Skip to content

Stat Identity file on sys con add #27199

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
+34 −0
Open

Stat Identity file on sys con add #27199

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions cmd/podman/system/connection/add.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ import (
"go.podman.io/common/pkg/completion"
"go.podman.io/common/pkg/config"
"go.podman.io/common/pkg/ssh"
"go.podman.io/storage/pkg/fileutils"
)

var (
Expand Down Expand Up @@ -168,6 +169,14 @@ func add(cmd *cobra.Command, args []string) error {
}
switch uri.Scheme {
case "ssh":
if cOpts.Identity != "" {
if err := fileutils.Exists(cOpts.Identity); err != nil {
if errors.Is(err, os.ErrNotExist) {
return fmt.Errorf("identity file does not exist: %w", err)
}
return err
}
}
return ssh.Create(entities, sshMode)
case "unix":
if cmd.Flags().Changed("identity") {
Expand Down
25 changes: 25 additions & 0 deletions test/system/272-system-connection.bats
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,31 @@ $c2[ ]\+tcp://localhost:54321[ ]\+true[ ]\+true" \
run_podman context rm $c1
}

# Test system connection add bad identities with ssh/unix/tcp
@test "podman system connection --identity" {
run_podman system connection ls -q
assert "$output" == "" ""

run_podman 125 system connection add ssh-conn --identity $PODMAN_TMPDIR/nonexistent ssh://localhost
assert "$output" =~ \
"Error: failed to validate: failed to read identity *" ""
run_podman 125 system connection add unix-conn --identity $PODMAN_TMPDIR/identity unix://path
assert "$output" == \
"Error: --identity option not supported for unix scheme" ""
run_podman 125 system connection add tcp-conn --identity $PODMAN_TEMPDIR/identity tcp://path
assert "$output" =~ \
"Error: --identity option not supported for tcp scheme" ""

run touch $PODMAN_TEMPDIR/badfile
run chmod -r $PODMAN_TEMPDIR/badfile
run_podman 125 system connection add bad-conn --identity $PODMAN_TEMPDIR/badfile ssh://localhost
assert "$output" =~ \
"Error: failed to validate: failed to read identity*" ""
# Ensure no connections were added
run_podman system connection ls -q
assert "$output" == "" ""
}

# Test tcp socket; requires starting a local server
@test "podman system connection - tcp" {
unset REMOTESYSTEM_TRANSPORT REMOTESYSTEM_TLS_{CLIENT,SERVER,CA}_{CRT,KEY}
Expand Down