ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-11-17 06:06:13 +03:00
Code Issues Projects Releases Wiki Activity

nixosTests.google-oslogin: fix tests, provide group mock endpoint

Browse Source 
If our (fake) metadata server provides a 404 instead of a JSON document,
the NSS module segfaults, and as we do NSS lookups through ns(n)cd,
not only crashes the application doing the NSS lookup, but our ns(n)cd.

This has been causing segfaults of nscd all along, but since our switch
from glibc-nscd to nsncd, caused the test to fail entirely.

In any case, by handling /computeMetadata/v1/oslogin/groups we get the
NSS lookup to not cause any segfaults, and to succeed the test again.
This commit is contained in:
Florian Klink 2023-02-05 20:22:12 +01:00
parent 865114cf73
commit 37bbc00aee
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
nixos/tests/google-oslogin/server.py
View File

@ -103,6 +103,16 @@ class ReqHandler(BaseHTTPRequestHandler):
self._send_json_ok(gen_mockuser(username=username, uid=uid, gid=uid, home_directory=f"/home/{username}", snakeoil_pubkey=SNAKEOIL_PUBLIC_KEY)) self._send_json_ok(gen_mockuser(username=username, uid=uid, gid=uid, home_directory=f"/home/{username}", snakeoil_pubkey=SNAKEOIL_PUBLIC_KEY))
return return
# we need to provide something at the groups endpoint.
# the nss module does segfault if we don't.
elif pu.path == "/computeMetadata/v1/oslogin/groups":
self._send_json_ok({
"posixGroups": [
{"name" : "demo", "gid" : 4294967295}
],
})
return
# authorize endpoint # authorize endpoint
elif pu.path == "/computeMetadata/v1/oslogin/authorize": elif pu.path == "/computeMetadata/v1/oslogin/authorize":
# is user allowed to login? # is user allowed to login?