Fix TestRootX11ForwardPermissions with temp user instead of hard code…

…d UID.
gravitational · Jan 7, 2025 · 8045df4 · 8045df4
1 parent c28647c
commit 8045df4
Showing 1 changed file with 12 additions and 6 deletions.
diff --git a/lib/srv/regular/sshserver_test.go b/lib/srv/regular/sshserver_test.go
@@ -78,6 +78,7 @@ import (
 	"github.com/gravitational/teleport/lib/sshutils/x11"
 	"github.com/gravitational/teleport/lib/utils"
 	"github.com/gravitational/teleport/lib/utils/cert"
+	"github.com/gravitational/teleport/lib/utils/host"
 )
 
 // teleportTestUser is additional user used for tests
@@ -1071,15 +1072,19 @@ func TestX11Forward(t *testing.T) {
 // TestRootX11ForwardPermissions tests that X11 forwarding sessions are set up
 // with the connecting user's file permissions (where needed), rather than root.
 func TestRootX11ForwardPermissions(t *testing.T) {
-	// TODO(Joerger): Fix CI issue related to github actions sometimes using
-	// UID 1001 - https://github.com/gravitational/teleport/pull/50176
-	t.Skip("This test is flaky")
-
 	utils.RequireRoot(t)
 	if os.Getenv("TELEPORT_XAUTH_TEST") == "" {
 		t.Skip("Skipping test as xauth is not enabled")
 	}
 
+	login := utils.GenerateLocalUsername(t)
+	_, err := host.UserAdd(login, nil, host.UserOpts{})
+	require.NoError(t, err)
+	t.Cleanup(func() {
+		_, err := host.UserDel(login)
+		require.NoError(t, err)
+	})
+
 	t.Parallel()
 	f := newFixtureWithoutDiskBasedLogging(t)
 	f.ssh.srv.x11 = &x11.ServerConfig{
@@ -1098,10 +1103,11 @@ func TestRootX11ForwardPermissions(t *testing.T) {
 	_, err = f.testSrv.Auth().UpsertRole(ctx, role)
 	require.NoError(t, err)
 
-	// Create a new X11 session as a non-root nonroot in the system.
-	nonroot, err := user.LookupId("1000")
+	// Create a new X11 session as a non-root user in the system.
+	nonroot, err := user.Lookup(login)
 	require.NoError(t, err)
 	client := f.newSSHClient(ctx, t, nonroot)
+	defer client.Close()
 	serverDisplay := x11EchoSession(ctx, t, client)
 
 	// Check that the xauth entry is readable for the connecting user.