diff options
author | Jacek Galowicz <jacek.galowicz@cyberus-technology.de> | 2019-12-06 07:53:04 +0100 |
---|---|---|
committer | Jacek Galowicz <jacek.galowicz@cyberus-technology.de> | 2019-12-06 08:21:33 +0100 |
commit | 46fab2e289ba396db4d29be327b879c15b4951fb (patch) | |
tree | 9a7f6183e96475fc6eb1128873db52974bd12a07 /nixos/tests/ecryptfs.nix | |
parent | 4a7ba2cdfe69e18bee4753e2582bb924116c6029 (diff) |
nixosTests.ecryptfs: Port to Python
Diffstat (limited to 'nixos/tests/ecryptfs.nix')
-rw-r--r-- | nixos/tests/ecryptfs.nix | 121 |
1 files changed, 61 insertions, 60 deletions
diff --git a/nixos/tests/ecryptfs.nix b/nixos/tests/ecryptfs.nix index 3f02cecb8662..ef7bd13eb92c 100644 --- a/nixos/tests/ecryptfs.nix +++ b/nixos/tests/ecryptfs.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ ... }: +import ./make-test-python.nix ({ ... }: { name = "ecryptfs"; @@ -10,75 +10,76 @@ import ./make-test.nix ({ ... }: }; testScript = '' - $machine->waitForUnit("default.target"); + def login_as_alice(): + machine.wait_until_tty_matches(1, "login: ") + machine.send_chars("alice\n") + machine.wait_until_tty_matches(1, "Password: ") + machine.send_chars("foobar\n") + machine.wait_until_tty_matches(1, "alice\@machine") - # Set alice up with a password and a home - $machine->succeed("(echo foobar; echo foobar) | passwd alice"); - $machine->succeed("chown -R alice.users ~alice"); - # Migrate alice's home - my $out = $machine->succeed("echo foobar | ecryptfs-migrate-home -u alice"); - $machine->log("ecryptfs-migrate-home said: $out"); + def logout(): + machine.send_chars("logout\n") + machine.wait_until_tty_matches(1, "login: ") - # Log alice in (ecryptfs passwhrase is wrapped during first login) - $machine->waitUntilTTYMatches(1, "login: "); - $machine->sendChars("alice\n"); - $machine->waitUntilTTYMatches(1, "Password: "); - $machine->sendChars("foobar\n"); - $machine->waitUntilTTYMatches(1, "alice\@machine"); - $machine->sendChars("logout\n"); - $machine->waitUntilTTYMatches(1, "login: "); + + machine.wait_for_unit("default.target") + + with subtest("Set alice up with a password and a home"): + machine.succeed("(echo foobar; echo foobar) | passwd alice") + machine.succeed("chown -R alice.users ~alice") + + with subtest("Migrate alice's home"): + out = machine.succeed("echo foobar | ecryptfs-migrate-home -u alice") + machine.log(f"ecryptfs-migrate-home said: {out}") + + with subtest("Log alice in (ecryptfs passwhrase is wrapped during first login)"): + login_as_alice() + machine.send_chars("logout\n") + machine.wait_until_tty_matches(1, "login: ") # Why do I need to do this?? - $machine->succeed("su alice -c ecryptfs-umount-private || true"); - $machine->sleep(1); - $machine->fail("mount | grep ecryptfs"); # check that encrypted home is not mounted + machine.succeed("su alice -c ecryptfs-umount-private || true") + machine.sleep(1) + + with subtest("check that encrypted home is not mounted"): + machine.fail("mount | grep ecryptfs") - # Show contents of the user keyring - my $out = $machine->succeed("su - alice -c 'keyctl list \@u'"); - $machine->log("keyctl unlink said: " . $out); + with subtest("Show contents of the user keyring"): + out = machine.succeed("su - alice -c 'keyctl list \@u'") + machine.log(f"keyctl unlink said: {out}") - # Log alice again - $machine->waitUntilTTYMatches(1, "login: "); - $machine->sendChars("alice\n"); - $machine->waitUntilTTYMatches(1, "Password: "); - $machine->sendChars("foobar\n"); - $machine->waitUntilTTYMatches(1, "alice\@machine"); + with subtest("Log alice again"): + login_as_alice() - # Create some files in encrypted home - $machine->succeed("su alice -c 'touch ~alice/a'"); - $machine->succeed("su alice -c 'echo c > ~alice/b'"); + with subtest("Create some files in encrypted home"): + machine.succeed("su alice -c 'touch ~alice/a'") + machine.succeed("su alice -c 'echo c > ~alice/b'") - # Logout - $machine->sendChars("logout\n"); - $machine->waitUntilTTYMatches(1, "login: "); + with subtest("Logout"): + logout() # Why do I need to do this?? - $machine->succeed("su alice -c ecryptfs-umount-private || true"); - $machine->sleep(1); - - # Check that the filesystem is not accessible - $machine->fail("mount | grep ecryptfs"); - $machine->succeed("su alice -c 'test \! -f ~alice/a'"); - $machine->succeed("su alice -c 'test \! -f ~alice/b'"); - - # Log alice once more - $machine->waitUntilTTYMatches(1, "login: "); - $machine->sendChars("alice\n"); - $machine->waitUntilTTYMatches(1, "Password: "); - $machine->sendChars("foobar\n"); - $machine->waitUntilTTYMatches(1, "alice\@machine"); - - # Check that the files are there - $machine->sleep(1); - $machine->succeed("su alice -c 'test -f ~alice/a'"); - $machine->succeed("su alice -c 'test -f ~alice/b'"); - $machine->succeed(qq%test "\$(cat ~alice/b)" = "c"%); - - # Catch https://github.com/NixOS/nixpkgs/issues/16766 - $machine->succeed("su alice -c 'ls -lh ~alice/'"); - - $machine->sendChars("logout\n"); - $machine->waitUntilTTYMatches(1, "login: "); + machine.succeed("su alice -c ecryptfs-umount-private || true") + machine.sleep(1) + + with subtest("Check that the filesystem is not accessible"): + machine.fail("mount | grep ecryptfs") + machine.succeed("su alice -c 'test \! -f ~alice/a'") + machine.succeed("su alice -c 'test \! -f ~alice/b'") + + with subtest("Log alice once more"): + login_as_alice() + + with subtest("Check that the files are there"): + machine.sleep(1) + machine.succeed("su alice -c 'test -f ~alice/a'") + machine.succeed("su alice -c 'test -f ~alice/b'") + machine.succeed('test "$(cat ~alice/b)" = "c"') + + with subtest("Catch https://github.com/NixOS/nixpkgs/issues/16766"): + machine.succeed("su alice -c 'ls -lh ~alice/'") + + logout() ''; }) |