Skip to content

Commit dcf7866

Browse files
ydirsonydirson
committed
WIP XS 6.5
FIXME: - we should not force insecure ssh options when not needed
1 parent 8ae0ac8 commit dcf7866

File tree

3 files changed

+24
-5
lines changed

3 files changed

+24
-5
lines changed

lib/installer.py

Lines changed: 17 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,12 @@
55
from lib.commands import ssh, SSHCommandFailed
66
from lib.common import wait_for
77

8+
# FIXME should only be used for <7.0
9+
SSHOPTS = ("-o KexAlgorithms=+diffie-hellman-group1-sha1",
10+
"-o HostKeyAlgorithms=+ssh-rsa",
11+
"-o PubkeyAcceptedKeyTypes=+ssh-rsa",
12+
"-c +aes256-cbc")
13+
814
class AnswerFile:
915
def __init__(self, kind, /):
1016
from data import BASE_ANSWERFILES
@@ -62,7 +68,7 @@ def _defn_to_xml_et(defn, /, *, parent=None):
6268

6369
def poweroff(ip):
6470
try:
65-
ssh(ip, ["poweroff"])
71+
ssh(ip, ["poweroff"], options=SSHOPTS)
6672
except SSHCommandFailed as e:
6773
# ignore connection closed by reboot
6874
if e.returncode == 255 and "closed by remote host" in e.stdout:
@@ -77,6 +83,7 @@ def monitor_install(*, ip):
7783
"'DISPATCH: NEW PHASE: Completing installation'",
7884
"/tmp/install-log"],
7985
check=False, simple_output=False,
86+
options=SSHOPTS,
8087
).returncode == 0,
8188
"Wait for rpm installation to succeed",
8289
timeout_secs=40 * 60) # FIXME too big
@@ -86,12 +93,14 @@ def monitor_install(*, ip):
8693
"'The installation completed successfully'",
8794
"/tmp/install-log"],
8895
check=False, simple_output=False,
96+
options=SSHOPTS,
8997
).returncode == 0,
9098
"Wait for system installation to succeed",
9199
timeout_secs=40 * 60) # FIXME too big
92100

93101
wait_for(lambda: ssh(ip, ["ps a|grep '[0-9]. python /opt/xensource/installer/init'"],
94102
check=False, simple_output=False,
103+
options=SSHOPTS,
95104
).returncode == 1,
96105
"Wait for installer to terminate")
97106

@@ -101,6 +110,7 @@ def monitor_upgrade(*, ip):
101110
"'DISPATCH: NEW PHASE: Reading package information'",
102111
"/tmp/install-log"],
103112
check=False, simple_output=False,
113+
options=SSHOPTS,
104114
).returncode == 0,
105115
"Wait for upgrade preparations to finish",
106116
timeout_secs=40 * 60) # FIXME too big
@@ -110,6 +120,7 @@ def monitor_upgrade(*, ip):
110120
"'DISPATCH: NEW PHASE: Completing installation'",
111121
"/tmp/install-log"],
112122
check=False, simple_output=False,
123+
options=SSHOPTS,
113124
).returncode == 0,
114125
"Wait for rpm installation to succeed",
115126
timeout_secs=40 * 60) # FIXME too big
@@ -119,12 +130,14 @@ def monitor_upgrade(*, ip):
119130
"'The installation completed successfully'",
120131
"/tmp/install-log"],
121132
check=False, simple_output=False,
133+
options=SSHOPTS,
122134
).returncode == 0,
123135
"Wait for system installation to succeed",
124136
timeout_secs=40 * 60) # FIXME too big
125137

126138
wait_for(lambda: ssh(ip, ["ps a|grep '[0-9]. python /opt/xensource/installer/init'"],
127139
check=False, simple_output=False,
140+
options=SSHOPTS,
128141
).returncode == 1,
129142
"Wait for installer to terminate")
130143

@@ -134,6 +147,7 @@ def monitor_restore(*, ip):
134147
"'Restoring backup'",
135148
"/tmp/install-log"],
136149
check=False, simple_output=False,
150+
options=SSHOPTS,
137151
).returncode == 0,
138152
"Wait for data restoration to start",
139153
timeout_secs=40 * 60) # FIXME too big
@@ -143,6 +157,7 @@ def monitor_restore(*, ip):
143157
"'Data restoration complete. About to re-install bootloader.'",
144158
"/tmp/install-log"],
145159
check=False, simple_output=False,
160+
options=SSHOPTS,
146161
).returncode == 0,
147162
"Wait for data restoration to complete",
148163
timeout_secs=40 * 60) # FIXME too big
@@ -154,6 +169,7 @@ def monitor_restore(*, ip):
154169
"'ran .*swaplabel.*rc 0'",
155170
"/tmp/install-log"],
156171
check=False, simple_output=False,
172+
options=SSHOPTS,
157173
).returncode == 0,
158174
"Wait for installer to hopefully finish",
159175
timeout_secs=40 * 60) # FIXME too big

tests/install/conftest.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -154,6 +154,9 @@ def remastered_iso(installer_iso, answerfile):
154154
set -ex
155155
INSTALLIMG="$1"
156156
157+
# bad permissions in XS 6.5 preventing ssh to use authorized_keys
158+
chmod g-w "$INSTALLIMG/root"
159+
157160
mkdir -p "$INSTALLIMG/root/.ssh"
158161
echo "{TEST_SSH_PUBKEY}" > "$INSTALLIMG/root/.ssh/authorized_keys"
159162

tests/install/test.py

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,7 @@ class TestNested:
4949
"821.1",
5050
"81", "80", "76", "75",
5151
"xs8", "ch821.1",
52-
"xs70",
52+
"xs70", "xs65",
5353
))
5454
@pytest.mark.parametrize("firmware", ("uefi", "bios"))
5555
@pytest.mark.vm_definitions(
@@ -106,7 +106,7 @@ def test_install(self, vm_booted_with_installer, install_disk,
106106
"81", "80",
107107
"76", "75",
108108
"ch821.1", "xs8",
109-
"xs70",
109+
"xs70", "xs65",
110110
))
111111
@pytest.mark.parametrize("firmware", ("uefi", "bios"))
112112
@pytest.mark.continuation_of(
@@ -210,7 +210,7 @@ def _test_firstboot(self, create_vms, mode, *, machine='DEFAULT', is_restore=Fal
210210
]
211211
STAMPS_DIR = "/var/lib/misc"
212212
STAMPS = [f"ran-{service}" for service in SERVICES]
213-
elif lsb_rel in ["7.0.0-125380c", "7.5.0", "7.6.0", "8.0.0", "8.1.0"]:
213+
elif lsb_rel in ["6.5.0", "7.0.0-125380c", "7.5.0", "7.6.0", "8.0.0", "8.1.0"]:
214214
SERVICES = ["xs-firstboot"]
215215
STAMPS_DIR = "/etc/firstboot.d/state"
216216
STAMPS = [
@@ -297,7 +297,7 @@ def _test_firstboot(self, create_vms, mode, *, machine='DEFAULT', is_restore=Fal
297297
"81", "80",
298298
"76", "75",
299299
"ch821.1", "xs8",
300-
"xs70",
300+
"xs70", "xs65",
301301
))
302302
@pytest.mark.parametrize("firmware", ("uefi", "bios"))
303303
@pytest.mark.continuation_of(

0 commit comments

Comments
 (0)