Commit 5cd95b25 authored by Tails developers's avatar Tails developers
Browse files

Convert $live_user to constant LIVE_USER.

parent e856e99f
......@@ -16,7 +16,7 @@ When /^I update APT using apt-get$/ do
next if @skip_steps_while_restoring_background
Timeout::timeout(30*60) do
cmd = @vm.execute("echo #{@sudo_password} | " +
"sudo -S apt-get update", $live_user)
"sudo -S apt-get update", LIVE_USER)
if !cmd.success?
STDERR.puts cmd.stderr
end
......@@ -28,7 +28,7 @@ Then /^I should be able to install a package using apt-get$/ do
package = "cowsay"
Timeout::timeout(120) do
cmd = @vm.execute("echo #{@sudo_password} | " +
"sudo -S apt-get install #{package}", $live_user)
"sudo -S apt-get install #{package}", LIVE_USER)
if !cmd.success?
STDERR.puts cmd.stderr
end
......
......@@ -6,14 +6,14 @@ Then /^the shipped Tails signing key is not outdated$/ do
tmp_keyring = "/tmp/tmp-keyring.gpg"
key_url = "https://tails.boum.org/tails-signing.key"
@vm.execute("curl --silent --socks5-hostname localhost:9062 " +
"#{key_url} -o #{fresh_sig_key}", $live_user)
"#{key_url} -o #{fresh_sig_key}", LIVE_USER)
@vm.execute("gpg --batch --no-default-keyring --keyring #{tmp_keyring} " +
"--import #{fresh_sig_key}", $live_user)
"--import #{fresh_sig_key}", LIVE_USER)
fresh_sig_key_info =
@vm.execute("gpg --batch --no-default-keyring --keyring #{tmp_keyring} " +
"--list-key #{sig_key_fingerprint}", $live_user).stdout
"--list-key #{sig_key_fingerprint}", LIVE_USER).stdout
shipped_sig_key_info = @vm.execute("gpg --batch --list-key #{sig_key_fingerprint}",
$live_user).stdout
LIVE_USER).stdout
assert_equal(fresh_sig_key_info, shipped_sig_key_info,
"The Tails signing key shipped inside Tails is outdated:\n" +
"Shipped key:\n" +
......@@ -28,13 +28,13 @@ Then /^the live user has been setup by live\-boot$/ do
"live-boot failed its user-setup")
actual_username = @vm.execute(". /etc/live/config/username.conf; " +
"echo $LIVE_USERNAME").stdout.chomp
assert_equal($live_user, actual_username)
assert_equal(LIVE_USER, actual_username)
end
Then /^the live user is a member of only its own group and "(.*?)"$/ do |groups|
next if @skip_steps_while_restoring_background
expected_groups = groups.split(" ") << $live_user
actual_groups = @vm.execute("groups #{$live_user}").stdout.chomp.sub(/^#{$live_user} : /, "").split(" ")
expected_groups = groups.split(" ") << LIVE_USER
actual_groups = @vm.execute("groups #{LIVE_USER}").stdout.chomp.sub(/^#{LIVE_USER} : /, "").split(" ")
unexpected = actual_groups - expected_groups
missing = expected_groups - actual_groups
assert_equal(0, unexpected.size,
......@@ -45,12 +45,12 @@ end
Then /^the live user owns its home dir and it has normal permissions$/ do
next if @skip_steps_while_restoring_background
home = "/home/#{$live_user}"
home = "/home/#{LIVE_USER}"
assert(@vm.execute("test -d #{home}").success?,
"The live user's home doesn't exist or is not a directory")
owner = @vm.execute("stat -c %U:%G #{home}").stdout.chomp
perms = @vm.execute("stat -c %a #{home}").stdout.chomp
assert_equal("#{$live_user}:#{$live_user}", owner)
assert_equal("#{LIVE_USER}:#{LIVE_USER}", owner)
assert_equal("700", perms)
end
......@@ -115,19 +115,19 @@ Then /^MAT can clean some sample PDF file$/ do
next if @skip_steps_while_restoring_background
for pdf_on_host in Dir.glob("#{MISC_FILES_DIR}/*.pdf") do
pdf_name = File.basename(pdf_on_host)
pdf_on_guest = "/home/#{$live_user}/#{pdf_name}"
step "I copy \"#{shared_pdf_dir_on_guest}/#{pdf_name}\" to \"#{pdf_on_guest}\" as user \"#{$live_user}\""
pdf_on_guest = "/home/#{LIVE_USER}/#{pdf_name}"
step "I copy \"#{shared_pdf_dir_on_guest}/#{pdf_name}\" to \"#{pdf_on_guest}\" as user \"#{LIVE_USER}\""
@vm.execute("mat --display '#{pdf_on_guest}'",
$live_user).stdout
LIVE_USER).stdout
check_before = @vm.execute("mat --check '#{pdf_on_guest}'",
$live_user).stdout
LIVE_USER).stdout
if check_before.include?("#{pdf_on_guest} is clean")
STDERR.puts "warning: '#{pdf_on_host}' is already clean so it is a " +
"bad candidate for testing MAT"
end
@vm.execute("mat '#{pdf_on_guest}'", $live_user)
@vm.execute("mat '#{pdf_on_guest}'", LIVE_USER)
check_after = @vm.execute("mat --check '#{pdf_on_guest}'",
$live_user).stdout
LIVE_USER).stdout
assert(check_after.include?("#{pdf_on_guest} is clean"),
"MAT failed to clean '#{pdf_on_host}'")
end
......
......@@ -582,7 +582,7 @@ Then /^(.*) uses all expected TBB shared libraries$/ do |application|
).stdout.chomp
case application
when "the Tor Browser"
user = $live_user
user = LIVE_USER
cmd_regex = "#{binary} .* -profile /home/#{user}/\.tor-browser/profile\.default"
chroot = ""
when "the Unsafe Browser"
......@@ -656,7 +656,7 @@ end
When /^I copy "([^"]+)" to "([^"]+)" as user "([^"]+)"$/ do |source, destination, user|
next if @skip_steps_while_restoring_background
c = @vm.execute("cp \"#{source}\" \"#{destination}\"", $live_user)
c = @vm.execute("cp \"#{source}\" \"#{destination}\"", LIVE_USER)
assert(c.success?, "Failed to copy file:\n#{c.stdout}\n#{c.stderr}")
end
......
......@@ -15,9 +15,9 @@ Given /^I generate an OpenPGP key named "([^"]+)" with password "([^"]+)"$/ do |
%commit
EOF
gpg_key_recipie.split("\n").each do |line|
@vm.execute("echo '#{line}' >> /tmp/gpg_key_recipie", $live_user)
@vm.execute("echo '#{line}' >> /tmp/gpg_key_recipie", LIVE_USER)
end
c = @vm.execute("gpg --batch --gen-key < /tmp/gpg_key_recipie", $live_user)
c = @vm.execute("gpg --batch --gen-key < /tmp/gpg_key_recipie", LIVE_USER)
assert(c.success?, "Failed to generate OpenPGP key:\n#{c.stderr}")
end
......
......@@ -42,19 +42,19 @@ end
When(/^I do a TCP DNS lookup of "(.*?)"$/) do |host|
next if @skip_steps_while_restoring_background
lookup = @vm.execute("host -T #{host} #{$some_dns_server}", $live_user)
lookup = @vm.execute("host -T #{host} #{$some_dns_server}", LIVE_USER)
assert(lookup.success?, "Failed to resolve #{host}:\n#{lookup.stdout}")
end
When(/^I do a UDP DNS lookup of "(.*?)"$/) do |host|
next if @skip_steps_while_restoring_background
lookup = @vm.execute("host #{host} #{$some_dns_server}", $live_user)
lookup = @vm.execute("host #{host} #{$some_dns_server}", LIVE_USER)
assert(lookup.success?, "Failed to resolve #{host}:\n#{lookup.stdout}")
end
When(/^I send some ICMP pings$/) do
next if @skip_steps_while_restoring_background
# We ping an IP address to avoid a DNS lookup
ping = @vm.execute("ping -c 5 #{$some_dns_server}", $live_user)
ping = @vm.execute("ping -c 5 #{$some_dns_server}", LIVE_USER)
assert(ping.success?, "Failed to ping #{$some_dns_server}:\n#{ping.stderr}")
end
def configured_pidgin_accounts
accounts = []
xml = REXML::Document.new(@vm.file_content('$HOME/.purple/accounts.xml',
$live_user))
LIVE_USER))
xml.elements.each("account/account") do |e|
account = e.elements["name"].text
account_name, network = account.split("@")
......@@ -43,7 +43,7 @@ def default_chan (account)
end
def pidgin_otr_keys
return @vm.file_content('$HOME/.purple/otr.private_key', $live_user)
return @vm.file_content('$HOME/.purple/otr.private_key', LIVE_USER)
end
Given /^Pidgin has the expected accounts configured with random nicknames$/ do
......@@ -101,7 +101,7 @@ end
def focus_pidgin_buddy_list
@vm.execute_successfully(
"xdotool search --name 'Buddy List' windowactivate --sync", $live_user
"xdotool search --name 'Buddy List' windowactivate --sync", LIVE_USER
)
end
......
Then /^I should be able to run administration commands as the live user$/ do
next if @skip_steps_while_restoring_background
stdout = @vm.execute("echo #{@sudo_password} | sudo -S whoami", $live_user).stdout
actual_user = stdout.sub(/^\[sudo\] password for #{$live_user}: /, "").chomp
stdout = @vm.execute("echo #{@sudo_password} | sudo -S whoami", LIVE_USER).stdout
actual_user = stdout.sub(/^\[sudo\] password for #{LIVE_USER}: /, "").chomp
assert_equal("root", actual_user, "Could not use sudo")
end
Then /^I should not be able to run administration commands as the live user with the "([^"]*)" password$/ do |password|
next if @skip_steps_while_restoring_background
stderr = @vm.execute("echo #{password} | sudo -S whoami", $live_user).stderr
stderr = @vm.execute("echo #{password} | sudo -S whoami", LIVE_USER).stderr
sudo_failed = stderr.include?("The administration password is disabled") || stderr.include?("is not allowed to execute")
assert(sudo_failed, "The administration password is not disabled:" + stderr)
end
......
When /^the "([^"]*)" OpenPGP key is not in the live user's public keyring$/ do |keyid|
next if @skip_steps_while_restoring_background
assert(!@vm.execute("gpg --batch --list-keys '#{keyid}'", $live_user).success?,
assert(!@vm.execute("gpg --batch --list-keys '#{keyid}'", LIVE_USER).success?,
"The '#{keyid}' key is in the live user's public keyring.")
end
......@@ -8,7 +8,7 @@ When /^I fetch the "([^"]*)" OpenPGP key using the GnuPG CLI$/ do |keyid|
next if @skip_steps_while_restoring_background
@gnupg_recv_key_res = @vm.execute(
"gpg --batch --recv-key '#{keyid}'",
$live_user)
LIVE_USER)
end
When /^the GnuPG fetch is successful$/ do
......@@ -26,7 +26,7 @@ end
When /^the "([^"]*)" key is in the live user's public keyring after at most (\d+) seconds$/ do |keyid, delay|
next if @skip_steps_while_restoring_background
try_for(delay.to_f, :msg => "The '#{keyid}' key is not in the live user's public keyring") {
@vm.execute("gpg --batch --list-keys '#{keyid}'", $live_user).success?
@vm.execute("gpg --batch --list-keys '#{keyid}'", LIVE_USER).success?
}
end
......
......@@ -2,13 +2,13 @@ def persistent_mounts
{
"cups-configuration" => "/etc/cups",
"nm-system-connections" => "/etc/NetworkManager/system-connections",
"claws-mail" => "/home/#{$live_user}/.claws-mail",
"gnome-keyrings" => "/home/#{$live_user}/.gnome2/keyrings",
"gnupg" => "/home/#{$live_user}/.gnupg",
"bookmarks" => "/home/#{$live_user}/.mozilla/firefox/bookmarks",
"pidgin" => "/home/#{$live_user}/.purple",
"openssh-client" => "/home/#{$live_user}/.ssh",
"Persistent" => "/home/#{$live_user}/Persistent",
"claws-mail" => "/home/#{LIVE_USER}/.claws-mail",
"gnome-keyrings" => "/home/#{LIVE_USER}/.gnome2/keyrings",
"gnupg" => "/home/#{LIVE_USER}/.gnupg",
"bookmarks" => "/home/#{LIVE_USER}/.mozilla/firefox/bookmarks",
"pidgin" => "/home/#{LIVE_USER}/.purple",
"openssh-client" => "/home/#{LIVE_USER}/.ssh",
"Persistent" => "/home/#{LIVE_USER}/Persistent",
"apt/cache" => "/var/cache/apt/archives",
"apt/lists" => "/var/lib/apt/lists",
}
......@@ -407,9 +407,9 @@ Then /^persistent directories have safe access rights$/ do
persistent_volumes_mountpoints.each do |mountpoint|
# We also want to check that dotfiles' source has safe permissions
all_persistent_dirs = persistent_mounts.clone
all_persistent_dirs["dotfiles"] = "/home/#{$live_user}/"
all_persistent_dirs["dotfiles"] = "/home/#{LIVE_USER}/"
persistent_mounts.each do |src, dest|
next unless dest.start_with?("/home/#{$live_user}/")
next unless dest.start_with?("/home/#{LIVE_USER}/")
f = "#{mountpoint}/#{src}"
next unless @vm.execute("test -d #{f}").success?
file_perms = @vm.execute("stat -c %a '#{f}'").stdout.chomp
......
......@@ -25,7 +25,7 @@ MISC_FILES_DIR = "#{Dir.pwd}/features/misc_files"
KEEP_SNAPSHOTS = !ENV['KEEP_SNAPSHOTS'].nil?
DISPLAY = ENV['DISPLAY']
TIME_AT_START = Time.now
$live_user = cmd_helper(". config/chroot_local-includes/etc/live/config.d/username.conf; echo ${LIVE_USERNAME}").chomp
LIVE_USER = cmd_helper(". config/chroot_local-includes/etc/live/config.d/username.conf; echo ${LIVE_USERNAME}").chomp
$git_dir = ENV['PWD']
# Static
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment