summaryrefslogtreecommitdiffstats
path: root/src/test/cli/ceph-authtool
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 18:45:59 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 18:45:59 +0000
commit19fcec84d8d7d21e796c7624e521b60d28ee21ed (patch)
tree42d26aa27d1e3f7c0b8bd3fd14e7d7082f5008dc /src/test/cli/ceph-authtool
parentInitial commit. (diff)
downloadceph-19fcec84d8d7d21e796c7624e521b60d28ee21ed.tar.xz
ceph-19fcec84d8d7d21e796c7624e521b60d28ee21ed.zip
Adding upstream version 16.2.11+ds.upstream/16.2.11+dsupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/test/cli/ceph-authtool')
-rw-r--r--src/test/cli/ceph-authtool/add-key-segv.t6
-rw-r--r--src/test/cli/ceph-authtool/add-key.t27
-rw-r--r--src/test/cli/ceph-authtool/cap-bin.t6
-rw-r--r--src/test/cli/ceph-authtool/cap-invalid.t12
-rw-r--r--src/test/cli/ceph-authtool/cap-overwrite.t11
-rw-r--r--src/test/cli/ceph-authtool/cap.t11
-rw-r--r--src/test/cli/ceph-authtool/create-gen-list-bin.t16
-rw-r--r--src/test/cli/ceph-authtool/create-gen-list.t20
-rw-r--r--src/test/cli/ceph-authtool/help.t25
-rw-r--r--src/test/cli/ceph-authtool/list-empty-bin.t5
-rw-r--r--src/test/cli/ceph-authtool/list-empty.t5
-rw-r--r--src/test/cli/ceph-authtool/list-nonexistent-bin.t7
-rw-r--r--src/test/cli/ceph-authtool/list-nonexistent.t7
-rw-r--r--src/test/cli/ceph-authtool/manpage.t32
-rw-r--r--src/test/cli/ceph-authtool/simple.t3
15 files changed, 193 insertions, 0 deletions
diff --git a/src/test/cli/ceph-authtool/add-key-segv.t b/src/test/cli/ceph-authtool/add-key-segv.t
new file mode 100644
index 000000000..6914593f3
--- /dev/null
+++ b/src/test/cli/ceph-authtool/add-key-segv.t
@@ -0,0 +1,6 @@
+ $ ceph-authtool kring --create-keyring --mode 0644
+ creating kring
+
+ $ ceph-authtool kring --add-key 'FAKEBASE64 foo'
+ can't decode key 'FAKEBASE64 foo'
+ [1]
diff --git a/src/test/cli/ceph-authtool/add-key.t b/src/test/cli/ceph-authtool/add-key.t
new file mode 100644
index 000000000..0da2365c0
--- /dev/null
+++ b/src/test/cli/ceph-authtool/add-key.t
@@ -0,0 +1,27 @@
+ $ ceph-authtool kring --create-keyring --mode 0644
+ creating kring
+
+ $ ceph-authtool kring --add-key 'AQAK7yxNeF+nHBAA0SgSdbs8IkJrxroDeJ6SwQ== 18446744073709551615'
+ added entity client.admin auth(key=AQAK7yxNeF+nHBAA0SgSdbs8IkJrxroDeJ6SwQ==)
+
+# cram makes matching escape-containing lines with regexps a bit ugly
+ $ ceph-authtool kring --list
+ [client.admin]
+ \tkey = AQAK7yxNeF+nHBAA0SgSdbs8IkJrxroDeJ6SwQ== (esc)
+
+ $ cat kring
+ [client.admin]
+ \tkey = AQAK7yxNeF+nHBAA0SgSdbs8IkJrxroDeJ6SwQ== (esc)
+
+Test --add-key with empty argument
+
+ $ ceph-authtool kring -C --name=mon.* --add-key= --cap mon 'allow *'
+ Option --add-key requires an argument
+ [1]
+
+ $ ceph-authtool test.keyring --create-keyring --mode 0644
+ creating test.keyring
+
+ $ ceph-authtool test.keyring --name client.test --cap osd 'allow rwx' --cap mon 'allow r' --add-key 'AQAK7yxNeF+nHBAA0SgSdbs8IkJrxroDeJ6SwQ== 18446744073709551615'
+ added entity client.test auth(key=AQAK7yxNeF+nHBAA0SgSdbs8IkJrxroDeJ6SwQ==)
+ added 2 caps to entity client.test
diff --git a/src/test/cli/ceph-authtool/cap-bin.t b/src/test/cli/ceph-authtool/cap-bin.t
new file mode 100644
index 000000000..7a6383b8b
--- /dev/null
+++ b/src/test/cli/ceph-authtool/cap-bin.t
@@ -0,0 +1,6 @@
+ $ ceph-authtool kring --create-keyring --gen-key --mode 0644
+ creating kring
+
+ $ ceph-authtool --cap osd 'allow rx pool=swimming' kring
+ $ ceph-authtool kring --list|grep -E '^[[:space:]]caps '
+ \tcaps osd = "allow rx pool=swimming" (esc)
diff --git a/src/test/cli/ceph-authtool/cap-invalid.t b/src/test/cli/ceph-authtool/cap-invalid.t
new file mode 100644
index 000000000..d72f34fed
--- /dev/null
+++ b/src/test/cli/ceph-authtool/cap-invalid.t
@@ -0,0 +1,12 @@
+ $ ceph-authtool kring --create-keyring --gen-key --mode 0644
+ creating kring
+
+# TODO is this nice?
+ $ ceph-authtool --cap osd 'broken' kring
+ $ ceph-authtool kring --list|grep -E '^[[:space:]]caps '
+ \tcaps osd = "broken" (esc)
+
+# TODO is this nice?
+ $ ceph-authtool --cap xyzzy 'broken' kring
+ $ ceph-authtool kring --list|grep -E '^[[:space:]]caps '
+ \tcaps xyzzy = "broken" (esc)
diff --git a/src/test/cli/ceph-authtool/cap-overwrite.t b/src/test/cli/ceph-authtool/cap-overwrite.t
new file mode 100644
index 000000000..9bc5b07ea
--- /dev/null
+++ b/src/test/cli/ceph-authtool/cap-overwrite.t
@@ -0,0 +1,11 @@
+ $ ceph-authtool kring --create-keyring --gen-key --mode 0644
+ creating kring
+
+ $ ceph-authtool --cap osd 'allow rx pool=swimming' kring
+ $ ceph-authtool kring --list|grep -E '^[[:space:]]caps '
+ \tcaps osd = "allow rx pool=swimming" (esc)
+
+# TODO it seems --cap overwrites all previous caps; is this wanted?
+ $ ceph-authtool --cap mds 'allow' kring
+ $ ceph-authtool kring --list|grep -E '^[[:space:]]caps '
+ \tcaps mds = "allow" (esc)
diff --git a/src/test/cli/ceph-authtool/cap.t b/src/test/cli/ceph-authtool/cap.t
new file mode 100644
index 000000000..b9748d9af
--- /dev/null
+++ b/src/test/cli/ceph-authtool/cap.t
@@ -0,0 +1,11 @@
+ $ ceph-authtool kring --create-keyring --gen-key --mode 0644
+ creating kring
+
+ $ ceph-authtool --cap osd 'allow rx pool=swimming' kring
+ $ ceph-authtool kring --list|grep -E '^[[:space:]]caps '
+ \tcaps osd = "allow rx pool=swimming" (esc)
+
+ $ cat kring
+ [client.admin]
+ \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re)
+ \tcaps osd = "allow rx pool=swimming" (esc)
diff --git a/src/test/cli/ceph-authtool/create-gen-list-bin.t b/src/test/cli/ceph-authtool/create-gen-list-bin.t
new file mode 100644
index 000000000..1d4925af5
--- /dev/null
+++ b/src/test/cli/ceph-authtool/create-gen-list-bin.t
@@ -0,0 +1,16 @@
+ $ ceph-authtool kring --create-keyring --mode 0600
+ creating kring
+
+ $ ceph-authtool kring --list
+
+ $ ceph-authtool kring --gen-key
+
+# cram makes matching escape-containing lines with regexps a bit ugly
+ $ ceph-authtool kring --list
+ [client.admin]
+ \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re)
+
+# synonym
+ $ ceph-authtool kring -l
+ [client.admin]
+ \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re)
diff --git a/src/test/cli/ceph-authtool/create-gen-list.t b/src/test/cli/ceph-authtool/create-gen-list.t
new file mode 100644
index 000000000..2801b0502
--- /dev/null
+++ b/src/test/cli/ceph-authtool/create-gen-list.t
@@ -0,0 +1,20 @@
+ $ ceph-authtool kring --create-keyring --mode 0644
+ creating kring
+
+ $ ceph-authtool kring --list
+
+ $ ceph-authtool kring --gen-key
+
+# cram makes matching escape-containing lines with regexps a bit ugly
+ $ ceph-authtool kring --list
+ [client.admin]
+ \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re)
+
+# synonym
+ $ ceph-authtool kring -l
+ [client.admin]
+ \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re)
+
+ $ cat kring
+ [client.admin]
+ \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re)
diff --git a/src/test/cli/ceph-authtool/help.t b/src/test/cli/ceph-authtool/help.t
new file mode 100644
index 000000000..68f4a9699
--- /dev/null
+++ b/src/test/cli/ceph-authtool/help.t
@@ -0,0 +1,25 @@
+# TODO synchronize with man page
+ $ ceph-authtool --help
+ usage: ceph-authtool keyringfile [OPTIONS]...
+ where the options are:
+ -l, --list will list all keys and capabilities present in
+ the keyring
+ -p, --print-key will print an encoded key for the specified
+ entityname. This is suitable for the
+ 'mount -o secret=..' argument
+ -C, --create-keyring will create a new keyring, overwriting any
+ existing keyringfile
+ -g, --gen-key will generate a new secret key for the
+ specified entityname
+ --gen-print-key will generate a new secret key without set it
+ to the keyringfile, prints the secret to stdout
+ --import-keyring FILE will import the content of a given keyring
+ into the keyringfile
+ -n NAME, --name NAME specify entityname to operate on
+ -a BASE64, --add-key BASE64 will add an encoded key to the keyring
+ --cap SUBSYSTEM CAPABILITY will set the capability for given subsystem
+ --caps CAPSFILE will set all of capabilities associated with a
+ given key, for all subsystems
+ --mode MODE will set the desired file mode to the keyring
+ e.g: '0644', defaults to '0600'
+ [1]
diff --git a/src/test/cli/ceph-authtool/list-empty-bin.t b/src/test/cli/ceph-authtool/list-empty-bin.t
new file mode 100644
index 000000000..1b465fe65
--- /dev/null
+++ b/src/test/cli/ceph-authtool/list-empty-bin.t
@@ -0,0 +1,5 @@
+ $ touch empty
+
+ $ ceph-authtool --list empty
+
+ $ ceph-authtool -l empty
diff --git a/src/test/cli/ceph-authtool/list-empty.t b/src/test/cli/ceph-authtool/list-empty.t
new file mode 100644
index 000000000..1b465fe65
--- /dev/null
+++ b/src/test/cli/ceph-authtool/list-empty.t
@@ -0,0 +1,5 @@
+ $ touch empty
+
+ $ ceph-authtool --list empty
+
+ $ ceph-authtool -l empty
diff --git a/src/test/cli/ceph-authtool/list-nonexistent-bin.t b/src/test/cli/ceph-authtool/list-nonexistent-bin.t
new file mode 100644
index 000000000..4aecd3e27
--- /dev/null
+++ b/src/test/cli/ceph-authtool/list-nonexistent-bin.t
@@ -0,0 +1,7 @@
+ $ ceph-authtool --list nonexistent
+ can't open nonexistent: can't open nonexistent: (2) No such file or directory
+ [1]
+
+ $ ceph-authtool -l nonexistent
+ can't open nonexistent: can't open nonexistent: (2) No such file or directory
+ [1]
diff --git a/src/test/cli/ceph-authtool/list-nonexistent.t b/src/test/cli/ceph-authtool/list-nonexistent.t
new file mode 100644
index 000000000..4aecd3e27
--- /dev/null
+++ b/src/test/cli/ceph-authtool/list-nonexistent.t
@@ -0,0 +1,7 @@
+ $ ceph-authtool --list nonexistent
+ can't open nonexistent: can't open nonexistent: (2) No such file or directory
+ [1]
+
+ $ ceph-authtool -l nonexistent
+ can't open nonexistent: can't open nonexistent: (2) No such file or directory
+ [1]
diff --git a/src/test/cli/ceph-authtool/manpage.t b/src/test/cli/ceph-authtool/manpage.t
new file mode 100644
index 000000000..3201aa37b
--- /dev/null
+++ b/src/test/cli/ceph-authtool/manpage.t
@@ -0,0 +1,32 @@
+ $ ceph-authtool
+ ceph-authtool: -h or --help for usage
+ [1]
+
+# demonstrate that manpage examples fail without config
+# TODO fix the manpage
+ $ ceph-authtool --create-keyring --name client.foo --gen-key keyring
+ creating keyring
+
+# work around the above
+ $ touch ceph.conf
+
+To create a new keyring containing a key for client.foo:
+
+ $ ceph-authtool --create-keyring --id foo --gen-key keyring
+ creating keyring
+
+ $ ceph-authtool --create-keyring --name client.foo --gen-key keyring
+ creating keyring
+
+To associate some capabilities with the key (namely, the ability to mount a Ceph filesystem):
+
+ $ ceph-authtool -n client.foo --cap mds 'allow' --cap osd 'allow rw pool=data' --cap mon 'allow r' keyring
+
+To display the contents of the keyring:
+
+ $ ceph-authtool -l keyring
+ [client.foo]
+ \\tkey = [a-zA-Z0-9+/]+=* \(esc\) (re)
+ \tcaps mds = "allow" (esc)
+ \tcaps mon = "allow r" (esc)
+ \tcaps osd = "allow rw pool=data" (esc)
diff --git a/src/test/cli/ceph-authtool/simple.t b/src/test/cli/ceph-authtool/simple.t
new file mode 100644
index 000000000..bf3fc1036
--- /dev/null
+++ b/src/test/cli/ceph-authtool/simple.t
@@ -0,0 +1,3 @@
+ $ ceph-authtool
+ ceph-authtool: -h or --help for usage
+ [1]