You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@brooklyn.apache.org by he...@apache.org on 2015/05/08 19:01:52 UTC
[3/7] incubator-brooklyn git commit: respect disabling root flag and
test for it
respect disabling root flag and test for it
Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/9c4516f6
Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/9c4516f6
Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/9c4516f6
Branch: refs/heads/master
Commit: 9c4516f606b03804118769b196115e364f40d68c
Parents: 78776ca
Author: Alex Heneveld <al...@cloudsoftcorp.com>
Authored: Tue May 5 17:59:37 2015 +0100
Committer: Alex Heneveld <al...@cloudsoftcorp.com>
Committed: Tue May 5 17:59:37 2015 +0100
----------------------------------------------------------------------
.../location/jclouds/JcloudsLocation.java | 3 +-
.../location/jclouds/JcloudsLocationTest.java | 45 ++++++++++++++++++++
2 files changed, 47 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/9c4516f6/locations/jclouds/src/main/java/brooklyn/location/jclouds/JcloudsLocation.java
----------------------------------------------------------------------
diff --git a/locations/jclouds/src/main/java/brooklyn/location/jclouds/JcloudsLocation.java b/locations/jclouds/src/main/java/brooklyn/location/jclouds/JcloudsLocation.java
index d0c52d8..8be14bf 100644
--- a/locations/jclouds/src/main/java/brooklyn/location/jclouds/JcloudsLocation.java
+++ b/locations/jclouds/src/main/java/brooklyn/location/jclouds/JcloudsLocation.java
@@ -1467,6 +1467,7 @@ public class JcloudsLocation extends AbstractCloudMachineProvisioningLocation im
.grantSudoToAdminUser(grantUserSudo);
boolean useKey = Strings.isNonBlank(pubKey);
+ adminBuilder.cryptFunction(Sha512Crypt.function());
// always set this password; if not supplied, it will be a random string
adminBuilder.adminPassword(passwordToSet);
@@ -1499,7 +1500,7 @@ public class JcloudsLocation extends AbstractCloudMachineProvisioningLocation im
// lock SSH means no root login and no passwordless login
// if we're using a password or we don't have sudo, then don't do this!
- adminBuilder.lockSsh(useKey && grantUserSudo && !config.get(JcloudsLocationConfig.DISABLE_ROOT_AND_PASSWORD_SSH));
+ adminBuilder.lockSsh(useKey && grantUserSudo && config.get(JcloudsLocationConfig.DISABLE_ROOT_AND_PASSWORD_SSH));
statements.add(adminBuilder.build());
http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/9c4516f6/locations/jclouds/src/test/java/brooklyn/location/jclouds/JcloudsLocationTest.java
----------------------------------------------------------------------
diff --git a/locations/jclouds/src/test/java/brooklyn/location/jclouds/JcloudsLocationTest.java b/locations/jclouds/src/test/java/brooklyn/location/jclouds/JcloudsLocationTest.java
index b41f24e..c2a78c3 100644
--- a/locations/jclouds/src/test/java/brooklyn/location/jclouds/JcloudsLocationTest.java
+++ b/locations/jclouds/src/test/java/brooklyn/location/jclouds/JcloudsLocationTest.java
@@ -28,7 +28,10 @@ import java.util.concurrent.atomic.AtomicInteger;
import javax.annotation.Nullable;
import org.jclouds.compute.ComputeService;
+import org.jclouds.compute.domain.Image;
import org.jclouds.compute.domain.Template;
+import org.jclouds.scriptbuilder.domain.OsFamily;
+import org.jclouds.scriptbuilder.domain.StatementList;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.testng.Assert;
@@ -44,6 +47,7 @@ import brooklyn.location.LocationSpec;
import brooklyn.location.NoMachinesAvailableException;
import brooklyn.location.basic.LocationConfigKeys;
import brooklyn.location.geo.HostGeoInfo;
+import brooklyn.location.jclouds.JcloudsLocation.UserCreation;
import brooklyn.management.internal.LocalManagementContext;
import brooklyn.test.Asserts;
import brooklyn.test.entity.LocalManagementContextForTests;
@@ -52,6 +56,7 @@ import brooklyn.util.config.ConfigBag;
import brooklyn.util.exceptions.CompoundRuntimeException;
import brooklyn.util.exceptions.Exceptions;
+import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Function;
import com.google.common.base.Predicate;
import com.google.common.base.Predicates;
@@ -104,6 +109,10 @@ public class JcloudsLocationTest implements JcloudsLocationConfig {
}
}
}
+ @Override @VisibleForTesting
+ public UserCreation createUserStatements(@Nullable Image image, ConfigBag config) {
+ return super.createUserStatements(image, config);
+ }
}
@SuppressWarnings("serial")
@@ -554,4 +563,40 @@ public class JcloudsLocationTest implements JcloudsLocationConfig {
}
// TODO more tests, where flags come in from resolver, named locations, etc
+
+ // now test creating users
+
+ protected String getCreateUserStatementsFor(Map<?,?> config) {
+ BailOutJcloudsLocation jl = newSampleBailOutJcloudsLocationForTesting(MutableMap.<Object,Object>builder()
+ .put(JcloudsLocationConfig.LOGIN_USER, "root").put(JcloudsLocationConfig.LOGIN_USER_PASSWORD, "m0ck")
+ .put(JcloudsLocationConfig.USER, "bob").put(JcloudsLocationConfig.LOGIN_USER_PASSWORD, "b0b")
+ .putAll(config).build());
+
+ UserCreation creation = jl.createUserStatements(null, jl.config().getBag());
+ return new StatementList(creation.statements).render(OsFamily.UNIX);
+ }
+
+ @Test
+ public void testDisablesRoot() {
+ String statements = getCreateUserStatementsFor(ImmutableMap.of());
+ Assert.assertTrue(statements.contains("PermitRootLogin"), "Error:\n"+statements);
+ Assert.assertTrue(statements.matches("(?s).*sudoers.*useradd.*bob.*wheel.*"), "Error:\n"+statements);
+ }
+
+ @Test
+ public void testDisableRootFalse() {
+ String statements = getCreateUserStatementsFor(ImmutableMap.of(JcloudsLocationConfig.DISABLE_ROOT_AND_PASSWORD_SSH, false));
+ Assert.assertFalse(statements.contains("PermitRootLogin"), "Error:\n"+statements);
+ Assert.assertTrue(statements.matches("(?s).*sudoers.*useradd.*bob.*wheel.*"), "Error:\n"+statements);
+ }
+
+ @Test
+ public void testDisableRootAndSudoFalse() {
+ String statements = getCreateUserStatementsFor(ImmutableMap.of(
+ JcloudsLocationConfig.DISABLE_ROOT_AND_PASSWORD_SSH, false,
+ JcloudsLocationConfig.GRANT_USER_SUDO, false));
+ Assert.assertFalse(statements.contains("PermitRootLogin"), "Error:\n"+statements);
+ Assert.assertFalse(statements.matches("(?s).*sudoers.*useradd.*bob.*wheel.*"), "Error:\n"+statements);
+ }
+
}