[Fuego] [PATCH 3/8] Remove requirement of running the test script as sudo
Tim.Bird at sony.com
Tim.Bird at sony.com
Fri May 4 20:36:58 UTC 2018
I ran the test on my machine without issues, and without any
apparent prompt for a password. Under what conditions
is a password prompt required? I'm not sure I'm following the code.
-- Tim
> -----Original Message-----
> From: fuego-bounces at lists.linuxfoundation.org [mailto:fuego-
> bounces at lists.linuxfoundation.org] On Behalf Of Guilherme Campos
> Camargo
> Sent: Wednesday, May 02, 2018 7:21 AM
> To: fuego at lists.linuxfoundation.org
> Subject: [Fuego] [PATCH 3/8] Remove requirement of running the test script
> as sudo
>
> By requiring the user to run the `test_run.sh` script as sudo on
> standalone mode (outside Fuego's docker container) we may be exposing
> the user to unwanted overwrites through the `output_dir` argument -
> that's currently being used on CheckScreenshot.
>
> On this patch, we remove that requirement and also update the REAMDE.md
> with better instructions (discouraging running the script with sudo).
>
> Given that the install/start scripts may execute commands with
> sudo, we're redirecting the password prompt to the users so that they
> explicitly allow those scripts to execute with root privileges.
>
> In order to check wether the start script requires root priviledges or
> not, we're using a regexp on pexpect that looks for the string 'password
> for' on the output of the script. That string is subject to locale
> settings, so, in order to avoid problems matching the regexp, we're
> standardizing the locale to english by setting LANG='en_US.UTF-8'.
>
> Signed-off-by: Guilherme Campos Camargo <guicc at profusion.mobi>
> ---
> .../Functional.fuego_release_test/README.md | 10 ++++++++--
> .../Functional.fuego_release_test/test_run.py | 20 +++++++++++++++++++
> 2 files changed, 28 insertions(+), 2 deletions(-)
>
> diff --git a/engine/tests/Functional.fuego_release_test/README.md
> b/engine/tests/Functional.fuego_release_test/README.md
> index d9cb7b6..fbe4360 100644
> --- a/engine/tests/Functional.fuego_release_test/README.md
> +++ b/engine/tests/Functional.fuego_release_test/README.md
> @@ -72,8 +72,14 @@ test_run:INFO: Waiting for jenkins on
> '172.17.0.2:8080'...
>
> ```
>
> -Docker commands will be executed from within the script. For that reason,
> you
> -may be required to execute it with `sudo` or as a user with root permissions.
> +Docker commands will be executed from within the script, what means that
> +you will need to make sure that your user is part of the `docker` group
> +for running this script without root permissions.
> +
> +If the install or the start scripts require a password, you will be
> +prompted for the it during the execution.
> +
> +Running this script as root is not recommended.
>
> ## Test Classes
>
> diff --git a/engine/tests/Functional.fuego_release_test/test_run.py
> b/engine/tests/Functional.fuego_release_test/test_run.py
> index 02c5f07..9b96d0d 100755
> --- a/engine/tests/Functional.fuego_release_test/test_run.py
> +++ b/engine/tests/Functional.fuego_release_test/test_run.py
> @@ -9,6 +9,7 @@ import re
> import subprocess
> import sys
> import time
> +from getpass import getpass
> from io import BytesIO
>
> import docker
> @@ -592,12 +593,26 @@ class PexpectContainerSession():
> self.timeout = timeout
>
> def start(self):
> + def prompt_password_if_needed():
> + try:
> + PASSWORD_PROMPT_REGEX = re.compile("password for.+$")
> + self.client.expect(PASSWORD_PROMPT_REGEX, timeout=1)
> + except pexpect.exceptions.TIMEOUT:
> + pass
> + else:
> + prompt = self.client.before + self.client.match.group(0)
> + LOGGER.info(" Start script requires a password...")
> + password = getpass(prompt=prompt)
> + self.client.sendline(password)
> +
> LOGGER.info(
> "Starting container '%s'...", self.container.container_name)
> self.client = pexpect.spawnu(
> '%s %s' % (self.start_script, self.container.container_name),
> echo=False, timeout=self.timeout)
>
> + prompt_password_if_needed()
> +
> PexpectContainerSession.set_ps1(self.client)
>
> LOGGER.info("Container started with the ip '%s'",
> @@ -688,6 +703,7 @@ def main():
> DEFAULT_START_SCRIPT = 'fuego-host-scripts/docker-start-container.sh'
> DEFAULT_JENKINS_PORT = 8080
> DEFAULT_OUTPUT_DIR = '/tmp'
> + DEFAULT_LOCALE = 'en_US.UTF-8'
>
> @atexit.register
> def cleanup():
> @@ -786,6 +802,10 @@ def main():
> LOGGER.debug("Changing working dir to '%s'", args.install_dir)
> os.chdir(args.install_dir)
>
> + LOGGER.debug("Setting locale to '%s' to standardize Pexpect output",
> + DEFAULT_LOCALE)
> + os.environ['LANG'] = DEFAULT_LOCALE
> +
> container = FuegoContainer(args.install_script, args.image_name,
> args.container_name, args.jenkins_port,
> rm_after_test=args.rm_test_container)
> --
> 2.17.0
>
> _______________________________________________
> Fuego mailing list
> Fuego at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/fuego
More information about the Fuego
mailing list