9 Oct 2023 |
| @b:chreekat.net changed their display name from chreekat to chreekat (afk, admin day). | 10:19:20 |
10 Oct 2023 |
| @b:chreekat.net changed their display name from chreekat (afk, admin day) to chreekat. | 11:40:03 |
12 Oct 2023 |
| @b:chreekat.net changed their display name from chreekat to chreekat (afk, sick). | 08:03:13 |
14 Oct 2023 |
| @b:chreekat.net changed their display name from chreekat (afk, sick) to chreekat. | 08:53:53 |
16 Oct 2023 |
| l0b0 joined the room. | 05:27:22 |
l0b0 | Hullo :) | 05:27:29 |
Artturin |
: How do I check the exit code of a backgrounded process? Backgrounding a process using >/dev/console & and then running server.succeed("wait") doesn't produce the expected result (a failure, because the ssh-audit program produced error output), and during local tests this resulted in exit code 3. E
| 05:33:05 |
l0b0 | In reply to @artturin:matrix.org
: How do I check the exit code of a backgrounded process? Backgrounding a process using >/dev/console & and then running server.succeed("wait") doesn't produce the expected result (a failure, because the ssh-audit program produced error output), and during local tests this resulted in exit code 3. E
I was able to hack together something which works, but it's ugly: https://gitlab.com/engmark/root/-/merge_requests/395/diffs#33ce68c7de7e3ce31b451013ce4f892b655e8073_41_54 | 05:33:40 |
l0b0 | The ugliness comes from several issues:
- The
ssh-audit exit code is the only unambiguous indication of success. It always prints to stdout, even in case of success, and doesn't print errors to stderr.
ssh-audit has to run asynchronously because a client needs to talk to it to produce the report.
- I can't use
wait_for_open_port because that triggers ssh-audit to exit - it's not meant to be a permanent service, after all.
- In case of error I have to look at the output to see which changes it recommends to my configuration, so I have to redirect
ssh-audit stdout to /dev/console .
| 05:38:57 |
Artturin | This file has all the test driver commands https://github.com/NixOS/nixpkgs/blob/master/nixos/lib/test-driver/test_driver/machine.py | 05:39:07 |
l0b0 | * The ugliness comes from several issues:
- The
ssh-audit exit code is the only unambiguous indication of success. ssh-audit always prints to stdout, even in case of success, and doesn't print errors to stderr.
ssh-audit has to run asynchronously because a client needs to talk to it to produce the report.
- I can't use
wait_for_open_port because that triggers ssh-audit to exit - it's not meant to be a permanent service, after all.
- In case of error I have to look at the output to see which changes it recommends to my configuration, so I have to redirect
ssh-audit stdout to /dev/console .
| 05:39:10 |
l0b0 | * The ugliness comes from several issues:
- The
ssh-audit exit code is the only unambiguous indication of success. ssh-audit always prints to stdout, even in case of success, and doesn't print errors to stderr.
ssh-audit has to run asynchronously because a client needs to talk to it to produce the report.
- I can't use
wait_for_open_port because that triggers ssh-audit to exit - it's not meant to be a permanent service, after all. ssh-audit doesn't print anything to indicate it's ready to receive connections, so I also can't check for specific output to verify that it's ready.
- In case of error I have to look at the output to see which changes it recommends to my configuration, so I have to redirect
ssh-audit stdout to /dev/console .
| 05:41:00 |
Artturin | l0b0:
$ bash -c "exit 3"
$ echo $?
3
$ systemd-run --user bash -c "exit 3"
Running as unit: run-r87bbe16cbe554be0965fc147cc7ecc81.service
$ systemctl show --user run-r87bbe16cbe554be0965fc147cc7ecc81.service --property="ExecMainStatus"
ExecMainStatus=3
| 05:48:08 |
l0b0 | In reply to @artturin:matrix.org
l0b0:
$ bash -c "exit 3"
$ echo $?
3
$ systemd-run --user bash -c "exit 3"
Running as unit: run-r87bbe16cbe554be0965fc147cc7ecc81.service
$ systemctl show --user run-r87bbe16cbe554be0965fc147cc7ecc81.service --property="ExecMainStatus"
ExecMainStatus=3
Oh, nifty! Can I control the unit name, or do I have to parse stdout to get it? | 05:48:56 |
l0b0 | In reply to @artturin:matrix.org
l0b0:
$ bash -c "exit 3"
$ echo $?
3
$ systemd-run --user bash -c "exit 3"
Running as unit: run-r87bbe16cbe554be0965fc147cc7ecc81.service
$ systemctl show --user run-r87bbe16cbe554be0965fc147cc7ecc81.service --property="ExecMainStatus"
ExecMainStatus=3
* Oh, nifty! ~Can I control the unit name, or do I have to parse stdout to get it?~ I'll just check… | 05:49:10 |
Artturin | you can with -u | 05:49:18 |
Artturin | according to help | 05:49:28 |
Artturin | Maybe you can wait with https://github.com/NixOS/nixpkgs/blob/master/nixos/lib/test-driver/test_driver/machine.py#L506 | 05:49:51 |
Artturin | require_unit_state | 05:49:54 |
Artturin | Waiting for a failed | 05:50:22 |
Artturin | Seems you don't even have to use the systemd-run command but can do it in python https://github.com/NixOS/nixpkgs/blob/4ef910059530798af9f36376f812488edf39d751/nixos/lib/test-driver/test_driver/machine.py#L461 | 05:52:33 |
Artturin | info = self.get_unit_info(unit, user)
if info["ExecMainStatus"] == "123":
| 05:53:14 |
Artturin | * check the check_active in wait_for_unit
info = self.get_unit_info(unit, user)
if info["ExecMainStatus"] == "123":
| 05:53:43 |
l0b0 | I'm running into something odd while trying this:
server: must succeed: systemd-run --unit=ssh-audit.service --user /nix/store/cqsj9477bs0r92cnvdbnhxhgp3csmzkl-ssh-audit-2.9.0/bin/ssh-audit --client-audit --port=2222 server # Failed to connect to bus: No medium found
| 06:01:38 |
Artturin | The environment is almost completely cleared | 06:04:27 |
Artturin | In reply to @vengmark2:matrix.org
I'm running into something odd while trying this:
server: must succeed: systemd-run --unit=ssh-audit.service --user /nix/store/cqsj9477bs0r92cnvdbnhxhgp3csmzkl-ssh-audit-2.9.0/bin/ssh-audit --client-audit --port=2222 server # Failed to connect to bus: No medium found
Oh that's coming from systemd https://github.com/search?q=%2FFailed+to+connect+to+bus%3A+No+medium%2F&type=code | 06:06:52 |
Artturin | Try no --user | 06:07:22 |
Artturin | Not a good error :/ | 06:08:18 |
l0b0 | I really wish there was a wait_for_unit_state … | 06:10:03 |
Artturin | Maybe a new arg to wait_for_unit | 06:11:39 |