hold: a hacking session with an extreme timeout

Useful for keeping specific boards out of the pool. Change-Id: Ifb3657843a3fbf2f2cc11bb3fbbe650b67515c12
author: Bernard Ogden <bernie.ogden@linaro.org> 2016-03-07 10:57:30 +0000
committer: Bernard Ogden <bernie.ogden@linaro.org> 2016-03-07 10:57:30 +0000
commit: 292279ad970334ce84054a89a1f5a3bb133b165c (patch)
tree: 36dec24567dac646ebe7e2e79bc35678d7d63eba
4 files changed, 176 insertions, 0 deletions
diff --git a/hacking-session-debian.yaml b/hacking-session-debian.yaml
new file mode 100644
index 0000000..7898113
--- /dev/null
+++ b/hacking-session-debian.yaml
@@ -0,0 +1,17 @@
+metadata:
+  name: hacking-session-debian
+  format: "Lava-Test-Shell Test Definition 1.0"
+  description: "SSH Hacking Session"
+  version: 1.0
+
+params:
+    PUB_KEY: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzlCPpuwMRSXZNq4Mut/GuitOhEturcsl9X1iNjOMGZXbtfBC8TCSXqotkziuYXpej1FCdXn3FEQsVw6Mw3I9Wq1p9okkgzVdsNzHAIob8ras/e9kOeJZGY5gSGBYf3t1MubAyaa033MJ+e3NRC4sbUmeeN3d9PD+Wc9QC3en9qfSpm6hh9EFHOHOjFk5+W0YZ83AL1PgalqL/hCN2/p9a8S1fsfDkfTgEh1XFIOiLds0fNzzmyXepxuA1n696iuSFMCIwmNcCfwRwRgt012UPgZu3avegYbDyijk8EtgFBuEA5OvX91BTHmaSjicsD9nJN63ms88l9OZMeTlPVjkD"
+
+install:
+    deps:
+        - openssh-server
+        - wget
+run:
+    steps:
+        - ./setup_session_debian "$PUB_KEY"
+        - ./invoke_session_debian "$GATEWAY"
diff --git a/invoke_session_debian b/invoke_session_debian
new file mode 100755
index 0000000..4651dd9
--- /dev/null
+++ b/invoke_session_debian
@@ -0,0 +1,109 @@
+#!/bin/bash
+# Usage ./invoke_session <gateway>
+
+# If gateway isn't set we will guess it based on the default route
+if [ -z "$1" ]; then
+    gateway=`ip route get 8.8.8.8 | grep via | cut -d ' ' -f3`
+else
+    gateway=$1
+fi
+
+echo "Target's Gateway: $gateway"
+
+if ! grep 'invoke_session' /etc/rc.local
+then
+	sed -i '/bin/a invoke_session &' /etc/rc.local
+fi
+
+# Obtain target IP and Hostname
+ip_addr=$(ifconfig `ip route get $gateway | cut -d ' ' -f3` | grep 'inet addr' |awk -F: '{split($2,a," "); print a[1] }')
+hostname=$(cat /etc/hostname)
+
+# Set the PATH to use the LAVA api
+echo "export PATH=/lava/bin/:$PATH" > ~/.bashrc
+
+# Are we running under sudo for the real user?
+if [ -z "${SUDO_USER}" ]; then
+    REAL_USER=${USER}
+else
+    REAL_USER=${SUDO_USER}
+fi
+
+SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no ${REAL_USER}@${ip_addr}"
+echo "*******************************************************************************************************"
+echo "* REAL_USER=${REAL_USER}, USER=${USER}, SUDO_USER=${SUDO_USER}"
+echo "Please connect to: ${SSH_COMMAND} for access to (${hostname})"
+echo "*******************************************************************************************************"
+echo ""
+
+cat <<EOF > ~/.bash_logout
+if [ $(who |egrep 'pts\/[0-9]+' |wc -l) -eq 1 ]; then
+    lava-test-case hacking-stopped-logout --result pass
+    stop_hacking
+fi
+EOF
+
+IRC_AVAILABLE=false
+if [ ! -z "${IRC_USER}" ]; then
+    if apt-get install -qq python-irc; then
+        IRC_AVAILABLE=true
+        TMP_IRC_USER=hs-${RANDOM}
+        # make a unique user
+        cat <<EOF | python /usr/share/doc/python-irc/examples/irccat2.py ${IRC_SERVER} ${TMP_IRC_USER} ${IRC_USER}
+Your hacking session is now ready
+Please connect to:
+${SSH_COMMAND}
+EOF
+    fi
+fi
+if [ ! -z "${NOTIFY_URL}" ]; then
+    if apt-get install -qq wget; then
+        wget -O - "${NOTIFY_URL}?ssh=${ip_addr}"
+    fi
+fi
+echo ""
+mkdir -p /run
+mkdir -p /run/hacking
+echo $$ > /run/hacking/hacking.pid
+TIMESTAMP=`stat -c %Y /run/hacking/hacking.pid`
+STARTED=false
+TERMINATED=false
+echo "Hacking session active..."
+lava-test-case hacking-session-active --result pass
+tail -f /var/log/syslog &
+echo $! > /run/hacking/tail.pid
+while [ -f /run/hacking/hacking.pid ]
+do
+    date
+    echo "===================="
+    who
+    echo "===================="
+    echo ""
+	sleep 10
+    LOGGEDIN=`who | grep pts | wc -l`
+    if ! $STARTED && [ $LOGGEDIN -gt 0 ]; then
+        STARTED=true
+    elif ! $STARTED && [ $LOGGEDIN -eq 0 ]; then
+        NOW=`date +%s`
+        ELAPSED=`expr $NOW - $TIMESTAMP`
+        if [ $ELAPSED -gt 619200 ]; then
+            echo "No user logged in. Terminating session..."
+            TERMINATED=true
+            if ${IRC_AVAILABLE}; then
+                # make a unique user
+                cat <<EOF | python /usr/share/doc/python-irc/examples/irccat2.py ${IRC_SERVER} ${TMP_IRC_USER} ${IRC_USER}
+Your hacking session was terminated due to inactivity
+There was no user logged in for ${ELAPSED} seconds.
+EOF
+            fi
+            lava-test-case hacking-session-terminated --result fail --measurement ${ELAPSED} --units seconds
+            stop_hacking
+        fi
+    fi
+done
+echo "Hacking session ended..."
+kill `cat /run/hacking/tail.pid`
+rm /run/hacking/tail.pid
+if ! ${TERMINATED}; then
+    lava-test-case hacking-session-terminated --result pass
+fi
diff --git a/setup_session_debian b/setup_session_debian
new file mode 100755
index 0000000..f96553c
--- /dev/null
+++ b/setup_session_debian
@@ -0,0 +1,46 @@
+#!/bin/bash
+# Usage ./setup_session <pub_key>
+
+chmod a+x stop_hacking_debian
+cp stop_hacking_debian /bin/stop_hacking
+chmod a+x continue_hacking
+cp continue_hacking /bin/continue_hacking
+chmod a+x invoke_session_debian
+cp invoke_session_debian /bin/invoke_session
+
+if [ $# -ne 1 ]; then
+    lava-test-case public-key-installed --result fail
+    exit 1
+fi
+
+mkdir -p ~/.ssh/
+echo $1 >> ~/.ssh/authorized_keys
+if [ $? -ne 0 ]; then
+    lava-test-case public-key-installed --result fail
+fi
+chmod 0600 ~/.ssh/authorized_keys
+echo "Public Key Installed: $1"
+lava-test-case public-key-installed --result pass
+
+# Account for running under sudo
+if [ ! -z "${SUDO_USER}" ]; then
+    echo "Fixing up ${HOME}/.ssh permissions to ${SUDO_USER}:${SUDO_GID}"
+    chown -R ${SUDO_USER}:${SUDO_GID} ${HOME}/.ssh
+fi
+
+grep -P "^LogLevel" /etc/ssh/sshd_config
+if [ $? -eq 0 ]; then
+    sed -i "s/^LogLevel\ [A-Z]\+/LogLevel\ DEBUG/g" /etc/ssh/sshd_config
+else
+    echo "LogLevel DEBUG" >> /etc/ssh/sshd_config
+fi
+
+/etc/init.d/ssh restart
+echo "sshd re-started"
+if [ $? -eq 0 ]; then
+    lava-test-case sshd-restart --result pass
+    echo "sshd re-started"
+else
+    lava-test-case sshd-restart --result fail
+    echo "sshd re-start failed"
+fi
diff --git a/stop_hacking_debian b/stop_hacking_debian
new file mode 100755
index 0000000..3c97348
--- /dev/null
+++ b/stop_hacking_debian
@@ -0,0 +1,4 @@
+#!/bin/bash
+rm /run/hacking/hacking.pid
+rm ~/.ssh/authorized_keys
+/etc/init.d/ssh stop
author	Bernard Ogden <bernie.ogden@linaro.org>	2016-03-07 10:57:30 +0000
committer	Bernard Ogden <bernie.ogden@linaro.org>	2016-03-07 10:57:30 +0000
commit	292279ad970334ce84054a89a1f5a3bb133b165c (patch)
tree	36dec24567dac646ebe7e2e79bc35678d7d63eba