841
841
'[ -z "$UPSTART_SESSION" ] || /sbin/initctl --user start click-user-hooks')])
843
843
def apparmor_click(self, clickpkgs, installed_clicks):
844
'''Update AppArmor rules for click tests'''
844
'''Update AppArmor rules for click tests
846
if not clickpkgs and not installed_clicks:
846
Return True if anything was modified and apparmor_restore_click()
849
# check if we are in a click+AppArmor environment
850
if self.execute(['sh', '-ec',
851
'[ -d /var/cache/apparmor -a -d /var/lib/apparmor/clicks ] && '
852
'type aa-clickhook >/dev/null 2>&1'])[0] != 0:
853
adtlog.debug('testbed does not have AppArmor/click, no need to adjust rules')
855
adtlog.debug('testbed has AppArmor/click')
849
857
if 'root-on-testbed' not in self.caps:
850
858
adtlog.warning('Cannot adjust AppArmor rules without root/sudo '
851
859
'privileges; Autopilot tests will fail and test '
852
860
'dependencies will not be available!')
855
863
rules = 'dbus (receive, send) bus=session path=/com/canonical/Autopilot/**,'
856
864
for e in self.install_tmp_env:
861
869
rules += ' %s/** r,' % p
864
adtlog.info('Updating AppArmor rules to allow autopilot introspection')
865
script = '[ -d /var/cache/apparmor -a -d /var/lib/apparmor/clicks ] || exit 0; ' \
866
'type aa-clickhook >/dev/null 2>&1 || exit 0; ' \
867
'''echo '%s' > /var/cache/apparmor/click-ap.rules; ''' \
869
' info=$(click info %s %s/$(basename "$c")); ' \
870
''' name=$(echo "$info" | sed -rn '/"name"/ {s/^.*: *"([^"]+)",/\\1/; p}'); ''' \
871
''' version=$(echo "$info" | sed -rn '/"version"/ {s/^.*: *"([^"]+)",/\\1/; p}'); ''' \
872
' touch -h /var/lib/apparmor/clicks/${name}_*_${version}.json >/dev/null || true; '\
875
' touch -h /var/lib/apparmor/clicks/${c}_*.json 2>/dev/null || true; ' \
877
'aa-clickhook --include=/var/cache/apparmor/click-ap.rules' % (
880
opts.user and ('--user ' + opts.user) or '',
882
' '.join(installed_clicks))
883
if self.execute(['sh', opts.verbosity >= 2 and '-exc' or '-ec', script], kind='install')[0] != 0:
884
if 'root-on-testbed' not in testbed.caps:
885
bomb('Failed to update click AppArmor rules: no root privileges in testbed')
887
bomb('Failed to update click AppArmor rules')
872
script = '''echo '%s' > /var/cache/apparmor/click-ap.rules; ''' % rules
874
if clickpkgs or installed_clicks:
875
adtlog.info('Updating AppArmor rules to allow autopilot introspection for tested clicks')
876
script += 'for c in %s; do ' \
877
' info=$(click info %s %s/$(basename "$c")); ' \
878
''' name=$(echo "$info" | sed -rn '/"name"/ {s/^.*: *"([^"]+)",/\\1/; p}'); ''' \
879
''' version=$(echo "$info" | sed -rn '/"version"/ {s/^.*: *"([^"]+)",/\\1/; p}'); ''' \
880
' touch -h /var/lib/apparmor/clicks/${name}_*_${version}.json >/dev/null || true; '\
883
' touch -h /var/lib/apparmor/clicks/${c}_*.json 2>/dev/null || true; ' \
885
'aa-clickhook --include=/var/cache/apparmor/click-ap.rules' % (
887
opts.user and ('--user ' + opts.user) or '',
889
' '.join(installed_clicks))
891
adtlog.info('Updating AppArmor rules to allow autopilot introspection for all clicks (will take a minute)...')
892
script += 'aa-clickhook --force --include=/var/cache/apparmor/click-ap.rules'
894
if self.execute(['sh', opts.verbosity >= 2 and '-exc' or '-ec', script], kind='install')[0] != 0:
895
bomb('Failed to update click AppArmor rules')
899
def apparmor_restore_click(self, clickpkgs, installed_clicks):
900
'''Restore AppArmor rules after click tests'''
902
adtlog.info('Restoring click package AppArmor rules')
903
# if we only modified some clicks above, --force will be fast, so it's
904
# ok to always do that
905
script = 'rm /var/cache/apparmor/click-ap.rules; aa-clickhook --force'
906
if self.execute(['sh', opts.verbosity >= 2 and '-exc' or '-ec', script], kind='install')[0] != 0:
907
bomb('Failed to update click AppArmor rules')
889
909
def satisfy_dependencies_string(self, deps, what, recommends=False):
890
910
'''Install dependencies from a string into the testbed'''