def test_check_squashfs_resquash_sha512sum_fail(self):
'''Test check_squashfs_resquash() - sha512sum failure'''
output_dir = self.mkdtemp()
package = utils.make_snap2(output_dir=output_dir)
c = SnapReviewSecurity(package)
# fake sha512sum
sha512sum = os.path.join(output_dir, 'sha512sum')
content = '''#!/bin/sh
bn=`basename "$1"`
if [ "$bn" = "test_1.0_all.snap" ]; then
echo test error: sha512sum failure
exit 1
fi
exit 0
'''
with open(sha512sum, 'w') as f:
f.write(content)
os.chmod(sha512sum, 0o775)
old_path = os.environ['PATH']
if old_path:
os.environ['PATH'] = "%s:%s" % (output_dir, os.environ['PATH'])
else:
os.environ['PATH'] = output_dir # pragma: nocover
c.check_squashfs_resquash()
os.environ['PATH'] = old_path
report = c.click_report
expected_counts = {'info': None, 'warn': 0, 'error': 1}
self.check_results(report, expected_counts)
def test_check_squashfs_resquash_mksquashfs_fail(self):
'''Test check_squashfs_resquash() - mksquashfs failure'''
output_dir = self.mkdtemp()
package = utils.make_snap2(output_dir=output_dir)
c = SnapReviewSecurity(package)
# fake mksquashfs
mksquashfs = os.path.join(output_dir, 'mksquashfs')
content = '''#!/bin/sh
echo test error: mksquashfs failure
exit 1
'''
with open(mksquashfs, 'w') as f:
f.write(content)
os.chmod(mksquashfs, 0o775)
old_path = os.environ['PATH']
if old_path:
os.environ['PATH'] = "%s:%s" % (output_dir, os.environ['PATH'])
else:
os.environ['PATH'] = output_dir # pragma: nocover
c.check_squashfs_resquash()
os.environ['PATH'] = old_path
report = c.click_report
expected_counts = {'info': None, 'warn': 0, 'error': 1}
self.check_results(report, expected_counts)
def test_check_squashfs_resquash_sha512sum_mismatch(self):
'''Test check_squashfs_resquash() - sha512sum mismatch'''
output_dir = self.mkdtemp()
package = utils.make_snap2(output_dir=output_dir)
c = SnapReviewSecurity(package)
# fake sha512sum
sha512sum = os.path.join(output_dir, 'sha512sum')
content = '''#!/bin/sh
bn=`basename "$1"`
if [ "$bn" = "test_1.0_all.snap" ]; then
echo beefeeee $1
else
echo deadbeef $1
fi
exit 0
'''
with open(sha512sum, 'w') as f:
f.write(content)
os.chmod(sha512sum, 0o775)
old_path = os.environ['PATH']
if old_path:
os.environ['PATH'] = "%s:%s" % (output_dir, os.environ['PATH'])
else:
os.environ['PATH'] = output_dir # pragma: nocover
c.check_squashfs_resquash()
os.environ['PATH'] = old_path
report = c.click_report
# FIXME: this should error but we've turned it into an info until the
# squashfs-tools bugs can be fixed
# expected_counts = {'info': None, 'warn': 0, 'error': 1}
expected_counts = {'info': 1, 'warn': 0, 'error': 0}
self.check_results(report, expected_counts)
def test_check_squashfs_resquash(self):
'''Test check_squashfs_resquash()'''
package = utils.make_snap2(output_dir=self.mkdtemp())
c = SnapReviewSecurity(package)
c.check_squashfs_resquash()
report = c.click_report
expected_counts = {'info': 1, 'warn': 0, 'error': 0}
self.check_results(report, expected_counts)
def test_check_squashfs_resquash_sha512sum_mismatch_os(self):
'''Test check_squashfs_resquash() - sha512sum mismatch - os snap'''
output_dir = self.mkdtemp()
package = utils.make_snap2(output_dir=output_dir)
sy_path = os.path.join(output_dir, 'snap.yaml')
content = '''
name: test
version: 0.1
summary: some thing
description: some desc
architectures: [ amd64 ]
type: os
'''
with open(sy_path, 'w') as f:
f.write(content)
package = utils.make_snap2(output_dir=output_dir,
extra_files=['%s:meta/snap.yaml' % sy_path]
)
c = SnapReviewSecurity(package)
# fake sha512sum
sha512sum = os.path.join(output_dir, 'sha512sum')
content = '''#!/bin/sh
bn=`basename "$1"`
if [ "$bn" = "test_1.0_all.snap" ]; then
echo beefeeee $1
else
echo deadbeef $1
fi
exit 0
'''
with open(sha512sum, 'w') as f:
f.write(content)
os.chmod(sha512sum, 0o775)
old_path = os.environ['PATH']
if old_path:
os.environ['PATH'] = "%s:%s" % (output_dir, os.environ['PATH'])
else:
os.environ['PATH'] = output_dir # pragma: nocover
c.check_squashfs_resquash()
os.environ['PATH'] = old_path
report = c.click_report
expected_counts = {'info': 1, 'warn': 0, 'error': 0}
self.check_results(report, expected_counts)
def test_check_squashfs_resquash_1555305(self):
'''Test check_squashfs_resquash()'''
package = utils.make_snap2(output_dir=self.mkdtemp(),
extra_files=['/some/where,outside'])
c = SnapReviewSecurity(package)
c.check_squashfs_resquash()
report = c.click_report
expected_counts = {'info': 1, 'warn': 0, 'error': 0}
self.check_results(report, expected_counts)
expected = dict()
expected['error'] = dict()
expected['warn'] = dict()
expected['info'] = dict()
name = 'security-snap-v2:squashfs_resquash_1555305'
expected['info'][name] = {"link": "https://launchpad.net/bugs/1555305"}
self.check_results(report, expected=expected)
