File: task.yaml

package info (click to toggle)
snapd 2.72-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 80,412 kB
  • sloc: sh: 16,506; ansic: 16,211; python: 11,213; makefile: 1,919; exp: 190; awk: 58; xml: 22
file content (61 lines) | stat: -rw-r--r-- 2,169 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
 
summary: verify that snap binaries dir is present in PATH under sudo

details: |
    Some distributions set secure_path in /etc/sudoers which resets the PATH
    under sudo to some predefined set of locations. Make sure to account for all
    distros supported by snapd that have sudo set up this way.

# ubuntu-14.04: no support for user sessions used by test helpers
systems: [ -ubuntu-14.04-* ]

environment:
    # list of regular expressions that match systems where sudo is set up to use
    # secure_path without snap bindir
    SECURE_PATH_SUDO_NO_SNAP: "centos-.* amazon-linux-2-64 opensuse-.* debian-.* arch-linux-.*"

prepare: |
    tests.session -u test prepare

restore: |
    tests.session -u test restore

debug: |
    cat sudo.path || true
    cat sudo-login.path || true

execute: |
    # run a snap command via sudo
    # shellcheck disable=SC2016
    tests.session -u test exec sudo sh -c 'echo :$PATH:' > sudo.path
    # and again via sudo --login which should load /etc/profile
    # shellcheck disable=SC2016
    tests.session -u test exec sudo --login sh -c 'echo :$PATH:' > sudo-login.path

    secure_path=no
    for regex in $SECURE_PATH_SUDO_NO_SNAP ; do
        if echo "$SPREAD_SYSTEM" | grep -Eq "$regex" ; then
            secure_path=yes
            break
        fi
    done

    SNAP_MOUNT_DIR="$(os.paths snap-mount-dir)"
    if [ "$secure_path" = "yes" ] ; then
        NOMATCH ":${SNAP_MOUNT_DIR}/bin:" < sudo.path
    else
        MATCH ":${SNAP_MOUNT_DIR}/bin:" < sudo.path
    fi
    # in either case, the location should be listed in a login shell
    MATCH ":${SNAP_MOUNT_DIR}/bin:" < sudo-login.path

    if [ "$secure_path" = "yes" ]; then
       # add a snippet we recommend using as a workaround
       # https://wiki.archlinux.org/title/Snap#Sudo
       echo "Defaults:test secure_path=\"/usr/local/sbin:/usr/local/bin:/usr/bin:${SNAP_MOUNT_DIR}/bin\"" > /etc/sudoers.d/90_snap
       tests.cleanup defer rm -f /etc/sudoers.d/90_snap

       # and try again
       # shellcheck disable=SC2016
       tests.session -u test exec sudo sh -c 'echo :$PATH:' > sudo.path
       MATCH ":${SNAP_MOUNT_DIR}/bin:" < sudo.path
    fi