diff options
author | Florian Klink <flokli@flokli.de> | 2023-02-05 20:22:12 +0100 |
---|---|---|
committer | Florian Klink <flokli@flokli.de> | 2023-02-05 20:52:23 +0100 |
commit | 37bbc00aee3f4a07e4b3b5e50bef0d58d603c039 (patch) | |
tree | 2ac86093ebeb19678a47093d10d27a8444610ae0 /nixos/tests/google-oslogin | |
parent | 865114cf73257c84021405b743f4cc0ed57fa770 (diff) |
nixosTests.google-oslogin: fix tests, provide group mock endpoint
If our (fake) metadata server provides a 404 instead of a JSON document, the NSS module segfaults, and as we do NSS lookups through ns(n)cd, not only crashes the application doing the NSS lookup, but our ns(n)cd. This has been causing segfaults of nscd all along, but since our switch from glibc-nscd to nsncd, caused the test to fail entirely. In any case, by handling /computeMetadata/v1/oslogin/groups we get the NSS lookup to not cause any segfaults, and to succeed the test again.
Diffstat (limited to 'nixos/tests/google-oslogin')
-rwxr-xr-x | nixos/tests/google-oslogin/server.py | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/nixos/tests/google-oslogin/server.py b/nixos/tests/google-oslogin/server.py index 5ea9bbd2c96ba..622cd86b26195 100755 --- a/nixos/tests/google-oslogin/server.py +++ b/nixos/tests/google-oslogin/server.py @@ -103,6 +103,16 @@ class ReqHandler(BaseHTTPRequestHandler): self._send_json_ok(gen_mockuser(username=username, uid=uid, gid=uid, home_directory=f"/home/{username}", snakeoil_pubkey=SNAKEOIL_PUBLIC_KEY)) return + # we need to provide something at the groups endpoint. + # the nss module does segfault if we don't. + elif pu.path == "/computeMetadata/v1/oslogin/groups": + self._send_json_ok({ + "posixGroups": [ + {"name" : "demo", "gid" : 4294967295} + ], + }) + return + # authorize endpoint elif pu.path == "/computeMetadata/v1/oslogin/authorize": # is user allowed to login? |