0ec311758db7f10181886053eeab88366d55a2c2 |
|
13-Sep-2017 |
Greg Kerr <kerrnel@chromium.org> |
Revert commits for cryptohome baseline test changes. This reverts commit 0be215d51744c5a682ab6d5b70f24f4505f0e2f3 Author: Matthew Denton <mpdenton@google.com> Date: Thu Jul 20 07:36:56 2017 Add cryptohome to the baseline accounts test. This adds cryptohome to the baseline accounts test to note its new group. This reverts commit 2f972f0c098113976403925fadd77b43c754b76f Author: Matthew Denton <mpdenton@google.com> Date: Fri Aug 04 22:39:05 2017 Update security tests for non-root cryptohomed This updates the security_SandboxedServices, security_ProfilePermissions, and security_StatefulPermissions tests to reflect the fact that cryptohomed runs and mounts directories under the "cryptohome" user instead of "root". BUG=chromium:741786,chromium:764540 TEST=pre-cq CQ-DEPEND=CL:665279,CL:665345 Change-Id: I6cde77c984bbee7fbc4ab99f3c527d5bbf176215 Reviewed-on: https://chromium-review.googlesource.com/666018 Commit-Ready: Greg Kerr <kerrnel@chromium.org> Tested-by: Greg Kerr <kerrnel@chromium.org> Reviewed-by: Matthew Denton <mpdenton@google.com> Reviewed-by: Mike Frysinger <vapier@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
2f972f0c098113976403925fadd77b43c754b76f |
|
01-Aug-2017 |
Matthew Denton <mpdenton@google.com> |
Update security tests for non-root cryptohomed This updates the security_SandboxedServices, security_ProfilePermissions, and security_StatefulPermissions tests to reflect the fact that cryptohomed runs and mounts directories under the "cryptohome" user instead of "root". BUG=chromium:741786 TEST=ran these autotests against betty VM and heli testing device. CQ-DEPEND=CL:590705,CL:568778 Change-Id: I67002e0f0546bd0cfeb0e063ff99b59333a479f7 Reviewed-on: https://chromium-review.googlesource.com/596670 Commit-Ready: Matthew Denton <mpdenton@google.com> Tested-by: Matthew Denton <mpdenton@google.com> Reviewed-by: Greg Kerr <kerrnel@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
6bad6729b6c63efdbe4fa56447d97a41e4f199c1 |
|
10-Jun-2016 |
Gwendal Grignou <gwendal@chromium.org> |
cryptohome: Add support for ext4 crypto Adapt is_vault_mounted() to handle mount output when ext4 crypto is used. Add is_permanent_vault_mounted() to test if a mount is operational and permanent. To test a regular user is mounted, with ecryptfs, we have: ... /home/.shadow/<uid>/vault /home/user/<uid> ecryptfs rw,seclabe... with ext4: /dev/mmcblk0p1 /home/user/<uid> ext4 rw.... BUG=chromium:688258 TEST=Check ext4 based mount are recognized. Check ecryptfs still works. Check guestfs tests works (login_CryptohomeIncognito) Change-Id: If758bced366da4fb6e377a7f38dfb2e307ddc882 Signed-off-by: Gwendal Grignou <gwendal@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/440848
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
a3bf6450658769b06a732df315fb9c6bcd68033a |
|
08-Feb-2017 |
Kazuhiro Inaba <kinaba@chromium.org> |
ext4crypto: Update security_ProfilePermissions test to support ext4 crypto. The test assumed that the 'device' field of mount info of user directory is /home/.shadow/hash/vault, but that's not the case (actually the directory does not even exist) on cryptohome implementation using ext4 encryption as the backend. This patch changes the test to obtain the shadow path by a simple calculation. BUG=chromium:689340 TEST=Run the test both on ecryptfs and ext4crypto devices. Change-Id: Ia4fc6273881d5794a3945a970b678032eceecfaa Reviewed-on: https://chromium-review.googlesource.com/439206 Commit-Ready: Kazuhiro Inaba <kinaba@chromium.org> Tested-by: Kazuhiro Inaba <kinaba@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
e0b08e6170b57f90262726eb7f04e059cb47419c |
|
11-Aug-2015 |
Hsinyu Chao <hychao@chromium.org> |
Revert "autotest: move constants to common_lib" This reverts commit a4ac7a8f67d61f8a616724f9426dbc0fce71ce69. BUG=chromium:519353 Change-Id: Iec2873ad22b5bb90e46a9e5b323f9626a2c07d9b Reviewed-on: https://chromium-review.googlesource.com/292347 Reviewed-by: Hsinyu Chao <hychao@chromium.org> Commit-Queue: Hsinyu Chao <hychao@chromium.org> Tested-by: Hsinyu Chao <hychao@chromium.org> Reviewed-by: Sonny Rao <sonnyrao@chromium.org> Commit-Queue: Sonny Rao <sonnyrao@chromium.org> Tested-by: Sonny Rao <sonnyrao@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
a4ac7a8f67d61f8a616724f9426dbc0fce71ce69 |
|
06-Aug-2015 |
Eric Caruso <ejcaruso@chromium.org> |
autotest: move constants to common_lib This file gets imported from lots of server-side tests and infrastructure so it shouldn't be hiding in client/cros. This moves the file and fixes all imports. BUG=chromium:485834 TEST=run many tests, make sure there are no problems importing constants Change-Id: I5c2b2a0bef6ebc998e62f40162a6ec9cc4436480 Reviewed-on: https://chromium-review.googlesource.com/291302 Trybot-Ready: Eric Caruso <ejcaruso@chromium.org> Commit-Queue: Eric Caruso <ejcaruso@chromium.org> Tested-by: Eric Caruso <ejcaruso@chromium.org> Reviewed-by: Chris Sosa <sosa@google.com>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
40f2187948887ad8e782fa4f28fba98b83f7818c |
|
26-Apr-2014 |
Achuith Bhandarkar <achuith@chromium.org> |
Get rid of Telemetry suffix for security tests. BUG=chromium:266124 TEST=trybot Change-Id: If6d6838bc759b6e90be386b071797ea55b235b42 Reviewed-on: https://chromium-review.googlesource.com/197177 Tested-by: Achuith Bhandarkar <achuith@chromium.org> Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org> Commit-Queue: Achuith Bhandarkar <achuith@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
a0eec87940c9680212c2251550dd2e1fbff7ee93 |
|
12-Apr-2014 |
Ilja H. Friedel <ihf@chromium.org> |
Delete security_ProfilePermissions as it depends on pyauto. BUG=chromium:339976, chromium:362621 TEST=None. Change-Id: I7cd7254cb32741ff3a5ccc111ea5b244568d3c78 Reviewed-on: https://chromium-review.googlesource.com/194466 Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org> Tested-by: Ilja Friedel <ihf@chromium.org> Commit-Queue: Ilja Friedel <ihf@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
e265b330001a5c4eda5525027962fdce385e2836 |
|
22-Aug-2013 |
Jim Hebert <jimhebert@chromium.org> |
Poll the permissions check to avoid racing chmod BUG=chromium:265725 TEST=security_ProfilePermissions passes on stout TEST=security_ProfilePermissions fails if I tweak the file permissions TEST=security_ProfilePermissions polls, then passes if I tweak them back Change-Id: Ie8457f6fa8dc3f403061bdad3ccdd56abb0e2972 Reviewed-on: https://gerrit.chromium.org/gerrit/66678 Commit-Queue: Jim Hebert <jimhebert@chromium.org> Tested-by: Jim Hebert <jimhebert@chromium.org> Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
6cb26ad178990814fce3209c464afe7f131ec5b0 |
|
21-May-2013 |
Elly Fong-Jones <ellyjones@chromium.org> |
[autotest] remove dependencies on /home/chronos/user BUG=chromium:212419 TEST=suite_Smoke Change-Id: I8849e3eb6e76a3a3358422f1c2269a926d35994f Signed-off-by: Elly Fong-Jones <ellyjones@chromium.org> Reviewed-on: https://gerrit.chromium.org/gerrit/56050 Reviewed-by: Will Drewry <wad@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
039f05c97bd45e3d394b5c508523813bb8b8d12a |
|
30-Apr-2013 |
Elly Fong-Jones <ellyjones@chromium.org> |
[autotest] security_ProfilePermissions: check /h/c/u-* BUG=chromium:127033 TEST=yes Change-Id: I5b186aec9c0037314f6f4a36c02a29e6b42eca4b Signed-off-by: Elly Fong-Jones <ellyjones@chromium.org> Reviewed-on: https://gerrit.chromium.org/gerrit/49604 Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
63caf314378fa93fc84252c7865df3102f1a80fe |
|
20-Dec-2012 |
Jim Hebert <jimhebert@chromium.org> |
Clean up a stale reference to .tpm and the related TODO BUG=chromium-os:16425 TEST=security_ProfilePermissions passes on link/ToT Change-Id: Ibf1965707df6ab4c76ea83b6e537f8b9593248b9 Reviewed-on: https://gerrit.chromium.org/gerrit/39995 Tested-by: Jim Hebert <jimhebert@chromium.org> Reviewed-by: Scott Cunningham <scunningham@chromium.org> Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org> Commit-Queue: Jim Hebert <jimhebert@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
f511122e8b18bd2b05f5a64a97ec3f11b7b5f0a1 |
|
20-Apr-2012 |
Gary Morain <gmorain@chromium.org> |
shill: Add test for permissions of shill profile The file ~chronos/shill.profile should be readable and writeable by owner only; not by anyone else. BUG=chromium-os:29752 TEST=Ran with Trybot. Change-Id: I11f6dc4422910957f2df1994c9276487d5b00fad Reviewed-on: https://gerrit.chromium.org/gerrit/20731 Reviewed-by: Paul Stewart <pstew@chromium.org> Tested-by: Gary Morain <gmorain@chromium.org> Commit-Ready: Gary Morain <gmorain@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
6432b54982c60c89d773f31edb86b465169afe34 |
|
04-Apr-2012 |
Nirnimesh <nirnimesh@chromium.org> |
Get rid of obsolete wait_for_initial_chrome_window() function wait_for_initial_chrome_window() and refresh_window_manager() are redundant to me since there's no window manager anymore so chrome can authoratatively tell if the initial chrome window is up and ready, which it is for all UI tests. BUG=None TEST=None Change-Id: If5404b39a1e84cf3ecb6647e8e19fa46193e6b2b Reviewed-on: https://gerrit.chromium.org/gerrit/19606 Reviewed-by: Mitsuru Oshima <oshima@chromium.org> Tested-by: Mitsuru Oshima <oshima@chromium.org> Commit-Ready: Mitsuru Oshima <oshima@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
5c37463bb75ff025af20eac152c12af6ccbf7ccf |
|
05-Apr-2012 |
barfab@chromium.org <bartfab@chromium.org> |
Teach autotest_lib about per-user mounts and ephemeral users This CL improves the utility methods for writing cryptohome tests so that they can deal with per-user mount points and recoginize ephemeral user cryptohomes backed by tmpfs correctly. The unmount_vault() method remains to be updated when umount requests are made per-user as well. All cryptohome tests are updated and verified to work in the current hybrid world where per-user mount points and the shared mount point coexist. Once concurrent per-user mounts are actually deployed, some of the tests may need further tweaking. As a final improvement, three cryptohome tests that were slated for the bvt suite but accidentally dropped off the radar are fixed up and added to the suite. BUG=chromium-os:29003 TEST=all affected pyauto tests: login_Cryptohome*, platform_Cryptohome*, TEST=logging_LogVolume, security_ProfilePermissions Change-Id: Ib8301844e72ef3901889cce91fd58c9e06ce0a65 Reviewed-on: https://gerrit.chromium.org/gerrit/19668 Reviewed-by: Elly Jones <ellyjones@chromium.org> Commit-Ready: Bartosz Fabianowski <bartfab@chromium.org> Tested-by: Bartosz Fabianowski <bartfab@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
9aade7d32338648f962d0549dce3ff7ffc75c2f1 |
|
23-Mar-2012 |
Darren Krahn <dkrahn@chromium.org> |
Added special cases for .chaps directory. The .chaps directory holds a user's crypto token database and in general is owned by the 'chaps' system user and readable by the 'chronos-access' group. Authorization data salt is also kept here and is root owned and only accessible by root. BUG=chromium-os:21003 TEST=Run in trybot in combination with relevant cryptohome and chaps CLs. Change-Id: I3ecaf208b78e6dfef8c6f26dc57a76aee413f21e Reviewed-on: https://gerrit.chromium.org/gerrit/18968 Tested-by: Darren Krahn <dkrahn@chromium.org> Reviewed-by: Gaurav Shah <gauravsh@chromium.org> Reviewed-by: Jim Hebert <jimhebert@chromium.org> Commit-Ready: Darren Krahn <dkrahn@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
143e0df638374a1d92f598e2bfb0805e10d9d1f5 |
|
04-Feb-2012 |
Ben Chan <benchan@chromium.org> |
Re-enable ownership check on user home directory in BWSI mode. The ownership and permissions check on the user home directory (/home/chronos/user) was previously disabled in the security_ProfilePermissions.BWSI test as cryptohome did not set the ownership and permissions of the user home directory under the BWSI mode the same way it did for the login mode. That was fixed as part of the changes made to cryptohome in the following CL: https://gerrit.chromium.org/gerrit/10862. BUG=chromium-os:16425 TEST=Ran security_ProfilePermissions test on a VM and a Cr48. Change-Id: Icbc6fdefcd2f2018c1ea56bbcbf55136f1d78903 Reviewed-on: https://gerrit.chromium.org/gerrit/15296 Reviewed-by: Gaurav Shah <gauravsh@chromium.org> Reviewed-by: Jim Hebert <jimhebert@chromium.org> Reviewed-by: Darren Krahn <dkrahn@chromium.org> Tested-by: Ben Chan <benchan@chromium.org> Commit-Ready: Ben Chan <benchan@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
16634c8a6f794824688592a12b0b986bf49e96db |
|
25-Oct-2011 |
Ben Chan <benchan@chromium.org> |
Update ownership and permissions checks. cryptohome is modified (http://gerrit.chromium.org/gerrit/#change,10447) to make /home/chronos/user and /home/chronos/user/Downloads owned by the chronos-access group and have a group execute permission. This CL update the ownership and permissions checks on these directories accordingly. BUG=chromium-os:21790 TEST=run_remote_tests security_ProfilePermissions on a Cr48. Change-Id: I55fa5f8dfc0ca4d9e45665addf22a47fc7da7471 Reviewed-on: https://gerrit.chromium.org/gerrit/10601 Reviewed-by: Jim Hebert <jimhebert@chromium.org> Tested-by: Ben Chan <benchan@chromium.org> Commit-Ready: Ben Chan <benchan@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
9dd9df8f9fe94e4149d2cc0727750c0ad8c92305 |
|
08-Sep-2011 |
Elly Jones <ellyjones@chromium.org> |
security_ProfilePermissions.login: account for root-owned cryptohome. With the split-cryptohome change, the vault directory itself is owned by root, with a user passthrough that is owned by chronos. BUG=chromium-os:16681 TEST=Yes Change-Id: Ia058b320b2cb3e6f99a44290968be8880a6a1fd5 Signed-off-by: Elly Jones <ellyjones@chromium.org> Reviewed-on: http://gerrit.chromium.org/gerrit/7716 Reviewed-by: Jim Hebert <jimhebert@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
fa3290f01e33da79cafae0f9a86c58bf30f99934 |
|
08-Sep-2011 |
Elly Jones <ellyjones@chromium.org> |
Revert "TBR security_ProfilePermissions.login: account for root-owned cryptohome." Unit tests failed on the bots. This reverts commit ec8b5631b9ed2da5bb48962435c7c92576cabb61 Change-Id: I813807d0cd363c18877df4affae614eadaaea735 Reviewed-on: http://gerrit.chromium.org/gerrit/7404 Reviewed-by: Elly Jones <ellyjones@chromium.org> Tested-by: Elly Jones <ellyjones@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
d0c5297d8649b2ce503c7ebd0594650cc6489479 |
|
08-Sep-2011 |
Elly Jones <ellyjones@chromium.org> |
TBR security_ProfilePermissions.login: account for root-owned cryptohome. With the split-cryptohome change, the vault directory itself is owned by root, with a user passthrough that is owned by chronos. BUG=chromium-os:16681 TEST=Yes Change-Id: If1202757b68f6172b980be658c2f4acbd4f1c87c Signed-off-by: Elly Jones <ellyjones@chromium.org> Reviewed-on: http://gerrit.chromium.org/gerrit/7401 Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
debdc9d2cf5e4cf14f74a09501ae510759e660e9 |
|
12-Aug-2011 |
Jim Hebert <jimhebert@chromium.org> |
Clean up ProfilePermissions Removes a TODO covering a long-fixed bug. Also fixes a mistake where I was checking mode but not owner of user_mountpt (Revised CL no longer updates /home/chronos expectations to 'root owned') BUG=chromium-os:16425 TEST=run_remote_tests security_ProfilePermissions passes both login & BWSI on alex ToT (with the Elly-rollback of the root-chown stuff) Change-Id: Ic500eade1db88d0fd1a970823723b2182a56bb0c Reviewed-on: http://gerrit.chromium.org/gerrit/5812 Tested-by: Jim Hebert <jimhebert@chromium.org> Reviewed-by: Kris Rambish <krisr@chromium.org> Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
7f169d896c938b2b6f0bc29a302af895a217fa67 |
|
23-Jun-2011 |
Jim Hebert <jimhebert@chromium.org> |
Root ProfilePermissions at /home/chronos This starts the test 1 directory higher than the previous location, /home/chronos/user, based on the postmortem of a couple recent bugs. BUG=chromium-os:16613 TEST=run_remote_tests ... security_ProfilePermissions passes on recent x86-alex. Change-Id: Ide39ea7be8c54dd52a9ff0580dc31ae9323bc577 Reviewed-on: http://gerrit.chromium.org/gerrit/3116 Reviewed-by: Kris Rambish <krisr@chromium.org> Tested-by: Jim Hebert <jimhebert@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
687cc41acffd84a1d16942b33fbaed521bc585c6 |
|
14-Jun-2011 |
Jim Hebert <jimhebert@chromium.org> |
Restructure test to handle more heterogenous perms Permissions in the profile are getting more nuanced, so the test needs to be more complicated than the previous shell 1-liner. Also, some temp workarounds to keep the test green while crosbug 16425 is evaluated. BUG=chromium-os:16425 TEST=run_remote_tests ... security_ProfilePermissions passes on ToT Change-Id: Iec58b2582bb312e5d4e8f227a5c472f72b2d0f9c Reviewed-on: http://gerrit.chromium.org/gerrit/2563 Reviewed-by: Kris Rambish <krisr@chromium.org> Tested-by: Jim Hebert <jimhebert@chromium.org>
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
91b7580dbe3dd63e569c7c721d35ededb4349069 |
|
22-Apr-2011 |
Jim Hebert <jimhebert@chromium.org> |
Expand test to do permissions checks on the vault-backing-store of cryptohome Change-Id: I9cebbca74e24fd7bbb569876740f81778205dfc4 BUG=chromium-os:381 TEST=./run_remote_tests.sh security_ProfilePermissions passes. Also injected various failures (chmod vault, etc) into the system and confirmed the test caught them too. Review URL: http://codereview.chromium.org/6895024
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
e630f9d8ce46db962f8927014a69927fd653952f |
|
15-Apr-2011 |
Dale Curtis <dalecurtis@chromium.org> |
Let cros_ui_test take care of login flow. As titled. The login flow for cros_ui_test has been honed to be more correct. No need to manually resolve creds or worry about refreshing the login screen prior to login. Hopefully this will fix the login timeout issues. Change-Id: Idd55b232fea2cb6362eb60c1744cbb4d7d1c89c2 BUG=none TEST=Ran w/ run_remote_tests. Ensured BWSI test case still failed. Review URL: http://codereview.chromium.org/6869022
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
b3381f81aabe0f28b84891b4b3d2601ef975cd5f |
|
15-Apr-2011 |
Jim Hebert <jimhebert@chromium.org> |
Fix boolean short-circuiting that could false-pass tests Change-Id: I702dc06c35df35c11188cf823cf4180c472044d7 BUG=chromium-os:14124 TEST="./run_remote_tests.sh ... security_ProfilePermissions" passes STATUS=Verified Review URL: http://codereview.chromium.org/6865001
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|
d16a1d5bbad920efc61869a645e7e18e207dcde1 |
|
17-Mar-2011 |
Jim Hebert <jimhebert@chromium.org> |
add Profile Permissions test Change-Id: I6e7d0ff72b44406b2c4648417d33e2173d82465e BUG=chromium-os:2777 TEST=run_remote_tests ... security_ProfilePermissions Review URL: http://codereview.chromium.org/6677093
/external/autotest/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py
|