···
21
-
machine.imports = [ ./common/x11.nix ];
21
+
machine.imports = [ ./common/user-account.nix ./common/x11.nix ];
machine.virtualisation.memorySize = 2047;
23
+
machine.services.xserver.displayManager.auto.user = "alice";
machine.environment.systemPackages = [ chromiumPkg ];
startupHTML = pkgs.writeText "chromium-startup.html" ''
···
xdoScript = pkgs.writeText "${name}.xdo" text;
in "${pkgs.xdotool}/bin/xdotool '${xdoScript}'";
49
+
my $esc = $_[0] =~ s/'/'\\${"'"}'/gr;
50
+
return "su - alice -c '$esc'";
$machine->nest("creating a new Chromium window", sub {
48
-
$machine->execute("${xdo "new-window" ''
55
+
$machine->execute(ru "${xdo "new-window" ''
search --onlyvisible --name "startup done"
53
-
$machine->execute("${xdo "new-window" ''
60
+
$machine->execute(ru "${xdo "new-window" ''
···
61
-
$machine->execute("${xdo "close-window" ''
68
+
$machine->execute(ru "${xdo "close-window" ''
search --onlyvisible --name "new tab"
66
-
$machine->execute("${xdo "close-window" ''
73
+
$machine->execute(ru "${xdo "close-window" ''
70
-
my ($status, $out) = $machine->execute("${xdo "wait-for-close" ''
77
+
my ($status, $out) = $machine->execute(ru "${xdo "wait-for-close" ''
search --onlyvisible --name "new tab"
return 1 if $status != 0;
···
$machine->nest("waiting for new Chromium window to appear", sub {
83
-
my ($status, $out) = $machine->execute("${xdo "wait-for-window" ''
90
+
my ($status, $out) = $machine->execute(ru "${xdo "wait-for-window" ''
search --onlyvisible --name "new tab"
···
my $url = "file://${startupHTML}";
116
-
my $args = "--user-data-dir=/tmp/chromium-${channel}";
118
-
"ulimit -c unlimited; ".
119
-
"chromium $args \"$url\" & disown"
123
+
$machine->execute(ru "ulimit -c unlimited; chromium \"$url\" & disown");
$machine->waitForText(qr/startup done/);
122
-
$machine->waitUntilSucceeds("${xdo "check-startup" ''
125
+
$machine->waitUntilSucceeds(ru "${xdo "check-startup" ''
search --sync --onlyvisible --name "startup done"
# close first start help popup
···
$machine->screenshot("startup_done");
testNewWin "check sandbox", sub {
137
-
$machine->succeed("${xdo "type-url" ''
140
+
$machine->succeed(ru "${xdo "type-url" ''
search --sync --onlyvisible --name "new tab"
type --delay 1000 "chrome://sandbox"
143
-
$machine->succeed("${xdo "submit-url" ''
146
+
$machine->succeed(ru "${xdo "submit-url" ''
search --sync --onlyvisible --name "new tab"
···
$machine->screenshot("sandbox_info");
151
-
$machine->succeed("${xdo "submit-url" ''
154
+
$machine->succeed(ru "${xdo "submit-url" ''
search --sync --onlyvisible --name "sandbox status"
155
-
$machine->succeed("${xdo "submit-url" ''
158
+
$machine->succeed(ru "${xdo "submit-url" ''
key --delay 1000 Ctrl+a Ctrl+c
159
-
my $clipboard = $machine->succeed("${pkgs.xclip}/bin/xclip -o");
162
+
my $clipboard = $machine->succeed(ru "${pkgs.xclip}/bin/xclip -o");
die "sandbox not working properly: $clipboard"
unless $clipboard =~ /namespace sandbox.*yes/mi
&& $clipboard =~ /pid namespaces.*yes/mi
pyrox.dev