def local_access(params, test):
"""
Connect local libvirt daemon as a non-root user.
:param params: dict of test parameters
:param test: Avocado-VT test instance
"""
uri = params.get("uri")
auth_user = params.get("auth_user", "root")
auth_pwd = params.get("auth_pwd")
virsh_cmd = params.get("virsh_cmd", "list")
read_only = params.get("read_only", "")
vm_name = params.get("main_vm", "")
extra_env = params.get("extra_env", "")
su_user = params.get("su_user", "")
message = params.get("message", "")
virsh_patterns = params.get("patterns_virsh_cmd",
r".*Id\s*Name\s*State\s*.*")
patterns_extra_dict = params.get("patterns_extra_dict", None)
log_level = params.get("log_level", "LIBVIRT_DEBUG=3")
status_error = params.get("status_error", "yes")
ret, output = connect_libvirtd(uri, read_only, virsh_cmd, auth_user,
auth_pwd, vm_name, status_error, extra_env,
log_level, su_user, virsh_patterns,
patterns_extra_dict)
if message not in output:
test.fail(
"Expected message: {} not found in the output".format(message))
else:
logging.info("The test has passed.")
def remote_access(params, test):
"""
Connect libvirt daemon
"""
uri = params.get("uri")
auth_user = params.get("auth_user", "root")
auth_pwd = params.get("auth_pwd")
virsh_cmd = params.get("virsh_cmd", "list")
read_only = params.get("read_only", "")
vm_name = params.get("main_vm", "")
logfile = params.get("logfile")
extra_env = params.get("extra_env", "")
pattern = params.get("filter_pattern", "")
su_user = params.get("su_user", "")
virsh_patterns = params.get("patterns_virsh_cmd",
r".*Id\s*Name\s*State\s*.*")
patterns_extra_dict = params.get("patterns_extra_dict", None)
log_level = params.get("log_level", "LIBVIRT_DEBUG=3")
error_pattern = params.get("error_pattern", "")
status_error = params.get("status_error", "no")
ret, output = connect_libvirtd(uri, read_only, virsh_cmd, auth_user,
auth_pwd, vm_name, status_error, extra_env,
log_level, su_user, virsh_patterns,
patterns_extra_dict)
if status_error == "no":
if ret:
if pattern != "":
fp = open(logfile, "r")
if not re.findall(pattern, fp.read()):
fp.close()
test.fail("Failed to find %s in log!!" % pattern)
fp.close()
logging.info("Succeed to connect libvirt daemon.")
else:
if error_pattern:
if error_pattern in output:
logging.info("Expected libvirt output!!")
else:
test.fail("Unexpected output: {}, when looking for: {} "
"pattern".format(output, error_pattern))
else:
test.fail(
"Failed to connect libvirt daemon!!output: {}".format(
output))
else:
if not ret:
if error_pattern:
if error_pattern in output:
logging.info("Expected libvirt output!!")
else:
test.fail(
"Unexpected error: {}, when trying to connect to "
"libvirt daemon. Looking for: {} pattern".format(
output, error_pattern))
else:
logging.info("It's an expected error!!")
else:
test.fail("Unexpected return result: {}".format(output))
def remote_access(params):
"""
Connect libvirt daemon
"""
uri = params.get("uri")
auth_user = params.get("auth_user", "root")
auth_pwd = params.get("auth_pwd")
virsh_cmd = params.get("virsh_cmd", "list")
read_only = params.get("read_only", "")
vm_name = params.get("main_vm", "")
logfile = params.get("logfile")
extra_env = params.get("extra_env", "")
pattern = params.get("filter_pattern", "")
su_user = params.get("su_user", "")
virsh_patterns = params.get("patterns_virsh_cmd",
".*Id\s*Name\s*State\s*.*")
patterns_extra_dict = params.get("patterns_extra_dict", None)
log_level = params.get("log_level", "LIBVIRT_DEBUG=3")
status_error = params.get("status_error", "no")
ret = connect_libvirtd(uri, read_only, virsh_cmd, auth_user, auth_pwd,
vm_name, status_error, extra_env, log_level,
su_user, virsh_patterns, patterns_extra_dict)
if status_error == "no":
if ret:
if pattern != "":
fp = open(logfile, "r")
if not re.findall(pattern, fp.read()):
fp.close()
raise error.TestFail("Failed to find %s in log!!" %
pattern)
fp.close()
logging.info("Succeed to connect libvirt daemon.")
else:
raise error.TestFail("Failed to connect libvirt daemon!!")
else:
if not ret:
logging.info("It's an expected error!!")
else:
raise error.TestFail("Unexpected return result")
def remote_access(params, test):
"""
Connect libvirt daemon
"""
uri = params.get("uri")
auth_user = params.get("auth_user", "root")
auth_pwd = params.get("auth_pwd")
virsh_cmd = params.get("virsh_cmd", "list")
read_only = params.get("read_only", "")
vm_name = params.get("main_vm", "")
logfile = params.get("logfile")
extra_env = params.get("extra_env", "")
pattern = params.get("filter_pattern", "")
su_user = params.get("su_user", "")
virsh_patterns = params.get("patterns_virsh_cmd", ".*Id\s*Name\s*State\s*.*")
patterns_extra_dict = params.get("patterns_extra_dict", None)
log_level = params.get("log_level", "LIBVIRT_DEBUG=3")
status_error = params.get("status_error", "no")
ret = connect_libvirtd(uri, read_only, virsh_cmd, auth_user,
auth_pwd, vm_name, status_error, extra_env,
log_level, su_user, virsh_patterns, patterns_extra_dict)
if status_error == "no":
if ret:
if pattern != "":
fp = open(logfile, "r")
if not re.findall(pattern, fp.read()):
fp.close()
test.fail("Failed to find %s in log!!" % pattern)
fp.close()
logging.info("Succeed to connect libvirt daemon.")
else:
test.fail("Failed to connect libvirt daemon!!")
else:
if not ret:
logging.info("It's an expected error!!")
else:
test.fail("Unexpected return result")
def run(test, params, env):
"""
Test command: virt-admin server-update-tls.
1) when tls related files changed, notify server to update TLS related files
online, without restart daemon
"""
def add_remote_firewall_port(port, params):
"""
Add the port on remote host
:param port: port to add
:param params: Dictionary with the test parameters
"""
server_ip = params.get("server_ip")
server_user = params.get("server_user")
server_pwd = params.get("server_pwd")
remote_session = remote.wait_for_login('ssh', server_ip, '22',
server_user, server_pwd,
r"[\#\$]\s*$")
firewall_cmd = utils_iptables.Firewall_cmd(remote_session)
firewall_cmd.add_port(port, 'tcp', permanent=True)
remote_session.close()
def remove_remote_firewall_port(port, params):
"""
Remove the port on remote host
:param port: port to remove
:param params: Dictionary with the test parameters
"""
server_ip = params.get("server_ip")
server_user = params.get("server_user")
server_pwd = params.get("server_pwd")
remote_session = remote.wait_for_login('ssh', server_ip, '22',
server_user, server_pwd,
r"[\#\$]\s*$")
firewall_cmd = utils_iptables.Firewall_cmd(remote_session)
firewall_cmd.remove_port(port, 'tcp', permanent=True)
remote_session.close()
def update_server_pem(cert_saved_dir, remote_libvirt_pki_dir):
"""
Update the server info and re-build servercert
:param cert_saved_dir: The directory where cert files are saved
:param remote_libvirt_pki_dir: Directory to store pki on remote
"""
logging.debug("Update serverinfo")
serverinfo = os.path.join(cert_saved_dir, "server.info")
with open(os.path.join(cert_saved_dir, "server.info"), "r") as f1:
lines = f1.readlines()
with open(os.path.join(cert_saved_dir, "server2.info"), "w") as f2:
for line in lines:
if fake_ip in line:
line = line.replace(fake_ip, server_ip)
f2.write(line)
cmd = ("certtool --generate-certificate --load-privkey "
"{0}/serverkey.pem --load-ca-certificate {0}/cacert.pem "
"--load-ca-privkey {0}/cakey.pem --template {0}/server2.info "
"--outfile {0}/servercert.pem".format(cert_saved_dir))
servercert_pem = os.path.join(cert_saved_dir, "servercert.pem")
process.run(cmd, shell=True, verbose=True)
remote.copy_files_to(server_ip, 'scp', server_user, server_pwd, '22',
servercert_pem, remote_libvirt_pki_dir)
server_ip = params["server_ip"] = params.get("remote_ip")
server_user = params["server_user"] = params.get("remote_user", "root")
server_pwd = params["server_pwd"] = params.get("remote_pwd")
client_ip = params["client_ip"] = params.get("local_ip")
client_pwd = params["client_pwd"] = params.get("local_pwd")
tls_port = params.get("tls_port", "16514")
uri = "qemu+tls://%s:%s/system" % (server_ip, tls_port)
remote_virt_dargs = {
'remote_ip': server_ip,
'remote_user': server_user,
'remote_pwd': server_pwd,
'unprivileged_user': None,
'ssh_remote_auth': True
}
tls_obj = None
if not libvirt_version.version_compare(6, 2, 0):
test.cancel("This libvirt version doesn't support "
"virt-admin server-update-tls.")
try:
vp = virt_admin.VirtadminPersistent(**remote_virt_dargs)
add_remote_firewall_port(tls_port, params)
# Generate a fake ip for testing
repl = str(int(server_ip.strip().split('.')[-1]) + 1 % 255)
fake_ip = re.sub("([0-9]+)$", repl, server_ip)
params.update({"server_info_ip": fake_ip})
tls_obj = TLSConnection(params)
tls_obj.conn_setup()
tls_obj.auto_recover = True
# Connection should fail because TLS is set incorrectly
ret, output = libvirt.connect_libvirtd(uri)
if ret:
test.fail(
"Connection should fail but succeed. ret: {}, output: {}".
format(ret, output))
if "authentication failed" not in output:
test.fail(
"Unablee to find the expected error message. output: %s" %
output)
tmp_dir = tls_obj.tmp_dir
remote_libvirt_pki_dir = tls_obj.libvirt_pki_dir
update_server_pem(tmp_dir, remote_libvirt_pki_dir)
serv_name = virt_admin.check_server_name()
logging.debug("service name: %s", serv_name)
result = vp.server_update_tls(serv_name, debug=True)
libvirt.check_exit_status(result)
# Re-connect to the server
ret, output = libvirt.connect_libvirtd(uri)
if not ret:
test.fail("Connection fails, ret: {}, output: {}".format(
ret, output))
finally:
logging.info("Recover test environment")
remove_remote_firewall_port(tls_port, params)
