1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
summary: ensure snap system users are created
details: |
Snapd has limited capability to create a non-root accounts, so that certain
services that would normally run as root, perform initial configuration as
root but then drop to a less privileged user.
The test checks that this system functions for the special case user names
snap_daemon and _daemon_.
# List of expected snap install failures due to libseccomp/golang-seccomp being
# too old. Since the illegal name check happens after verifying system support,
# we can ignore these. Ignore ubuntu-core since groupdel doesn't support
# --extrausers
systems: [-amazon-linux-2-*, -ubuntu-14.04-*, -ubuntu-core-*]
environment:
SNAP_USER/snap_daemon: snap_daemon
SNAP_USER/_daemon_: _daemon_
SNAP_USER_UID/snap_daemon: 584788
SNAP_USER_UID/_daemon_: 584792
prepare: |
cp daemon-user/meta/snap.yaml.in daemon-user/meta/snap.yaml
cat <<EOF >> daemon-user/meta/snap.yaml
system-usernames:
$SNAP_USER: shared
EOF
restore: |
# remove any leftovers
snap remove --purge daemon-user || true
# ensure clean system
userdel "$SNAP_USER" || true
not getent passwd "$SNAP_USER"
groupdel "$SNAP_USER" || true
not getent group "$SNAP_USER"
execute: |
echo "When the snap is installed"
"$TESTSTOOLS"/snaps-state install-local daemon-user
echo "The user is available"
getent passwd "$SNAP_USER" | MATCH "$SNAP_USER_UID"
getent group "$SNAP_USER" | MATCH "$SNAP_USER_UID"
daemon-user.sh -c "id $SNAP_USER" | MATCH "$SNAP_USER_UID"
|
