diff options
| author | 2023-04-11 16:07:50 +0100 | |
|---|---|---|
| committer | 2023-04-12 09:45:23 +0000 | |
| commit | 1cff8449bac0fdab6e84dc9255c3cccd504c1705 (patch) | |
| tree | 01a03bad3c9513d4285ef74345a3174d6415d90a | |
| parent | b4231ccc73b820d4db493f03eb27af36caa7ae8f (diff) | |
Disable SSH agent authentication for on-VM testing scripts.
Add SSH option `-o IdentityAgent=none` to the scripts that setup the VM,
connect to it and run the tests on it. Also propagate it to rsync
commands via RSYNC_RSH, and to scp (all commands that work over SSH).
This is needed to avoid SSH agent interfering with the preferred
authentication method and running interactive hooks that require manual
user intervention while running the scripts.
Alternative workaround would be to set SSH_SOCK_AUTH= (or any invalid
value). Previously it was set to an invalid agent, that's why the test
ran without interference.
Bug: b/271573990
Test: run any ART test on a Linux RISC-V VM and observe that it passes
without requiring any manual intervention from the user:
lunch aosp_riscv64-userdebug
export ART_TEST_SSH_USER=ubuntu
export ART_TEST_SSH_HOST=localhost
export ART_TEST_SSH_PORT=10001
export ART_TEST_ON_VM=true
. art/tools/buildbot-utils.sh
art/tools/buildbot-build.sh --target
# Create, boot and configure the VM.
art/tools/buildbot-vm.sh create
art/tools/buildbot-vm.sh boot
art/tools/buildbot-vm.sh setup-ssh # password: 'ubuntu'
art/tools/buildbot-cleanup-device.sh
art/tools/buildbot-setup-device.sh
art/tools/buildbot-sync.sh
art/test.py --target -r --no-prebuild --ndebug --no-image \
--64 --interpreter 001-HelloWorld
Change-Id: I2b1d48857074ade75e841a3008486caacbd32479
| -rwxr-xr-x | tools/buildbot-utils.sh | 6 | ||||
| -rwxr-xr-x | tools/buildbot-vm.sh | 6 |
2 files changed, 6 insertions, 6 deletions
diff --git a/tools/buildbot-utils.sh b/tools/buildbot-utils.sh index 5bc58af39d..6a0714dcd4 100755 --- a/tools/buildbot-utils.sh +++ b/tools/buildbot-utils.sh @@ -80,10 +80,10 @@ if [[ -n "$ART_TEST_ON_VM" ]]; then export ART_TEST_CHROOT="/home/$ART_TEST_SSH_USER/art-test-chroot" export ART_CHROOT_CMD="unshare --user --map-root-user chroot art-test-chroot" - export ART_SSH_CMD="ssh -q -p $ART_TEST_SSH_PORT $ART_TEST_SSH_USER@$ART_TEST_SSH_HOST" - export ART_SCP_CMD="scp -P $ART_TEST_SSH_PORT -p -r" + export ART_SSH_CMD="ssh -q -p $ART_TEST_SSH_PORT $ART_TEST_SSH_USER@$ART_TEST_SSH_HOST -o IdentityAgent=none" + export ART_SCP_CMD="scp -P $ART_TEST_SSH_PORT -p -r -o IdentityAgent=none" export ART_RSYNC_CMD="rsync -az" - export RSYNC_RSH="ssh -p $ART_TEST_SSH_PORT" # don't prefix with "ART_", rsync expects this name + export RSYNC_RSH="ssh -p $ART_TEST_SSH_PORT -o IdentityAgent=none" # don't prefix with "ART_", rsync expects this name if [[ "$TARGET_ARCH" =~ ^(arm64|riscv64)$ ]]; then export ART_TEST_VM_IMG="ubuntu-22.04-server-cloudimg-$TARGET_ARCH.img" diff --git a/tools/buildbot-vm.sh b/tools/buildbot-vm.sh index 524a57b42a..66c5cfc3b9 100755 --- a/tools/buildbot-vm.sh +++ b/tools/buildbot-vm.sh @@ -117,12 +117,12 @@ elif [[ $action = boot ]]; then elif [[ $action = setup-ssh ]]; then # Clean up mentions of this VM from known_hosts sed -i -E "/\[$ART_TEST_SSH_HOST.*\]:$ART_TEST_SSH_PORT .*/d" $HOME/.ssh/known_hosts - ssh-copy-id -p "$ART_TEST_SSH_PORT" "$ART_TEST_SSH_USER@$ART_TEST_SSH_HOST" + ssh-copy-id -p "$ART_TEST_SSH_PORT" "$ART_TEST_SSH_USER@$ART_TEST_SSH_HOST -o IdentityAgent=none" elif [[ $action = connect ]]; then - ssh -p "$ART_TEST_SSH_PORT" "$ART_TEST_SSH_USER@$ART_TEST_SSH_HOST" + $ART_SSH_CMD elif [[ $action = quit ]]; then - ssh -p "$ART_TEST_SSH_PORT" "$ART_TEST_SSH_USER@$ART_TEST_SSH_HOST" "sudo poweroff" + $ART_SSH_CMD "sudo poweroff" fi |