File: task.yaml

package info (click to toggle)
snapd 2.72-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 80,412 kB
  • sloc: sh: 16,506; ansic: 16,211; python: 11,213; makefile: 1,919; exp: 190; awk: 58; xml: 22
file content (90 lines) | stat: -rw-r--r-- 3,080 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
 
summary: Ensure security profile re-generation works with system-key

details: |
    Check that security profile are re-generated when a system-key
    version mismatch is detected. Also check that `snap run` waits
    for system-key updates unless when it can talk to snapd.

prepare: |
    echo "Make backup of fstab"
    cp /etc/fstab /tmp/fstab.save

restore: |
    echo "Restore fstab copy"
    cp /tmp/fstab.save /etc/fstab
    rm -f /tmp/fstab.save
    # Systemd detects changes to fstab and complains that the -.mount unit has
    # changed on disk.
    systemctl daemon-reload

execute: |
    stop_snapd() {
        systemctl stop snapd.service snapd.socket
        while [ "$(systemctl show -pActiveState snapd.service)" != "ActiveState=inactive" ]; do
            systemctl show -pActiveState snapd.service
            sleep 1
        done
    }
    start_snapd() {
        systemctl start snapd.service snapd.socket
        while [ "$(systemctl show -pActiveState snapd.service)" != "ActiveState=active" ]; do
            systemctl show -pActiveState snapd.service
            sleep 1
        done
    }
    restart_snapd() {
        stop_snapd
        # to avoid hitting "start-limit-hit"
        systemctl reset-failed snapd.service snapd.socket
        start_snapd
    }

    echo "Ensure a valid system-key file is on-disk"
    MATCH '"build-id":"[0-9a-z]+"' < /var/lib/snapd/system-key
    buf="$(stat /var/lib/snapd/system-key)"

    echo "Ensure that the system-key is not rewritten if system-key is unchanged"
    restart_snapd
    buf2="$(stat /var/lib/snapd/system-key)"
    if [ "$buf" != "$buf2" ]; then
        echo "system-key got rewritten: $buf != buf2, test broken"
        exit 1
    fi

    echo "Ensure that the system-key is rewritten if system-key changes"
    printf '{"version":1}' > /var/lib/snapd/system-key
    restart_snapd
    if grep '{"version":1}' /var/lib/snapd/system-key; then
        echo "system-key *not* rewritten test broken"
        exit 1
    fi

    echo "Ensure snap run waits for system key updates"
    snap install test-snapd-sh
    echo "Change system-key, this ensure that snap run will wait"
    printf '{"version":1}' > /var/lib/snapd/system-key
    stop_snapd
    if SNAPD_DEBUG_SYSTEM_KEY_RETRY=1 test-snapd-sh.sh -c 'echo bad'; then
        echo "snap run should have errored because of changed system-key"
        exit 1
    fi
    start_snapd

    echo "Ensure snap run does not wait when it can talk to snapd"
    echo "Change system-key, with running snapd"
    printf '{"version":1}' > /var/lib/snapd/system-key
    test-snapd-sh.sh -c 'echo good'

    echo "Things work again after a restart of snapd"
    restart_snapd
    test-snapd-sh.sh -c 'echo good-again'
    if grep '{"version":1}' /var/lib/snapd/system-key; then
        echo "system-key *not* rewritten test broken"
        exit 1
    fi

    echo "Ensure snapd works even with invalid /etc/fstab (LP: #1760841)"
    echo "invalid so very invalid so invalid" >> /etc/fstab
    restart_snapd
    echo "Ensure snap commands still work"
    snap list