d/00-tlog-override.conf <<EOF
+PasswordAuthentication yes
+EOF
+chmod 600 /etc/ssh/sshd_config.d/00-tlog-override.conf
+systemctl restart sshd
+
+# Generate ssh key for testing
+user="tlitestlocaluser2"
+rm -rf ~/.ssh/id_rsa_${user}*
+ssh-keygen -t rsa -b 2048 -N "" -C stdin_test -f ~/.ssh/id_rsa_${user}
+mkdir -p ~${user}/.ssh
+cat ~/.ssh/id_rsa_${user}.pub >> ~${user}/.ssh/authorized_keys
+chown -R ${user}:${user} ~${user}/.ssh

src/tlitest/tlitest-teardown

@@ -48,3 +48,14 @@ if [ -f /etc/sudoers.d/01_wheel_nopass_tlitest ]; then
     echo "Found test sudoers file...removing"
     rm /etc/sudoers.d/01_wheel_nopass_tlitest
 fi
+
+if [ -f /etc/ssh/sshd_config.d/00-tlog-override.conf ]; then
+    echo "Found sshd config override for password authentication...removing"
+    rm /etc/ssh/sshd_config.d/00-tlog-override.conf
+    systemctl restart sshd
+fi
+
+user="tlitestlocaluser2"
+if [ -f ~/.ssh/id_rsa_${user} ]; then
+    rm -rf ~/.ssh/id_rsa_${user}*
+fi