File: task.yaml

package info (click to toggle)
snapd 2.74.1-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 81,428 kB
  • sloc: sh: 16,966; ansic: 16,788; python: 11,332; makefile: 1,897; exp: 190; awk: 58; xml: 22
file content (65 lines) | stat: -rw-r--r-- 2,767 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
summary: Check that `snapctl` can be run from within hooks

details: |
    Verifies the `snapctl` command can be invoked by regular users, check some
    error messages and that the snapd API is only available via the snapd socket.

prepare: |
    "$TESTSTOOLS"/snaps-state install-local snapctl-hooks
    "$TESTSTOOLS"/snaps-state install-local test-snapd-sh-core24

execute: |
    echo "Verify that snapctl -h runs without a context"
    if ! snapctl -h; then
        echo "Expected snapctl -h to be successful"
        exit 1
    fi

    echo "Verify that snapctl -h and --help run for regular users"
    for arg in "-h" "--help"; do
        if ! su -c "snapctl $arg" test ; then
            echo "Expected snapctl -h to be successful for regular user"
            exit 1
        fi
    done
    echo "Verify that snapctl set -h run for regular user"
    if ! su -c "snapctl get -h" test ; then
            echo "Expected snapctl get -h to be successful for test user"
            exit 1
    fi

    echo "Verify that snapctl set is forbidden for regular user"
    su -c "snapctl set snapctl-hooks foo=bar" test 2>&1 | MATCH "cannot use \"set\" with uid .*, try with sudo"

    echo "Verify that snapctl fails with correct error message using flag if regular user"
    su -c "snapctl start --enable" test 2>&1 | MATCH "cannot use \"start\" with uid [0-9]+, try with sudo"
 
    echo "Verify that the snapd API is only available via the snapd socket"
    if ! printf 'GET /v2/snaps HTTP/1.0\r\n\r\n' | nc -U -w 1 /run/snapd.socket | grep '200 OK'; then
        echo "Expected snapd API to be available on the snapd socket"
        echo "Got: $(snap debug api /v2/snaps)"
        exit 1
    fi

    if ! printf 'GET /v2/snaps HTTP/1.0\r\n\r\n' | nc -U -w 1 /run/snapd-snap.socket | grep '403 Forbidden'; then
        echo "Expected snapd API to be forbidden on the snap socket"
        exit 1
    fi

    echo "Verify snapctl version reports the same version as snap version"

    snapd_version="$(snap version | awk '/snapd / { print $2 }')"
    test -n "$snapd_version"
    snapctl_version="$(snapctl version |   awk '/snapd / { print $2 }')"
    snapctl_user_version="$(su -c 'snapctl version' test | awk '/snapd / { print $2 }')"
    snapctl_snap_shell_version="$(test-snapd-sh-core24.sh -c 'snapctl version' | awk '/snapd / { print $2 }')"

    test "$snapd_version" = "$snapctl_version"
    test "$snapd_version" = "$snapctl_user_version"
    test "$snapd_version" = "$snapctl_snap_shell_version"

    snapd_series="$(snap version | awk '/series / { print $2 }')"
    snapctl_snap_shell_series="$(test-snapd-sh-core24.sh -c 'snapctl version' | awk '/series / { print $2 }')"

    test -n "$snapd_series"
    test "$snapd_series" = "$snapctl_snap_shell_series"