From ba2b4c0c65e008752a60fb18caabaaea2b52310e Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Mon, 11 Mar 2019 14:12:17 +0000 Subject: [PATCH 1/3] e2e Use `useradd`'s `--shell` option ... in preference to `chsh`, since in recent alpine 3.9.2 images that can fail with: Password: chsh: PAM: Authentication token manipulation error Which seems to relate to the use of `!` as the password for `root` in `/etc/shadow`gq Signed-off-by: Ian Campbell (cherry picked from commit 5de2d9e8a92ae0175ebf63379eda56353f404e57) Signed-off-by: Sebastiaan van Stijn Upstream-commit: b666e9a090904a30a3e04893b9e215d7cd46f59e Component: cli --- components/cli/e2e/testdata/Dockerfile.connhelper-ssh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/components/cli/e2e/testdata/Dockerfile.connhelper-ssh b/components/cli/e2e/testdata/Dockerfile.connhelper-ssh index acf0620495..2ac92b7ca4 100644 --- a/components/cli/e2e/testdata/Dockerfile.connhelper-ssh +++ b/components/cli/e2e/testdata/Dockerfile.connhelper-ssh @@ -1,10 +1,9 @@ FROM docker:test-dind RUN apk --no-cache add shadow openssh-server && \ groupadd -f docker && \ - useradd -m penguin && \ + useradd -m --shell /bin/sh penguin && \ usermod -aG docker penguin && \ usermod -p $(head -c32 /dev/urandom | base64) penguin && \ - chsh -s /bin/sh penguin && \ ssh-keygen -A # workaround: ssh session excludes /usr/local/bin from $PATH RUN ln -s /usr/local/bin/docker /usr/bin/docker From e0218c57806d946cd044792a359fdc8d626dcbf7 Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Mon, 11 Mar 2019 14:12:17 +0000 Subject: [PATCH 2/3] e2e: Expand `useradd`'s `-m` otion into `--create-home` ... for improved readability Signed-off-by: Ian Campbell (cherry picked from commit e854a9cf965f74d5f7aa8ee5eb7a642f9e697c74) Signed-off-by: Sebastiaan van Stijn Upstream-commit: c0bbca75af643ee41f8dbb3ea83de4e5601690c1 Component: cli --- components/cli/e2e/testdata/Dockerfile.connhelper-ssh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/cli/e2e/testdata/Dockerfile.connhelper-ssh b/components/cli/e2e/testdata/Dockerfile.connhelper-ssh index 2ac92b7ca4..a97d83104e 100644 --- a/components/cli/e2e/testdata/Dockerfile.connhelper-ssh +++ b/components/cli/e2e/testdata/Dockerfile.connhelper-ssh @@ -1,7 +1,7 @@ FROM docker:test-dind RUN apk --no-cache add shadow openssh-server && \ groupadd -f docker && \ - useradd -m --shell /bin/sh penguin && \ + useradd --create-home --shell /bin/sh penguin && \ usermod -aG docker penguin && \ usermod -p $(head -c32 /dev/urandom | base64) penguin && \ ssh-keygen -A From 35a6ca7054d66bebd169c7138b20f5fcf7f3a1f1 Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Mon, 11 Mar 2019 14:24:28 +0000 Subject: [PATCH 3/3] e2e: avoid `usermod -p` by using `useradd`'s `--password` option Signed-off-by: Ian Campbell (cherry picked from commit 0b0c57871ad158f032489cdfc62c676025aec42b) Signed-off-by: Sebastiaan van Stijn Upstream-commit: 78d52ec5d4db79ad7ef670080e28c88b910ba31b Component: cli --- components/cli/e2e/testdata/Dockerfile.connhelper-ssh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/components/cli/e2e/testdata/Dockerfile.connhelper-ssh b/components/cli/e2e/testdata/Dockerfile.connhelper-ssh index a97d83104e..64306b518c 100644 --- a/components/cli/e2e/testdata/Dockerfile.connhelper-ssh +++ b/components/cli/e2e/testdata/Dockerfile.connhelper-ssh @@ -1,9 +1,8 @@ FROM docker:test-dind RUN apk --no-cache add shadow openssh-server && \ groupadd -f docker && \ - useradd --create-home --shell /bin/sh penguin && \ + useradd --create-home --shell /bin/sh --password $(head -c32 /dev/urandom | base64) penguin && \ usermod -aG docker penguin && \ - usermod -p $(head -c32 /dev/urandom | base64) penguin && \ ssh-keygen -A # workaround: ssh session excludes /usr/local/bin from $PATH RUN ln -s /usr/local/bin/docker /usr/bin/docker