Commit 076bf2d9 authored by Aard's avatar Aard

Merge branch 'master' of github.com:nemomobile/ssu

parents 3999dd06 882bb90e
......@@ -16,6 +16,7 @@
#include <pwd.h>
#include "ssu.h"
#include "sandbox_p.h"
#include "ssulog.h"
#include "ssuvariables.h"
#include "ssucoreconfig.h"
......@@ -474,6 +475,8 @@ void Ssu::storeAuthorizedKeys(QByteArray data){
} else
return;
homePath = Sandbox::map(homePath);
if (dir.exists(homePath + "/.ssh/authorized_keys")){
ssuLog->print(LOG_DEBUG, QString(".ssh/authorized_keys already exists in %1")
.arg(homePath));
......
......@@ -15,6 +15,7 @@ extern "C" {
#include <boardname.h>
}
#include "sandbox_p.h"
#include "ssudeviceinfo.h"
#include "ssucoreconfig.h"
#include "ssulog.h"
......@@ -165,7 +166,7 @@ QString SsuDeviceInfo::deviceModel(){
// check if the device can be identified by testing for a file
foreach (const QString &key, keys){
QString value = boardMappings->value(key).toString();
if (dir.exists(value)){
if (dir.exists(Sandbox::map(value))){
cachedModel = key;
break;
}
......@@ -224,7 +225,7 @@ QString SsuDeviceInfo::deviceModel(){
*/
// check if the device can be identified by a string in /proc/cpuinfo
procCpuinfo.setFileName("/proc/cpuinfo");
procCpuinfo.setFileName(Sandbox::map("/proc/cpuinfo"));
procCpuinfo.open(QIODevice::ReadOnly | QIODevice::Text);
if (procCpuinfo.isOpen()){
QTextStream in(&procCpuinfo);
......
......@@ -9,6 +9,7 @@
#include <QRegExp>
#include <QDirIterator>
#include "sandbox_p.h"
#include "ssudeviceinfo.h"
#include "ssurepomanager.h"
#include "ssucoreconfig.h"
......@@ -154,7 +155,7 @@ void SsuRepoManager::update(){
// assume configuration error if there are no device repos, and don't delete
// anything, even in strict mode
if ((deviceMode & Ssu::LenientMode) != Ssu::LenientMode && !repos.isEmpty()){
QDirIterator it(ZYPP_REPO_PATH, QDir::AllEntries|QDir::NoDot|QDir::NoDotDot);
QDirIterator it(Sandbox::map(ZYPP_REPO_PATH), QDir::AllEntries|QDir::NoDot|QDir::NoDotDot);
while (it.hasNext()){
it.next();
if (it.fileName().left(4) != "ssu_"){
......@@ -166,7 +167,7 @@ void SsuRepoManager::update(){
// ... delete all ssu-managed repositories not valid for this device ...
ssuFilters.append("ssu_*");
QDirIterator it(ZYPP_REPO_PATH, ssuFilters);
QDirIterator it(Sandbox::map(ZYPP_REPO_PATH), ssuFilters);
while (it.hasNext()){
QString f = it.next();
......@@ -192,7 +193,7 @@ void SsuRepoManager::update(){
}
QString repoFilePath = QString("%1/ssu_%2_%3.repo")
.arg(ZYPP_REPO_PATH)
.arg(Sandbox::map(ZYPP_REPO_PATH))
.arg(repo)
.arg(rndMode ? "rnd" : "release");
......
......@@ -12,6 +12,7 @@
#include <QStringList>
#include <systemd/sd-journal.h>
#include "libssu/sandbox_p.h"
#include "libssu/ssulog.h"
SsuUrlResolver::SsuUrlResolver(): QObject(){
......@@ -30,7 +31,16 @@ void SsuUrlResolver::error(QString message){
QCoreApplication::exit(1);
}
bool SsuUrlResolver::writeCredentials(QString filePath, QString credentialsScope){
bool SsuUrlResolver::writeZyppCredentialsIfNeeded(QString credentialsScope){
QString filePath = Sandbox::map("/etc/zypp/credentials.d/" + credentialsScope);
QFileInfo credentialsFileInfo(filePath);
if (credentialsFileInfo.exists() &&
credentialsFileInfo.lastModified() > ssu.lastCredentialsUpdate()){
// zypp credentials up to date
return true;
}
QFile credentialsFile(filePath);
QPair<QString, QString> credentials = ssu.credentials(credentialsScope);
SsuLog *ssuLog = SsuLog::instance();
......@@ -126,12 +136,7 @@ void SsuUrlResolver::run(){
QString credentialsScope = ssu.credentialsScope(repo, isRnd);
if (!credentialsScope.isEmpty()){
headerList.append(QString("credentials=%1").arg(credentialsScope));
QFileInfo credentialsFileInfo("/etc/zypp/credentials.d/" + credentialsScope);
if (!credentialsFileInfo.exists() ||
credentialsFileInfo.lastModified() <= ssu.lastCredentialsUpdate()){
writeCredentials(credentialsFileInfo.filePath(), credentialsScope);
}
writeZyppCredentialsIfNeeded(credentialsScope);
} else
ssuLog->print(LOG_DEBUG, "Skipping credential update due to missing credentials scope");
}
......
......@@ -55,7 +55,7 @@ class SsuUrlResolver: public QObject {
Ssu ssu;
void error(QString message);
void printJournal(int priority, QString message);
bool writeCredentials(QString filePath, QString credentialsScope);
bool writeZyppCredentialsIfNeeded(QString credentialsScope);
public slots:
void run();
......
......@@ -26,9 +26,39 @@ void RndSsuCliTest::init(){
QFAIL("Failed to activate sandbox");
}
setenv("LD_PRELOAD", qPrintable(QString("%1/libsandboxhook.so").arg(TESTS_PATH)), 1);
m_bus = new QProcess(this);
m_bus->start("dbus-daemon",
Args() << "--session" << "--nofork" << "--nopidfile" << "--print-address");
if (!m_bus->waitForReadyRead()){
QFAIL("Failed to run sandboxed D-Bus instance");
}
const QByteArray busAddress = m_bus->readAllStandardOutput();
setenv("DBUS_SESSION_BUS_ADDRESS", busAddress.constData(), 1);
setenv("DBUS_SYSTEM_BUS_ADDRESS", busAddress.constData(), 1);
m_ssud = new QProcess(this);
m_ssud->start("ssud");
if (!m_ssud->waitForStarted()){
QFAIL("Failed to run sandboxed ssud instance");
}
}
void RndSsuCliTest::cleanup(){
if (m_ssud->state() != QProcess::Running){
QFAIL("Sandboxed ssud instance exited unexpectedly");
}
delete m_ssud;
m_ssud = 0;
if (m_bus->state() != QProcess::Running){
QFAIL("Sandboxed D-Bus instance exited unexpectedly");
}
unsetenv("DBUS_SESSION_BUS_ADDRESS");
unsetenv("DBUS_SYSTEM_BUS_ADDRESS");
delete m_bus;
m_bus = 0;
delete m_sandbox;
m_sandbox = 0;
}
......
......@@ -10,6 +10,8 @@
#include <QObject>
class QProcess;
class Sandbox;
class RndSsuCliTest: public QObject {
......@@ -28,6 +30,8 @@ class RndSsuCliTest: public QObject {
private:
Sandbox *m_sandbox;
QProcess *m_bus;
QProcess *m_ssud;
};
#endif
......@@ -10,6 +10,7 @@
#include <QtXml/QDomDocument>
#include "constants.h"
#include "libssu/sandbox_p.h"
#include "testutils/process.h"
void UrlResolverTest::initTestCase(){
......@@ -243,45 +244,12 @@ void UrlResolverTest::checkSetCredentials(){
}
void UrlResolverTest::checkStoreAuthorizedKeys(){
struct Cleanup {
~Cleanup(){
if (!tempHomePath.isEmpty()){
Process rmtemp;
rmtemp.execute("rm", QStringList() << "-rf" << tempHomePath);
if (rmtemp.hasError()){
qWarning("%s: Failed to remove temporary directory '%s': %s", Q_FUNC_INFO,
tempHomePath.constData(), qPrintable(rmtemp.fmtErrorMessage()));
}
if (!qputenv("HOME", originalHomePath)){
qFatal("%s: Failed to restore HOME environment variable", Q_FUNC_INFO);
}
}
}
QByteArray originalHomePath;
QByteArray tempHomePath;
} cleanup;
// Temporarily change HOME path so Ssu::storeAuthorizedKeys() does not touch
// real home directory
cleanup.originalHomePath = qgetenv("HOME");
QVERIFY(!cleanup.originalHomePath.isEmpty());
Process mktemp;
cleanup.tempHomePath = mktemp.execute("mktemp",
QStringList() << "-t" << "-d" << "ut_urlresolver.temp-home.XXX").trimmed().toLocal8Bit();
QVERIFY2(!mktemp.hasError(), qPrintable(mktemp.fmtErrorMessage()));
QVERIFY(qputenv("HOME", cleanup.tempHomePath));
QVERIFY2(QDir::homePath() == QString(cleanup.tempHomePath),
"QDir::homePath() does not change after qputenv(\"HOME\", \"...\")");
// Here starts the test itself
QVERIFY(QDir().mkpath(Sandbox::map(QDir::homePath())));
QByteArray testData("# test data\n");
ssu.storeAuthorizedKeys(testData);
QFile authorizedKeys(QDir::home().filePath(".ssh/authorized_keys"));
QFile authorizedKeys(Sandbox::map(QDir::home().filePath(".ssh/authorized_keys")));
QVERIFY(authorizedKeys.open(QIODevice::ReadOnly));
QVERIFY(authorizedKeys.readAll().split('\n').contains(testData.trimmed()));
......@@ -296,7 +264,7 @@ void UrlResolverTest::checkStoreAuthorizedKeys(){
const QFile::Permissions go_rwx =
QFile::ReadGroup | QFile::WriteGroup | QFile::ExeGroup |
QFile::ReadOther | QFile::WriteOther | QFile::ExeOther;
QVERIFY((QFileInfo(QDir::home().filePath(".ssh")).permissions() & go_rwx) == 0);
QVERIFY((QFileInfo(Sandbox::map(QDir::home().filePath(".ssh"))).permissions() & go_rwx) == 0);
}
void UrlResolverTest::checkVerifyResponse(){
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment