Commit | Line | Data |
---|---|---|
d5b0c902 LC |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org> | |
3 | ;;; | |
4 | ;;; This file is part of GNU Guix. | |
5 | ;;; | |
6 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
7 | ;;; under the terms of the GNU General Public License as published by | |
8 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
9 | ;;; your option) any later version. | |
10 | ;;; | |
11 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
12 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
14 | ;;; GNU General Public License for more details. | |
15 | ;;; | |
16 | ;;; You should have received a copy of the GNU General Public License | |
17 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
18 | ||
19 | (define-module (gnu tests ssh) | |
20 | #:use-module (gnu tests) | |
21 | #:use-module (gnu system) | |
22 | #:use-module (gnu system grub) | |
23 | #:use-module (gnu system file-systems) | |
24 | #:use-module (gnu system shadow) | |
25 | #:use-module (gnu system vm) | |
26 | #:use-module (gnu services) | |
27 | #:use-module (gnu services base) | |
28 | #:use-module (gnu services ssh) | |
29 | #:use-module (gnu services networking) | |
30 | #:use-module (gnu packages ssh) | |
31 | #:use-module (guix gexp) | |
32 | #:use-module (guix store) | |
33 | #:use-module (guix monads) | |
34 | #:export (%test-openssh)) | |
35 | ||
36 | (define %openssh-os | |
37 | (operating-system | |
38 | (host-name "komputilo") | |
39 | (timezone "Europe/Berlin") | |
40 | (locale "en_US.UTF-8") | |
41 | ||
42 | (bootloader (grub-configuration (device "/dev/sdX"))) | |
43 | (file-systems %base-file-systems) | |
44 | (firmware '()) | |
45 | (users %base-user-accounts) | |
46 | ||
47 | ;; Allow root logins with an empty password to simplify testing. | |
48 | (services (cons* (service openssh-service-type | |
49 | (openssh-configuration | |
50 | (permit-root-login #t) | |
51 | (allow-empty-passwords? #t))) | |
52 | (dhcp-client-service) | |
53 | %base-services)))) | |
54 | ||
55 | (define (run-openssh-test name) | |
56 | (mlet* %store-monad ((os -> (marionette-operating-system | |
57 | %openssh-os | |
58 | #:imported-modules '((gnu services herd) | |
59 | (guix combinators)))) | |
60 | (command (system-qemu-image/shared-store-script | |
61 | os #:graphic? #f))) | |
62 | (define test | |
63 | (with-imported-modules '((gnu build marionette)) | |
64 | #~(begin | |
65 | (eval-when (expand load eval) | |
66 | ;; Prepare to use Guile-SSH. | |
67 | (set! %load-path | |
68 | (cons (string-append #$guile-ssh "/share/guile/site/" | |
69 | (effective-version)) | |
70 | %load-path))) | |
71 | ||
72 | (use-modules (gnu build marionette) | |
73 | (srfi srfi-64) | |
74 | (ice-9 match) | |
75 | (ssh session) | |
76 | (ssh auth) | |
77 | (ssh channel)) | |
78 | ||
79 | (define marionette | |
80 | ;; Enable TCP forwarding of the guest's port 22. | |
81 | (make-marionette (list #$command "-net" | |
82 | "user,hostfwd=tcp::2222-:22"))) | |
83 | ||
84 | (define (wait-for-file file) | |
85 | ;; Wait until FILE exists in the guest; 'read' its content and | |
86 | ;; return it. | |
87 | (marionette-eval | |
88 | `(let loop ((i 10)) | |
89 | (cond ((file-exists? ,file) | |
90 | (call-with-input-file ,file read)) | |
91 | ((> i 0) | |
92 | (sleep 1) | |
93 | (loop (- i 1))) | |
94 | (else | |
95 | (error "file didn't show up" ,file)))) | |
96 | marionette)) | |
97 | ||
98 | (mkdir #$output) | |
99 | (chdir #$output) | |
100 | ||
101 | (test-begin "openssh") | |
102 | ||
103 | ;; Wait for sshd to be up and running. | |
104 | (test-eq "service running" | |
105 | 'running! | |
106 | (marionette-eval | |
107 | '(begin | |
108 | (use-modules (gnu services herd)) | |
109 | (start-service 'ssh-daemon) | |
110 | 'running!) | |
111 | marionette)) | |
112 | ||
113 | ;; Check sshd's PID file. | |
114 | (test-equal "sshd PID" | |
115 | (wait-for-file "/var/run/sshd.pid") | |
116 | (marionette-eval | |
117 | '(begin | |
118 | (use-modules (gnu services herd) | |
119 | (srfi srfi-1)) | |
120 | ||
121 | (live-service-running | |
122 | (find (lambda (live) | |
123 | (memq 'ssh-daemon | |
124 | (live-service-provision live))) | |
125 | (current-services)))) | |
126 | marionette)) | |
127 | ||
128 | ;; Connect to the guest over SSH. We should be able to connect as | |
129 | ;; "root" with an empty password. Make sure we can run a shell | |
130 | ;; command there. | |
131 | (test-equal "connect" | |
132 | 'hello | |
133 | (let* ((session (make-session #:user "root" | |
134 | #:port 2222 #:host "localhost" | |
135 | #:log-verbosity 'protocol))) | |
136 | (match (connect! session) | |
137 | ('ok | |
138 | (match (pk 'auth (userauth-password! session "")) | |
139 | ('success | |
140 | ;; FIXME: 'get-server-public-key' segfaults. | |
141 | ;; (get-server-public-key session) | |
142 | (let ((channel (make-channel session))) | |
143 | (channel-open-session channel) | |
144 | (channel-request-exec channel | |
145 | "echo hello > /root/witness") | |
146 | (and (zero? (channel-get-exit-status channel)) | |
147 | (wait-for-file "/root/witness"))))))))) | |
148 | ||
149 | (test-end) | |
150 | (exit (= (test-runner-fail-count (test-runner-current)) 0))))) | |
151 | ||
152 | (gexp->derivation name test))) | |
153 | ||
154 | (define %test-openssh | |
155 | (system-test | |
156 | (name "openssh") | |
157 | (description "Connect to a running OpenSSH daemon.") | |
158 | (value (run-openssh-test name)))) |