diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 18:24:20 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 18:24:20 +0000 |
commit | 483eb2f56657e8e7f419ab1a4fab8dce9ade8609 (patch) | |
tree | e5d88d25d870d5dedacb6bbdbe2a966086a0a5cf /src/test/cli/ceph-authtool | |
parent | Initial commit. (diff) | |
download | ceph-upstream.tar.xz ceph-upstream.zip |
Adding upstream version 14.2.21.upstream/14.2.21upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/test/cli/ceph-authtool')
-rw-r--r-- | src/test/cli/ceph-authtool/add-key-segv.t | 6 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/add-key.t | 27 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/cap-bin.t | 6 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/cap-invalid.t | 12 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/cap-overwrite.t | 11 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/cap.t | 11 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/create-gen-list-bin.t | 16 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/create-gen-list.t | 20 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/help.t | 25 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/list-empty-bin.t | 5 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/list-empty.t | 5 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/list-nonexistent-bin.t | 7 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/list-nonexistent.t | 7 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/manpage.t | 32 | ||||
-rw-r--r-- | src/test/cli/ceph-authtool/simple.t | 3 |
15 files changed, 193 insertions, 0 deletions
diff --git a/src/test/cli/ceph-authtool/add-key-segv.t b/src/test/cli/ceph-authtool/add-key-segv.t new file mode 100644 index 00000000..6914593f --- /dev/null +++ b/src/test/cli/ceph-authtool/add-key-segv.t @@ -0,0 +1,6 @@ + $ ceph-authtool kring --create-keyring --mode 0644 + creating kring + + $ ceph-authtool kring --add-key 'FAKEBASE64 foo' + can't decode key 'FAKEBASE64 foo' + [1] diff --git a/src/test/cli/ceph-authtool/add-key.t b/src/test/cli/ceph-authtool/add-key.t new file mode 100644 index 00000000..0da2365c --- /dev/null +++ b/src/test/cli/ceph-authtool/add-key.t @@ -0,0 +1,27 @@ + $ ceph-authtool kring --create-keyring --mode 0644 + creating kring + + $ ceph-authtool kring --add-key 'AQAK7yxNeF+nHBAA0SgSdbs8IkJrxroDeJ6SwQ== 18446744073709551615' + added entity client.admin auth(key=AQAK7yxNeF+nHBAA0SgSdbs8IkJrxroDeJ6SwQ==) + +# cram makes matching escape-containing lines with regexps a bit ugly + $ ceph-authtool kring --list + [client.admin] + \tkey = AQAK7yxNeF+nHBAA0SgSdbs8IkJrxroDeJ6SwQ== (esc) + + $ cat kring + [client.admin] + \tkey = AQAK7yxNeF+nHBAA0SgSdbs8IkJrxroDeJ6SwQ== (esc) + +Test --add-key with empty argument + + $ ceph-authtool kring -C --name=mon.* --add-key= --cap mon 'allow *' + Option --add-key requires an argument + [1] + + $ ceph-authtool test.keyring --create-keyring --mode 0644 + creating test.keyring + + $ ceph-authtool test.keyring --name client.test --cap osd 'allow rwx' --cap mon 'allow r' --add-key 'AQAK7yxNeF+nHBAA0SgSdbs8IkJrxroDeJ6SwQ== 18446744073709551615' + added entity client.test auth(key=AQAK7yxNeF+nHBAA0SgSdbs8IkJrxroDeJ6SwQ==) + added 2 caps to entity client.test diff --git a/src/test/cli/ceph-authtool/cap-bin.t b/src/test/cli/ceph-authtool/cap-bin.t new file mode 100644 index 00000000..7a6383b8 --- /dev/null +++ b/src/test/cli/ceph-authtool/cap-bin.t @@ -0,0 +1,6 @@ + $ ceph-authtool kring --create-keyring --gen-key --mode 0644 + creating kring + + $ ceph-authtool --cap osd 'allow rx pool=swimming' kring + $ ceph-authtool kring --list|grep -E '^[[:space:]]caps ' + \tcaps osd = "allow rx pool=swimming" (esc) diff --git a/src/test/cli/ceph-authtool/cap-invalid.t b/src/test/cli/ceph-authtool/cap-invalid.t new file mode 100644 index 00000000..d72f34fe --- /dev/null +++ b/src/test/cli/ceph-authtool/cap-invalid.t @@ -0,0 +1,12 @@ + $ ceph-authtool kring --create-keyring --gen-key --mode 0644 + creating kring + +# TODO is this nice? + $ ceph-authtool --cap osd 'broken' kring + $ ceph-authtool kring --list|grep -E '^[[:space:]]caps ' + \tcaps osd = "broken" (esc) + +# TODO is this nice? + $ ceph-authtool --cap xyzzy 'broken' kring + $ ceph-authtool kring --list|grep -E '^[[:space:]]caps ' + \tcaps xyzzy = "broken" (esc) diff --git a/src/test/cli/ceph-authtool/cap-overwrite.t b/src/test/cli/ceph-authtool/cap-overwrite.t new file mode 100644 index 00000000..9bc5b07e --- /dev/null +++ b/src/test/cli/ceph-authtool/cap-overwrite.t @@ -0,0 +1,11 @@ + $ ceph-authtool kring --create-keyring --gen-key --mode 0644 + creating kring + + $ ceph-authtool --cap osd 'allow rx pool=swimming' kring + $ ceph-authtool kring --list|grep -E '^[[:space:]]caps ' + \tcaps osd = "allow rx pool=swimming" (esc) + +# TODO it seems --cap overwrites all previous caps; is this wanted? + $ ceph-authtool --cap mds 'allow' kring + $ ceph-authtool kring --list|grep -E '^[[:space:]]caps ' + \tcaps mds = "allow" (esc) diff --git a/src/test/cli/ceph-authtool/cap.t b/src/test/cli/ceph-authtool/cap.t new file mode 100644 index 00000000..b9748d9a --- /dev/null +++ b/src/test/cli/ceph-authtool/cap.t @@ -0,0 +1,11 @@ + $ ceph-authtool kring --create-keyring --gen-key --mode 0644 + creating kring + + $ ceph-authtool --cap osd 'allow rx pool=swimming' kring + $ ceph-authtool kring --list|grep -E '^[[:space:]]caps ' + \tcaps osd = "allow rx pool=swimming" (esc) + + $ cat kring + [client.admin] + \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re) + \tcaps osd = "allow rx pool=swimming" (esc) diff --git a/src/test/cli/ceph-authtool/create-gen-list-bin.t b/src/test/cli/ceph-authtool/create-gen-list-bin.t new file mode 100644 index 00000000..1d4925af --- /dev/null +++ b/src/test/cli/ceph-authtool/create-gen-list-bin.t @@ -0,0 +1,16 @@ + $ ceph-authtool kring --create-keyring --mode 0600 + creating kring + + $ ceph-authtool kring --list + + $ ceph-authtool kring --gen-key + +# cram makes matching escape-containing lines with regexps a bit ugly + $ ceph-authtool kring --list + [client.admin] + \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re) + +# synonym + $ ceph-authtool kring -l + [client.admin] + \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re) diff --git a/src/test/cli/ceph-authtool/create-gen-list.t b/src/test/cli/ceph-authtool/create-gen-list.t new file mode 100644 index 00000000..2801b050 --- /dev/null +++ b/src/test/cli/ceph-authtool/create-gen-list.t @@ -0,0 +1,20 @@ + $ ceph-authtool kring --create-keyring --mode 0644 + creating kring + + $ ceph-authtool kring --list + + $ ceph-authtool kring --gen-key + +# cram makes matching escape-containing lines with regexps a bit ugly + $ ceph-authtool kring --list + [client.admin] + \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re) + +# synonym + $ ceph-authtool kring -l + [client.admin] + \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re) + + $ cat kring + [client.admin] + \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re) diff --git a/src/test/cli/ceph-authtool/help.t b/src/test/cli/ceph-authtool/help.t new file mode 100644 index 00000000..68f4a969 --- /dev/null +++ b/src/test/cli/ceph-authtool/help.t @@ -0,0 +1,25 @@ +# TODO synchronize with man page + $ ceph-authtool --help + usage: ceph-authtool keyringfile [OPTIONS]... + where the options are: + -l, --list will list all keys and capabilities present in + the keyring + -p, --print-key will print an encoded key for the specified + entityname. This is suitable for the + 'mount -o secret=..' argument + -C, --create-keyring will create a new keyring, overwriting any + existing keyringfile + -g, --gen-key will generate a new secret key for the + specified entityname + --gen-print-key will generate a new secret key without set it + to the keyringfile, prints the secret to stdout + --import-keyring FILE will import the content of a given keyring + into the keyringfile + -n NAME, --name NAME specify entityname to operate on + -a BASE64, --add-key BASE64 will add an encoded key to the keyring + --cap SUBSYSTEM CAPABILITY will set the capability for given subsystem + --caps CAPSFILE will set all of capabilities associated with a + given key, for all subsystems + --mode MODE will set the desired file mode to the keyring + e.g: '0644', defaults to '0600' + [1] diff --git a/src/test/cli/ceph-authtool/list-empty-bin.t b/src/test/cli/ceph-authtool/list-empty-bin.t new file mode 100644 index 00000000..1b465fe6 --- /dev/null +++ b/src/test/cli/ceph-authtool/list-empty-bin.t @@ -0,0 +1,5 @@ + $ touch empty + + $ ceph-authtool --list empty + + $ ceph-authtool -l empty diff --git a/src/test/cli/ceph-authtool/list-empty.t b/src/test/cli/ceph-authtool/list-empty.t new file mode 100644 index 00000000..1b465fe6 --- /dev/null +++ b/src/test/cli/ceph-authtool/list-empty.t @@ -0,0 +1,5 @@ + $ touch empty + + $ ceph-authtool --list empty + + $ ceph-authtool -l empty diff --git a/src/test/cli/ceph-authtool/list-nonexistent-bin.t b/src/test/cli/ceph-authtool/list-nonexistent-bin.t new file mode 100644 index 00000000..4aecd3e2 --- /dev/null +++ b/src/test/cli/ceph-authtool/list-nonexistent-bin.t @@ -0,0 +1,7 @@ + $ ceph-authtool --list nonexistent + can't open nonexistent: can't open nonexistent: (2) No such file or directory + [1] + + $ ceph-authtool -l nonexistent + can't open nonexistent: can't open nonexistent: (2) No such file or directory + [1] diff --git a/src/test/cli/ceph-authtool/list-nonexistent.t b/src/test/cli/ceph-authtool/list-nonexistent.t new file mode 100644 index 00000000..4aecd3e2 --- /dev/null +++ b/src/test/cli/ceph-authtool/list-nonexistent.t @@ -0,0 +1,7 @@ + $ ceph-authtool --list nonexistent + can't open nonexistent: can't open nonexistent: (2) No such file or directory + [1] + + $ ceph-authtool -l nonexistent + can't open nonexistent: can't open nonexistent: (2) No such file or directory + [1] diff --git a/src/test/cli/ceph-authtool/manpage.t b/src/test/cli/ceph-authtool/manpage.t new file mode 100644 index 00000000..3201aa37 --- /dev/null +++ b/src/test/cli/ceph-authtool/manpage.t @@ -0,0 +1,32 @@ + $ ceph-authtool + ceph-authtool: -h or --help for usage + [1] + +# demonstrate that manpage examples fail without config +# TODO fix the manpage + $ ceph-authtool --create-keyring --name client.foo --gen-key keyring + creating keyring + +# work around the above + $ touch ceph.conf + +To create a new keyring containing a key for client.foo: + + $ ceph-authtool --create-keyring --id foo --gen-key keyring + creating keyring + + $ ceph-authtool --create-keyring --name client.foo --gen-key keyring + creating keyring + +To associate some capabilities with the key (namely, the ability to mount a Ceph filesystem): + + $ ceph-authtool -n client.foo --cap mds 'allow' --cap osd 'allow rw pool=data' --cap mon 'allow r' keyring + +To display the contents of the keyring: + + $ ceph-authtool -l keyring + [client.foo] + \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re) + \tcaps mds = "allow" (esc) + \tcaps mon = "allow r" (esc) + \tcaps osd = "allow rw pool=data" (esc) diff --git a/src/test/cli/ceph-authtool/simple.t b/src/test/cli/ceph-authtool/simple.t new file mode 100644 index 00000000..bf3fc103 --- /dev/null +++ b/src/test/cli/ceph-authtool/simple.t @@ -0,0 +1,3 @@ + $ ceph-authtool + ceph-authtool: -h or --help for usage + [1] |