def run_once(self):
expected_owner = '*****@*****.**'
other_user = '******'
self.__start_session_for(expected_owner)
self.__start_session_for(other_user)
self._listener.wait_for_signals(desc='Initial policy push complete.')
# Ensure that the first user got to be the owner.
retrieved_policy = policy.get_policy(self._session_manager)
if retrieved_policy is None: raise error.TestFail('Policy not found')
policy.compare_policy_response(self.srcdir,
retrieved_policy,
owner=expected_owner)
# bounce the session manager and wait for it to come back up before
# reconnecting.
cros_ui.restart()
self._session_manager = session_manager.connect(self._bus_loop)
# Destroy the owner's cryptohome and start sessions again in a
# different order
self.__start_session_for(other_user)
self.__start_session_for(expected_owner)
self._listener.wait_for_signals(
desc='Re-taking of ownership complete.')
# Ensure that the first user still gets to be the owner.
retrieved_policy = policy.get_policy(self._session_manager)
if retrieved_policy is None: raise error.TestFail('Policy not found')
policy.compare_policy_response(self.srcdir,
retrieved_policy,
owner=expected_owner)
def run_once(self):
pkey = ownership.known_privkey()
pubkey = ownership.known_pubkey()
sm = session_manager.connect(self._bus_loop)
sm.StartSession(ownership.TESTUSER, '')
poldata = policy.build_policy_data(owner=ownership.TESTUSER,
guests=False,
new_users=True,
roaming=True,
whitelist=(ownership.TESTUSER,
'[email protected]'))
policy_string = policy.generate_policy(pkey, pubkey, poldata)
policy.push_policy_and_verify(policy_string, sm)
retrieved_policy = policy.get_policy(sm)
if retrieved_policy is None: raise error.TestFail('Policy not found')
policy.compare_policy_response(retrieved_policy,
owner=ownership.TESTUSER,
guests=False,
new_users=True,
roaming=True,
whitelist=(ownership.TESTUSER, '[email protected]'))
try:
# Sanity check against an incorrect policy
policy.compare_policy_response(retrieved_policy,
owner=ownership.TESTUSER,
guests=True,
whitelist=(ownership.TESTUSER,
'[email protected]'))
except ownership.OwnershipError:
pass
else:
raise error.TestFail('Did not detect bad policy')
def run_once(self):
owner = '*****@*****.**'
cryptohome.mount_guest()
self._session_manager.StartSession(constants.GUEST_USER, '')
cryptohome.ensure_clean_cryptohome_for(owner)
self._session_manager.StartSession(owner, '')
self._listener.wait_for_signals(desc='Device ownership complete.')
# Ensure that the first real user got to be the owner.
retrieved_policy = policy.get_policy(self._session_manager)
if retrieved_policy is None: raise error.TestFail('Policy not found')
policy.compare_policy_response(retrieved_policy, owner=owner)
def run_once(self):
pkey = ownership.known_privkey()
pubkey = ownership.known_pubkey()
sm = session_manager.connect(self._bus_loop)
if not sm.StartSession(ownership.TESTUSER, ''):
raise error.TestFail('Could not start session for owner')
poldata = policy.build_policy_data(self.srcdir,
owner=ownership.TESTUSER,
guests=False,
new_users=True,
roaming=True,
whitelist=(ownership.TESTUSER,
'[email protected]'),
proxies={'proxy_mode': 'direct'})
policy_string = policy.generate_policy(self.srcdir, pkey, pubkey,
poldata)
policy.push_policy_and_verify(policy_string, sm)
retrieved_policy = policy.get_policy(sm)
if retrieved_policy is None: raise error.TestFail('Policy not found')
policy.compare_policy_response(self.srcdir,
retrieved_policy,
owner=ownership.TESTUSER,
guests=False,
new_users=True,
roaming=True,
whitelist=(ownership.TESTUSER, '[email protected]'),
proxies={'proxy_mode': 'direct'})
try:
# Sanity check against an incorrect policy
policy.compare_policy_response(self.srcdir,
retrieved_policy,
owner=ownership.TESTUSER,
guests=True,
whitelist=(ownership.TESTUSER,
'[email protected]'),
proxies={'proxy_mode': 'direct'})
except ownership.OwnershipError:
pass
else:
raise error.TestFail('Did not detect bad policy')
try:
sm.StopSession('')
except error.TestError as e:
logging.error(str(e))
raise error.TestFail('Could not stop session for owner')
def run_once(self):
pkey = ownership.known_privkey()
pubkey = ownership.known_pubkey()
# Pre-configure some owner settings, including initial key.
poldata = policy.build_policy_data(self.srcdir,
owner=ownership.TESTUSER,
guests=False,
new_users=True,
roaming=True,
whitelist=(ownership.TESTUSER,
'[email protected]'))
policy_string = policy.generate_policy(self.srcdir,
pkey,
pubkey,
poldata)
policy.push_policy_and_verify(policy_string, self._sm)
# grab key, ensure that it's the same as the known key.
if (utils.read_file(constants.OWNER_KEY_FILE) != pubkey):
raise error.TestFail('Owner key should not have changed!')
# Start a new session, which will trigger the re-taking of ownership.
listener = session_manager.OwnershipSignalListener(gobject.MainLoop())
listener.listen_for_new_key_and_policy()
self._cryptohome_proxy.mount(ownership.TESTUSER,
ownership.TESTPASS,
create=True)
if not self._sm.StartSession(ownership.TESTUSER, ''):
raise error.TestError('Could not start session for owner')
listener.wait_for_signals(desc='Re-taking of ownership complete.')
# grab key, ensure that it's different than known key
if (utils.read_file(constants.OWNER_KEY_FILE) == pubkey):
raise error.TestFail('Owner key should have changed!')
# RetrievePolicy, check sig against new key, check properties
retrieved_policy = self._sm.RetrievePolicy(byte_arrays=True)
if retrieved_policy is None:
raise error.TestError('Policy not found')
policy.compare_policy_response(self.srcdir,
retrieved_policy,
owner=ownership.TESTUSER,
guests=False,
new_users=True,
roaming=True,
whitelist=(ownership.TESTUSER, '[email protected]'))
def run_once(self):
owner = '*****@*****.**'
# TODO(cmasone): enable CryptohomeProxy to do a guest mount, then use.
cryptohome.mount_guest()
if not self._session_manager.StartSession(constants.GUEST_USER, ''):
raise error.TestFail('Could not start session for guest')
self._cryptohome_proxy.ensure_clean_cryptohome_for(owner)
if not self._session_manager.StartSession(owner, ''):
raise error.TestFail('Could not start session for ' + owner)
self._listener.wait_for_signals(desc='Device ownership complete.')
# Ensure that the first real user got to be the owner.
retrieved_policy = policy.get_policy(self._session_manager)
if retrieved_policy is None: raise error.TestFail('Policy not found')
policy.compare_policy_response(self.srcdir, retrieved_policy,
owner=owner)