tests: Fix running ssh-agent

ssh-agent needs to be executed as the local user and not a fake user or
we will not be able to add identies.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>

tests/CMakeLists.txt

@@ -60,7 +60,7 @@ if (WITH_CLIENT_TESTING)
         message(SEND_ERROR "Could not find sshd which is required for client testing")
     endif()
 
-    find_program(SSH_EXECUTABLE NAME ssh)
+    find_program(SSH_EXECUTABLE NAMES ssh)
     if (SSH_EXECUTABLE)
         execute_process(COMMAND ${SSH_EXECUTABLE} -V ERROR_VARIABLE OPENSSH_VERSION_STR)
         string(REGEX REPLACE "^OpenSSH_([0-9]).[0-9].*$" "\\1" OPENSSH_VERSION_MAJOR "${OPENSSH_VERSION_STR}")
@@ -68,6 +68,15 @@ if (WITH_CLIENT_TESTING)
         add_definitions(-DOPENSSH_VERSION_MAJOR=${OPENSSH_VERSION_MAJOR} -DOPENSSH_VERSION_MINOR=${OPENSSH_VERSION_MINOR})
     endif()
 
+    set(LOCAL_USER "nobody")
+    set(LOCAL_UID "65533")
+    find_program(ID_EXECUTABLE NAMES id)
+    find_program(WHO_EXECUTABLE NAMES whoami)
+    if (ID_EXECUTABLE AND WHO_EXECUTABLE)
+        execute_process(COMMAND ${WHO_EXECUTABLE} OUTPUT_VARIABLE LOCAL_USER OUTPUT_STRIP_TRAILING_WHITESPACE)
+        execute_process(COMMAND ${ID_EXECUTABLE} -u OUTPUT_VARIABLE LOCAL_UID OUTPUT_STRIP_TRAILING_WHITESPACE)
+    endif()
+
     # homedir will be used in passwd
     set(HOMEDIR ${CMAKE_CURRENT_BINARY_DIR}/home)
 

tests/client/torture_auth.c

@@ -25,6 +25,8 @@
 #include "libssh/libssh.h"
 #include "libssh/priv.h"
 #include "libssh/session.h"
+
+#include <errno.h>
 #include <sys/types.h>
 #include <pwd.h>
 
@@ -80,7 +82,9 @@ static int pubkey_setup(void **state)
 
     pwd = getpwnam("bob");
     assert_non_null(pwd);
-    setuid(pwd->pw_uid);
+
+    rc = setuid(pwd->pw_uid);
+    assert_return_code(rc, errno);
 
     /* Make sure we do not interfere with another ssh-agent */
     unsetenv("SSH_AUTH_SOCK");
@@ -95,6 +99,8 @@ static int agent_setup(void **state)
     char ssh_agent_cmd[4096];
     char ssh_agent_sock[1024];
     char ssh_agent_pidfile[1024];
+    char bob_ssh_key[1024];
+    struct passwd *pwd;
     int rc;
 
     rc = pubkey_setup(state);
@@ -102,6 +108,9 @@ static int agent_setup(void **state)
         return rc;
     }
 
+    pwd = getpwnam("bob");
+    assert_non_null(pwd);
+
     snprintf(ssh_agent_sock,
              sizeof(ssh_agent_cmd),
              "%s/agent.sock",
@@ -118,13 +127,21 @@ static int agent_setup(void **state)
              "eval `ssh-agent -a %s`; echo $SSH_AGENT_PID > %s",
              ssh_agent_sock, ssh_agent_pidfile);
 
+    /* run ssh-agent and ssh-add as the normal user */
+    unsetenv("UID_WRAPPER_ROOT");
+
     rc = system(ssh_agent_cmd);
     assert_return_code(rc, errno);
 
     setenv("SSH_AUTH_SOCK", ssh_agent_sock, 1);
     setenv("TORTURE_SSH_AGENT_PIDFILE", ssh_agent_pidfile, 1);
 
-    rc = system("ssh-add");
+    snprintf(bob_ssh_key,
+             sizeof(bob_ssh_key),
+             "ssh-add %s/.ssh/id_rsa",
+             pwd->pw_dir);
+
+    rc = system(bob_ssh_key);
     assert_return_code(rc, errno);
 
     return 0;

tests/etc/passwd.in

@@ -1,5 +1,6 @@
-bob:x:5000:9000:bob gecos:@HOMEDIR@/bob:/bin/false
-alice:x:5001:9000:alice gecos:@HOMEDIR@/alice:/bin/bash
+bob:x:5000:9000:bob gecos:@HOMEDIR@/bob:/bin/sh
+alice:x:5001:9000:alice gecos:@HOMEDIR@/alice:/bin/sh
 sshd:x:65530:65531:sshd:@HOMEDIR@:/sbin/nologin
 nobody:x:65533:65534:nobody gecos:@HOMEDIR@:/bin/false
 root:x:65534:65532:root gecos:@HOMEDIR@:/bin/false
+@LOCAL_USER@:x:@LOCAL_UID@:9000:local user:@HOMEDIR@:/bin/false