From cce7181996f978ac17c7a42eee21846234709082 Mon Sep 17 00:00:00 2001 From: Sergio Cazzolato Date: Wed, 26 Feb 2020 11:35:02 -0300 Subject: [PATCH 1/4] Just remove user when the system is not managed on create-user-2 test This is failing on boards where the system is managed and it is making the whole execution to fail --- tests/core/create-user-2/task.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/core/create-user-2/task.yaml b/tests/core/create-user-2/task.yaml index 4449de6bcab..c9c514397c5 100644 --- a/tests/core/create-user-2/task.yaml +++ b/tests/core/create-user-2/task.yaml @@ -8,7 +8,9 @@ environment: USER_NAME: mvo restore: | - snap remove-user "$USER_NAME" + if [ "$(snap managed)" = "false" ]; then + snap remove-user "$USER_NAME" + fi execute: | echo "snap create-user -- ensure failure when run as non-root user without sudo" From 0ee6d728f7d984a628dcd7e476f7aac95876ec5d Mon Sep 17 00:00:00 2001 From: Sergio Cazzolato Date: Thu, 27 Feb 2020 15:58:20 -0300 Subject: [PATCH 2/4] Fix tests create/remove user to work on managed devices The idea of this change is to make tests work properly on devices which are managed by default. A following change should make those test work idependently is they are initially managed or not. --- tests/core/create-user-2/task.yaml | 11 +++++++--- tests/core/create-user/task.yaml | 34 ++++++++++++++++++------------ tests/main/remove-user/task.yaml | 16 +++++++++++++- 3 files changed, 43 insertions(+), 18 deletions(-) diff --git a/tests/core/create-user-2/task.yaml b/tests/core/create-user-2/task.yaml index c9c514397c5..ca7e016bc88 100644 --- a/tests/core/create-user-2/task.yaml +++ b/tests/core/create-user-2/task.yaml @@ -8,16 +8,17 @@ environment: USER_NAME: mvo restore: | - if [ "$(snap managed)" = "false" ]; then - snap remove-user "$USER_NAME" + if [ -e managed.device ]; then + exit 0 fi + snap remove-user "$USER_NAME" execute: | echo "snap create-user -- ensure failure when run as non-root user without sudo" expected="error: while creating user: access denied" if obtained=$(su - test /bin/sh -c "snap create-user $USER_EMAIL 2>&1"); then echo "create-user command should have failed" - fi + fi [[ "$obtained" =~ $expected ]] if [ "$(snap managed)" = "true" ]; then @@ -27,6 +28,10 @@ execute: | exit 1 fi MATCH "cannot create user: device already managed" < create.error + + # Leave a file indicating the device was initially managed + touch managed.device + exit 0 fi diff --git a/tests/core/create-user/task.yaml b/tests/core/create-user/task.yaml index 535c9e59fcd..b13d2a333ba 100644 --- a/tests/core/create-user/task.yaml +++ b/tests/core/create-user/task.yaml @@ -4,21 +4,27 @@ summary: Ensure that snap create-user works in ubuntu-core # TODO:UC20: enable for UC20 systems: [ubuntu-core-1*] +environment: + USER_EMAIL: mvo@ubuntu.com + USER_NAME: mvo + restore: | - # FIXME: use deluser here now that it supports --extrausers - sed -i '/^mvo/d' /var/lib/extrausers/passwd - sed -i '/^mvo/d' /var/lib/extrausers/shadow - sed -i '/^mvo/d' /var/lib/extrausers/group - rm -rf /home/mvo - rm -f create.error + if [ -e managed.device ]; then + exit 0 + fi + snap remove-user "$USER_NAME" execute: | if [ "$MANAGED_DEVICE" = "true" ]; then - if snap create-user --sudoer mvo@ubuntu.com 2>create.error; then + if snap create-user --sudoer "$USER_EMAIL" 2>create.error; then echo "Did not get expected error creating user in managed device" exit 1 fi MATCH "cannot create user: device already managed" < create.error + + # Leave a file indicating the device was initially managed + touch managed.device + exit 0 fi echo "Adding invalid user" @@ -30,23 +36,23 @@ execute: | MATCH "$expected" <<<"$output" echo "Adding valid user" - expected='created user "mvo"' - output=$(snap create-user --sudoer mvo@ubuntu.com) + expected='created user "$USER_NAME"' + output=$(snap create-user --sudoer "$USER_EMAIL") if [ "$output" != "$expected" ]; then echo "Unexpected output $output" exit 1 fi echo "Ensure there are ssh keys imported" - MATCH ssh-rsa < /home/mvo/.ssh/authorized_keys + MATCH ssh-rsa < /home/"$USER_NAME"/.ssh/authorized_keys echo "Ensure the user is a sudo user" - sudo -u mvo sudo true + sudo -u "$USER_NAME" sudo true echo "ensure the user's home directory exists" - test -d /home/mvo + test -d /home/"$USER_NAME" echo "ensure ~/.snap/auth.json was created" - test -f /home/mvo/.snap/auth.json + test -f /home/"$USER_NAME"/.snap/auth.json echo "ensure user's email was stored in ~/.snap/auth.json" - MATCH '"email":"mvo@ubuntu.com"' < /home/mvo/.snap/auth.json + MATCH '"email":""$USER_EMAIL""' < /home/"$USER_NAME"/.snap/auth.json diff --git a/tests/main/remove-user/task.yaml b/tests/main/remove-user/task.yaml index 58b89feebe4..d1739a2335c 100644 --- a/tests/main/remove-user/task.yaml +++ b/tests/main/remove-user/task.yaml @@ -9,18 +9,32 @@ environment: USER_NAME: mvo prepare: | + # Note: make this test work with the user already created in the device + if [ "$(snap managed)" = "true" ]; then + # Leave a file indicating the device was initially managed + touch managed.device + + exit 0 + fi snap create-user --sudoer "$USER_EMAIL" restore: | + if [ -e managed.device ]; then + exit 0 + fi userdel --extrausers -r "$USER_NAME" || true rm -rf "/etc/sudoers.d/create-user-$USER_NAME" execute: | + if [ -e managed.device ]; then + exit 0 + fi + echo "sanity check: user in passwd" id "$USER_NAME" echo "sanity check: has sudoer file" test -f "/etc/sudoers.d/create-user-$USER_NAME" - echo "sanity check: user has a home" + echo "sanity check: user has a home" test -d "/home/$USER_NAME" echo "snap remove-user fails when run as non-root user without sudo" From 46eeb026f4445978143fd19297356ca70ff9084d Mon Sep 17 00:00:00 2001 From: Sergio Cazzolato Date: Fri, 28 Feb 2020 08:32:44 -0300 Subject: [PATCH 3/4] Fix create-user test --- tests/core/create-user/task.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/core/create-user/task.yaml b/tests/core/create-user/task.yaml index b13d2a333ba..f8a5df0ff17 100644 --- a/tests/core/create-user/task.yaml +++ b/tests/core/create-user/task.yaml @@ -36,7 +36,7 @@ execute: | MATCH "$expected" <<<"$output" echo "Adding valid user" - expected='created user "$USER_NAME"' + expected="created user \"$USER_EMAIL\"" output=$(snap create-user --sudoer "$USER_EMAIL") if [ "$output" != "$expected" ]; then echo "Unexpected output $output" @@ -55,4 +55,4 @@ execute: | test -f /home/"$USER_NAME"/.snap/auth.json echo "ensure user's email was stored in ~/.snap/auth.json" - MATCH '"email":""$USER_EMAIL""' < /home/"$USER_NAME"/.snap/auth.json + MATCH "\"email\":\"$USER_EMAIL\"" < /home/"$USER_NAME"/.snap/auth.json From e2ba8ec88f2b33eb8f099964615b77ef4033ccc1 Mon Sep 17 00:00:00 2001 From: Sergio Cazzolato Date: Fri, 28 Feb 2020 14:18:46 -0300 Subject: [PATCH 4/4] Fix expected name used when user is created --- tests/core/create-user/task.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/core/create-user/task.yaml b/tests/core/create-user/task.yaml index f8a5df0ff17..3501c41e0fa 100644 --- a/tests/core/create-user/task.yaml +++ b/tests/core/create-user/task.yaml @@ -36,7 +36,7 @@ execute: | MATCH "$expected" <<<"$output" echo "Adding valid user" - expected="created user \"$USER_EMAIL\"" + expected="created user \"$USER_NAME\"" output=$(snap create-user --sudoer "$USER_EMAIL") if [ "$output" != "$expected" ]; then echo "Unexpected output $output"