blob: aaebb0df4171e04873b3aa5852a2da023fd6cb5d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
Then /^I should be able to run administration commands as the live user$/ do
next if @skip_steps_while_restoring_background
stdout = @vm.execute("echo #{@sudo_password} | sudo -S whoami", $live_user).stdout
actual_user = stdout.sub(/^\[sudo\] password for #{$live_user}: /, "").chomp
assert_equal("root", actual_user, "Could not use sudo")
end
Then /^I should not be able to run administration commands as the live user with the "([^"]*)" password$/ do |password|
next if @skip_steps_while_restoring_background
stderr = @vm.execute("echo #{password} | sudo -S whoami", $live_user).stderr
sudo_failed = stderr.include?("The administration password is disabled") || stderr.include?("is not allowed to execute")
assert(sudo_failed, "The administration password is not disabled:" + stderr)
end
When /^running a command as root with pkexec requires PolicyKit administrator privileges$/ do
next if @skip_steps_while_restoring_background
action = 'org.freedesktop.policykit.exec'
action_details = @vm.execute("pkaction --verbose --action-id #{action}").stdout
assert(action_details[/\s+implicit any:\s+auth_admin$/],
"Expected 'auth_admin' for 'any':\n#{action_details}")
assert(action_details[/\s+implicit inactive:\s+auth_admin$/],
"Expected 'auth_admin' for 'inactive':\n#{action_details}")
assert(action_details[/\s+implicit active:\s+auth_admin$/],
"Expected 'auth_admin' for 'active':\n#{action_details}")
end
Then /^I should be able to run a command as root with pkexec$/ do
next if @skip_steps_while_restoring_background
step "I run \"pkexec touch /root/pkexec-test\" in GNOME Terminal"
step 'I enter the sudo password in the pkexec prompt'
try_for(10, :msg => 'The /root/pkexec-test file was not created.') {
@vm.execute('ls /root/pkexec-test').success?
}
end
Then /^I should not be able to run a command as root with pkexec and the standard passwords$/ do
next if @skip_steps_while_restoring_background
step "I run \"pkexec touch /root/pkexec-test\" in GNOME Terminal"
['', 'live'].each do |password|
step "I enter the \"#{password}\" password in the pkexec prompt"
@screen.wait('PolicyKitAuthFailure.png', 20)
end
step "I enter the \"amnesia\" password in the pkexec prompt"
@screen.wait('PolicyKitAuthCompleteFailure.png', 20)
end
|