Commit 05e8bebc authored by intrigeri's avatar intrigeri
Browse files

Merge branch 'test/5571-no-more-filesystem-shares' into stable (Fix-committed: #5571)

parents be9b18da aecf387e
<filesystem type='mount' accessmode='passthrough'>
<driver type='path' wrpolicy='immediate'/>
<source dir=''/>
<target dir=''/>
<readonly/>
</filesystem>
......@@ -3,11 +3,8 @@ Feature: Metadata Anonymization Toolkit
As a Tails user
I want to be able to remove leaky metadata from documents and media files
# In this feature we cannot restore from snapshots since it's
# incompatible with filesystem shares.
Scenario: MAT can clean a PNG file
Given a computer
And I setup a filesystem share containing a sample PNG
And I start Tails from DVD with network unplugged and I login
And I plug and mount a USB drive containing a sample PNG
Then MAT can clean some sample PNG file
......@@ -128,17 +128,6 @@ Then /^the VirtualBox guest modules are available$/ do
"The vboxguest module is not available.")
end
Given /^I setup a filesystem share containing a sample PNG$/ do
shared_png_dir_on_host = "#{$config["TMPDIR"]}/shared_png_dir"
@shared_png_dir_on_guest = "/tmp/shared_png_dir"
FileUtils.mkdir_p(shared_png_dir_on_host)
Dir.glob("#{MISC_FILES_DIR}/*.png") do |png_file|
FileUtils.cp(png_file, shared_png_dir_on_host)
end
add_after_scenario_hook { FileUtils.rm_r(shared_png_dir_on_host) }
$vm.add_share(shared_png_dir_on_host, @shared_png_dir_on_guest)
end
Then /^the support documentation page opens in Tor Browser$/ do
if @language == 'German'
expected_title = 'Tails - Hilfe & Support'
......@@ -156,11 +145,15 @@ Then /^the support documentation page opens in Tor Browser$/ do
)
end
Given /^I plug and mount a USB drive containing a sample PNG$/ do
@png_dir = share_host_files(Dir.glob("#{MISC_FILES_DIR}/*.png"))
end
Then /^MAT can clean some sample PNG file$/ do
for png_on_host in Dir.glob("#{MISC_FILES_DIR}/*.png") do
png_name = File.basename(png_on_host)
png_on_guest = "/home/#{LIVE_USER}/#{png_name}"
step "I copy \"#{@shared_png_dir_on_guest}/#{png_name}\" to \"#{png_on_guest}\" as user \"#{LIVE_USER}\""
step "I copy \"#{@png_dir}/#{png_name}\" to \"#{png_on_guest}\" as user \"#{LIVE_USER}\""
raw_check_cmd = "grep --quiet --fixed-strings --text " +
"'Created with GIMP' '#{png_on_guest}'"
assert($vm.execute(raw_check_cmd, user: LIVE_USER).success?,
......
......@@ -8,24 +8,6 @@ def post_vm_start_hook
@screen.click_point(@screen.w - 1, @screen.h/2)
end
def activate_filesystem_shares
# XXX-9p: First of all, filesystem shares cannot be mounted while we
# do a snapshot save+restore, so unmounting+remounting them seems
# like a good idea. However, the 9p modules get into a broken state
# during the save+restore, so we also would like to unload+reload
# them, but loading of 9pnet_virtio fails after a restore with
# "probe of virtio2 failed with error -2" (in dmesg) which makes the
# shares unavailable. Hence we leave this code commented for now.
#for mod in ["9pnet_virtio", "9p"] do
# $vm.execute("modprobe #{mod}")
#end
$vm.list_shares.each do |share|
$vm.execute("mkdir -p #{share}")
$vm.execute("mount -t 9p -o trans=virtio #{share} #{share}")
end
end
def context_menu_helper(top, bottom, menu_item)
try_for(60) do
t = @screen.wait(top, 10)
......@@ -41,17 +23,6 @@ def context_menu_helper(top, bottom, menu_item)
end
end
def deactivate_filesystem_shares
$vm.list_shares.each do |share|
$vm.execute("umount #{share}")
end
# XXX-9p: See XXX-9p above
#for mod in ["9p", "9pnet_virtio"] do
# $vm.execute("modprobe -r #{mod}")
#end
end
# This helper requires that the notification image is the one shown in
# the notification applet's list, not the notification pop-up.
def robust_notification_wait(notification_image, time_to_wait)
......@@ -92,9 +63,6 @@ def post_snapshot_restore_hook
$vm.wait_until_remote_shell_is_up
post_vm_start_hook
# XXX-9p: See XXX-9p above
#activate_filesystem_shares
# The guest's Tor's circuits' states are likely to get out of sync
# with the other relays, so we ensure that we have fresh circuits.
# Time jumps and incorrect clocks also confuses Tor in many ways.
......@@ -136,7 +104,7 @@ Given /^the computer is set to boot from (.+?) drive "(.+?)"$/ do |type, name|
$vm.set_disk_boot(name, type.downcase)
end
Given /^I (temporarily )?create a (\d+) ([[:alpha:]]+) disk named "([^"]+)"$/ do |temporary, size, unit, name|
Given /^I (temporarily )?create an? (\d+) ([[:alpha:]]+) disk named "([^"]+)"$/ do |temporary, size, unit, name|
$vm.storage.create_new_disk(name, {:size => size, :unit => unit,
:type => "qcow2"})
add_after_scenario_hook { $vm.storage.delete_volume(name) } if temporary
......@@ -343,7 +311,6 @@ Given /^the computer (re)?boots Tails$/ do |reboot|
Sikuli::Key.ENTER)
@screen.wait('TailsGreeter.png', 5*60)
$vm.wait_until_remote_shell_is_up
activate_filesystem_shares
step 'I configure Tails to use a simulated Tor network'
end
......@@ -993,3 +960,27 @@ Then /^Tails is running version (.+)$/ do |version|
.scan(/TAILS_VERSION_ID="(#{version})"/).flatten.first
assert_equal(version, v2, "The version doesn't match /etc/os-release")
end
def share_host_files(files)
files = [files] if files.class == String
assert_equal(Array, files.class)
disk_size = files.map { |f| File.new(f).size } .inject(0, :+)
# Let's add some extra space for filesysten overhead etc.
disk_size += [convert_to_bytes(1, 'MiB'), (disk_size * 0.10).ceil].max
disk = random_alpha_string(10)
step "I temporarily create an #{disk_size} bytes disk named \"#{disk}\""
step "I create a gpt partition labeled \"#{disk}\" with an ext4 " +
"filesystem on disk \"#{disk}\""
$vm.storage.guestfs_disk_helper(disk) do |g, _|
partition = g.list_partitions().first
g.mount(partition, "/")
files.each { |f| g.upload(f, "/" + File.basename(f)) }
end
step "I plug USB drive \"#{disk}\""
mount_dir = $vm.execute_successfully('mktemp -d').stdout.chomp
dev = $vm.disk_dev(disk)
partition = dev + '1'
$vm.execute_successfully("mount #{partition} #{mount_dir}")
$vm.execute_successfully("chmod -R a+rX '#{mount_dir}'")
return mount_dir
end
Given /^I create sample videos$/ do
@shared_video_dir_on_host = "#{$config["TMPDIR"]}/shared_video_dir"
@shared_video_dir_on_guest = "/tmp/shared_video_dir"
FileUtils.mkdir_p(@shared_video_dir_on_host)
add_after_scenario_hook { FileUtils.rm_r(@shared_video_dir_on_host) }
@video_dir_on_host = "#{$config["TMPDIR"]}/video_dir"
FileUtils.mkdir_p(@video_dir_on_host)
add_after_scenario_hook { FileUtils.rm_r(@video_dir_on_host) }
fatal_system("avconv -loop 1 -t 30 -f image2 " +
"-i 'features/images/USBTailsLogo.png' " +
"-an -vcodec libx264 -y " +
'-filter:v "crop=in_w-mod(in_w\,2):in_h-mod(in_h\,2)" ' +
"'#{@shared_video_dir_on_host}/video.mp4' >/dev/null 2>&1")
"'#{@video_dir_on_host}/video.mp4' >/dev/null 2>&1")
end
Given /^I setup a filesystem share containing sample videos$/ do
$vm.add_share(@shared_video_dir_on_host, @shared_video_dir_on_guest)
Given /^I plug and mount a USB drive containing sample videos$/ do
@video_dir_on_guest = share_host_files(
Dir.glob("#{@video_dir_on_host}/*")
)
end
Given /^I copy the sample videos to "([^"]+)" as user "([^"]+)"$/ do |destination, user|
for video_on_host in Dir.glob("#{@shared_video_dir_on_host}/*.mp4") do
for video_on_host in Dir.glob("#{@video_dir_on_host}/*.mp4") do
video_name = File.basename(video_on_host)
src_on_guest = "#{@shared_video_dir_on_guest}/#{video_name}"
src_on_guest = "#{@video_dir_on_guest}/#{video_name}"
dst_on_guest = "#{destination}/#{video_name}"
step "I copy \"#{src_on_guest}\" to \"#{dst_on_guest}\" as user \"amnesia\""
end
......
......@@ -78,7 +78,10 @@ end
def usb_install_helper(name)
@screen.wait('USBTailsLogo.png', 10)
if @screen.exists("USBCannotUpgrade.png")
text = Dogtail::Application.new('tails-installer')
.child('', roleName: 'text').text
dev = $vm.disk_dev(name)
if text.match(/It is impossible to upgrade the device .+ #{dev}\d* /)
raise UpgradeNotSupported
end
begin
......@@ -153,13 +156,9 @@ When /^I am told that the destination device cannot be upgraded$/ do
@screen.find("USBCannotUpgrade.png")
end
Given /^I setup a filesystem share containing the Tails ISO$/ do
shared_iso_dir_on_host = "#{$config["TMPDIR"]}/shared_iso_dir"
@shared_iso_dir_on_guest = "/tmp/shared_iso_dir"
FileUtils.mkdir_p(shared_iso_dir_on_host)
FileUtils.cp(TAILS_ISO, shared_iso_dir_on_host)
add_after_scenario_hook { FileUtils.rm_r(shared_iso_dir_on_host) }
$vm.add_share(shared_iso_dir_on_host, @shared_iso_dir_on_guest)
Given /^I plug and mount a USB drive containing the Tails ISO$/ do
iso_dir = share_host_files(TAILS_ISO)
@iso_path = "#{iso_dir}/#{File.basename(TAILS_ISO)}"
end
When /^I do a "Upgrade from ISO" on USB drive "([^"]+)"$/ do |name|
......@@ -171,8 +170,7 @@ When /^I do a "Upgrade from ISO" on USB drive "([^"]+)"$/ do |name|
@screen.wait_and_click('GnomeFileDiagHome.png', 10)
@screen.type("l", Sikuli::KeyModifier.CTRL)
@screen.wait('GnomeFileDiagTypeFilename.png', 10)
iso = "#{@shared_iso_dir_on_guest}/#{File.basename(TAILS_ISO)}"
@screen.type(iso)
@screen.type(@iso_path)
@screen.wait_and_click('GnomeFileDiagOpenButton.png', 10)
usb_install_helper(name)
end
......@@ -276,10 +274,9 @@ Then /^the running Tails is installed on USB drive "([^"]+)"$/ do |target_name|
end
Then /^the ISO's Tails is installed on USB drive "([^"]+)"$/ do |target_name|
iso = "#{@shared_iso_dir_on_guest}/#{File.basename(TAILS_ISO)}"
iso_root = "/mnt/iso"
$vm.execute("mkdir -p #{iso_root}")
$vm.execute("mount -o loop #{iso} #{iso_root}")
$vm.execute("mount -o loop #{@iso_path} #{iso_root}")
tails_is_installed_helper(target_name, iso_root, "isolinux")
$vm.execute("umount #{iso_root}")
end
......
......@@ -144,13 +144,7 @@ class VMStorage
end
def disk_mklabel(name, parttype)
disk = {
:path => disk_path(name),
:opts => {
:format => disk_format(name)
}
}
guestfs_disk_helper(disk) do |g, disk_handle|
guestfs_disk_helper(name) do |g, disk_handle|
g.part_init(disk_handle, parttype)
end
end
......@@ -158,13 +152,7 @@ class VMStorage
def disk_mkpartfs(name, parttype, fstype, opts = {})
opts[:label] ||= nil
opts[:luks_password] ||= nil
disk = {
:path => disk_path(name),
:opts => {
:format => disk_format(name)
}
}
guestfs_disk_helper(disk) do |g, disk_handle|
guestfs_disk_helper(name) do |g, disk_handle|
g.part_disk(disk_handle, parttype)
g.part_set_name(disk_handle, 1, opts[:label]) if opts[:label]
primary_partition = g.list_partitions()[0]
......@@ -182,13 +170,7 @@ class VMStorage
end
def disk_mkswap(name, parttype)
disk = {
:path => disk_path(name),
:opts => {
:format => disk_format(name)
}
}
guestfs_disk_helper(disk) do |g, disk_handle|
guestfs_disk_helper(name) do |g, disk_handle|
g.part_disk(disk_handle, parttype)
primary_partition = g.list_partitions()[0]
g.mkswap(primary_partition)
......@@ -206,7 +188,13 @@ class VMStorage
Guestfs::EVENT_TRACE)
g.set_autosync(1)
disks.each do |disk|
g.add_drive_opts(disk[:path], disk[:opts])
if disk.class == String
g.add_drive_opts(disk_path(disk), format: disk_format(disk))
elsif disk.class == Hash
g.add_drive_opts(disk[:path], disk[:opts])
else
raise "cannot handle type '#{disk.class}'"
end
end
g.launch()
yield(g, *g.list_devices())
......
......@@ -9,9 +9,8 @@ Feature: Using Totem
Given I create sample videos
Scenario: Watching a MP4 video stored on the non-persistent filesystem
Given a computer
And I setup a filesystem share containing sample videos
And I start Tails from DVD with network unplugged and I login
Given I have started Tails from DVD without network and logged in
And I plug and mount a USB drive containing sample videos
And I copy the sample videos to "/home/amnesia" as user "amnesia"
And the file "/home/amnesia/video.mp4" exists
Given I start monitoring the AppArmor log of "/usr/bin/totem"
......@@ -52,22 +51,14 @@ Feature: Using Totem
Then I can watch a WebM video over HTTPs
Scenario: Watching MP4 videos stored on the persistent volume should work as expected given our AppArmor confinement
Given I have started Tails without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen
# Due to bug #5571 we have to reboot to be able to use
# filesystem shares.
And I shutdown Tails and wait for the computer to power off
And I setup a filesystem share containing sample videos
And I start Tails from USB drive "__internal" with network unplugged and I login with persistence enabled
Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
And I plug and mount a USB drive containing sample videos
And I copy the sample videos to "/home/amnesia/Persistent" as user "amnesia"
And I copy the sample videos to "/home/amnesia/.gnupg" as user "amnesia"
And I shutdown Tails and wait for the computer to power off
And I start Tails from USB drive "__internal" with network unplugged and I login with persistence enabled
And the file "/home/amnesia/Persistent/video.mp4" exists
When I open "/home/amnesia/Persistent/video.mp4" with Totem
Then I see "SampleLocalMp4VideoFrame.png" after at most 40 seconds
Given I close Totem
And the file "/home/amnesia/.gnupg/video.mp4" exists
And I start monitoring the AppArmor log of "/usr/bin/totem"
And I copy the sample videos to "/home/amnesia/.gnupg" as user "amnesia"
When I try to open "/home/amnesia/.gnupg/video.mp4" with Totem
Then I see "TotemUnableToOpen.png" after at most 10 seconds
And AppArmor has denied "/usr/bin/totem" from opening "/home/amnesia/.gnupg/video.mp4"
......@@ -11,9 +11,8 @@ Feature: Upgrading an old Tails USB installation
# dependencies (which are documented below).
Scenario: Try to "Upgrade from ISO" Tails to a pristine USB drive
Given a computer
And I setup a filesystem share containing the Tails ISO
And I start Tails from DVD with network unplugged and I login
Given I have started Tails from DVD without network and logged in
And I plug and mount a USB drive containing the Tails ISO
And I temporarily create a 4 GiB disk named "pristine"
And I plug USB drive "pristine"
And I start Tails Installer in "Upgrade from ISO" mode
......@@ -29,9 +28,8 @@ Feature: Upgrading an old Tails USB installation
And I am told that the destination device cannot be upgraded
Scenario: Try to "Upgrade from ISO" Tails to a USB drive with GPT and a FAT partition
Given a computer
And I setup a filesystem share containing the Tails ISO
And I start Tails from DVD with network unplugged and I login
Given I have started Tails from DVD without network and logged in
And I plug and mount a USB drive containing the Tails ISO
And I temporarily create a 4 GiB disk named "gptfat"
And I create a gpt partition with a vfat filesystem on disk "gptfat"
And I plug USB drive "gptfat"
......@@ -132,8 +130,8 @@ Feature: Upgrading an old Tails USB installation
Scenario: Upgrading an old Tails USB installation from an ISO image, running on the old version
Given a computer
And I clone USB drive "old" to a new USB drive "to_upgrade"
And I setup a filesystem share containing the Tails ISO
When I start Tails from USB drive "old" with network unplugged and I login
And I plug and mount a USB drive containing the Tails ISO
And I plug USB drive "to_upgrade"
And I do a "Upgrade from ISO" on USB drive "to_upgrade"
Then the ISO's Tails is installed on USB drive "to_upgrade"
......@@ -141,10 +139,9 @@ Feature: Upgrading an old Tails USB installation
# Depends on scenario: Writing files to a read/write-enabled persistent partition with the old Tails USB installation
Scenario: Upgrading an old Tails USB installation from an ISO image, running on the new version
Given a computer
Given I have started Tails from DVD without network and logged in
And I plug and mount a USB drive containing the Tails ISO
And I clone USB drive "old" to a new USB drive "to_upgrade"
And I setup a filesystem share containing the Tails ISO
And I start Tails from DVD with network unplugged and I login
And I plug USB drive "to_upgrade"
And I do a "Upgrade from ISO" on USB drive "to_upgrade"
Then the ISO's Tails is installed on USB drive "to_upgrade"
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment