diff --git a/.ci/setup_ssh.sh b/.ci/setup_ssh.sh index 702266b..87aca41 100755 --- a/.ci/setup_ssh.sh +++ b/.ci/setup_ssh.sh @@ -19,7 +19,7 @@ UsePrivilegeSeparation no # Authentication LoginGraceTime 10 -PermitRootLogin no +PermitRootLogin yes StrictModes no UsePAM no @@ -40,6 +40,11 @@ mkdir client || true ssh-keygen -f client/id_rsa -N '' -t rsa umask 022 +# Create "privilege separation directory" +if ! [ -d /run/sshd ]; then + mkdir -p /run/sshd +fi + # Starts the server /usr/sbin/sshd -f config -h key_rsa -h key_dsa -p 10022 @@ -49,6 +54,14 @@ mkdir ~/.ssh || true cp client/id_rsa ~/.ssh/id_rsa umask 022 rm -f ~/.ssh/known_hosts + +# If GitHub Actions: link from real HOME to GitHub HOME +REAL_HOME="$(getent passwd "$(id -u)" | cut -d: -f6)" +if [ "$REAL_HOME" != "$HOME" ]; then + printf 'Linking %s to %s\n' "$REAL_HOME/.ssh" "$HOME/.ssh" >&2 + ln -s $HOME/.ssh $REAL_HOME/.ssh +fi + # ssh-keyscan is bugged, don't use it # ssh-keyscan -v -p 10022 -t rsa 127.0.0.1 >> ~/.ssh/known_hosts ssh -o StrictHostKeyChecking=no \ diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 4f28b27..6c96e30 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -23,13 +23,31 @@ jobs: with: python-version: ${{ matrix.python-version }} - run: pip install readme_renderer - - name: Set up SSH - run: .ci/setup_ssh.sh - name: Install SSH run: | sudo apt-get update -qq sudo apt-get install -qq openssh-client openssh-server + - name: Set up SSH + run: .ci/setup_ssh.sh - run: pip install -e . - run: SCPPY_PORT=10022 python test.py - run: python setup.py check -r -s + build-container: + strategy: + matrix: + python-version: + - "2.7" + runs-on: ubuntu-latest + container: + image: python:${{ matrix.python-version }} + steps: + - uses: actions/checkout@v3 + - name: Install SSH + run: | + apt-get update -qq + apt-get install -qq openssh-client openssh-server + - name: Set up SSH + run: .ci/setup_ssh.sh + - run: pip install -e . + - run: SCPPY_PORT=10022 python test.py