def run_once(self):
self.cryptohome_proxy = cryptohome.CryptohomeProxy()
# Leaf element of user path not owned by user.
user = utils.random_username()
path = cryptohome.user_path(user)
os.mkdir(path)
os.chown(path, 0, 0)
try:
self.require_mount_fail(user)
finally:
os.rmdir(path)
# Leaf element of system path not owned by root.
user = utils.random_username()
path = cryptohome.system_path(user)
os.mkdir(path)
os.chown(path, 1, 1)
self.require_mount_fail(user)
try:
self.require_mount_fail(user)
finally:
os.rmdir(path)
# Leaf element of path too permissive.
user = utils.random_username()
path = cryptohome.user_path(user)
os.mkdir(path)
os.chmod(path, 0777)
self.require_mount_fail(user)
try:
self.require_mount_fail(user)
finally:
os.rmdir(path)
# Non-leaf element of path not owned by root.
user = utils.random_username()
path = cryptohome.user_path(user)
parent_path = os.path.dirname(path)
os.chown(parent_path, 1, 1)
try:
self.require_mount_fail(user)
finally:
os.chown(parent_path, 0, 0)
# Non-leaf element of path too permissive.
user = utils.random_username()
path = cryptohome.user_path(user)
parent_path = os.path.dirname(path)
old_perm = os.stat(parent_path).st_mode & 0777
os.chmod(parent_path, 0777)
try:
self.require_mount_fail(user)
finally:
os.chmod(parent_path, old_perm)
os.chown(parent_path, 0, 0)
def run_once(self):
username = ''
with chrome.Chrome() as cr:
username = cr.username
if not cryptohome.is_vault_mounted(user=username,
allow_fail=False):
raise error.TestFail('Expected to find a mounted vault.')
if cryptohome.is_vault_mounted(user=username, allow_fail=True):
raise error.TestFail('Expected to not find a mounted vault.')
# Remove our vault, mount another vault, create a test file
# in the other vault, and ensure that the file no longer exists
# after we log back in.
cryptohome.remove_vault(username)
cryptohome.mount_vault(TEST_USER, TEST_PASS, create=True)
test_file = os.path.join(cryptohome.user_path(TEST_USER), 'hello')
open(test_file, 'w').close()
cryptohome.unmount_vault(TEST_USER)
with chrome.Chrome():
if not cryptohome.is_vault_mounted(user=username,
allow_fail=False):
raise error.TestFail('Expected to find user\'s mounted vault.')
if os.path.exists(test_file):
raise error.TestFail('Expected to not find the test file.')
def run_once(self):
self.cryptohome_proxy = cryptohome.CryptohomeProxy()
# Leaf element of user path is non-dir.
user = utils.random_username()
path = cryptohome.user_path(user)
utils.open_write_close(path, '')
try:
self.require_mount_fail(user)
finally:
os.remove(path)
# Leaf element of system path is non-dir.
user = utils.random_username()
path = cryptohome.system_path(user)
os.symlink('/etc', path)
try:
self.require_mount_fail(user)
finally:
os.remove(path)
# Non-leaf element of user path is non-dir.
user = utils.random_username()
path = cryptohome.user_path(user)
parent_path = os.path.dirname(path)
os.rename(parent_path, parent_path + '.old')
try:
utils.open_write_close(parent_path, '')
self.require_mount_fail(user)
finally:
# We can't just rely on the rename() to blow away the file -
# rename() will refuse to rename directories to non-directory names.
self.replace(parent_path + '.old', parent_path)
# Non-leaf element of system path is non-dir.
user = utils.random_username()
path = cryptohome.system_path(user)
parent_path = os.path.dirname(path)
os.rename(parent_path, parent_path + '.old')
try:
utils.open_write_close(parent_path, '')
self.require_mount_fail(user)
finally:
self.replace(parent_path + '.old', parent_path)
def run_once(self, runtime, disk_configs, script=None, sysctls_list=None):
"""
Create a 300MB file in tmpfs/encrypted/unencrypted location
and run fio tesst.
@param disk_configs: list of keys from DISK_CONFIG_KEYS.
@param script: fio script to run
@param sysctls_list: list of dictionary of sysctls to alter.
"""
if not set(disk_configs).issubset(set(self.DISK_CONFIG_KEYS)):
raise error.TestFail('Unknown keys in disk config')
for config in disk_configs:
for sysctls in sysctls_list or [{}]:
graph_descr = ''
for key, val in sysctls.iteritems():
utils.sysctl(key, val)
graph_descr += '-'.join([os.path.basename(key), str(val)])
# Mount a test cryptohome vault.
if config == self.USE_CRYPTO:
cryptohome.mount_vault(TEST_USER,
TEST_PASSWORD,
create=True)
tmpdir = cryptohome.user_path(TEST_USER)
elif config == self.USE_TMPFS:
tmpdir = None
else:
tmpdir = self.tmpdir
self.__work_dir = tempfile.mkdtemp(dir=tmpdir)
results = {}
# TODO make these parameters to run_once & check disk for space.
self.__filesize = '300m'
self.__runtime = str(runtime)
env_vars = ' '.join([
'FILENAME=' + os.path.join(self.__work_dir, script),
'FILESIZE=' + self.__filesize, 'RUN_TIME=' + self.__runtime
])
job_file = os.path.join(self.bindir, script)
results.update(
fio_util.fio_runner(self,
job_file,
env_vars,
name_prefix=graph_descr + config))
self.write_perf_keyval(results)
logging.info('Finished with FS stress, cleaning up.')
if config == self.USE_CRYPTO:
cryptohome.unmount_vault(TEST_USER)
cryptohome.remove_vault(TEST_USER)
else:
shutil.rmtree(self.__work_dir)
def test_file_path(user):
return "%s/TESTFILE" % cryptohome.user_path(user)
def run_once(self):
with chrome.Chrome(logged_in=self._logged_in) as cr:
username = (cr.username if self._logged_in
else cryptohome.GUEST_USER_NAME)
"""Check permissions within cryptohome for anything too permissive.
"""
passes = []
homepath = "/home/chronos"
passes.append(self.check_owner_mode(homepath, "chronos", 0755))
user_mountpt = cryptohome.user_path(username)
passes.append(self.check_owner_mode(user_mountpt, "chronos",
self._HOMEDIR_MODE))
# TODO(benchan): Refactor the following code to use some helper
# functions instead of find commands.
# An array of shell commands, each representing a test that
# passes if it emits no output. The first test is the main one.
# In general, writable by anyone else is bad, as is owned by
# anyone else. Any exceptions to that are pruned out of the
# first test and checked individually by subsequent tests.
cmds = [
('find -L "%s" -path "%s" -o '
# Avoid false-positives on SingletonLock, SingletonCookie, etc.
' \\( -name "Singleton*" -a -type l \\) -o '
' -path "%s/user" -prune -o '
' -path "%s/Downloads" -prune -o '
' -path "%s/flimflam" -prune -o '
' -path "%s/shill" -prune -o '
' -path "%s/.chaps" -prune -o '
' -path "%s/u-*" -prune -o '
' -path "%s/crash" -prune -o '
' \\( -perm /022 -o \\! -user chronos \\) -ls') %
(homepath, homepath, homepath, user_mountpt, user_mountpt,
user_mountpt, user_mountpt, homepath, homepath),
# /home/chronos/user and /home/chronos/user/Downloads are owned
# by the chronos-access group and with a group execute
# permission.
'find -L "%s" -maxdepth 0 \\( \\! -perm 710 '
'-o \\! -user chronos -o \\! -group chronos-access \\) -ls' %
user_mountpt,
'find -L "%s/Downloads" -maxdepth 0 \\( \\! -perm 710 '
'-o \\! -user chronos -o \\! -group chronos-access \\) -ls' %
user_mountpt,
'find -L "%s/flimflam" \\( -perm /077 -o \\! -user root \\) -ls'
% user_mountpt,
'find -L "%s/shill" \\( -perm /077 -o \\! -user root \\) -ls' %
user_mountpt,
'find -L "%s/.chaps -name auth_data_salt -prune -o '
'\\! -user chaps -o \\! -group chronos-access -o -perm /027 -ls'
% user_mountpt,
'find -L "%s/.chaps -name auth_data_salt -a '
'\\( \\! -user root -o -perm /077 \\) -ls' % user_mountpt,
]
for cmd in cmds:
cmd_output = utils.system_output(cmd, ignore_status=True)
if cmd_output:
passes.append(False)
logging.error(cmd_output)
# This next section only applies if we have a real vault mounted
# (ie, not a BWSI tmpfs).
if cryptohome.is_permanent_vault_mounted(username):
# Also check the permissions of the underlying vault and
# supporting directory structure.
mountpath = cryptohome.get_mounted_vault_path(username)
# On ecryptfs backend, there's a 'vault' directory storing the
# encrypted data. If it exists, check its ownership as well.
vaultpath = os.path.join(mountpath, '../vault')
if os.path.exists(vaultpath):
passes.append(self.check_owner_mode(vaultpath,
"root", 0700))
passes.append(self.check_owner_mode(mountpath, "root", 0700))
passes.append(self.check_owner_mode(mountpath + "/../master.0",
"root", 0600))
passes.append(self.check_owner_mode(mountpath + "/../",
"root", 0700))
passes.append(self.check_owner_mode(mountpath + "/../../",
"root", 0700))
if False in passes:
raise error.TestFail(
'Bad permissions found on cryptohome files')