From 1ba12d98d5b068083fbb855b287d0b6da0ada80d Mon Sep 17 00:00:00 2001
From: Sebastien Buisson <sbuisson@ddn.com>
Date: Mon, 1 May 2023 16:44:18 -0700
Subject: [PATCH] LU-16784 tests: fix path to lgss_sk

Find correct path to lgss_sk utility, by looking inside Lustre build
tree if command is not installed on the local node.

Test-Parameters: trivial
Test-Parameters: mdscount=2 mdtcount=4 osscount=1 ostcount=8 clientcount=2 testlist=sanity-sec env=SHARED_KEY=true
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I23920bb2a44d2ec7e9662e75c23bd5302d8dfee2
Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/50825
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Sarah Liu <sarah@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
---
 lustre/tests/sanity-sec.sh     | 14 +++++++-------
 lustre/tests/sanity-selinux.sh |  4 ++--
 lustre/tests/test-framework.sh | 39 ++++++++++++++++++++++-----------------
 3 files changed, 31 insertions(+), 26 deletions(-)

diff --git a/lustre/tests/sanity-sec.sh b/lustre/tests/sanity-sec.sh
index 23e4074..062e5b7 100755
--- a/lustre/tests/sanity-sec.sh
+++ b/lustre/tests/sanity-sec.sh
@@ -2236,7 +2236,7 @@ test_30() {
 	do_node ${clients_arr[0]} "keyctl show |
 		awk '/lustre/ { print \\\$1 }' | xargs -IX keyctl unlink X"
 	# generate key with bogus filesystem name
-	do_node ${clients_arr[0]} "lgss_sk -w $SK_PATH/$FSNAME-bogus.key \
+	do_node ${clients_arr[0]} "$LGSS_SK -w $SK_PATH/$FSNAME-bogus.key \
 		-f $FSNAME.bogus -t client -d /dev/urandom" ||
 		error "lgss_sk failed (1)"
 	do_facet $SINGLEMDS lfs flushctx || error "could not run flushctx"
@@ -2512,16 +2512,16 @@ test_32() {
 	start_gss_daemons $mgs_HOST "$LSVCGSSD -vvv -s -g"
 
 	# add mgs key type and MGS NIDs in key on MGS
-	do_nodes $mgs_HOST "lgss_sk -t mgs,server -g $MGSNID -m \
+	do_nodes $mgs_HOST "$LGSS_SK -t mgs,server -g $MGSNID -m \
 				$SK_PATH/$FSNAME.key >/dev/null 2>&1" ||
 		error "could not modify keyfile on MGS"
 
 	# load modified key file on MGS
-	do_nodes $mgs_HOST "lgss_sk -l $SK_PATH/$FSNAME.key >/dev/null 2>&1" ||
+	do_nodes $mgs_HOST "$LGSS_SK -l $SK_PATH/$FSNAME.key >/dev/null 2>&1" ||
 		error "could not load keyfile on MGS"
 
 	# add MGS NIDs in key on client
-	do_nodes ${clients_arr[0]} "lgss_sk -g $MGSNID -m \
+	do_nodes ${clients_arr[0]} "$LGSS_SK -g $MGSNID -m \
 				$SK_PATH/$FSNAME.key >/dev/null 2>&1" ||
 		error "could not modify keyfile on MGS"
 
@@ -2627,16 +2627,16 @@ test_33() {
 	start_gss_daemons $mgs_HOST "$LSVCGSSD -vvv -s -g"
 
 	# add mgs key type and MGS NIDs in key on MGS
-	do_nodes $mgs_HOST "lgss_sk -t mgs,server -g $MGSNID -m \
+	do_nodes $mgs_HOST "$LGSS_SK -t mgs,server -g $MGSNID -m \
 				$SK_PATH/$FSNAME.key >/dev/null 2>&1" ||
 		error "could not modify keyfile on MGS"
 
 	# load modified key file on MGS
-	do_nodes $mgs_HOST "lgss_sk -l $SK_PATH/$FSNAME.key >/dev/null 2>&1" ||
+	do_nodes $mgs_HOST "$LGSS_SK -l $SK_PATH/$FSNAME.key >/dev/null 2>&1" ||
 		error "could not load keyfile on MGS"
 
 	# add MGS NIDs in key on client
-	do_nodes ${clients_arr[0]} "lgss_sk -g $MGSNID -m \
+	do_nodes ${clients_arr[0]} "$LGSS_SK -g $MGSNID -m \
 				$SK_PATH/$FSNAME.key >/dev/null 2>&1" ||
 		error "could not modify keyfile on MGS"
 
diff --git a/lustre/tests/sanity-selinux.sh b/lustre/tests/sanity-selinux.sh
index 4427a2e..34680ac 100755
--- a/lustre/tests/sanity-selinux.sh
+++ b/lustre/tests/sanity-selinux.sh
@@ -590,7 +590,7 @@ test_21a() {
 		export SK_UNIQUE_NM=true
 
 		# load specific key on servers
-		do_nodes $(comma_list $(all_server_nodes)) "lgss_sk -t server \
+		do_nodes $(comma_list $(all_server_nodes)) "$LGSS_SK -t server \
 						    -l $SK_PATH/nodemap/c0.key"
 
 		# set perms for per-nodemap keys else permission denied
@@ -678,7 +678,7 @@ test_21b() {
 		export SK_UNIQUE_NM=true
 
 		# load specific key on servers
-		do_nodes $(comma_list $(all_server_nodes)) "lgss_sk -t server \
+		do_nodes $(comma_list $(all_server_nodes)) "$LGSS_SK -t server \
 						    -l $SK_PATH/nodemap/c0.key"
 
 		# set perms for per-nodemap keys else permission denied
diff --git a/lustre/tests/test-framework.sh b/lustre/tests/test-framework.sh
index 1f92dc2..eaf58f0 100755
--- a/lustre/tests/test-framework.sh
+++ b/lustre/tests/test-framework.sh
@@ -374,7 +374,11 @@ init_test_env() {
 
 	if $SHARED_KEY; then
 		$RPC_MODE || echo "Using GSS shared-key feature"
-		which lgss_sk > /dev/null 2>&1 ||
+		[ -n "$LGSS_SK" ] ||
+			export LGSS_SK=$(which lgss_sk 2> /dev/null)
+		[ -n "$LGSS_SK" ] ||
+			export LGSS_SK="$LUSTRE/utils/gss/lgss_sk"
+		[ -n "$LGSS_SK" ] ||
 			error_exit "built with lgss_sk disabled! SEC=$SEC"
 		GSS=true
 		GSS_SK=true
@@ -1121,7 +1125,7 @@ init_gss() {
 	if $GSS_SK && ! $SK_NO_KEY; then
 		echo "Loading basic SSK keys on all servers"
 		do_nodes $(comma_list $(all_server_nodes)) \
-			"lgss_sk -t server -l $SK_PATH/$FSNAME.key || true"
+			"$LGSS_SK -t server -l $SK_PATH/$FSNAME.key || true"
 		do_nodes $(comma_list $(all_server_nodes)) \
 				"keyctl show | grep lustre | cut -c1-11 |
 				sed -e 's/ //g;' |
@@ -1179,19 +1183,19 @@ init_gss() {
 		# and S2S now requires keys as well, both for "client"
 		# and for "server"
 		if $SK_S2S; then
-			lgss_sk -t server -f$FSNAME -n $SK_S2SNMCLI \
+			$LGSS_SK -t server -f$FSNAME -n $SK_S2SNMCLI \
 				-w $SK_PATH/$FSNAME-nmclient.key \
 				-d /dev/urandom >/dev/null 2>&1
-			lgss_sk -t mgs,server -f$FSNAME -n $SK_S2SNM \
+			$LGSS_SK -t mgs,server -f$FSNAME -n $SK_S2SNM \
 				-w $SK_PATH/$FSNAME-s2s-server.key \
 				-d /dev/urandom >/dev/null 2>&1
 		fi
 		# basic key create
-		lgss_sk -t server -f$FSNAME -w $SK_PATH/$FSNAME.key \
+		$LGSS_SK -t server -f$FSNAME -w $SK_PATH/$FSNAME.key \
 			-d /dev/urandom >/dev/null 2>&1
 		# per-nodemap keys
 		for i in $(seq 0 $((numclients - 1))); do
-			lgss_sk -t server -f$FSNAME -n c$i \
+			$LGSS_SK -t server -f$FSNAME -n c$i \
 				-w $SK_PATH/nodemap/c$i.key -d /dev/urandom \
 				>/dev/null 2>&1
 		done
@@ -1203,27 +1207,28 @@ init_gss() {
 		fi
 		# Set client keys to client type to generate prime P
 		if local_mode; then
-			do_nodes $(all_nodes) "lgss_sk -t client,server -m \
+			do_nodes $(all_nodes) "$LGSS_SK -t client,server -m \
 				$SK_PATH/$FSNAME.key >/dev/null 2>&1"
 		else
-			do_nodes $clients "lgss_sk -t client -m \
+			do_nodes $clients "$LGSS_SK -t client -m \
 				$SK_PATH/$FSNAME.key >/dev/null 2>&1"
-			do_nodes $clients "find $SK_PATH/nodemap -name \*.key | \
-				xargs -IX lgss_sk -t client -m X >/dev/null 2>&1"
+			do_nodes $clients "find $SK_PATH/nodemap \
+				-name \*.key | xargs -IX $LGSS_SK -t client \
+				-m X >/dev/null 2>&1"
 		fi
 		# This is required for servers as well, if S2S in use
 		if $SK_S2S; then
 			do_nodes $(comma_list $(mdts_nodes)) \
 				"cp $SK_PATH/$FSNAME-s2s-server.key \
-				$SK_PATH/$FSNAME-s2s-client.key; lgss_sk \
+				$SK_PATH/$FSNAME-s2s-client.key; $LGSS_SK \
 				-t client -m $SK_PATH/$FSNAME-s2s-client.key \
 				>/dev/null 2>&1"
 			do_nodes $(comma_list $(osts_nodes)) \
 				"cp $SK_PATH/$FSNAME-s2s-server.key \
-				$SK_PATH/$FSNAME-s2s-client.key; lgss_sk \
+				$SK_PATH/$FSNAME-s2s-client.key; $LGSS_SK \
 				-t client -m $SK_PATH/$FSNAME-s2s-client.key \
 				>/dev/null 2>&1"
-			do_nodes $clients "lgss_sk -t client \
+			do_nodes $clients "$LGSS_SK -t client \
 				-m $SK_PATH/$FSNAME-nmclient.key \
 				 >/dev/null 2>&1"
 		fi
@@ -2590,8 +2595,8 @@ zconf_mount_clients() {
 			local i=0
 			# Mount all server nodes first with per-NM keys
 			for nmclient in ${clients//,/ }; do
-				# do_nodes $(comma_list $(all_server_nodes)) "lgss_sk -t server -l $SK_PATH/nodemap/c$i.key -n c$i"
-				do_nodes $(comma_list $(all_server_nodes)) "lgss_sk -t server -l $SK_PATH/nodemap/c$i.key"
+				do_nodes $(comma_list $(all_server_nodes)) \
+				"$LGSS_SK -t server -l $SK_PATH/nodemap/c$i.key"
 				i=$((i + 1))
 			done
 			# set perms for per-nodemap keys else permission denied
@@ -8326,7 +8331,7 @@ gather_logs () {
 		$LCTL dk > ${prefix}.debug_log.$(hostname -s).${suffix}
 		dmesg > ${prefix}.dmesg.$(hostname -s).${suffix}
 		[ "$SHARED_KEY" = true ] && find $SK_PATH -name '*.key' -exec \
-			lgss_sk -r {} \; &> \
+			$LGSS_SK -r {} \; &> \
 			${prefix}.ssk_keys.$(hostname -s).${suffix}
 		[ "$SHARED_KEY" = true ] && lctl get_param 'nodemap.*.*' > \
 			${prefix}.nodemaps.$(hostname -s).${suffix}
@@ -8342,7 +8347,7 @@ gather_logs () {
 		dmesg > ${prefix}.dmesg.\\\$(hostname -s).${suffix}"
 	if [ "$SHARED_KEY" = true ]; then
 		do_nodesv $list "find $SK_PATH -name '*.key' -exec \
-			lgss_sk -r {} \; &> \
+			$LGSS_SK -r {} \; &> \
 			${prefix}.ssk_keys.\\\$(hostname -s).${suffix}"
 		do_facet mds1 "lctl get_param 'nodemap.*.*' > \
 			${prefix}.nodemaps.\\\$(hostname -s).${suffix}"
-- 
1.8.3.1