Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[tacacs] Skip ipintutil check on older OS versions #3154

Merged
merged 2 commits into from
Mar 17, 2021
Merged

[tacacs] Skip ipintutil check on older OS versions #3154

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d52d90f
[tacacs] Skip ipintutil check on older OS versions
daall Mar 16, 2021
8f8a095
Add trailing commas
daall Mar 16, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 15 additions & 5 deletions tests/tacacs/test_ro_user.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,11 @@ def ssh_remote_allow_run(localhost, remote_ip, username, password, cmd):
res = ssh_remote_run(localhost, remote_ip, username, password, cmd)
# Verify that the command is allowed
logger.info("check command \"{}\" rc={}".format(cmd, res['rc']))
return res['rc'] == 0 or (res['rc'] != 0 and "Make sure your account has RW permission to current device" not in res['stderr'])
expected = res['rc'] == 0 or (res['rc'] != 0 and "Make sure your account has RW permission to current device" not in res['stderr'])
if not expected:
logger.error("error output=\"{}\"".format(res["stderr"]))
return expected


def ssh_remote_ban_run(localhost, remote_ip, username, password, cmd):
res = ssh_remote_run(localhost, remote_ip, username, password, cmd)
Expand Down Expand Up @@ -74,18 +78,24 @@ def test_ro_user_allowed_command(localhost, duthosts, rand_one_dut_hostname, cre
'"sudo vtysh -c \'show ip bgp su\'"',
'"sudo vtysh -n 0 -c \'show ip bgp su\'"',
'sudo decode-syseeprom',
'sudo generate_dump',
'sudo generate_dump -s "5 secs ago"',
'sudo lldpshow',
'sudo pcieutil check',
# 'sudo psuutil *',
# 'sudo sfputil show *',
'sudo ip netns identify 1',
'sudo ip netns identify 1'
yxieca marked this conversation as resolved.
Show resolved Hide resolved
]

# Some newer commands may not be available in 201911 or 202012
if not any(version in duthost.os_version for version in ("201911", "202012")):
commands_direct += [
'sudo ipintutil',
'sudo ipintutil -a ipv6',
'sudo ipintutil -n asic0 -d all',
'sudo ipintutil -n asic0 -d all -a ipv6'
]
# Run as readonly use the commands allowed indirectly based on sudoers file
]

# Run as readonly use the commands allowed indirectly based on sudoers file
commands_indirect = [
'show version',
'show interface status',
Expand Down