Verify Privilege For Different Channels in openbmc-test-automation
Tony Lee (李文富)
Tony.Lee at quantatw.com
Tue Jan 21 14:09:16 AEDT 2020
> Are you saying that with NoAcess for channel x, you are able to get the IPMI
> response.
Yes.
> please note: -H x.x.x.x determines, which channel you are trying to
> communicate. Try the other IP address (because not sure, which channel is
> configured to what IP).
This is as I expected!
However, please look at the cases "Verify Administrator And No Access Privilege For Different Channels"
and "Verify Operator And User Privilege For Different Channels" in test_ipmi_user.robot.
For example: case "Verify Administrator And No Access Privilege For Different Channels" at the last two "Verify" steps:
'''
# Verify that user is able to run administrator level IPMI command with channel 1.
Verify IPMI Command ${random_username} ${valid_password} Administrator 1
# Verify that user is unable to run IPMI command with channel 2.
Run IPMI Standard Command sel info 2 expected_rc=${1} U=${random_username} P=${valid_password}
'''
In this case, first, there is only one IP address.
second, I can't find a description or SPEC about command like
"ipmitool -I lanplus -C 3 -p 623 -U YmRBwDUS -P 0penBmc1 -H x.x.x.x -L Administrator sel info 1"
which mean user is able to run IPMI command with channel 1.
If the method for out-of-band communication using different channels is the same as you described,
do we need to fix these two cases?
> Regards,
>
> Richard
>
More information about the openbmc
mailing list