| # Copyright (c) 2011 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| import gobject, os |
| from dbus.mainloop.glib import DBusGMainLoop |
| |
| from autotest_lib.client.bin import test, utils |
| from autotest_lib.client.common_lib import error |
| from autotest_lib.client.common_lib.cros import policy, session_manager |
| from autotest_lib.client.cros import constants, cros_ui, cryptohome, ownership |
| |
| |
| class login_OwnershipRetaken(test.test): |
| """"Ensure that ownership is re-taken upon loss of owner's cryptohome.""" |
| version = 1 |
| |
| _tempdir = None |
| _got_new_key = False |
| _got_new_policy = False |
| |
| def setup(self): |
| os.chdir(self.srcdir) |
| utils.make('OUT_DIR=.') |
| |
| |
| def initialize(self): |
| super(login_OwnershipRetaken, self).initialize() |
| # Start clean, wrt ownership and the desired user. |
| ownership.restart_ui_to_clear_ownership_files() |
| |
| bus_loop = DBusGMainLoop(set_as_default=True) |
| self._cryptohome_proxy = cryptohome.CryptohomeProxy(bus_loop) |
| self._cryptohome_proxy.remove(ownership.TESTUSER) |
| |
| self._sm = session_manager.connect(bus_loop) |
| |
| |
| def run_once(self): |
| pkey = ownership.known_privkey() |
| pubkey = ownership.known_pubkey() |
| |
| # Pre-configure some owner settings, including initial key. |
| poldata = policy.build_policy_data(self.srcdir, |
| owner=ownership.TESTUSER, |
| guests=False, |
| new_users=True, |
| roaming=True, |
| whitelist=(ownership.TESTUSER, |
| 'a@b.c')) |
| policy_string = policy.generate_policy(self.srcdir, |
| pkey, |
| pubkey, |
| poldata) |
| policy.push_policy_and_verify(policy_string, self._sm) |
| |
| # grab key, ensure that it's the same as the known key. |
| if (utils.read_file(constants.OWNER_KEY_FILE) != pubkey): |
| raise error.TestFail('Owner key should not have changed!') |
| |
| # Start a new session, which will trigger the re-taking of ownership. |
| listener = session_manager.OwnershipSignalListener(gobject.MainLoop()) |
| listener.listen_for_new_key_and_policy() |
| self._cryptohome_proxy.mount(ownership.TESTUSER, |
| ownership.TESTPASS, |
| create=True) |
| if not self._sm.StartSession(ownership.TESTUSER, ''): |
| raise error.TestError('Could not start session for owner') |
| |
| listener.wait_for_signals(desc='Re-taking of ownership complete.') |
| |
| # grab key, ensure that it's different than known key |
| if (utils.read_file(constants.OWNER_KEY_FILE) == pubkey): |
| raise error.TestFail('Owner key should have changed!') |
| |
| # RetrievePolicy, check sig against new key, check properties |
| retrieved_policy = self._sm.RetrievePolicy(byte_arrays=True) |
| if retrieved_policy is None: |
| raise error.TestError('Policy not found') |
| policy.compare_policy_response(self.srcdir, |
| retrieved_policy, |
| owner=ownership.TESTUSER, |
| guests=False, |
| new_users=True, |
| roaming=True, |
| whitelist=(ownership.TESTUSER, 'a@b.c')) |
| |
| |
| def cleanup(self): |
| if self._tempdir: self._tempdir.clean() |
| cros_ui.restart() |
| self._cryptohome_proxy.remove(ownership.TESTUSER) |
| super(login_OwnershipRetaken, self).cleanup() |