File: task.yaml

package info (click to toggle)
snapd 2.72-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 80,412 kB
  • sloc: sh: 16,506; ansic: 16,211; python: 11,213; makefile: 1,919; exp: 190; awk: 58; xml: 22
file content (126 lines) | stat: -rw-r--r-- 5,191 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
 
summary: Ensures that the system-observe interface works.

details: |
    A snap declaring the system-observe plug is defined, its command just calls
    ps -ax.

    The test itself checks for the lack of auto-connect and then tries to
    execute the snap command with the plug connected (it must succeed) and
    disconnected (it must fail).

# on s390x we do not have a serial port to observe
systems: [-ubuntu-*-s390x]

prepare: |
    echo "Given a snap declaring a plug on the system-observe interface is installed"
    snap install --edge test-snapd-system-observe-consumer

    if not os.query is-trusty; then
        echo "And hostnamed is started"
        systemctl start systemd-hostnamed
    fi

    # TODO: we should use only one snap for testing
    "$TESTSTOOLS"/snaps-state install-local testsnap
    snap connect testsnap:system-observe
    snap connect testsnap:network-setup-observe

restore: |
    if not os.query is-trusty; then
        systemctl stop systemd-hostnamed
    fi

execute: |
    # On Ubuntu Core, the kernel is delivered as a snap, so the /boot/config-*
    # files are missing. Support for these systems will come later.
    # Arch Linux and openSUSE tumbleweed, instead, are excluded because they
    # only ships the kernel config via /proc/config.gz
    if ! os.query is-core \
        && ! os.query is-arch-linux \
        && ! os.query is-opensuse tumbleweed; then
        echo "Check that we can read /boot"
        KERNEL_VERSION="$(uname -r)"
        testsnap.cmd cat "/boot/config-$KERNEL_VERSION" | MATCH "CONFIG_"

        echo "Check that we cannot write in /boot"
        if testsnap.cmd sh -c "echo oops > /boot/config-$KERNEL_VERSION"; then
            echo "/boot/ should not be writable!"
            exit 1
        fi
    fi

    echo "The interface is disconnected by default"
    snap interfaces -i system-observe | MATCH -- '^- +test-snapd-system-observe-consumer:system-observe'

    echo "When the interface is connected"
    snap connect test-snapd-system-observe-consumer:system-observe

    echo "Then the snap is able to get system information"
    expected="/dev/tty.*?serial"
    su -l -c "test-snapd-system-observe-consumer.consumer" test | MATCH "$expected"

    if not os.query is-trusty; then
        echo "And the snap is able to introspect hostname1"
        expected="<property name=\"Hostname\" type=\"s\" access=\"read\">"
        su -l -c "test-snapd-system-observe-consumer.dbus-introspect" test | MATCH "$expected"
    fi

    echo "Snap is able is able to query systemd properties"
    testsnap.cmd busctl call org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.DBus.Properties \
        GetAll s org.freedesktop.systemd1.Manager

    # systemd in 14.04 does not implement org.freedesktop.systemd1.Unit for units
    if not os.query is-trusty; then
        echo "Snap is able to list units"
        testsnap.cmd busctl call org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager ListUnits

        echo "Snap is able to query unit properties"
        testsnap.cmd busctl call org.freedesktop.systemd1 /org/freedesktop/systemd1/unit/snapd_2eservice \
            org.freedesktop.DBus.Properties GetAll s org.freedesktop.systemd1.Unit
    fi


    if [ "$(snap debug confinement)" = partial ] ; then
        exit 0
    fi

    echo "And the policy has the ptrace suppression rule"
    MATCH '^deny ptrace \(trace\),' < /var/lib/snapd/apparmor/profiles/snap.test-snapd-system-observe-consumer.consumer

    echo "When the plug is disconnected"
    snap disconnect test-snapd-system-observe-consumer:system-observe
    snap disconnect testsnap:system-observe

    echo "Then the snap is not able to get system information"
    if su -l -c "test-snapd-system-observe-consumer.consumer" test 2> consumer.error; then
        echo "Expected error with plug disconnected"
        exit 1
    fi
    MATCH "Permission denied" < consumer.error

    if not os.query is-trusty; then
        echo "And the snap is not able to introspect hostname1"
        if su -l -c "test-snapd-system-observe-consumer.dbus-introspect" test 2> introspect.error; then
            echo "Expected error with plug disconnected"
            exit 1
        fi
        MATCH "Permission denied" < introspect.error
    fi

    echo "Snap is not permitted to query systemd properties"
    not testsnap.cmd busctl call org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.DBus.Properties \
        GetAll s org.freedesktop.systemd1.Manager 2> log.error
    MATCH 'Access denied' < log.error

    if not os.query is-trusty; then
        echo "Snap is not able to list units"
        not testsnap.cmd busctl call org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager \
            ListUnits 2> log.error
        MATCH 'Access denied' < log.error

        echo "Snap is not permitted to query unit properties"
        not testsnap.cmd busctl call org.freedesktop.systemd1 /org/freedesktop/systemd1/unit/snapd_2eservice \
            org.freedesktop.DBus.Properties GetAll s org.freedesktop.systemd1.Unit 2> log.error
        MATCH 'Access denied' < log.error
    fi