tests: setup-sshd: test permissions of authorized_keys

follow up to commit dfd40992e173 (setup-sshd, setup-user: follow openssh permission recommendations)
author: Natanael Copa <ncopa@alpinelinux.org> 2022-07-12 14:03:10 +0200
committer: Natanael Copa <ncopa@alpinelinux.org> 2022-07-12 14:03:49 +0200
commit: 87e374fd35185d75485658db8dd5baf4f3d8003a (patch)
tree: 7c2766bd4ae22be98900fe620959a31bdd1bc34f /tests/setup_sshd_test
parent: dfd40992e1735ed9b60d4e009185d5b1dc07a7b4 (diff)
download: alpine-conf-87e374fd35185d75485658db8dd5baf4f3d8003a.zip
1 files changed, 10 insertions, 1 deletions
diff --git a/tests/setup_sshd_test b/tests/setup_sshd_test
index 5048802..f2677ad 100755
--- a/tests/setup_sshd_test
+++ b/tests/setup_sshd_test
@@ -44,7 +44,12 @@ setup_sshd_openssh_body() {
 		-o match:"service sshd added" \
 		-o match:"Starting sshd" \
 		setup-sshd -k 'https://example.com/user.keys' openssh
-	grep 'ssh-id FOOBAR' root/.ssh/authorized_keys || atf_fail "failed to wget ssh key"
+	grep -x 'ssh-id FOOBAR' root/.ssh/authorized_keys \
+		|| atf_fail "failed to wget ssh key"
+
+	# check that permissions are set properly
+	atf_check -o match:"^600$" \
+		stat -c '%a' root/.ssh/authorized_keys
 }
 
 setup_sshd_openssh_c_compat_body() {
@@ -147,5 +152,9 @@ setup_sshd_openssh_ssh_key_body() {
 		setup-sshd openssh
 	grep "ssh-rsa foobar user@example.com" root/.ssh/authorized_keys \
 		|| atf_fail "did not add ssh key"
+
+	# check that permissions are set properly
+	atf_check -o match:"^600$" \
+		stat -c '%a' root/.ssh/authorized_keys
 }
author	Natanael Copa <ncopa@alpinelinux.org>	2022-07-12 14:03:10 +0200
committer	Natanael Copa <ncopa@alpinelinux.org>	2022-07-12 14:03:49 +0200
commit	87e374fd35185d75485658db8dd5baf4f3d8003a (patch)
tree	7c2766bd4ae22be98900fe620959a31bdd1bc34f /tests/setup_sshd_test
parent	dfd40992e1735ed9b60d4e009185d5b1dc07a7b4 (diff)
download	alpine-conf-87e374fd35185d75485658db8dd5baf4f3d8003a.zip