action #93441: [sle][security][sle15sp4][CC] CC hand over
[sle][security][sle15sp4][CC][s390x] handle "permit_root_ssh" login issue on s390x
Based on the comments from Marcus, You cannot remove a security condition of the CC setup. ("root ssh access is not allowed" is a hard CC requirement)
We should find a way to fix the openqa failed case:
We may need use non-root user to access the system rather than root as a solutioin.
#1 Updated by rfan1 about 1 month ago
May I ask for your kindly help to take a look at this issue?
When testing Common Criteria system role based VM, root ssh is not permitted by default, and this is CC hard requirement based on Marcus's comment.
CC is supported on 3 platforms x86_64/aarch64 and s390x, for x86_64 and aarch64, we used to connect to the VM via qemu VNC while we try to connect root console via "select_console 'root-console'".
But for s390x, it seems another story, we should have to ssh access to the VM via root user. then the problem shows up.
I did some changes like below and seems it can work well:
- select_console 'root-console'; + select_console('user-console', ensure_tty_selected => 0, skip_setterm => 1); + my $password = $testapi::password; + type_string("sudo -i\n"); + type_string("$password\n");
However, it is not an easy to fix this issue, since so many test modules have "select_console 'root-console';" function. I have to apply my changes one by one.
Do you have any suggestion here?