diff options
author | Maximilian Bosch <maximilian@mbosch.me> | 2023-01-22 22:37:50 +0100 |
---|---|---|
committer | Maximilian Bosch <maximilian@mbosch.me> | 2024-04-26 19:04:06 +0200 |
commit | 104448e75d87d03d2fb0b4ac96d4da72e1dae50d (patch) | |
tree | 6c73af980f5845cdd003217d200e184eda8cac07 /tests/nixos | |
parent | 111db8b38fd8350d92d72fa17fd3d9e8ef5a0e09 (diff) |
ssh-ng: Set log-fd for ssh to `4` by default
That's expected by `build-remote` and makes sure that errors are
correctly forwarded to the user. For instance, let's say that the
host-key of `example.org` is unknown and
nix-build ../nixpkgs -A hello -j0 --builders 'ssh-ng://example.org'
is issued, then you get the following output:
cannot build on 'ssh-ng://example.org?&': error: failed to start SSH connection to 'example.org'
Failed to find a machine for remote build!
derivation: yh46gakxq3kchrbihwxvpn5bmadcw90b-hello-2.12.1.drv
required (system, features): (x86_64-linux, [])
2 available machines:
[...]
The relevant information (`Host key verification failed`) ends up in the
daemon's log, but that's not very obvious considering that the daemon
isn't very chatty normally.
This can be fixed - the same way as its done for legacy-ssh - by passing
fd 4 to the SSH wrapper. Now you'd get the following error:
cannot build on 'ssh-ng://example.org': error: failed to start SSH connection to 'example.org': Host key verification failed.
Failed to find a machine for remote build!
[...]
...and now it's clear what's wrong.
Please note that this is won't end up in the derivation's log.
For previous discussion about this change see
https://github.com/NixOS/nix/pull/7659.
Change-Id: I5790856dbf58e53ea3e63238b015ea06c347cf92
Diffstat (limited to 'tests/nixos')
-rw-r--r-- | tests/nixos/remote-builds-ssh-ng.nix | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/tests/nixos/remote-builds-ssh-ng.nix b/tests/nixos/remote-builds-ssh-ng.nix index 5ff471607..8deb9a504 100644 --- a/tests/nixos/remote-builds-ssh-ng.nix +++ b/tests/nixos/remote-builds-ssh-ng.nix @@ -95,6 +95,10 @@ in builder.succeed("mkdir -p -m 700 /root/.ssh") builder.copy_from_host("key.pub", "/root/.ssh/authorized_keys") builder.wait_for_unit("sshd.service") + + out = client.fail("nix-build ${expr nodes.client 1} 2>&1") + assert "error: failed to start SSH connection to 'root@builder': Host key verification failed" in out, f"No host verification error in {out}" + client.succeed(f"ssh -o StrictHostKeyChecking=no {builder.name} 'echo hello world' >&2") # Perform a build |