···
1
-
import ./make-test.nix ({ ... }:
1
+
import ./make-test-python.nix ({ ... }:
···
13
-
$machine->waitForUnit("default.target");
13
+
def login_as_alice():
14
+
machine.wait_until_tty_matches(1, "login: ")
15
+
machine.send_chars("alice\n")
16
+
machine.wait_until_tty_matches(1, "Password: ")
17
+
machine.send_chars("foobar\n")
18
+
machine.wait_until_tty_matches(1, "alice\@machine")
15
-
# Set alice up with a password and a home
16
-
$machine->succeed("(echo foobar; echo foobar) | passwd alice");
17
-
$machine->succeed("chown -R alice.users ~alice");
19
-
# Migrate alice's home
20
-
my $out = $machine->succeed("echo foobar | ecryptfs-migrate-home -u alice");
21
-
$machine->log("ecryptfs-migrate-home said: $out");
22
+
machine.send_chars("logout\n")
23
+
machine.wait_until_tty_matches(1, "login: ")
23
-
# Log alice in (ecryptfs passwhrase is wrapped during first login)
24
-
$machine->waitUntilTTYMatches(1, "login: ");
25
-
$machine->sendChars("alice\n");
26
-
$machine->waitUntilTTYMatches(1, "Password: ");
27
-
$machine->sendChars("foobar\n");
28
-
$machine->waitUntilTTYMatches(1, "alice\@machine");
29
-
$machine->sendChars("logout\n");
30
-
$machine->waitUntilTTYMatches(1, "login: ");
26
+
machine.wait_for_unit("default.target")
28
+
with subtest("Set alice up with a password and a home"):
29
+
machine.succeed("(echo foobar; echo foobar) | passwd alice")
30
+
machine.succeed("chown -R alice.users ~alice")
32
+
with subtest("Migrate alice's home"):
33
+
out = machine.succeed("echo foobar | ecryptfs-migrate-home -u alice")
34
+
machine.log(f"ecryptfs-migrate-home said: {out}")
36
+
with subtest("Log alice in (ecryptfs passwhrase is wrapped during first login)"):
38
+
machine.send_chars("logout\n")
39
+
machine.wait_until_tty_matches(1, "login: ")
# Why do I need to do this??
33
-
$machine->succeed("su alice -c ecryptfs-umount-private || true");
35
-
$machine->fail("mount | grep ecryptfs"); # check that encrypted home is not mounted
42
+
machine.succeed("su alice -c ecryptfs-umount-private || true")
37
-
# Show contents of the user keyring
38
-
my $out = $machine->succeed("su - alice -c 'keyctl list \@u'");
39
-
$machine->log("keyctl unlink said: " . $out);
45
+
with subtest("check that encrypted home is not mounted"):
46
+
machine.fail("mount | grep ecryptfs")
42
-
$machine->waitUntilTTYMatches(1, "login: ");
43
-
$machine->sendChars("alice\n");
44
-
$machine->waitUntilTTYMatches(1, "Password: ");
45
-
$machine->sendChars("foobar\n");
46
-
$machine->waitUntilTTYMatches(1, "alice\@machine");
48
+
with subtest("Show contents of the user keyring"):
49
+
out = machine.succeed("su - alice -c 'keyctl list \@u'")
50
+
machine.log(f"keyctl unlink said: {out}")
52
+
with subtest("Log alice again"):
48
-
# Create some files in encrypted home
49
-
$machine->succeed("su alice -c 'touch ~alice/a'");
50
-
$machine->succeed("su alice -c 'echo c > ~alice/b'");
55
+
with subtest("Create some files in encrypted home"):
56
+
machine.succeed("su alice -c 'touch ~alice/a'")
57
+
machine.succeed("su alice -c 'echo c > ~alice/b'")
53
-
$machine->sendChars("logout\n");
54
-
$machine->waitUntilTTYMatches(1, "login: ");
59
+
with subtest("Logout"):
# Why do I need to do this??
57
-
$machine->succeed("su alice -c ecryptfs-umount-private || true");
63
+
machine.succeed("su alice -c ecryptfs-umount-private || true")
60
-
# Check that the filesystem is not accessible
61
-
$machine->fail("mount | grep ecryptfs");
62
-
$machine->succeed("su alice -c 'test \! -f ~alice/a'");
63
-
$machine->succeed("su alice -c 'test \! -f ~alice/b'");
66
+
with subtest("Check that the filesystem is not accessible"):
67
+
machine.fail("mount | grep ecryptfs")
68
+
machine.succeed("su alice -c 'test \! -f ~alice/a'")
69
+
machine.succeed("su alice -c 'test \! -f ~alice/b'")
65
-
# Log alice once more
66
-
$machine->waitUntilTTYMatches(1, "login: ");
67
-
$machine->sendChars("alice\n");
68
-
$machine->waitUntilTTYMatches(1, "Password: ");
69
-
$machine->sendChars("foobar\n");
70
-
$machine->waitUntilTTYMatches(1, "alice\@machine");
71
+
with subtest("Log alice once more"):
72
-
# Check that the files are there
74
-
$machine->succeed("su alice -c 'test -f ~alice/a'");
75
-
$machine->succeed("su alice -c 'test -f ~alice/b'");
76
-
$machine->succeed(qq%test "\$(cat ~alice/b)" = "c"%);
74
+
with subtest("Check that the files are there"):
76
+
machine.succeed("su alice -c 'test -f ~alice/a'")
77
+
machine.succeed("su alice -c 'test -f ~alice/b'")
78
+
machine.succeed('test "$(cat ~alice/b)" = "c"')
78
-
# Catch https://github.com/NixOS/nixpkgs/issues/16766
79
-
$machine->succeed("su alice -c 'ls -lh ~alice/'");
80
+
with subtest("Catch https://github.com/NixOS/nixpkgs/issues/16766"):
81
+
machine.succeed("su alice -c 'ls -lh ~alice/'")
81
-
$machine->sendChars("logout\n");
82
-
$machine->waitUntilTTYMatches(1, "login: ");
pyrox.dev