56e755ba11
Extends the context system in the test scripts to allow executing commands within a guest. Do this without requiring an existing network in the guest by using socat to run ssh via a vsock connection. We do need some additional "sleep"s in the tests, because the new faster dispatch means that sometimes we attempt to connect before socat has managed to listen. For now, only use this for the plain "passt" tests. The "passt_in_ns" and other tests have additional complications we still need to deal with. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
81 lines
2.9 KiB
Bash
Executable file
81 lines
2.9 KiB
Bash
Executable file
#!/bin/sh
|
|
#
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
#
|
|
# PASST - Plug A Simple Socket Transport
|
|
# for qemu/UNIX domain socket mode
|
|
#
|
|
# test/passt.mbuto - mbuto (https://mbuto.sh) profile for test images
|
|
#
|
|
# Copyright (c) 2022 Red Hat GmbH
|
|
# Author: Stefano Brivio <sbrivio@redhat.com>
|
|
|
|
PROGS="${PROGS:-ash,dash,bash ip mount ls insmod mkdir ln cat chmod lsmod
|
|
modprobe find grep mknod mv rm umount jq iperf3 dhclient hostname
|
|
sed tr chown sipcalc cut md5sum socat dd strace ping tail killall sleep
|
|
sysctl nproc tcp_rr tcp_crr udp_rr which tee seq bc sshd ssh-keygen}"
|
|
|
|
KMODS="${KMODS:- virtio_net virtio_pci vmw_vsock_virtio_transport}"
|
|
|
|
LINKS="${LINKS:-
|
|
ash,dash,bash /init
|
|
ash,dash,bash /bin/sh}"
|
|
|
|
DIRS="${DIRS} /tmp /sbin /usr/share /var/log /var/lib /etc/ssh /run/sshd /root/.ssh"
|
|
|
|
FIXUP="${FIXUP}"'
|
|
cat > /sbin/dhclient-script << EOF
|
|
#!/bin/sh
|
|
LOG=/var/log/dhclient-script.log
|
|
echo \${reason} \${interface} >> \$LOG
|
|
set >> \$LOG
|
|
|
|
[ -n "\${new_interface_mtu}" ] && ip link set dev \${interface} mtu \${new_interface_mtu}
|
|
|
|
[ -n "\${new_ip_address}" ] && ip addr add \${new_ip_address}/\${new_subnet_mask} dev \${interface}
|
|
[ -n "\${new_routers}" ] && for r in \${new_routers}; do ip route add default via \${r} dev \${interface}; done
|
|
:> /etc/resolv.conf
|
|
[ -n "\${new_domain_name_servers}" ] && for d in \${new_domain_name_servers}; do echo "nameserver \${d}" >> /etc/resolv.conf; done
|
|
[ -n "\${new_domain_name}" ] && echo "search \${new_domain_name}" >> /etc/resolf.conf
|
|
[ -n "\${new_domain_search}" ] && (printf "search"; for d in \${new_domain_search}; do printf " %s" "\${d}"; done; printf "\n") >> /etc/resolv.conf
|
|
[ -n "\${new_ip6_address}" ] && ip addr add \${new_ip6_address}/\${new_ip6_prefixlen} dev \${interface}
|
|
[ -n "\${new_dhcp6_name_servers}" ] && for d in \${new_dhcp6_name_servers}; do echo "nameserver \${d}%\${interface}" >> /etc/resolv.conf; done
|
|
[ -n "\${new_dhcp6_domain_search}" ] && (printf "search"; for d in \${new_dhcp6_domain_search}; do printf " %s" "\${d}"; done; printf "\n") >> /etc/resolv.conf
|
|
[ -n "\${new_host_name}" ] && hostname "\${new_host_name}"
|
|
exit 0
|
|
EOF
|
|
chmod 755 /sbin/dhclient-script
|
|
ln -s /sbin /usr/sbin
|
|
ln -s /bin /usr/bin
|
|
ln -s /run /var/run
|
|
:> /etc/fstab
|
|
|
|
# sshd(dropbear) via vsock
|
|
cat > /etc/passwd << EOF
|
|
root:x:0:0:root:/root:/bin/sh
|
|
sshd:x:100:100:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
|
|
EOF
|
|
cat > /etc/shadow << EOF
|
|
root:::0:99999:7:::
|
|
EOF
|
|
chmod 000 /etc/shadow
|
|
|
|
:> /etc/ssh/sshd_config
|
|
ssh-keygen -A
|
|
chmod 700 /root/.ssh
|
|
chmod 700 /run/sshd
|
|
# Alternative location for the priv separation dir
|
|
ln -s /run/sshd /usr/share/empty.sshd
|
|
|
|
cat > /root/.ssh/authorized_keys <<EOF
|
|
'"$(cat guest-key.pub)"'
|
|
EOF
|
|
chmod 600 /root/.ssh/authorized_keys
|
|
chmod 700 /root
|
|
socat VSOCK-LISTEN:22,fork EXEC:"sshd -i -e" 2> /var/log/vsock-ssh.log &
|
|
sh +m
|
|
'
|
|
|
|
OUTPUT="KERNEL=__KERNEL__
|
|
INITRD=__INITRD__
|
|
"
|