def __init__(self, *args, **dargs):
"""
init params for TCP connection and init tmp_dir.
param tcp_port: Port of tcp connection, default is 16509.
param sysconfig_libvirtd_path: Path of libvirtd file, default is
``/etc/sysconfig/libvirtd``.
param libvirtd_conf_path: Path of libvirtd.conf, default is
``/etc/libvirt/libvirtd.conf``.
"""
init_dict = dict(*args, **dargs)
init_dict['tcp_port'] = init_dict.get('tcp_port', '16509')
super(TCPConnection, self).__init__(init_dict)
self.remote_syslibvirtd = remote.RemoteFile(
address=self.server_ip,
client='scp',
username=self.server_user,
password=self.server_pwd,
port='22',
remote_path='/etc/sysconfig/libvirtd')
self.remote_libvirtdconf = remote.RemoteFile(
address=self.server_ip,
client='scp',
username=self.server_user,
password=self.server_pwd,
port='22',
remote_path='/etc/libvirt/libvirtd.conf')
def __init__(self, *args, **dargs):
"""
Initialization of TLSConnection.
(1).call the init func in ConnectionBase.
(2).check and set CERTTOOL.
(3).make a tmp directory as a workspace.
(4).set values of pki related.
"""
init_dict = dict(*args, **dargs)
init_dict['server_cn'] = init_dict.get('server_cn', 'TLSServer')
init_dict['client_cn'] = init_dict.get('client_cn', 'TLSClient')
super(TLSConnection, self).__init__(init_dict)
# check and set CERTTOOL in slots
try:
CERTTOOL = os_dep.command("certtool")
except ValueError:
logging.warning("certtool executable not set or found on path, "
"TLS connection will not setup normally")
CERTTOOL = '/bin/true'
self.CERTTOOL = CERTTOOL
# set some pki related dir values
self.pki_CA_dir = ('/etc/pki/CA/')
self.libvirt_pki_dir = ('/etc/pki/libvirt/')
self.libvirt_pki_private_dir = ('/etc/pki/libvirt/private/')
self.client_hosts = remote.RemoteFile(address=self.client_ip,
client='scp',
username=self.client_user,
password=self.client_pwd,
port='22',
remote_path='/etc/hosts')
self.server_syslibvirtd = remote.RemoteFile(
address=self.server_ip,
client='scp',
username=self.server_user,
password=self.server_pwd,
port='22',
remote_path='/etc/sysconfig/libvirtd')
self.server_libvirtdconf = remote.RemoteFile(
address=self.server_ip,
client='scp',
username=self.server_user,
password=self.server_pwd,
port='22',
remote_path='/etc/libvirt/libvirtd.conf')
def _new_remote_file(self):
if os.path.exists(self.test_file_path):
os.remove(self.test_file_path)
test_file = open(self.test_file_path, "w")
test_file.writelines(self.default_data)
test_file.close()
remote_file = remote.RemoteFile(None, "test", None, None, None,
self.test_file_path)
return remote_file
def remove_key_in_conf(value_list,
conf_type="libvirtd",
remote_params=None,
restart_libvirt=False):
"""
Remove settings in configuration file on local or remote
and restart libvirtd if needed
:param value_list: A list of settings to delete, like ["log_level", "log_outputs"]
:param conf_type: The configuration type to update on localhost,
eg, "libvirt", "virtqemud"
:param remote_params: The params for remote access
:param restart_libvirt: True to restart libvirtd
:return: remote.RemoteFile object for remote file or
utils_config.LibvirtConfigCommon object for local configuration file
"""
if remote_params:
remote_ip = remote_params.get("server_ip",
remote_params.get("remote_ip"))
remote_pwd = remote_params.get("server_pwd",
remote_params.get("remote_pwd"))
remote_user = remote_params.get("server_user",
remote_params.get("remote_user"))
file_path = remote_params.get("file_path")
if not all([remote_ip, remote_pwd, remote_user, file_path]):
raise exceptions.TestError("remote_[ip|user|pwd] and file_path "
"are necessary!")
remote_file_obj = remote.RemoteFile(address=remote_ip,
client='scp',
username=remote_user,
password=remote_pwd,
port='22',
remote_path=file_path)
remote_file_obj.remove(value_list)
if restart_libvirt:
libvirt.remotely_control_libvirtd(remote_ip,
remote_user,
remote_pwd,
action='restart',
status_error='no')
return remote_file_obj
else:
target_conf = utils_config.get_conf_obj(conf_type)
for item in value_list:
try:
del target_conf[item]
except utils_config.ConfigNoOptionError as err:
LOG.error(err)
if restart_libvirt:
libvirtd = utils_libvirtd.Libvirtd()
libvirtd.restart()
return target_conf
def reset_domain(test,
vm,
vm_state,
needs_agent=False,
guest_cpu_busy=False,
password=None):
"""
Setup guest agent in domain.
:param vm: the vm object
:param vm_state: the given vm state string "shut off" or "running"
"""
if vm.is_alive():
vm.destroy()
if not needs_agent:
vm.prepare_guest_agent(start=False)
if needs_agent:
logging.debug("Attempting to prepare guest agent")
start_ga = vm_state != 'shut off'
vm.prepare_guest_agent(start=start_ga)
if not vm_state == "shut off":
session = vm.wait_for_login()
if guest_cpu_busy:
shell_file = "/tmp/test.sh"
cpu_detail_list = [
'while true', 'do', ' j==\${j:+1}', ' j==\${j:-1}',
'done'
]
remote_file = remote.RemoteFile(vm.get_address(), 'scp', 'root',
password, 22, shell_file)
remote_file.truncate()
remote_file.add(cpu_detail_list)
session.cmd('chmod 777 %s' % shell_file)
session.cmd('%s &' % shell_file)
if vm_state == "paused":
vm.pause()
elif vm_state == "halt":
try:
session.cmd("halt")
except (aexpect.ShellProcessTerminatedError, aexpect.ShellStatusError):
# The halt command always gets these errors, but execution is OK,
# skip these errors
pass
elif vm_state == "pm_suspend":
# Execute "pm-suspend-hybrid" command directly will get Timeout error,
# so here execute it in background, and wait for 3s manually
if session.cmd_status("which pm-suspend-hybrid"):
test.cancel("Cannot execute this test for domain"
" doesn't have pm-suspend-hybrid command!")
session.cmd("pm-suspend-hybrid &")
time.sleep(3)
def get_server_syslibvirtd(server_info):
""""
Get the RemoteFile object of the syslibvirtd file
:param server_info: dictionary with the server information
:returns: RemoteFile object of the syslibvirtd file
"""
syslibvirtd = remote_old.RemoteFile(address=server_info['ip'],
client='scp',
username=server_info['user'],
password=server_info['pwd'],
port='22',
remote_path='/etc/sysconfig/libvirtd')
return syslibvirtd
def get_server_libvirtdconf(server_info):
"""
Get the RemoteFile object of the libvirtdconf file
:param server_info: dictionary with the server information
:returns: RemoteFile object of the libvirtdconf file
"""
daemon_conf, _daemon_socket_conf = get_daemon_configs()
server_libvirtdconf = remote_old.RemoteFile(address=server_info['ip'],
client='scp',
username=server_info['user'],
password=server_info['pwd'],
port='22',
remote_path=daemon_conf)
return server_libvirtdconf
def guest_config(vm, ip_addr):
"""
Add a new nic to guest and set a static ip address
:param vm: Configured guest
:param ip_addr: Set ip address
"""
# Attach an interface device
# Use attach-device, not attach-interface, because attach-interface
# doesn't support 'direct'
interface_class = vm_xml.VMXML.get_device_class('interface')
interface = interface_class(type_name="direct")
interface.source = dict(dev=str(eth_card_no), mode=str(iface_mode))
interface.model = "virtio"
interface.xmltreefile.write()
if vm.is_alive():
vm.destroy(gracefully=False)
virsh.attach_device(vm.name, interface.xml, flagstr="--config")
os.remove(interface.xml)
vmxml = vm_xml.VMXML.new_from_inactive_dumpxml(vm.name)
new_nic = vmxml.get_devices(device_type="interface")[-1]
# Modify new interface's IP
vm.start()
session = vm.wait_for_login()
eth_name = utils_net.get_linux_ifname(session, new_nic.mac_address)
eth_config_detail_list = [
'DEVICE=%s' % eth_name,
'HWADDR=%s' % new_nic.mac_address, 'ONBOOT=yes',
'BOOTPROTO=static',
'IPADDR=%s' % ip_addr
]
remote_file = remote.RemoteFile(vm.get_address(), 'scp', 'root',
params.get('password'), 22,
eth_config_file)
remote_file.truncate()
remote_file.add(eth_config_detail_list)
try:
# Attached interface maybe already active
session.cmd("ifdown %s" % eth_name)
except aexpect.ShellCmdError:
pass
try:
session.cmd("ifup %s" % eth_name)
except aexpect.ShellCmdError:
pass
return session
def change_parameter_on_remote(connect_params, replacement_dict):
"""
Change required parameters based on replacement_dict in remote file
defined in connect_params as remote_daemon_conf.
:param connect_params. Dictionary with connection parameters like server_ip
:param replacement_dict. Dictionary with pattern/replacement pairs
:return: RemoteFile object.
"""
remote_libvirtdconf = remote_old.RemoteFile(
address=connect_params.get('server_ip'),
client='scp',
username=connect_params.get('server_user'),
password=connect_params.get('server_pwd'),
port=connect_params.get('port'),
remote_path=connect_params.get('remote_daemon_conf'),
verbose=True,
)
remote_libvirtdconf.sub_else_add(replacement_dict)
return remote_libvirtdconf
def setup_remote_known_hosts_file(client_ip, server_ip, server_user,
server_pwd):
"""
Set the ssh host key of local host to remote host
:param client_ip: local host ip whose host key is sent to remote host
:type client_ip: str
:param server_ip: remote host ip address where host key is stored to
:type server_ip: str
:param server_user: user to log on remote host
:type server_user: str
:param server_pwd: password for the user for log on remote host
:type server_pwd: str
:return: a RemoteFile object for the file known_hosts on remote host
:rtype: remote.RemoteFile
:return: None if required command is not found
"""
logging.debug('Performing known_hosts file setup on %s from %s.' %
(server_ip, client_ip))
abs_path = ""
try:
abs_path = path.find_command("ssh-keyscan")
except path.CmdNotFoundError as err:
logging.debug("Failed to find the command: %s", err)
return None
cmd = "%s %s" % (abs_path, client_ip)
host_key = process.run(cmd, verbose=False).stdout_text
remote_known_hosts_file = remote.RemoteFile(
address=server_ip,
client='scp',
username=server_user,
password=server_pwd,
port='22',
remote_path='~/.ssh/known_hosts')
pattern2repl = {r".*%s[, ].*" % client_ip: host_key}
remote_known_hosts_file.sub_else_add(pattern2repl)
return remote_known_hosts_file
def update_remote_file(params,
value,
file_path='/etc/libvirt/libvirtd.conf',
restart_libvirt=True):
"""
Update file on remote and restart libvirtd if needed
:param param: Test run params
:param value: The value to update
:param file_path: The path of the file
:param restart_libvirt: True to restart libvirtd
:return: remote.RemoteFile object
"""
try:
tmp_value = eval(value)
logging.debug("Update file {} with: {}".format(file_path, value))
remote_ip = params.get("server_ip", params.get("remote_ip"))
remote_pwd = params.get("server_pwd", params.get("remote_pwd"))
remote_user = params.get("server_user", params.get("remote_user"))
remote_file_obj = remote.RemoteFile(address=remote_ip,
client='scp',
username=remote_user,
password=remote_pwd,
port='22',
remote_path=file_path)
remote_file_obj.sub_else_add(tmp_value)
if restart_libvirt:
libvirt.remotely_control_libvirtd(remote_ip,
remote_user,
remote_pwd,
action='restart',
status_error='no')
return remote_file_obj
except Exception as err:
raise exceptions.TestFail("Unable to update {}: {}".format(
file_path, err))
def run(test, params, env):
global flag_list, flag_list_abs, update_sec, without_sec
global check_sec, check_without_sec, newxml
# Basic network params
net_name = params.get("net_update_net_name", "updatenet")
net_section = params.get("network_section")
update_command = params.get("update_command", "add-last")
options = params.get("cmd_options", "")
net_state = params.get("net_state")
use_in_guest = params.get("use_in_guest")
iface_type = params.get("iface_type", "network")
ip_version = params.get("ip_version", "ipv4")
new_start_ip = params.get("start_ip")
new_end_ip = params.get("end_ip")
parent_index = params.get("parent_index")
status_error = params.get("status_error", "no")
# dhcp host test
new_dhcp_host_ip = params.get("new_dhcp_host_ip")
new_dhcp_host_id = params.get("new_dhcp_host_id")
new_dhcp_host_name = params.get("new_dhcp_host_name")
new_dhcp_host_mac = params.get("new_dhcp_host_mac")
# ipv4 range/host test
ipv4_range_start = params.get("ori_ipv4_range_start")
ipv4_range_end = params.get("ori_ipv4_range_end")
ipv4_host_mac = params.get("ori_ipv4_host_mac")
ipv4_host_ip = params.get("ori_ipv4_host_ip")
ipv4_host_name = params.get("ori_ipv4_host_name")
# ipv6 range/host test
ipv6_range_start = params.get("ori_ipv6_range_start")
ipv6_range_end = params.get("ori_ipv6_range_end")
ipv6_host_id = params.get("ori_ipv6_host_id")
ipv6_host_name = params.get("ori_ipv6_host_name")
ipv6_host_ip = params.get("ori_ipv6_host_ip")
# dns test
dns_name = params.get("ori_dns_name")
dns_value = params.get("ori_dns_value")
new_dns_name = params.get("new_dns_name")
new_dns_value = params.get("new_dns_value")
# srv test
srv_service = params.get("ori_srv_service")
srv_protocol = params.get("ori_srv_protocol")
srv_domain = params.get("ori_srv_domain")
srv_target = params.get("ori_srv_target")
srv_port = params.get("ori_srv_port")
srv_priority = params.get("ori_srv_priority")
srv_weight = params.get("ori_srv_weight")
new_srv_service = params.get("new_srv_service")
new_srv_protocol = params.get("new_srv_protocol")
new_srv_domain = params.get("new_srv_domain")
new_srv_target = params.get("new_srv_target")
new_srv_port = params.get("new_srv_port")
new_srv_priority = params.get("new_srv_priority")
new_srv_weight = params.get("new_srv_weight")
# dns host test
dns_hostip = params.get("ori_dns_hostip")
dns_hostname = params.get("ori_dns_hostname")
dns_hostname2 = params.get("ori_dns_hostname2")
# setting for without part
without_ip_dhcp = params.get("without_ip_dhcp", "no")
without_dns = params.get("without_dns", "no")
without_dns_host = params.get("without_dns_host", "no")
without_dns_txt = params.get("without_dns_txt", "no")
without_dns_srv = params.get("without_dns_srv", "no")
without_dns_forwarder = params.get("without_dns_forwarder", "no")
# setting for update/check/without section
update_sec = params.get("update_sec")
check_sec = params.get("check_sec")
without_sec = params.get("without_sec")
check_without_sec = params.get("check_without_sec")
# forward test
forward_mode = params.get("forward_mode")
forward_iface = params.get("forward_iface", "eth2")
# other params
error_type = params.get("error_type", "")
vm_name = params.get("main_vm")
loop_time = int(params.get("loop_time", 1))
check_config_round = params.get("check_config_round", -1)
ipv4_host_id = ipv6_host_mac = ""
dns_enable = params.get("dns_enable", "yes")
guest_iface_num = int(params.get("guest_iface_num", 1))
newxml = ""
def get_hostfile():
"""
Get the content of hostfile
"""
logging.info("Checking network hostfile...")
hostfile = "/var/lib/libvirt/dnsmasq/%s.hostsfile" % net_name
with open(hostfile) as hostfile_d:
hostfile = hostfile_d.readlines()
return hostfile
def find_config(check_file, need_find):
"""
Find configure in check_file
:param check_file: The file that will check
:param need_find: If need to find the item in check_file, Boolean
"""
def _find_config(check_func):
def __find_config(*args, **kwargs):
logging.info("Checking content of %s", check_file)
ret = False
item = None
with open(check_file) as checkfile_d:
while True:
check_line = checkfile_d.readline()
if not check_line:
break
(ret, item) = check_func(check_line, *args, **kwargs)
if ret:
break
if not ret:
if need_find:
test.fail("Fail to find %s in %s" % (item, check_file))
else:
logging.info("Can not find %s in %s as expected" %
(item, check_file))
return __find_config
return _find_config
conf_file = "/var/lib/libvirt/dnsmasq/%s.conf" % net_name
@find_config(conf_file, True)
def check_item(check_line, item):
"""
Check if the item in config file
"""
if item in check_line:
logging.info("Find %s in %s", item, conf_file)
return (True, item)
else:
return (False, item)
host_file = "/var/lib/libvirt/dnsmasq/%s.addnhosts" % net_name
@find_config(host_file, True)
def check_host(check_line, item):
"""
Check if the item in host_file
"""
if re.search(item, check_line):
logging.info("Find %s in %s", item, host_file)
return (True, item)
else:
return (False, item)
@find_config(conf_file, False)
def check_item_absent(check_line, item):
"""
Check if the item not in config file
"""
if item in check_line:
test.fail("Find %s in %s" % (item, conf_file))
else:
return (False, item)
@find_config(host_file, False)
def check_host_absent(check_line, item):
"""
Check if the item not in host_file
"""
if re.search(item, check_line):
test.fail("Find %s in %s" % (item, host_file))
else:
return (False, item)
def section_update(ori_pre, new_pre):
"""
Deal with update section and without section in func
:param ori_pre: prefix of original section parameter name
:param new_pre: prefix of new section parameter name
"""
global flag_list, flag_list_abs, update_sec, without_sec
global check_sec, check_without_sec, newxml
if update_sec:
for sec in update_sec.split(","):
newxml = newxml.replace(names[ori_pre + sec],
names[new_pre + sec])
if update_command != "delete":
check_sec = update_sec
if without_sec:
for sec_no in without_sec.split(","):
newxml = re.sub(sec_no + "=\".*?\"", "", newxml)
if update_command == "modify":
check_without_sec = without_sec
if check_sec:
for c_sec in check_sec.split(","):
flag_list.append(names[new_pre + c_sec])
if check_without_sec:
for c_sec_no in check_without_sec.split(","):
flag_list_abs.append(names[ori_pre + c_sec_no])
dns_host_xml = """
<host ip='%s'>
<hostname>%s</hostname>
<hostname>%s</hostname>
</host>
""" % (dns_hostip, dns_hostname, dns_hostname2)
virtual_net = """
<network>
<name>%s</name>
<forward mode='nat'/>
<bridge name='%s' stp='on' delay='0' />
<mac address='52:54:00:03:78:6c'/>
<domain name="example.com" localOnly="no"/>
<mtu size="9000"/>
<dns enable='%s'>
<forwarder domain='example.com' addr="8.8.4.4"/>
<txt name='%s' value='%s'/>
<srv service='%s' protocol='%s' domain='%s' target='%s' port='%s' priority='%s' weight='%s'/>
%s
</dns>
<ip address='192.168.100.1' netmask='255.255.255.0'>
<dhcp>
<range start='%s' end='%s' />
<host mac='%s' ip='%s' name='%s' />
</dhcp>
</ip>
<ip family='ipv6' address='2001:db8:ca2:2::1' prefix='64'>
<dhcp>
<range start='%s' end='%s'/>
<host id='%s' name='%s' ip='%s'/>
</dhcp>
</ip>
<route family='ipv6' address='2001:db8:ca2:2::' prefix='64' gateway='2001:db8:ca2:2::4'/>
<ip address='192.168.101.1' netmask='255.255.255.0'/>
<ip family='ipv6' address='2001:db8:ca2:3::1' prefix='64' />
</network>
""" % (net_name, net_name, dns_enable, dns_name, dns_value, srv_service,
srv_protocol, srv_domain, srv_target, srv_port, srv_priority,
srv_weight, dns_host_xml, ipv4_range_start, ipv4_range_end,
ipv4_host_mac, ipv4_host_ip, ipv4_host_name, ipv6_range_start,
ipv6_range_end, ipv6_host_id, ipv6_host_name, ipv6_host_ip)
port_group = """
<portgroup name='engineering' default='no'>
<virtualport type='802.1Qbh'>
<parameters profileid='test'/>
</virtualport>
<bandwidth>
<inbound average='1000' peak='5000' burst='5120'/>
<outbound average='1000' peak='5000' burst='5120'/>
</bandwidth>
</portgroup>
"""
if use_in_guest == "yes":
vm = env.get_vm(vm_name)
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
vmxml_backup = vmxml.copy()
backup_files = []
try:
for loop in range(loop_time):
if loop_time > 1:
logging.info("Round %s:", loop + 1)
update_command = params.get("update_command").split(",")[loop]
if net_section == "ip-dhcp-host":
new_dhcp_host_ip = params.get("new_dhcp_host_ip").split(
",")[loop]
new_dhcp_host_name = params.get(
"new_dhcp_host_name").split(",")[loop]
new_dhcp_host_mac = params.get("new_dhcp_host_mac").split(
",")[loop]
status_error = params.get("status_error").split(",")[loop]
elif net_section == "dns-txt":
net_state = params.get("net_state").split(",")[loop]
# Get a tmp_dir.
tmp_dir = data_dir.get_tmp_dir()
# Write new xml into a tempfile
tmp_file = tempfile.NamedTemporaryFile(prefix=("new_xml_"),
dir=tmp_dir)
xmlfile = tmp_file.name
tmp_file.close()
# Generate testxml
test_xml = network_xml.NetworkXML(network_name=net_name)
test_xml.xml = virtual_net
names = locals()
if net_section == "portgroup":
portgroup_xml = network_xml.PortgroupXML()
portgroup_xml.xml = port_group
test_xml.portgroup = portgroup_xml
elif net_section == "forward-interface":
if forward_mode == "bridge":
forward_iface = utils_net.get_net_if(state="UP")[0]
test_xml.forward = {'mode': forward_mode}
test_xml.forward_interface = [{'dev': forward_iface}]
del test_xml.bridge
del test_xml.mac
for ip_num in range(4):
del test_xml.ip
del test_xml.routes
del test_xml.dns
del test_xml.mtu
del test_xml.domain_name
section_index = 0
if ip_version == "ipv6":
section_index = 1
element = "/%s" % net_section.replace('-', '/')
try:
section_xml = test_xml.get_section_string(xpath=element,
index=section_index)
except xcepts.LibvirtXMLNotFoundError:
newxml = section_xml = test_xml.get_section_string(
xpath="/ip/dhcp/range")
newxml = section_xml
logging.debug("section xml is %s", newxml)
flag_list = []
flag_list_abs = []
if (update_command == "delete"
and error_type not in ["host-mismatch", "range-mismatch"]
and not without_sec and not update_sec):
logging.info("The delete xml is %s", newxml)
else:
if net_section == "bridge":
new_bridge_name = net_name + "_new"
flag_list.append(new_bridge_name)
newxml = section_xml.replace(net_name, new_bridge_name)
logging.info("The new bridge xml is %s", newxml)
elif net_section == "forward":
new_mode = "route"
flag_list.append(new_mode)
newxml = section_xml.replace("nat", new_mode)
logging.info("The new forward xml is %s", newxml)
elif net_section == "ip":
new_netmask = "255.255.0.0"
flag_list.append(new_netmask)
newxml = section_xml.replace("255.255.255.0", new_netmask)
elif net_section == "ip-dhcp-range":
newxml = section_xml.replace(
names[ip_version + "_range_start"], new_start_ip)
newxml = newxml.replace(names[ip_version + "_range_end"],
new_end_ip)
for location in ["end", "start"]:
if names["new_" + location + "_ip"] == "":
newxml = newxml.replace(location + "=\"\"", "")
else:
flag_list.append(names["new_" + location + "_ip"])
elif net_section == "portgroup":
new_inbound_average = "2000"
flag_list.append(new_inbound_average)
newxml = section_xml.replace("1000", new_inbound_average)
newxml = newxml.replace("default=\"no\"",
"default=\"yes\"")
flag_list.append("default=('|\")yes")
if update_command in ['add-first', 'add-last', 'add']:
newxml = newxml.replace("engineering", "sales")
flag_list.append("sales")
if update_command == "modify" and status_error == "yes":
newxml = newxml.replace("engineering", "")
elif net_section == "forward-interface":
new_forward_iface = params.get("new_forward_iface")
if error_type != "interface-duplicate":
find_iface = 0
if not new_forward_iface and forward_mode == "bridge":
new_iface_list = utils_net.get_net_if(
qdisc="(mq|pfifo_fast)",
state="(UP|DOWN)",
optional="MULTICAST,UP")
logging.info("new_iface_list is %s",
new_iface_list)
for iface in new_iface_list:
if iface[0] != forward_iface:
new_forward_iface = iface[0]
find_iface = 1
break
if not find_iface:
test.cancel(
"Can not find another physical interface to attach"
)
else:
new_forward_iface = forward_iface
flag_list.append(new_forward_iface)
newxml = section_xml.replace(forward_iface,
new_forward_iface)
elif net_section == "ip-dhcp-host":
if (update_sec is None
and update_command not in ['modify', 'delete']):
if ip_version == "ipv4":
update_sec = "ip,mac,name"
elif ip_version == "ipv6":
update_sec = "ip,id,name"
section_update(ip_version + "_host_", "new_dhcp_host_")
elif net_section == "dns-txt":
section_update("dns_", "new_dns_")
elif net_section == "dns-srv":
section_update("srv_", "new_srv_")
elif net_section == "dns-host":
if without_sec == "hostname":
newxml = re.sub("<hostname>.*</hostname>\n", "",
newxml)
if status_error == 'no':
flag_list.append("ip=.*?" + dns_hostip)
flag_list.append(dns_hostname)
flag_list.append(dns_hostname2)
# for negative test may have net_section do not match issues
elif status_error == "no":
test.fail("Unknown network section")
logging.info("The new xml of %s is %s", net_section, newxml)
with open(xmlfile, 'w') as xmlfile_d:
xmlfile_d.write(newxml)
if without_ip_dhcp == "yes":
test_xml.del_element(element="/ip/dhcp")
test_xml.del_element(element="/ip/dhcp")
if without_dns == "yes":
test_xml.del_element(element='/dns')
if without_dns_host == "yes":
test_xml.del_element(element='/dns/host')
if without_dns_txt == "yes":
test_xml.del_element(element='/dns/txt')
if without_dns_srv == "yes":
test_xml.del_element(element='/dns/srv')
if without_dns_forwarder == "yes":
test_xml.del_element(element='/dns/forwarder')
# Only do net define/start in first loop
if (net_section == "ip-dhcp-range" and use_in_guest == "yes"
and without_ip_dhcp == "no"):
test_xml.del_element(element="/ip/dhcp", index=section_index)
if error_type == "index-nonexist":
for idx in [3, 2, 1]:
test_xml.del_element(element="/ip", index=idx)
test_xml.del_element(element="/route")
if loop == 0:
try:
# Define and start network
test_xml.debug_xml()
test_xml.define()
ori_net_xml = virsh.net_dumpxml(net_name).stdout.strip()
if "ipv6" in ori_net_xml:
host_ifaces = utils_net.get_net_if(state="UP")
backup_files.append(
remote.RemoteFile(address='127.0.0.1',
client='scp',
username=params.get('username'),
password=params.get('password'),
port='22',
remote_path='/proc/sys/net/ipv6/'
'conf/all/accept_ra'))
process.run(
"echo 2 > /proc/sys/net/ipv6/conf/all/accept_ra",
shell=True)
for host_iface in host_ifaces:
backup_files.append(
remote.RemoteFile(
address='127.0.0.1',
client='scp',
username=params.get('username'),
password=params.get('password'),
port='22',
remote_path='/proc/sys/net/ipv6/'
'conf/%s/accept_ra' % host_iface))
process.run(
"echo 2 > /proc/sys/net/ipv6/conf/%s/accept_ra"
% host_iface,
shell=True)
process.run(
"cat /proc/sys/net/ipv6/conf/%s/accept_ra" %
host_iface)
if net_state == "active" or net_state == "transient":
test_xml.start()
if net_state == "transient":
test_xml.del_defined()
list_result = virsh.net_list("--all --name").stdout.strip()
if net_name not in list_result:
test.fail("Can not find %s in net-list" % net_name)
except xcepts.LibvirtXMLError as detail:
test.error("Failed to define a test network.\n"
"Detail: %s." % detail)
else:
# setting net status for following loops
if net_state == "active":
test_xml.set_active(True)
elif net_state == "inactive":
test_xml.set_active(False)
# get hostfile before update
if without_ip_dhcp == "yes" and net_state == "active":
hostfile_before = get_hostfile()
if hostfile_before != []:
test.fail("hostfile is not empty before update: %s" %
hostfile_before)
logging.info("hostfile is empty before update")
# Get dnsmasq pid before update
check_dnsmasq = ((update_command == "add"
or update_command == "delete")
and net_section == "ip-dhcp-range"
and status_error == "no" and net_state == "active"
and options != "--config")
if check_dnsmasq:
cmd = "ps aux|grep dnsmasq|grep -v grep|grep %s|awk '{print $2}'" % net_name
pid_list_bef = process.run(
cmd, shell=True).stdout_text.strip().split('\n')
if parent_index:
options += " --parent-index %s" % parent_index
# Check config before update
if net_state == "active":
dns_txt = dns_srv = dns_host_str = None
try:
dns_txt = test_xml.get_section_string(xpath="/dns/txt")
dns_srv = test_xml.get_section_string(xpath="/dns/srv")
dns_host_str = test_xml.get_section_string(
xpath="/dns/host")
except xcepts.LibvirtXMLNotFoundError:
pass
txt_record = "txt-record=%s,%s" % (dns_name, dns_value)
srv_host = "srv-host=_%s._%s.%s,%s,%s,%s,%s" % (
srv_service, srv_protocol, srv_domain, srv_target,
srv_port, srv_priority, srv_weight)
hostline = "%s.*%s.*%s" % (dns_hostip, dns_hostname,
dns_hostname2)
if dns_txt:
check_item(txt_record)
if dns_srv:
check_item(srv_host)
if dns_host_str:
check_host(hostline)
# Do net-update operation
cmd_result = virsh.net_update(net_name,
update_command,
net_section,
xmlfile,
options,
debug=True)
if cmd_result.exit_status:
err = cmd_result.stderr.strip()
if status_error == "yes":
# index-mismatch error info and judgement
index_err1 = "the address family of a host entry IP must match the" + \
" address family of the dhcp element's parent"
index_err2 = "XML error: Invalid to specify MAC address.* in network" + \
".* IPv6 static host definition"
index_err3 = "mismatch of address family in range.* for network"
mismatch_expect = (error_type == "index-mismatch"
and (re.search(index_err1, err)
or re.search(index_err2, err)
or re.search(index_err3, err)))
err_dic = {}
# multi-host error info
err_dic["multi-hosts"] = "dhcp is supported only for a single.*" + \
" address on each network"
# range-mismatch error info
err_dic["range-mismatch"] = "couldn't locate a matching dhcp " + \
"range entry in network "
# index-nonexist error info
err_dic["index-nonexist"] = "couldn't update dhcp host entry " + \
"- no <ip.* element found at index 1 in network"
# host-mismatch error info
err_dic["host-mismatch"] = "couldn't locate a matching dhcp " + \
"host entry in network "
# dns-mismatch error info
err_dic["dns-mismatch"] = "couldn't locate a matching DNS TXT " + \
"record in network "
# range-duplicate error info
err_dic["range-duplicate"] = "there is an existing dhcp range" + \
" entry in network.* that matches"
# host-duplicate error info
err_dic["host-duplicate"] = "there is an existing dhcp host" + \
" entry in network.* that matches"
# out_of_range error info
err_dic[
"out-of-range"] = "range.* is not entirely within network"
# no end for range error
err_dic["range-no-end"] = "Missing 'end' attribute in dhcp " + \
"range for network"
# no match item for host modify err
err_dic["no-match-item"] = "couldn't locate an existing dhcp" + \
" host entry with.* in network"
# no host name and mac for modify err
err_dic["host-no-name-mac"] = "Static host definition in IPv4 network" + \
".* must have mac or name attribute"
# no host ip for modify err
err_dic["host-no-ip"] = "Missing IP address in static host " + \
"definition for network"
# wrong command name
err_dic["wrong-command-name"] = "unrecognized command name"
# wrong section name
err_dic["wrong-section-name"] = "unrecognized section name"
# delete with only id
err_dic["only-id"] = "At least one of name, mac, or ip attribute must be" + \
" specified for static host definition in network"
# options exclusive
err_dic[
"opt-exclusive"] = "Options --current and.* are mutually exclusive"
# range_reverse error info
if ip_version == "ipv4":
err_dic["range-reverse"] = "range.* is reversed"
elif ip_version == "ipv6":
err_dic[
"range-reverse"] = "range.*start larger than end"
# --live with inactive net
err_dic["invalid-state"] = "network is not running"
err_dic[
"transient"] = "cannot change persistent config of a transient network"
err_dic["dns-disable"] = "Extra data in disabled network"
err_dic[
"modify"] = "cannot be modified, only added or deleted"
err_dic["not-support"] = "can't update.*section of network"
err_dic["unrecognized"] = "unrecognized section name"
err_dic["interface-duplicate"] = "there is an existing interface entry " + \
"in network.* that matches"
err_dic[
"XML error"] = "XML error: Missing required name attribute in portgroup"
if (error_type in list(err_dic.keys())
and re.search(err_dic[error_type], err)
or mismatch_expect):
logging.debug("Get expect error: %s", err)
else:
test.fail("Do not get expect err msg: %s, %s" %
(error_type, err_dic))
else:
test.fail("Failed to execute net-update command")
elif status_error == "yes":
test.fail("Expect fail, but succeed")
# Get dnsmasq pid after update
if check_dnsmasq:
pid_list_aft = process.run(
cmd, shell=True).stdout_text.strip().split('\n')
for pid in pid_list_aft:
if pid in pid_list_bef:
test.fail("dnsmasq do not updated")
# Check the actual xml
cmd_result = virsh.net_dumpxml(net_name)
actual_net_xml = cmd_result.stdout.strip()
new_xml_obj = network_xml.NetworkXML.new_from_net_dumpxml(net_name)
logging.info("After net-update, the actual net xml is %s",
actual_net_xml)
if "ip-dhcp" in net_section:
if ip_version == "ipv6":
new_xml_obj.del_element(element="/ip", index=0)
if ip_version == "ipv4":
new_xml_obj.del_element(element="/ip", index=1)
config_not_work = ("--config" in options and net_state == "active"
and "--live" not in options)
if config_not_work:
if update_command != "delete":
flag_list_abs = flag_list
flag_list = []
else:
flag_list = flag_list_abs
flag_list_abs = []
logging.info("The check list is %s, absent list is %s", flag_list,
flag_list_abs)
if (update_command == "delete" and status_error == "no"
and not config_not_work and loop_time == 1):
try:
section_str = new_xml_obj.get_section_string(xpath=element)
except xcepts.LibvirtXMLNotFoundError:
section_str = None
logging.info("Can not find section %s in xml after delete",
element)
if section_str is not None:
test.fail("The actual net xml is not expected,"
"element still exists")
elif ("duplicate" not in error_type
and error_type != "range-mismatch"
and error_type != "host-mismatch"
and error_type != "not-support"):
# check xml should exists
for flag_string in flag_list:
logging.info(
"checking %s should in xml in positive test,"
"and absent in negative test", flag_string)
if not re.search(flag_string, actual_net_xml):
if ((status_error == "no"
and update_command != "delete")
or (update_command == "delete"
and status_error == "yes")):
test.fail("The actual net xml failed to update,"
"or expect delete fail but xml missing"
":%s" % flag_string)
else:
if ((status_error == "yes"
and update_command != "delete")
or (status_error == "no"
and update_command == "delete"
and not config_not_work)):
test.fail("Expect test fail, but find xml %s"
" actual, or expect delete succeed,"
"but fail in fact" % flag_string)
# check xml should not exists
for flag_string_abs in flag_list_abs:
logging.info(
"checking %s should NOT in xml in positive test,"
"and exist in negative test", flag_string_abs)
if re.search(flag_string_abs, actual_net_xml):
if status_error == "no":
test.fail("Expect absent in net xml, but exists"
"in fact: %s" % flag_string_abs)
else:
if status_error == "yes":
test.fail("Should exists in net xml, but it "
"disappeared: %s" % flag_string_abs)
# Check if add-last, add-fist works well
if (status_error == "no" and not config_not_work and
update_command in ["add-last", "add", "add-first"]):
if update_command == "add-first":
find_index = 0
else:
find_index = -1
section_str_aft = new_xml_obj.get_section_string(
xpath=element, index=find_index)
logging.info(
"xpath is %s, find_index is %s, section_str_aft is %s",
element, find_index, section_str_aft)
for flag_string in flag_list:
logging.info("flag_string is %s", flag_string)
if not re.search(flag_string, section_str_aft):
test.fail("Can not find %s in %s" %
(flag_string, section_str_aft))
logging.info("%s %s in right place", update_command,
section_str_aft)
# Check the positive test result
if status_error == "no":
# Check the network conf file
# live update
if ("--live" in options or "--config"
not in options) and net_state == "active":
if net_section == "ip-dhcp-range" and update_command == "add-first":
ip_range = "%s,%s" % (new_start_ip, new_end_ip)
if ip_version == "ipv6":
ip_range = ip_range + ",64"
check_item(ip_range)
if "dns" in net_section:
if update_command == "delete" and loop == 0:
if net_section == "dns-srv":
check_item_absent(srv_host)
if net_section == "dns-txt":
check_item_absent(txt_record)
if net_section == "dns-host":
check_host_absent(dns_host_str)
elif "add" in update_command:
if net_section == "dns-srv":
for sec in update_sec.split(","):
srv_host = srv_host.replace(
names["srv_" + sec],
names["new_srv_" + sec])
check_item(srv_host)
if net_section == "dns-txt":
for sec in update_sec.split(","):
txt_record = txt_record.replace(
names["dns_" + sec],
names["new_dns_" + sec])
check_item(txt_record)
if net_section == "dns-host":
check_host(hostline)
# Check the hostfile
if (net_section == "ip-dhcp-host"
and update_command != "modify"
and update_command != "delete"):
dic_hostfile = {}
for sec in ["ip", "mac", "name", "id"]:
if update_sec is not None and sec in update_sec.split(
","):
dic_hostfile[sec] = names["new_dhcp_host_" +
sec] + ","
else:
dic_hostfile[sec] = names[ip_version +
"_host_" + sec] + ","
if sec == "ip" and ip_version == "ipv6":
dic_hostfile[sec] = "[" + dic_hostfile[
sec].strip(",") + "]"
if without_sec is not None and sec in without_sec.split(
","):
dic_hostfile[sec] = ""
if ip_version == "ipv4":
host_info = (dic_hostfile["mac"] +
dic_hostfile["ip"] +
dic_hostfile["name"])
if dic_hostfile["mac"] == "":
host_info = dic_hostfile[
"name"] + dic_hostfile["ip"]
if ip_version == "ipv6":
host_info = ("id:" + dic_hostfile["id"] +
dic_hostfile["name"] +
dic_hostfile["ip"])
hostfile = get_hostfile()
host_info_patten = host_info.strip(",") + "\n"
if host_info_patten in hostfile:
logging.info("host info %s is in hostfile %s",
host_info, hostfile)
else:
test.fail("Can not find %s in host file: %s" %
(host_info, hostfile))
# Check the net in guest
if use_in_guest == "yes" and loop == 0:
# Detach all interfaces of vm first
iface_index = 0
mac_list = vm_xml.VMXML.get_iface_dev(vm_name)
for mac in mac_list:
iface_dict = vm_xml.VMXML.get_iface_by_mac(
vm_name, mac)
virsh.detach_interface(
vm_name, "--type %s --mac %s --config" %
(iface_dict.get('type'), mac))
vm.free_mac_address(iface_index)
iface_index += 1
# attach new interface to guest
for j in range(guest_iface_num):
if net_section == "ip-dhcp-host" and new_dhcp_host_mac:
mac = new_dhcp_host_mac
else:
mac = utils_net.generate_mac_address_simple()
ret = virsh.attach_interface(
vm_name,
"--type %s --source %s --mac %s --config" %
(iface_type, net_name, mac))
if ret.exit_status:
test.fail(
"Fail to attach new interface to guest: %s" %
ret.stderr.strip())
# The sleep here is to make sure the update make effect
time.sleep(2)
# Start guest and check ip/mac/hostname...
vm.start()
logging.debug("vm xml is %s", vm.get_xml())
session = vm.wait_for_serial_login(internal_timeout=60)
if "ip-dhcp" in net_section:
dhclient_cmd = "(if pgrep dhclient;" \
"then pkill dhclient; sleep 3; fi) " \
"&& dhclient -%s -lf /dev/stdout" % ip_version[-1]
leases = session.cmd_output(dhclient_cmd)
iface_ip = utils_net.get_guest_ip_addr(
session, mac, ip_version=ip_version, timeout=10)
if net_section == "ip-dhcp-range":
if new_start_ip <= iface_ip <= new_end_ip:
logging.info("getting ip %s is in range [%s ~ %s]",
iface_ip, new_start_ip, new_end_ip)
else:
test.fail("getting ip %s not in range [%s ~ %s]" %
(iface_ip, new_start_ip, new_end_ip))
if net_section == "ip-dhcp-host":
if iface_ip == new_dhcp_host_ip:
logging.info("getting ip is same with set: %s",
iface_ip)
else:
test.fail(
"getting ip %s is not same with setting %s" %
(iface_ip, new_dhcp_host_ip))
hostname = session.cmd_output("hostname -s").strip(
'\n')
# option host-name "redhatipv4-2"
dhcp_hostname = "option host-name \"%s\"" % new_dhcp_host_name.split(
'.')[0]
if hostname == new_dhcp_host_name.split(
'.')[0] or dhcp_hostname in leases:
logging.info(
"getting hostname same with setting: %s",
new_dhcp_host_name.split('.')[0])
else:
test.fail("getting hostname %s is not same with "
"setting: %s" %
(hostname, new_dhcp_host_name))
session.close()
# Check network connection for macvtap
if (use_in_guest == "yes"
and net_section == "forward-interface"
and forward_mode == "bridge"):
xml_obj_use = network_xml.NetworkXML.new_from_net_dumpxml(
net_name)
net_conn = int(xml_obj_use.connection)
iface_conn = xml_obj_use.get_interface_connection()
conn_count = 0
for k in iface_conn:
conn_count = conn_count + int(k)
logging.info(
"net_conn=%s, conn_count=%s, guest_iface_num=%s" %
(net_conn, conn_count, guest_iface_num))
if (net_conn != conn_count
or (loop == 1 and guest_iface_num != net_conn)):
test.fail("Can not get expected connection num: "
"net_conn = %s, iface_conn = %s" %
(net_conn, conn_count))
#Check --config option after net destroyed
if (int(check_config_round) == loop
or (loop_time == 1 and "--current" in options
and net_state == "active")):
test_xml.set_active(False)
logging.info("Checking xml after net destroyed")
cmd_result = virsh.net_dumpxml(net_name)
inactive_xml = cmd_result.stdout.strip()
logging.info("inactive_xml is %s", inactive_xml)
#Check the inactive xml
for check_str in flag_list:
if update_command != "delete":
if "--config" in options:
if not re.search(check_str, inactive_xml):
test.fail(
"Can not find xml after net destroyed")
if "--current" in options:
if re.search(check_str, inactive_xml):
test.fail(
"XML still exists after net destroyed")
else:
if "--config" in options:
if re.search(check_str, inactive_xml):
test.fail(
"XML still exists after net destroyed")
if "--current" in options:
if not re.search(check_str, inactive_xml):
test.fail(
"Can not find xml after net destroyed")
logging.info("Check for net inactive PASS")
finally:
if test_xml.get_active():
test_xml.del_active()
if test_xml.get_defined():
test_xml.del_defined()
if os.path.exists(xmlfile):
os.remove(xmlfile)
if use_in_guest == "yes":
vm = env.get_vm(vm_name)
if vm.is_alive():
vm.destroy(gracefully=False)
vmxml_backup.sync()
for config_file in backup_files:
config_file._reset_file()
def run(test, params, env):
"""
Test remote access with TCP, TLS connection
"""
test_dict = dict(params)
pattern = test_dict.get("filter_pattern", "")
if ('@LIBVIRT' in pattern and
distro.detect().name == 'rhel' and
int(distro.detect().version) < 8):
test.cancel("The test {} is not supported on current OS({}{}<8.0) as "
"the keyword @LIBVIRT is not supported by gnutls on this "
"OS.".format(test.name, distro.detect().name,
distro.detect().version))
vm_name = test_dict.get("main_vm")
status_error = test_dict.get("status_error", "no")
allowed_dn_str = params.get("tls_allowed_dn_list")
if allowed_dn_str:
allowed_dn_list = []
if not libvirt_version.version_compare(1, 0, 0):
# Reverse the order in the dn list to workaround the
# feature changes between RHEL 6 and RHEL 7
dn_list = allowed_dn_str.split(",")
dn_list.reverse()
allowed_dn_str = ','.join(dn_list)
allowed_dn_list.append(allowed_dn_str)
test_dict['tls_allowed_dn_list'] = allowed_dn_list
transport = test_dict.get("transport")
plus = test_dict.get("conn_plus", "+")
config_ipv6 = test_dict.get("config_ipv6", "no")
tls_port = test_dict.get("tls_port", "")
listen_addr = test_dict.get("listen_addr", "0.0.0.0")
ssh_port = test_dict.get("ssh_port", "")
tcp_port = test_dict.get("tcp_port", "")
server_ip = test_dict.get("server_ip")
server_user = test_dict.get("server_user")
server_pwd = test_dict.get("server_pwd")
no_any_config = params.get("no_any_config", "no")
sasl_type = test_dict.get("sasl_type", "gssapi")
sasl_user_pwd = test_dict.get("sasl_user_pwd")
sasl_allowed_users = test_dict.get("sasl_allowed_users")
server_cn = test_dict.get("server_cn")
custom_pki_path = test_dict.get("custom_pki_path")
rm_client_key_cmd = test_dict.get("remove_client_key_cmd")
rm_client_cert_cmd = test_dict.get("remove_client_cert_cmd")
ca_cn_new = test_dict.get("ca_cn_new")
no_verify = test_dict.get("no_verify", "no")
ipv6_addr_des = test_dict.get("ipv6_addr_des")
tls_sanity_cert = test_dict.get("tls_sanity_cert")
restart_libvirtd = test_dict.get("restart_libvirtd", "yes")
diff_virt_ver = test_dict.get("diff_virt_ver", "no")
driver = test_dict.get("test_driver", "qemu")
uri_path = test_dict.get("uri_path", "/system")
virsh_cmd = params.get("virsh_cmd", "list")
action = test_dict.get("libvirtd_action", "restart")
uri_user = test_dict.get("uri_user", "")
uri_aliases = test_dict.get("uri_aliases", "")
uri_default = test_dict.get("uri_default", "")
unix_sock_dir = test_dict.get("unix_sock_dir")
mkdir_cmd = test_dict.get("mkdir_cmd")
rmdir_cmd = test_dict.get("rmdir_cmd")
adduser_cmd = test_dict.get("adduser_cmd")
deluser_cmd = test_dict.get("deluser_cmd")
auth_conf = test_dict.get("auth_conf")
auth_conf_cxt = test_dict.get("auth_conf_cxt")
polkit_pkla = test_dict.get("polkit_pkla")
polkit_pkla_cxt = test_dict.get("polkit_pkla_cxt")
ssh_setup = test_dict.get("ssh_setup", "no")
tcp_setup = test_dict.get("tcp_setup", "no")
tls_setup = test_dict.get("tls_setup", "no")
unix_setup = test_dict.get("unix_setup", "no")
ssh_recovery = test_dict.get("ssh_auto_recovery", "yes")
tcp_recovery = test_dict.get("tcp_auto_recovery", "yes")
tls_recovery = test_dict.get("tls_auto_recovery", "yes")
unix_recovery = test_dict.get("unix_auto_recovery", "yes")
sasl_allowed_username_list = test_dict.get("sasl_allowed_username_list")
auth_unix_rw = test_dict.get("auth_unix_rw")
kinit_pwd = test_dict.get("kinit_pwd")
test_alias = test_dict.get("test_alias")
config_list = []
port = ""
# extra URI arguments
extra_params = ""
# it's used to clean up SSH, TLS, TCP, UNIX and SASL objs later
objs_list = []
# redirect LIBVIRT_DEBUG log into test log later
test_dict["logfile"] = test.logfile
# Make sure all of parameters are assigned a valid value
check_parameters(test_dict, test)
# Make sure libvirtd on remote is running
server_session = remote.wait_for_login('ssh', server_ip, '22',
server_user, server_pwd,
r"[\#\$]\s*$")
remote_libvirtd = Libvirtd(session=server_session)
if not remote_libvirtd.is_running():
logging.debug("start libvirt on remote")
res = remote_libvirtd.start()
if not res:
status, output = server_session.cmd_status_output("journalctl -xe")
test.error("Failed to start libvirtd on remote. [status]: %s "
"[output]: %s." % (status, output))
server_session.close()
if distro.detect().name == 'rhel' and int(distro.detect().version) >= 9:
# Update crypto policies to legacy for RHEL>=9 per Bug 1931723 or
# https://libguestfs.org/virt-v2v-input-xen.1.html#ssh-authentication
crypto_policies = process.run("update-crypto-policies --set LEGACY",
ignore_status=False)
# only simply connect libvirt daemon then return
if no_any_config == "yes":
test_dict["uri"] = "%s%s%s://%s" % (driver, plus, transport, uri_path)
remote_access(test_dict, test)
return
# append extra 'pkipath' argument to URI if exists
if custom_pki_path:
extra_params = "?pkipath=%s" % custom_pki_path
# append extra 'no_verify' argument to URI if exists
if no_verify == "yes":
extra_params = "?no_verify=1"
# append extra 'socket' argument to URI if exists
if unix_sock_dir:
extra_params = "?socket=%s/libvirt-sock" % unix_sock_dir
# generate auth.conf and default under the '/etc/libvirt'
if auth_conf_cxt and auth_conf:
cmd = "echo -e '%s' > %s" % (auth_conf_cxt, auth_conf)
process.system(cmd, ignore_status=True, shell=True)
# generate polkit_pkla and default under the
# '/etc/polkit-1/localauthority/50-local.d/'
if polkit_pkla_cxt and polkit_pkla:
cmd = "echo -e '%s' > %s" % (polkit_pkla_cxt, polkit_pkla)
process.system(cmd, ignore_status=True, shell=True)
# generate remote IP
if config_ipv6 == "yes" and ipv6_addr_des:
remote_ip = "[%s]" % ipv6_addr_des
elif config_ipv6 != "yes" and server_cn:
remote_ip = server_cn
elif config_ipv6 != "yes" and ipv6_addr_des:
remote_ip = "[%s]" % ipv6_addr_des
elif server_ip and transport != "unix":
remote_ip = server_ip
else:
remote_ip = ""
# get URI port
if tcp_port != "":
port = ":" + tcp_port
if tls_port != "":
port = ":" + tls_port
if ssh_port != "" and not ipv6_addr_des:
port = ":" + ssh_port
# generate URI
uri = "%s%s%s://%s%s%s%s%s" % (driver, plus, transport, uri_user,
remote_ip, port, uri_path, extra_params)
test_dict["uri"] = uri
logging.debug("The final test dict:\n<%s>", test_dict)
if virsh_cmd == "start" and transport != "unix":
session = remote.wait_for_login("ssh", server_ip, "22", "root",
server_pwd, "#")
cmd = "virsh domstate %s" % vm_name
status, output = session.cmd_status_output(cmd)
if status:
session.close()
test.cancel(output)
session.close()
try:
# setup IPv6
if config_ipv6 == "yes":
ipv6_obj = IPv6Manager(test_dict)
objs_list.append(ipv6_obj)
ipv6_obj.setup()
# compare libvirt version if needs
if diff_virt_ver == "yes":
compare_virt_version(server_ip, server_user, server_pwd, test)
# setup SSH
if (transport == "ssh" or ssh_setup == "yes") and sasl_type != "plain":
if not test_dict.get("auth_pwd"):
ssh_obj = SSHConnection(test_dict)
if ssh_recovery == "yes":
objs_list.append(ssh_obj)
# setup test environment
ssh_obj.conn_setup()
else:
# To access to server with password,
# cleanup authorized_keys on remote
ssh_pubkey_file = "/root/.ssh/id_rsa.pub"
if (os.path.exists("/root/.ssh/id_rsa") and
os.path.exists(ssh_pubkey_file)):
remote_file_obj = remote.RemoteFile(address=server_ip,
client='scp',
username=server_user,
password=server_pwd,
port='22',
remote_path="/root/.ssh/authorized_keys")
with open(ssh_pubkey_file, 'r') as fd:
line = fd.read().split()[-1].rstrip('\n')
line = ".*" + line
remote_file_obj.remove([line])
objs_list.append(remote_file_obj)
# setup TLS
if transport == "tls" or tls_setup == "yes":
tls_obj = TLSConnection(test_dict)
if tls_recovery == "yes":
objs_list.append(tls_obj)
# reserve cert path
tmp_dir = tls_obj.tmp_dir
# setup test environment
tls_obj.conn_setup()
# setup TCP
if transport == "tcp" or tcp_setup == "yes":
tcp_obj = TCPConnection(test_dict)
if tcp_recovery == "yes":
objs_list.append(tcp_obj)
# setup test environment
tcp_obj.conn_setup()
# create a directory if needs
if mkdir_cmd:
process.system(mkdir_cmd, ignore_status=True, shell=True)
# setup UNIX
if transport == "unix" or unix_setup == "yes" or sasl_type == "plain":
unix_obj = UNIXConnection(test_dict)
if unix_recovery == "yes":
objs_list.append(unix_obj)
# setup test environment
unix_obj.conn_setup()
# need to restart libvirt service for negative testing
if restart_libvirtd == "no":
remotely_control_libvirtd(server_ip, server_user,
server_pwd, action, status_error)
# check TCP/IP listening by service
if restart_libvirtd != "no" and transport != "unix":
service = 'libvirtd'
if transport == "ssh":
service = 'ssh'
check_listening_port_remote_by_service(server_ip, server_user,
server_pwd, service,
port, listen_addr)
# open the tls/tcp listening port on server
if transport in ["tls", "tcp"]:
firewalld_port = port[1:]
server_session = remote.wait_for_login('ssh', server_ip, '22',
server_user, server_pwd,
r"[\#\$]\s*$")
firewall_cmd = utils_iptables.Firewall_cmd(server_session)
firewall_cmd.add_port(firewalld_port, 'tcp', permanent=True)
server_session.close()
if 'inv_transport' in test_dict:
transport = test_dict['inv_transport']
uri = "%s%s%s://%s%s%s%s%s" % (driver, plus, transport, uri_user,
remote_ip, port, uri_path,
extra_params)
test_dict["uri"] = uri
config_list = []
if uri_aliases:
uri_config = change_libvirtconf_on_client(
{'uri_aliases': uri_aliases})
config_list.append(uri_config)
test_dict["uri"] = test_alias
if uri_default:
test_dict["uri"] = ""
# Delete the default URI environment variable to prevent overriding
del os.environ['LIBVIRT_DEFAULT_URI']
uri_config = change_libvirtconf_on_client(
{'uri_default': uri_default})
config_list.append(uri_config)
ret = virsh.command('uri', debug=True)
if uri_default.strip('"') in ret.stdout_text:
logging.debug("Virsh output as expected.")
else:
test.fail("Expected virsh output: {} not found in:{}".format(
uri_default.strip('"'), ret.stdout_text))
# remove client certifications if exist, only for TLS negative testing
if rm_client_key_cmd:
process.system(rm_client_key_cmd, ignore_status=True, shell=True)
if rm_client_cert_cmd:
process.system(rm_client_cert_cmd, ignore_status=True, shell=True)
# add user to specific group
if adduser_cmd:
process.system(adduser_cmd, ignore_status=True, shell=True)
# change /etc/pki/libvirt/servercert.pem then
# restart libvirt service on the remote host
if tls_sanity_cert == "no" and ca_cn_new:
test_dict['ca_cn'] = ca_cn_new
test_dict['scp_new_cacert'] = 'no'
tls_obj_new = TLSConnection(test_dict)
test_dict['tls_obj_new'] = tls_obj_new
# only setup new CA and server
tls_obj_new.conn_setup(True, False)
# obtain and cache a ticket
if kinit_pwd and sasl_type == 'gssapi' and auth_unix_rw == 'sasl':
username_list = json.loads(sasl_allowed_username_list)
for username in username_list:
kinit_cmd = "echo '%s' | kinit %s" % (kinit_pwd, username)
process.system(kinit_cmd, ignore_status=True, shell=True)
# setup SASL certification
# From libvirt-3.2.0, the default sasl change from
# DIGEST-MD5 to GSSAPI. "sasl_user" is discarded.
# More details: https://libvirt.org/auth.html#ACL_server_kerberos
if sasl_user_pwd and sasl_type in ['digest-md5', 'plain']:
# covert string tuple and list to python data type
sasl_user_pwd = eval(sasl_user_pwd)
if sasl_allowed_users:
sasl_allowed_users = eval(sasl_allowed_users)
# create a sasl user
sasl_obj = SASL(test_dict)
objs_list.append(sasl_obj)
sasl_obj.setup()
for sasl_user, sasl_pwd in sasl_user_pwd:
# need't authentication if the auth.conf is configured by user
if not auth_conf:
if sasl_type == 'plain':
test_dict["auth_pwd"] = server_pwd
pass
else:
test_dict["auth_user"] = sasl_user
test_dict["auth_pwd"] = sasl_pwd
logging.debug("sasl_user, sasl_pwd = "
"(%s, %s)", sasl_user, sasl_pwd)
if sasl_allowed_users and sasl_user not in sasl_allowed_users:
test_dict["status_error"] = "yes"
patterns_extra_dict = {"authentication name": sasl_user,
"enter your password": sasl_pwd}
test_dict["patterns_extra_dict"] = patterns_extra_dict
remote_access(test_dict, test)
else:
if not uri_default:
remote_access(test_dict, test)
finally:
# recovery test environment
# Destroy the VM after all test are done
for config in config_list:
restore_libvirtconf_on_client(config)
cleanup(objs_list)
if vm_name:
vm = env.get_vm(vm_name)
if vm and vm.is_alive():
vm.destroy(gracefully=False)
if transport in ["tcp", "tls"] and 'firewalld_port' in locals():
server_session = remote.wait_for_login('ssh', server_ip, '22',
server_user, server_pwd,
r"[\#\$]\s*$")
firewall_cmd = utils_iptables.Firewall_cmd(server_session)
firewall_cmd.remove_port(firewalld_port, 'tcp', permanent=True)
server_session.close()
if rmdir_cmd:
process.system(rmdir_cmd, ignore_status=True, shell=True)
if deluser_cmd:
process.system(deluser_cmd, ignore_status=True, shell=True)
if auth_conf and os.path.isfile(auth_conf):
os.unlink(auth_conf)
if polkit_pkla and os.path.isfile(polkit_pkla):
os.unlink(polkit_pkla)
def guest_config(vm, ip_addr):
"""
Add a new nic to guest and set a static ip address
:param vm: Configured guest
:param ip_addr: Set ip address
"""
# Attach an interface device
# Use attach-device, not attach-interface, because attach-interface
# doesn't support 'direct'
interface_class = vm_xml.VMXML.get_device_class('interface')
interface = interface_class(type_name="direct")
interface.source = dict(dev=str(eth_card_no), mode=str(iface_mode))
interface.model = "virtio"
interface.xmltreefile.write()
if vm.is_alive():
vm.destroy(gracefully=False)
virsh.attach_device(vm.name, interface.xml, flagstr="--config")
os.remove(interface.xml)
vmxml = vm_xml.VMXML.new_from_inactive_dumpxml(vm.name)
new_nic = vmxml.get_devices(device_type="interface")[-1]
# Modify new interface's IP
vm.start()
time.sleep(35)
#session = vm.wait_for_login()
username = vm.params.get("username", "")
password = vm.params.get("password", "")
session = vm.wait_for_serial_login(username=username,
password=password)
status, output = session.cmd_status_output(
"ifconfig eth0 | grep 'inet ' | awk '{print $2}'")
output = output.strip('\n')
if output:
session.cmd("ip route add 192.168.1.0/24 dev eth0 table 20")
input_cmd = "ip rule add from %s table 20" % output
session.cmd(input_cmd)
time.sleep(1)
global eth_name
eth_name = utils_net.get_linux_ifname(session, new_nic.mac_address)
eth_config_detail_list = [
'TYPE=Ethernet',
'DEVICE=%s' % eth_name,
'HWADDR=%s' % new_nic.mac_address, 'ONBOOT=yes',
'BOOTPROTO=static',
'IPADDR=%s' % ip_addr, 'PREFIX=24'
]
remote_file = remote.RemoteFile(vm.get_address(), 'scp', 'root',
params.get('password'), 22,
eth_config_file)
remote_file.truncate()
remote_file.add(eth_config_detail_list)
try:
# Attached interface maybe already active
session.cmd("ifdown %s" % eth_name)
except aexpect.ShellCmdError:
pass
try:
session.cmd("ifup %s" % eth_name)
except aexpect.ShellCmdError:
pass
session = vm.wait_for_login()
return session
def reset_domain(vm,
vm_state,
needs_agent=False,
guest_cpu_busy=False,
password=None):
"""
Setup guest agent in domain.
:param vm: the vm object
:param vm_state: the given vm state string "shut off" or "running"
"""
if vm.is_alive():
vm.destroy()
vm_xml = libvirt_xml.VMXML()
vm_xml.new_from_dumpxml(vm.name)
if needs_agent:
logging.debug("Attempting to set guest agent channel")
vm_xml.set_agent_channel(vm.name)
if not vm_state == "shut off":
vm.start()
session = vm.wait_for_login()
if needs_agent:
# Check if qemu-ga already started automatically
session = vm.wait_for_login()
cmd = "rpm -q qemu-guest-agent || yum install -y qemu-guest-agent"
stat_install = session.cmd_status(cmd, 300)
if stat_install != 0:
raise error.TestFail("Fail to install qemu-guest-agent, make "
"sure that you have usable repo in guest")
# Check if qemu-ga already started
stat_ps = session.cmd_status("ps aux |grep [q]emu-ga")
if stat_ps != 0:
session.cmd("qemu-ga -d")
# Check if the qemu-ga really started
stat_ps = session.cmd_status("ps aux |grep [q]emu-ga")
if stat_ps != 0:
raise error.TestFail("Fail to run qemu-ga in guest")
if guest_cpu_busy:
shell_file = "/tmp/test.sh"
cpu_detail_list = [
'while true', 'do', ' j==\${j:+1}', ' j==\${j:-1}',
'done'
]
remote_file = remote.RemoteFile(vm.get_address(), 'scp', 'root',
password, 22, shell_file)
remote_file.truncate()
remote_file.add(cpu_detail_list)
session.cmd('chmod 777 %s' % shell_file)
session.cmd('%s &' % shell_file)
if vm_state == "paused":
vm.pause()
elif vm_state == "halt":
try:
session.cmd("halt")
except (aexpect.ShellProcessTerminatedError, aexpect.ShellStatusError):
# The halt command always gets these errors, but execution is OK,
# skip these errors
pass
elif vm_state == "pm_suspend":
# Execute "pm-suspend-hybrid" command directly will get Timeout error,
# so here execute it in background, and wait for 3s manually
if session.cmd_status("which pm-suspend-hybrid"):
raise error.TestNAError("Cannot execute this test for domain"
" doesn't have pm-suspend-hybrid command!")
session.cmd("pm-suspend-hybrid &")
time.sleep(3)
