Skip to content

Commit d1b726c

Browse files
inknosinknos
committed
Stat Identity file on sys con add
Fixes: #26016 Signed-off-by: Nicola Sella <nsella@redhat.com>
1 parent 277530e commit d1b726c

File tree

2 files changed

+34
-0
lines changed

2 files changed

+34
-0
lines changed

cmd/podman/system/connection/add.go

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ import (
1616
"go.podman.io/common/pkg/completion"
1717
"go.podman.io/common/pkg/config"
1818
"go.podman.io/common/pkg/ssh"
19+
"go.podman.io/storage/pkg/fileutils"
1920
)
2021

2122
var (
@@ -141,6 +142,14 @@ func add(cmd *cobra.Command, args []string) error {
141142

142143
switch uri.Scheme {
143144
case "ssh":
145+
if cOpts.Identity != "" {
146+
if err := fileutils.Exists(cOpts.Identity); err != nil {
147+
if errors.Is(err, os.ErrNotExist) {
148+
return fmt.Errorf("identity file does not exist: %w", err)
149+
}
150+
return err
151+
}
152+
}
144153
return ssh.Create(entities, sshMode)
145154
case "unix":
146155
if cmd.Flags().Changed("identity") {

test/system/272-system-connection.bats

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,31 @@ $c2[ ]\+tcp://localhost:54321[ ]\+true[ ]\+true" \
8888
run_podman context rm $c1
8989
}
9090

91+
# Test system connection add bad identities with ssh/unix/tcp
92+
@test "podman system connection --identity" {
93+
run_podman system connection ls -q
94+
assert "$output" == "" ""
95+
96+
run_podman 125 system connection add ssh-conn --identity $PODMAN_TMPDIR/nonexistent ssh://localhost
97+
assert "$output" =~ \
98+
"Error: failed to validate: failed to read identity *" ""
99+
run_podman 125 system connection add unix-conn --identity $PODMAN_TMPDIR/identity unix://path
100+
assert "$output" == \
101+
"Error: --identity option not supported for unix scheme" ""
102+
run_podman 125 system connection add tcp-conn --identity $PODMAN_TEMPDIR/identity tcp://path
103+
assert "$output" =~ \
104+
"Error: --identity option not supported for tcp scheme" ""
105+
106+
run touch $PODMAN_TEMPDIR/badfile
107+
run chmod -r $PODMAN_TEMPDIR/badfile
108+
run_podman 125 system connection add bad-conn --identity $PODMAN_TEMPDIR/badfile ssh://localhost
109+
assert "$output" =~ \
110+
"Error: failed to validate: failed to read identity*" ""
111+
# Ensure no connections were added
112+
run_podman system connection ls -q
113+
assert "$output" == "" ""
114+
}
115+
91116
# Test tcp socket; requires starting a local server
92117
@test "podman system connection - tcp" {
93118
# Start server

0 commit comments

Comments
 (0)