| 0ec311758db7f10181886053eeab88366d55a2c2 |
|
13-Sep-2017 |
Greg Kerr <kerrnel@chromium.org> |
Revert commits for cryptohome baseline test changes.
This reverts commit 0be215d51744c5a682ab6d5b70f24f4505f0e2f3
Author: Matthew Denton <mpdenton@google.com>
Date: Thu Jul 20 07:36:56 2017
Add cryptohome to the baseline accounts test.
This adds cryptohome to the baseline accounts test to note its new
group.
This reverts commit 2f972f0c098113976403925fadd77b43c754b76f
Author: Matthew Denton <mpdenton@google.com>
Date: Fri Aug 04 22:39:05 2017
Update security tests for non-root cryptohomed
This updates the security_SandboxedServices,
security_ProfilePermissions,
and security_StatefulPermissions tests to reflect the fact that
cryptohomed
runs and mounts directories under the "cryptohome" user instead of
"root".
BUG=chromium:741786,chromium:764540
TEST=pre-cq
CQ-DEPEND=CL:665279,CL:665345
Change-Id: I6cde77c984bbee7fbc4ab99f3c527d5bbf176215
Reviewed-on: https://chromium-review.googlesource.com/666018
Commit-Ready: Greg Kerr <kerrnel@chromium.org>
Tested-by: Greg Kerr <kerrnel@chromium.org>
Reviewed-by: Matthew Denton <mpdenton@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 2f972f0c098113976403925fadd77b43c754b76f |
|
01-Aug-2017 |
Matthew Denton <mpdenton@google.com> |
Update security tests for non-root cryptohomed
This updates the security_SandboxedServices, security_ProfilePermissions,
and security_StatefulPermissions tests to reflect the fact that cryptohomed
runs and mounts directories under the "cryptohome" user instead of "root".
BUG=chromium:741786
TEST=ran these autotests against betty VM and heli testing device.
CQ-DEPEND=CL:590705,CL:568778
Change-Id: I67002e0f0546bd0cfeb0e063ff99b59333a479f7
Reviewed-on: https://chromium-review.googlesource.com/596670
Commit-Ready: Matthew Denton <mpdenton@google.com>
Tested-by: Matthew Denton <mpdenton@google.com>
Reviewed-by: Greg Kerr <kerrnel@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 6bad6729b6c63efdbe4fa56447d97a41e4f199c1 |
|
10-Jun-2016 |
Gwendal Grignou <gwendal@chromium.org> |
cryptohome: Add support for ext4 crypto
Adapt is_vault_mounted() to handle mount output when ext4 crypto is used.
Add is_permanent_vault_mounted() to test if a mount is operational and
permanent.
To test a regular user is mounted,
with ecryptfs, we have:
...
/home/.shadow/<uid>/vault /home/user/<uid> ecryptfs rw,seclabe...
with ext4:
/dev/mmcblk0p1 /home/user/<uid> ext4 rw....
BUG=chromium:688258
TEST=Check ext4 based mount are recognized.
Check ecryptfs still works.
Check guestfs tests works (login_CryptohomeIncognito)
Change-Id: If758bced366da4fb6e377a7f38dfb2e307ddc882
Signed-off-by: Gwendal Grignou <gwendal@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/440848
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| a3bf6450658769b06a732df315fb9c6bcd68033a |
|
08-Feb-2017 |
Kazuhiro Inaba <kinaba@chromium.org> |
ext4crypto: Update security_ProfilePermissions test to support ext4 crypto.
The test assumed that the 'device' field of mount info of user directory is
/home/.shadow/hash/vault, but that's not the case (actually the directory
does not even exist) on cryptohome implementation using ext4 encryption as
the backend.
This patch changes the test to obtain the shadow path by a simple calculation.
BUG=chromium:689340
TEST=Run the test both on ecryptfs and ext4crypto devices.
Change-Id: Ia4fc6273881d5794a3945a970b678032eceecfaa
Reviewed-on: https://chromium-review.googlesource.com/439206
Commit-Ready: Kazuhiro Inaba <kinaba@chromium.org>
Tested-by: Kazuhiro Inaba <kinaba@chromium.org>
Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| e0b08e6170b57f90262726eb7f04e059cb47419c |
|
11-Aug-2015 |
Hsinyu Chao <hychao@chromium.org> |
Revert "autotest: move constants to common_lib"
This reverts commit a4ac7a8f67d61f8a616724f9426dbc0fce71ce69.
BUG=chromium:519353
Change-Id: Iec2873ad22b5bb90e46a9e5b323f9626a2c07d9b
Reviewed-on: https://chromium-review.googlesource.com/292347
Reviewed-by: Hsinyu Chao <hychao@chromium.org>
Commit-Queue: Hsinyu Chao <hychao@chromium.org>
Tested-by: Hsinyu Chao <hychao@chromium.org>
Reviewed-by: Sonny Rao <sonnyrao@chromium.org>
Commit-Queue: Sonny Rao <sonnyrao@chromium.org>
Tested-by: Sonny Rao <sonnyrao@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| a4ac7a8f67d61f8a616724f9426dbc0fce71ce69 |
|
06-Aug-2015 |
Eric Caruso <ejcaruso@chromium.org> |
autotest: move constants to common_lib
This file gets imported from lots of server-side tests and
infrastructure so it shouldn't be hiding in client/cros. This
moves the file and fixes all imports.
BUG=chromium:485834
TEST=run many tests, make sure there are no problems importing
constants
Change-Id: I5c2b2a0bef6ebc998e62f40162a6ec9cc4436480
Reviewed-on: https://chromium-review.googlesource.com/291302
Trybot-Ready: Eric Caruso <ejcaruso@chromium.org>
Commit-Queue: Eric Caruso <ejcaruso@chromium.org>
Tested-by: Eric Caruso <ejcaruso@chromium.org>
Reviewed-by: Chris Sosa <sosa@google.com>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 40f2187948887ad8e782fa4f28fba98b83f7818c |
|
26-Apr-2014 |
Achuith Bhandarkar <achuith@chromium.org> |
Get rid of Telemetry suffix for security tests.
BUG=chromium:266124
TEST=trybot
Change-Id: If6d6838bc759b6e90be386b071797ea55b235b42
Reviewed-on: https://chromium-review.googlesource.com/197177
Tested-by: Achuith Bhandarkar <achuith@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Commit-Queue: Achuith Bhandarkar <achuith@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| a0eec87940c9680212c2251550dd2e1fbff7ee93 |
|
12-Apr-2014 |
Ilja H. Friedel <ihf@chromium.org> |
Delete security_ProfilePermissions as it depends on pyauto.
BUG=chromium:339976, chromium:362621
TEST=None.
Change-Id: I7cd7254cb32741ff3a5ccc111ea5b244568d3c78
Reviewed-on: https://chromium-review.googlesource.com/194466
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Tested-by: Ilja Friedel <ihf@chromium.org>
Commit-Queue: Ilja Friedel <ihf@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| e265b330001a5c4eda5525027962fdce385e2836 |
|
22-Aug-2013 |
Jim Hebert <jimhebert@chromium.org> |
Poll the permissions check to avoid racing chmod
BUG=chromium:265725
TEST=security_ProfilePermissions passes on stout
TEST=security_ProfilePermissions fails if I tweak the file permissions
TEST=security_ProfilePermissions polls, then passes if I tweak them back
Change-Id: Ie8457f6fa8dc3f403061bdad3ccdd56abb0e2972
Reviewed-on: https://gerrit.chromium.org/gerrit/66678
Commit-Queue: Jim Hebert <jimhebert@chromium.org>
Tested-by: Jim Hebert <jimhebert@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 6cb26ad178990814fce3209c464afe7f131ec5b0 |
|
21-May-2013 |
Elly Fong-Jones <ellyjones@chromium.org> |
[autotest] remove dependencies on /home/chronos/user
BUG=chromium:212419
TEST=suite_Smoke
Change-Id: I8849e3eb6e76a3a3358422f1c2269a926d35994f
Signed-off-by: Elly Fong-Jones <ellyjones@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/56050
Reviewed-by: Will Drewry <wad@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 039f05c97bd45e3d394b5c508523813bb8b8d12a |
|
30-Apr-2013 |
Elly Fong-Jones <ellyjones@chromium.org> |
[autotest] security_ProfilePermissions: check /h/c/u-*
BUG=chromium:127033
TEST=yes
Change-Id: I5b186aec9c0037314f6f4a36c02a29e6b42eca4b
Signed-off-by: Elly Fong-Jones <ellyjones@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/49604
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 63caf314378fa93fc84252c7865df3102f1a80fe |
|
20-Dec-2012 |
Jim Hebert <jimhebert@chromium.org> |
Clean up a stale reference to .tpm and the related TODO
BUG=chromium-os:16425
TEST=security_ProfilePermissions passes on link/ToT
Change-Id: Ibf1965707df6ab4c76ea83b6e537f8b9593248b9
Reviewed-on: https://gerrit.chromium.org/gerrit/39995
Tested-by: Jim Hebert <jimhebert@chromium.org>
Reviewed-by: Scott Cunningham <scunningham@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Commit-Queue: Jim Hebert <jimhebert@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| f511122e8b18bd2b05f5a64a97ec3f11b7b5f0a1 |
|
20-Apr-2012 |
Gary Morain <gmorain@chromium.org> |
shill: Add test for permissions of shill profile
The file ~chronos/shill.profile should be readable and
writeable by owner only; not by anyone else.
BUG=chromium-os:29752
TEST=Ran with Trybot.
Change-Id: I11f6dc4422910957f2df1994c9276487d5b00fad
Reviewed-on: https://gerrit.chromium.org/gerrit/20731
Reviewed-by: Paul Stewart <pstew@chromium.org>
Tested-by: Gary Morain <gmorain@chromium.org>
Commit-Ready: Gary Morain <gmorain@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 6432b54982c60c89d773f31edb86b465169afe34 |
|
04-Apr-2012 |
Nirnimesh <nirnimesh@chromium.org> |
Get rid of obsolete wait_for_initial_chrome_window() function
wait_for_initial_chrome_window() and refresh_window_manager() are redundant
to me since there's no window manager anymore so chrome can authoratatively
tell if the initial chrome window is up and ready, which it is for all UI tests.
BUG=None
TEST=None
Change-Id: If5404b39a1e84cf3ecb6647e8e19fa46193e6b2b
Reviewed-on: https://gerrit.chromium.org/gerrit/19606
Reviewed-by: Mitsuru Oshima <oshima@chromium.org>
Tested-by: Mitsuru Oshima <oshima@chromium.org>
Commit-Ready: Mitsuru Oshima <oshima@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 5c37463bb75ff025af20eac152c12af6ccbf7ccf |
|
05-Apr-2012 |
barfab@chromium.org <bartfab@chromium.org> |
Teach autotest_lib about per-user mounts and ephemeral users
This CL improves the utility methods for writing cryptohome tests so that
they can deal with per-user mount points and recoginize ephemeral user
cryptohomes backed by tmpfs correctly. The unmount_vault() method remains
to be updated when umount requests are made per-user as well.
All cryptohome tests are updated and verified to work in the current
hybrid world where per-user mount points and the shared mount point
coexist. Once concurrent per-user mounts are actually deployed, some of
the tests may need further tweaking.
As a final improvement, three cryptohome tests that were slated for the
bvt suite but accidentally dropped off the radar are fixed up and added
to the suite.
BUG=chromium-os:29003
TEST=all affected pyauto tests: login_Cryptohome*, platform_Cryptohome*,
TEST=logging_LogVolume, security_ProfilePermissions
Change-Id: Ib8301844e72ef3901889cce91fd58c9e06ce0a65
Reviewed-on: https://gerrit.chromium.org/gerrit/19668
Reviewed-by: Elly Jones <ellyjones@chromium.org>
Commit-Ready: Bartosz Fabianowski <bartfab@chromium.org>
Tested-by: Bartosz Fabianowski <bartfab@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 9aade7d32338648f962d0549dce3ff7ffc75c2f1 |
|
23-Mar-2012 |
Darren Krahn <dkrahn@chromium.org> |
Added special cases for .chaps directory.
The .chaps directory holds a user's crypto token database and in general
is owned by the 'chaps' system user and readable by the 'chronos-access'
group. Authorization data salt is also kept here and is root owned and
only accessible by root.
BUG=chromium-os:21003
TEST=Run in trybot in combination with relevant cryptohome and chaps
CLs.
Change-Id: I3ecaf208b78e6dfef8c6f26dc57a76aee413f21e
Reviewed-on: https://gerrit.chromium.org/gerrit/18968
Tested-by: Darren Krahn <dkrahn@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Reviewed-by: Jim Hebert <jimhebert@chromium.org>
Commit-Ready: Darren Krahn <dkrahn@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 143e0df638374a1d92f598e2bfb0805e10d9d1f5 |
|
04-Feb-2012 |
Ben Chan <benchan@chromium.org> |
Re-enable ownership check on user home directory in BWSI mode.
The ownership and permissions check on the user home directory
(/home/chronos/user) was previously disabled in the
security_ProfilePermissions.BWSI test as cryptohome did not set the
ownership and permissions of the user home directory under the BWSI mode
the same way it did for the login mode. That was fixed as part of the
changes made to cryptohome in the following CL:
https://gerrit.chromium.org/gerrit/10862.
BUG=chromium-os:16425
TEST=Ran security_ProfilePermissions test on a VM and a Cr48.
Change-Id: Icbc6fdefcd2f2018c1ea56bbcbf55136f1d78903
Reviewed-on: https://gerrit.chromium.org/gerrit/15296
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Reviewed-by: Jim Hebert <jimhebert@chromium.org>
Reviewed-by: Darren Krahn <dkrahn@chromium.org>
Tested-by: Ben Chan <benchan@chromium.org>
Commit-Ready: Ben Chan <benchan@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 16634c8a6f794824688592a12b0b986bf49e96db |
|
25-Oct-2011 |
Ben Chan <benchan@chromium.org> |
Update ownership and permissions checks.
cryptohome is modified (http://gerrit.chromium.org/gerrit/#change,10447)
to make /home/chronos/user and /home/chronos/user/Downloads owned by
the chronos-access group and have a group execute permission. This CL
update the ownership and permissions checks on these directories
accordingly.
BUG=chromium-os:21790
TEST=run_remote_tests security_ProfilePermissions on a Cr48.
Change-Id: I55fa5f8dfc0ca4d9e45665addf22a47fc7da7471
Reviewed-on: https://gerrit.chromium.org/gerrit/10601
Reviewed-by: Jim Hebert <jimhebert@chromium.org>
Tested-by: Ben Chan <benchan@chromium.org>
Commit-Ready: Ben Chan <benchan@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 9dd9df8f9fe94e4149d2cc0727750c0ad8c92305 |
|
08-Sep-2011 |
Elly Jones <ellyjones@chromium.org> |
security_ProfilePermissions.login: account for root-owned cryptohome.
With the split-cryptohome change, the vault directory itself is owned by root,
with a user passthrough that is owned by chronos.
BUG=chromium-os:16681
TEST=Yes
Change-Id: Ia058b320b2cb3e6f99a44290968be8880a6a1fd5
Signed-off-by: Elly Jones <ellyjones@chromium.org>
Reviewed-on: http://gerrit.chromium.org/gerrit/7716
Reviewed-by: Jim Hebert <jimhebert@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| fa3290f01e33da79cafae0f9a86c58bf30f99934 |
|
08-Sep-2011 |
Elly Jones <ellyjones@chromium.org> |
Revert "TBR security_ProfilePermissions.login: account for root-owned cryptohome."
Unit tests failed on the bots.
This reverts commit ec8b5631b9ed2da5bb48962435c7c92576cabb61
Change-Id: I813807d0cd363c18877df4affae614eadaaea735
Reviewed-on: http://gerrit.chromium.org/gerrit/7404
Reviewed-by: Elly Jones <ellyjones@chromium.org>
Tested-by: Elly Jones <ellyjones@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| d0c5297d8649b2ce503c7ebd0594650cc6489479 |
|
08-Sep-2011 |
Elly Jones <ellyjones@chromium.org> |
TBR security_ProfilePermissions.login: account for root-owned cryptohome.
With the split-cryptohome change, the vault directory itself is owned by root,
with a user passthrough that is owned by chronos.
BUG=chromium-os:16681
TEST=Yes
Change-Id: If1202757b68f6172b980be658c2f4acbd4f1c87c
Signed-off-by: Elly Jones <ellyjones@chromium.org>
Reviewed-on: http://gerrit.chromium.org/gerrit/7401
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| debdc9d2cf5e4cf14f74a09501ae510759e660e9 |
|
12-Aug-2011 |
Jim Hebert <jimhebert@chromium.org> |
Clean up ProfilePermissions
Removes a TODO covering a long-fixed bug.
Also fixes a mistake where I was checking mode but not owner of user_mountpt
(Revised CL no longer updates /home/chronos expectations to 'root owned')
BUG=chromium-os:16425
TEST=run_remote_tests security_ProfilePermissions passes both login & BWSI
on alex ToT (with the Elly-rollback of the root-chown stuff)
Change-Id: Ic500eade1db88d0fd1a970823723b2182a56bb0c
Reviewed-on: http://gerrit.chromium.org/gerrit/5812
Tested-by: Jim Hebert <jimhebert@chromium.org>
Reviewed-by: Kris Rambish <krisr@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 7f169d896c938b2b6f0bc29a302af895a217fa67 |
|
23-Jun-2011 |
Jim Hebert <jimhebert@chromium.org> |
Root ProfilePermissions at /home/chronos
This starts the test 1 directory higher than the previous location,
/home/chronos/user, based on the postmortem of a couple recent bugs.
BUG=chromium-os:16613
TEST=run_remote_tests ... security_ProfilePermissions passes on
recent x86-alex.
Change-Id: Ide39ea7be8c54dd52a9ff0580dc31ae9323bc577
Reviewed-on: http://gerrit.chromium.org/gerrit/3116
Reviewed-by: Kris Rambish <krisr@chromium.org>
Tested-by: Jim Hebert <jimhebert@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 687cc41acffd84a1d16942b33fbaed521bc585c6 |
|
14-Jun-2011 |
Jim Hebert <jimhebert@chromium.org> |
Restructure test to handle more heterogenous perms
Permissions in the profile are getting more nuanced, so the test
needs to be more complicated than the previous shell 1-liner.
Also, some temp workarounds to keep the test green while crosbug 16425
is evaluated.
BUG=chromium-os:16425
TEST=run_remote_tests ... security_ProfilePermissions passes on ToT
Change-Id: Iec58b2582bb312e5d4e8f227a5c472f72b2d0f9c
Reviewed-on: http://gerrit.chromium.org/gerrit/2563
Reviewed-by: Kris Rambish <krisr@chromium.org>
Tested-by: Jim Hebert <jimhebert@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| 91b7580dbe3dd63e569c7c721d35ededb4349069 |
|
22-Apr-2011 |
Jim Hebert <jimhebert@chromium.org> |
Expand test to do permissions checks on the vault-backing-store of cryptohome
Change-Id: I9cebbca74e24fd7bbb569876740f81778205dfc4
BUG=chromium-os:381
TEST=./run_remote_tests.sh security_ProfilePermissions passes.
Also injected various failures (chmod vault, etc) into the system and confirmed the test caught them too.
Review URL: http://codereview.chromium.org/6895024
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| e630f9d8ce46db962f8927014a69927fd653952f |
|
15-Apr-2011 |
Dale Curtis <dalecurtis@chromium.org> |
Let cros_ui_test take care of login flow.
As titled. The login flow for cros_ui_test has been honed to be more correct. No need to manually resolve creds or worry about refreshing the login screen prior to login.
Hopefully this will fix the login timeout issues.
Change-Id: Idd55b232fea2cb6362eb60c1744cbb4d7d1c89c2
BUG=none
TEST=Ran w/ run_remote_tests. Ensured BWSI test case still failed.
Review URL: http://codereview.chromium.org/6869022
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| b3381f81aabe0f28b84891b4b3d2601ef975cd5f |
|
15-Apr-2011 |
Jim Hebert <jimhebert@chromium.org> |
Fix boolean short-circuiting that could false-pass tests
Change-Id: I702dc06c35df35c11188cf823cf4180c472044d7
BUG=chromium-os:14124
TEST="./run_remote_tests.sh ... security_ProfilePermissions" passes
STATUS=Verified
Review URL: http://codereview.chromium.org/6865001
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
| d16a1d5bbad920efc61869a645e7e18e207dcde1 |
|
17-Mar-2011 |
Jim Hebert <jimhebert@chromium.org> |
add Profile Permissions test
Change-Id: I6e7d0ff72b44406b2c4648417d33e2173d82465e
BUG=chromium-os:2777
TEST=run_remote_tests ... security_ProfilePermissions
Review URL: http://codereview.chromium.org/6677093
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|