xdcp using non-root user will failed in xcat container

[hu-weihua]

xdcp using non-root user will failed in xcat container. (flat environment)

------START::xdcp_nonroot_user::Time:Sun Apr 21 19:14:21 2019------

FILENAME:/opt/xcat/bin/../share/xcat/tools/autotest/testcase//xdcp/cases1

RUN:lsdef -t site -z clustersite > /tmp/site.stanza [Sun Apr 21 19:14:21 2019]
ElapsedTime:1 sec
RETURN rc = 0
OUTPUT:

RUN:chdef -t site SNsyncfiledir=/tmp [Sun Apr 21 19:14:22 2019]
ElapsedTime:2 sec
RETURN rc = 0
OUTPUT:
1 object definitions have been created or modified.

RUN:servicenode=`lsdef c910f03c09k05 |grep servicenode |awk -F= '{print $2}'`; if [ -n "$servicenode" ]; then xdsh $servicenode "useradd -m xyzzy";useradd -m xyzzy;else useradd -m xyzzy;fi [Sun Apr 21 19:14:24 2019]
ElapsedTime:2 sec
RETURN rc = 0
OUTPUT:
CHECK:rc == 0   [Pass]

RUN:servicenode=`lsdef c910f03c09k05 |grep servicenode |awk -F= '{print $2}'`; if [ -n "$servicenode" ]; then xdsh $servicenode "type apt-get && apt-get install -y tar";fi [Sun Apr 21 19:14:26 2019]
ElapsedTime:1 sec
RETURN rc = 0
OUTPUT:

RUN:servicenode=`lsdef c910f03c09k05 |grep servicenode |awk -F= '{print $2}'`; if [ -n "$servicenode" ]; then xdsh $servicenode "type yum && yum install -y tar"; fi [Sun Apr 21 19:14:27 2019]
ElapsedTime:2 sec
RETURN rc = 0
OUTPUT:

RUN:servicenode=`lsdef c910f03c09k05 |grep servicenode |awk -F= '{print $2}'`; if [ -n "$servicenode" ]; then xdsh $servicenode "bash -c \"( cd ~root && tar cf - .xcat .ssh ) | ( cd ~xyzzy && tar xf - )\"";bash -c "( cd ~root && tar cf - .xcat .ssh ) | ( cd ~xyzzy && tar xf - )";else bash -c "( cd ~root && tar cf - .xcat .ssh ) | ( cd ~xyzzy && tar xf - )";fi [Sun Apr 21 19:14:29 2019]
ElapsedTime:1 sec
RETURN rc = 0
OUTPUT:
CHECK:rc == 0   [Pass]

RUN:servicenode=`lsdef c910f03c09k05 |grep servicenode |awk -F= '{print $2}'`; if [ -n "$servicenode" ]; then xdsh $servicenode "chown -R xyzzy ~xyzzy/.xcat ~xyzzy/.ssh";chown -R xyzzy ~xyzzy/.xcat ~xyzzy/.ssh;else chown -R xyzzy ~xyzzy/.xcat ~xyzzy/.ssh;fi [Sun Apr 21 19:14:30 2019]
ElapsedTime:2 sec
RETURN rc = 0
OUTPUT:
CHECK:rc == 0   [Pass]

RUN:xdsh c910f03c09k05 "useradd -m xyzzy" [Sun Apr 21 19:14:32 2019]
ElapsedTime:0 sec
RETURN rc = 0
OUTPUT:
CHECK:rc == 0   [Pass]

RUN:xdsh c910f03c09k05 "type apt-get && apt-get install -y tar" [Sun Apr 21 19:14:32 2019]
ElapsedTime:1 sec
RETURN rc = 1
OUTPUT:
[c910f03c09k03]: c910f03c09k05: bash: line 0: type: apt-get: not found

RUN:xdsh c910f03c09k05 "type yum && yum install -y tar" [Sun Apr 21 19:14:33 2019]
ElapsedTime:1 sec
RETURN rc = 0
OUTPUT:
c910f03c09k05: yum is /usr/bin/yum
c910f03c09k05: Loaded plugins: product-id, search-disabled-repos, subscription-manager
c910f03c09k05: This system is not registered with an entitlement server. You can use subscription-manager to register.
c910f03c09k05: Package 2:tar-1.26-35.el7.ppc64le already installed and latest version
c910f03c09k05: Nothing to do

RUN:xdsh c910f03c09k05 "( cd ~ && tar cf - .ssh ) | ( cd ~xyzzy && tar xf - )" [Sun Apr 21 19:14:34 2019]
ElapsedTime:1 sec
RETURN rc = 0
OUTPUT:
CHECK:rc == 0   [Pass]

RUN:xdsh c910f03c09k05 "chown -R xyzzy ~xyzzy/.ssh" [Sun Apr 21 19:14:35 2019]
ElapsedTime:0 sec
RETURN rc = 0
OUTPUT:
CHECK:rc == 0   [Pass]

RUN:su -c "xdcp c910f03c09k05 /etc/sysctl.conf /tmp/sysctl.conf" - xyzzy [Sun Apr 21 19:14:35 2019]
ElapsedTime:1 sec
RETURN rc = 1
OUTPUT:
warning: the client certificates under /home/xyzzy/.xcat/ are not setup correctly, please run '/opt/xcat/share/xcat/scripts/setup-local-client.sh xyzzy' as 'root' to generate the client certificates; otherwise, the SSL connection between xcat client and xcatd will be setup without certificate verification and open to Man-In-The-Middle attacks.
Error: Permission denied for request
CHECK:rc == 0   [Failed]

RUN:xdsh c910f03c09k05 "stat -c '%U' /tmp/sysctl.conf" [Sun Apr 21 19:14:36 2019]
ElapsedTime:0 sec
RETURN rc = 1
OUTPUT:
[c910f03c09k03]: c910f03c09k05: stat: cannot stat '/tmp/sysctl.conf': No such file or directory

RUN:xdsh c910f03c09k05 "userdel xyzzy" [Sun Apr 21 19:14:36 2019]
ElapsedTime:1 sec
RETURN rc = 0
OUTPUT:

RUN:servicenode=`lsdef c910f03c09k05 |grep servicenode |awk -F= '{print $2}'`; if [ -n "$servicenode" ]; then xdsh $servicenode "userdel xyzzy";userdel xyzzy;else userdel xyzzy;fi [Sun Apr 21 19:14:37 2019]
ElapsedTime:2 sec
RETURN rc = 0
OUTPUT:

RUN:if [ -e /tmp/site.standa ]; then cat /tmp/site.standa | mkdef -z -f; rm -rf /tmp/site.standa; fi [Sun Apr 21 19:14:39 2019]
ElapsedTime:0 sec
RETURN rc = 0
OUTPUT:

------END::xdcp_nonroot_user::Failed::Time:Sun Apr 21 19:14:39 2019 ::Duration::18 sec------

[robin2008]

ls -l /home/xyzzy/ -la
total 20
drwx------ 3 xyzzy xyzzy 122 Apr 23 08:36 .
drwxr-xr-x 1 root  root   19 Apr 23 08:19 ..
-rw------- 1 xyzzy xyzzy 157 Apr 23 08:36 .bash_history
-rw-r--r-- 1 xyzzy xyzzy  18 Apr 11  2018 .bash_logout
-rw-r--r-- 1 xyzzy xyzzy 193 Apr 11  2018 .bash_profile
-rw-r--r-- 1 xyzzy xyzzy 231 Apr 11  2018 .bashrc
-rw-r--r-- 1 xyzzy xyzzy 172 Oct 30 17:20 .kshrc
drwx------ 2 xyzzy root  109 Apr 23 06:53 .ssh
lrwxrwxrwx 1 xyzzy root   15 Apr 23 06:52 .xcat -> /xcatdata/.xcat
[xyzzy@c910f04x37v02 ~]$ ls -l /home/xyzzy/.xcat/ -la
total 32
drwxr-xr-x 2 root root  110 Apr 23 06:52 .
drwxr-xr-x 6 root root   61 Apr 23 06:52 ..
-rw-r--r-- 1 root root 4214 Apr 19 08:02 ca.pem
-rw------- 1 root root 4504 Apr 19 08:02 client-cert.pem
-rw------- 1 root root 6179 Apr 19 08:02 client-cred.pem
-rw------- 1 root root 1675 Apr 19 08:02 client-key.pem
-rw------- 1 root root  883 Apr 19 08:02 client-req.pem
[xyzzy@c910f04x37v02 ~]$ cat ~/.xcat/client-cert.pem
cat: /home/xyzzy/.xcat/client-cert.pem: Permission denied

[robin2008]

So the case use copy and cause the file permission is wrong.

Why not use /opt/xcat/share/xcat/scripts/setup-local-client.sh xyzzy to do that?

[hu-weihua]

@tingtli, could you help to follow the test case changing? If we do need to change the case, open a task in ibm internal git hub. thanks.