def test_lp690040(self):
'''Test Upstart/AppArmor integration (LP: #690040)'''
if self.lsb_release['Release'] < 10.10:
return self._skipped(
"Skipped: CUPS upstart job only in 10.10 and higher")
# vivid uses systemd and no longer loads the cups profile in the
# service file/init script
if self.lsb_release['Release'] >= 15.04:
return self._skipped("Skipped: uses systemd")
# Reproduce the race by doing:
# 1. stop cups
# 2. unload the profile
# 3. start cups
# 4. load the profile
# 5. see if cups is confined
self._stop()
profile = '/etc/apparmor.d/usr.sbin.cupsd'
testlib.cmd(["/sbin/apparmor_parser", '-R', profile])
self._start()
time.sleep(2)
fd = open(self.pidfile, 'r')
pid = fd.readline().rstrip('\n')
fd.close()
exe = "/usr/sbin/cupsd"
self.assertTrue(testlib.check_pid(exe, pid))
rc, report = testlib.cmd(
["/sbin/apparmor_parser", '-r', '-W', profile])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
fd = open("/proc/%s/attr/current" % (pid), 'r')
attr_current = fd.readline().rstrip('\n')
fd.close()
result = "pid '%s' not in enforce mode:\n" % (pid)
self.assertTrue("enforce" in attr_current, result + attr_current)
def _stop_profiler(self):
'''Stop profiler'''
if self.pid == None:
return
rc, report = testlib.cmd(['opcontrol', '--shutdown'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + str(report))
search = "Stopping profiling"
self.assertTrue(
search in report,
"Could not find '%s' in report:\n%s" % (search, report))
search = "Killing daemon"
self.assertTrue(
search in report,
"Could not find '%s' in report:\n%s" % (search, report))
self.assertFalse(testlib.check_pid('/usr/bin/oprofiled', self.pid),
"Found running oprofiled")
def test_lp305264(self):
'''Test Launchpad bug #305264 - deprecation of rsa/md2 certificates'''
self.listener = os.fork()
if self.listener == 0:
args = [
'/bin/sh', '-c',
'exec /usr/bin/gnutls-serv --http -p 4433 --x509keyfile ./ssl/lp305264/lp305264-key.pem --x509certfile ./ssl/lp305264/lp305264-cert.pem >/dev/null 2>&1'
]
os.execv(args[0], args)
sys.exit(0)
time.sleep(1)
rc, report = testlib.cmd(['ping', '-c', '1', 'server'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
exe = '/usr/bin/gnutls-cli'
args = [
'/bin/sh', '-c', 'exec ' + exe +
' -V -p 4433 --x509cafile ./ssl/lp305264/cacert.pem server >/dev/null 2>&1'
]
pid = os.spawnv(os.P_NOWAIT, args[0], args)
time.sleep(2)
running = False
if (testlib.check_pid(exe, pid)):
running = True
os.kill(pid, signal.SIGALRM)
# kill server now
os.kill(self.listener, 15)
os.waitpid(self.listener, 0)
result = "'%s' accepted an rsa/md2 certificate." % (exe)
self.assertFalse(running, result)
def test_lp292604(self):
'''Test Launchpad bug #292604'''
self.listener = os.fork()
if self.listener == 0:
args = [
'/bin/sh', '-c',
'exec /usr/bin/gnutls-serv --http -p 4433 --x509keyfile /etc/ssl/private/ssl-cert-snakeoil.key --x509certfile /etc/ssl/certs/ssl-cert-snakeoil.pem --x509cafile ./ssl/lp292604-ca-certificate.crt >/dev/null 2>&1'
]
os.execv(args[0], args)
sys.exit(0)
time.sleep(1)
rc, report = testlib.cmd(['ping', '-c', '1', 'server'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
exe = '/usr/bin/gnutls-cli'
args = [
'/bin/sh', '-c',
'exec ' + exe + ' -V -p 4433 --insecure server >/dev/null 2>&1'
]
pid = os.spawnv(os.P_NOWAIT, args[0], args)
time.sleep(2)
running = False
if (testlib.check_pid(exe, pid)):
running = True
os.kill(pid, signal.SIGALRM)
# kill server now
os.kill(self.listener, 15)
os.waitpid(self.listener, 0)
result = "'%s' died unexpectedly." % (exe)
self.assertTrue(running, result)
def _start_profiler(self):
'''Start profiler'''
rc, report = testlib.cmd(['opcontrol', '--start'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + str(report))
search = "Daemon started"
self.assertTrue(
search in report,
"Could not find '%s' in report:\n%s" % (search, report))
search = "Profiler running"
self.assertTrue(
search in report,
"Could not find '%s' in report:\n%s" % (search, report))
rc, report = testlib.cmd(['pgrep', 'oprofile'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + str(report))
pid = report.splitlines()[-1]
self.assertTrue(testlib.check_pid('/usr/bin/oprofiled', pid),
"Could not find running oprofiled")
self.pid = pid