summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlan <alan@boum.org>2018-12-19 15:51:47 +0000
committerAlan <alan@boum.org>2018-12-19 15:51:47 +0000
commit018827edbf09dcb26b5fb95a915798a9a3dad3b8 (patch)
treea93ed5d5041c2413c466a79253ca836277203291
parent3b22a52e6ae79083936f94727666ede6c59c5ad1 (diff)
parentf504fe0f3cc7d4f90cde8a3d2cf62798d86000f6 (diff)
Merge branch 'feature/14596-automated-tests-for-ASP-gui-on-stable' into feature/15262-gnome-software+feature/14596-automated-tests-for-ASP-gui-on-stablefeature/15262-gnome-software+14596
-rw-r--r--features/additional_software_packages.feature125
-rw-r--r--features/apt.feature27
-rw-r--r--features/images/ASPDocumentationInstallCloning.pngbin0 -> 4693 bytes
-rw-r--r--features/images/ASPPersistenceSetupOptionEnabled.pngbin0 -> 7672 bytes
-rw-r--r--features/step_definitions/additional_software_packages.rb159
-rw-r--r--features/step_definitions/apt.rb77
-rw-r--r--features/step_definitions/common_steps.rb56
-rw-r--r--features/step_definitions/usb.rb23
-rw-r--r--features/support/helpers/vm_helper.rb4
-rw-r--r--features/support/hooks.rb4
10 files changed, 388 insertions, 87 deletions
diff --git a/features/additional_software_packages.feature b/features/additional_software_packages.feature
index 0cccf9a..9536b2d 100644
--- a/features/additional_software_packages.feature
+++ b/features/additional_software_packages.feature
@@ -1,27 +1,118 @@
-@product
+@product @check_tor_leaks
-Feature: Additional software packages
+Feature: Additional software
As a Tails user
I may want to install softwares not shipped in Tails
And have them installed automatically when I enable persistence in the Greeter
- Scenario: Additional software packages are installed even without network
- Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in with an administration password
+ # An issue with this feature is that scenarios depend on each
+ # other. When editing this feature, make sure you understand these
+ # dependencies (which are documented below).
+
+ Scenario: I am warned I can not use Additional Software when I start Tails from a DVD and install a package
+ Given I have started Tails from DVD and logged in with an administration password and the network is connected
+ And I update APT using apt
+ When I install "sslh" using apt
+ Then I am notified I can not use Additional Software for "sslh"
+ And I can open the Additional Software documentation from the notification link
+
+ # Here we install the sslh package to test if debconf does not prevent
+ # Additional Software from automatically installing packages.
+ Scenario: I set up Additional Software when installing a package without persistent partition and the package is installed next time I start Tails
+ Given I start Tails from a freshly installed USB drive with an administration password and the network is plugged and I login
+ And I update APT using apt
+ And I install "sslh" using apt
+ Then I am proposed to create an Additional Software persistence for the "sslh" package
+ And I create the Additional Software persistence
+ And I shutdown Tails and wait for the computer to power off
+ And I start Tails from USB drive "__internal" with network unplugged and I login with persistence enabled
+ And Additional Software is correctly configured for package "sslh"
+ And the package "sslh" is installed after Additional Software has been started
+
+ # Depends on scenario: I set up Additional Software when installing a package without persistent partition and the package is installed next time I start Tails
+ Scenario: No Additional Software notification is displayed when I install packages in a Tails session with locked down persistence
+ Given a computer
+ And I start Tails from USB drive "__internal" and I login with an administration password
+ And I update APT using apt
+ When I install "makepp" using apt
+ Then the Additional Software dpkg hook has been run for package "makepp" and notices the persistence is locked
+ And the package "makepp" is installed
+
+ # Depends on scenario: I set up Additional Software when installing a package without persistent partition and the package is installed next time I start Tails
+ Scenario: My Additional Software list is configurable through a GUI or through notifications when I install or remove packages with APT or Synaptic
+ Given a computer
+ And I start Tails from USB drive "__internal" and I login with persistence enabled and an administration password
+ When I uninstall "sslh" using apt
+ And I accept removing "sslh" from Additional Software
+ Then "sslh" is not in the list of Additional Software
+ When I start Synaptic
+ And I update APT using Synaptic
+ And I install "cowsay" using Synaptic
+ And I accept adding "cowsay" to Additional Software
+ Then Additional Software is correctly configured for package "cowsay"
+ When I uninstall "cowsay" using apt
+ And I refuse removing "cowsay" from Additional Software
+ Then Additional Software is correctly configured for package "cowsay"
+ When I start "Additional Software" via GNOME Activities Overview
+ And I remove "cowsay" from the list of Additional Software using Additional Software GUI
+ Then "cowsay" is not in the list of Additional Software
+ When I install "cowsay" using apt
+ And I refuse adding "cowsay" to Additional Software
+ Then "cowsay" is not in the list of Additional Software
+
+ # Depends on scenario: Packages I remove from Additional Software through the GUI are not in the Additional Software list anymore
+ # See https://tails.boum.org/blueprint/additional_software_packages/offline_mode/#incomplete-online-upgrade for high level logic
+ Scenario: Recovering in offline mode after Additional Software previously failed to upgrade and then succeed to upgrade when online
+ Given a computer
+ And I start Tails from USB drive "__internal" and I login with persistence enabled and an administration password
+ And I configure APT to prefer an old version of cowsay
+ When I install an old version "3.03+dfsg2-1" of the cowsay package using apt
+ And I accept adding "cowsay" to Additional Software
+ And Additional Software is correctly configured for package "cowsay"
+ And I shutdown Tails and wait for the computer to power off
+ And I start Tails from USB drive "__internal" with network unplugged
+ And I enable persistence
+ # We need to add back this custom APT source for the Additional Software
+ # install step, as it was not saved in persistence
+ And I configure APT to prefer an old version of cowsay
+ And I log in to a new session
+ And the package "cowsay" installed version is "3.03+dfsg2-1" after Additional Software has been started
+ And I revert the APT tweaks that made it prefer an old version of cowsay
+ # We remove the newest package after it has been downloaded and before
+ # it is installed, so that the upgrade process fails
+ And I prepare the Additional Software upgrade process to fail
And the network is plugged
And Tor is ready
And all notifications have disappeared
And available upgrades have been checked
- # This is required to use APT in the test suite as explained in
- # commit e2510fae79870ff724d190677ff3b228b2bf7eac
- And I configure APT to use non-onion sources
- When I update APT using apt
- And I configure additional software packages to install "sslh"
- And I install "sslh" using apt
- # We have to save the non-onion APT sources in persistence, so
- # that on next boot the additional software packages service has
- # the right APT indexes to install the package we want.
- And I make my current APT sources persistent
+ And I see the "The upgrade of your additional software failed" notification after at most 300 seconds
+ And I can open the Additional Software configuration window from the notification
And I shutdown Tails and wait for the computer to power off
- And I start Tails from USB drive "__internal" with network unplugged and I login with persistence enabled
- Then the additional software package installation service is run
- And the package "sslh" is installed
+ And I start Tails from USB drive "__internal" with network unplugged
+ And I enable persistence
+ # We need to add back this custom APT source for the Additional Software
+ # install step, as it was not saved in persistence
+ And I configure APT to prefer an old version of cowsay
+ And I log in to a new session
+ And the package "cowsay" installed version is "3.03+dfsg2-1" after Additional Software has been started
+ And I revert the APT tweaks that made it prefer an old version of cowsay
+ And the network is plugged
+ And Tor is ready
+ Then the Additional Software upgrade service has started
+ And the package "cowsay" installed version is newer than "3.03+dfsg2-1"
+
+ # Depends on scenario: I set up Additional Software when installing a package without persistent partition and the package is installed next time I start Tails
+ Scenario: I am notified when Additional Software fails to install a package
+ Given a computer
+ And I start Tails from USB drive "__internal" with network unplugged
+ And I enable persistence
+ # Trying to catch the notification at desktop startup is racy, so let's
+ # start the installation service only once the desktop has settled.
+ And I disable the Additional Software installation service
+ And I log in to a new session
+ And all notifications have disappeared
+ And I remove the "cowsay" deb files from the APT cache
+ And I start the Additional Software installation service
+ Then I see the "The installation of your additional software failed" notification after at most 300 seconds
+ And I can open the Additional Software log file from the notification
+ And the package "cowsay" is not installed
diff --git a/features/apt.feature b/features/apt.feature
index 6ae59c4..d10b0b0 100644
--- a/features/apt.feature
+++ b/features/apt.feature
@@ -1,29 +1,10 @@
@product
-Feature: Installing packages through APT
+Feature: APT sources are correctly configured
As a Tails user
- when I set an administration password in Tails Greeter
- I should be able to install packages using APT and Synaptic
- and all Internet traffic should flow only through Tor.
+ I want APT to be configured to use hidden services
Scenario: APT sources are configured correctly
- Given I have started Tails from DVD without network and logged in
+ Given a computer
+ And I start Tails from DVD with network unplugged and genuine APT sources and I login
Then the only hosts in APT sources are "vwakviie2ienjx6t.onion,sgvtcaew4bxjd7ln.onion,jenw7xbd6tf7vfhp.onion,sdscoq7snqtznauu.onion"
And no proposed-updates APT suite is enabled
-
- @check_tor_leaks
- Scenario: Install packages using apt
- Given I have started Tails from DVD and logged in with an administration password and the network is connected
- When I configure APT to use non-onion sources
- And I update APT using apt
- And I install "cowsay" using apt
- Then the package "cowsay" is installed
-
- #12586
- @check_tor_leaks @fragile
- Scenario: Install packages using Synaptic
- Given I have started Tails from DVD and logged in with an administration password and the network is connected
- When I configure APT to use non-onion sources
- And I start Synaptic
- And I update APT using Synaptic
- When I install "cowsay" using Synaptic
- Then the package "cowsay" is installed
diff --git a/features/images/ASPDocumentationInstallCloning.png b/features/images/ASPDocumentationInstallCloning.png
new file mode 100644
index 0000000..9f46b29
--- /dev/null
+++ b/features/images/ASPDocumentationInstallCloning.png
Binary files differ
diff --git a/features/images/ASPPersistenceSetupOptionEnabled.png b/features/images/ASPPersistenceSetupOptionEnabled.png
new file mode 100644
index 0000000..7fae40e
--- /dev/null
+++ b/features/images/ASPPersistenceSetupOptionEnabled.png
Binary files differ
diff --git a/features/step_definitions/additional_software_packages.rb b/features/step_definitions/additional_software_packages.rb
index 7a6bda1..68de7e4 100644
--- a/features/step_definitions/additional_software_packages.rb
+++ b/features/step_definitions/additional_software_packages.rb
@@ -1,12 +1,155 @@
-When /^I configure additional software packages to install "(.+?)"$/ do |package|
- $vm.file_overwrite(
- '/live/persistence/TailsData_unlocked/live-additional-software.conf',
- package + "\n"
- )
+ASP_STATE_DIR = "/run/live-additional-software"
+ASP_CONF = '/live/persistence/TailsData_unlocked/live-additional-software.conf'
+
+Then /^the Additional Software (upgrade|installation) service has started$/ do |service|
+ if $vm.file_exist?(ASP_CONF) and !$vm.file_empty?(ASP_CONF)
+ case service
+ when "installation"
+ service = "tails-additional-software-install"
+ seconds_to_wait = 600
+ when "upgrade"
+ service = "tails-additional-software-upgrade"
+ seconds_to_wait = 900
+ end
+ try_for(seconds_to_wait, :delay => 10) do
+ $vm.execute("systemctl status #{service}.service").success?
+ end
+ step "I am notified that the installation succeeded"
+ end
+end
+
+Then /^I am notified I can not use Additional Software for "([^"]*)"$/ do |package|
+ title = "You could install #{package} automatically when starting Tails"
+ step "I see the \"#{title}\" notification after at most 300 seconds"
+end
+
+Then /^I am notified that the installation succeeded$/ do
+ title = "Additional software installed successfully"
+ step "I see the \"#{title}\" notification after at most 300 seconds"
+end
+
+Then /^I am proposed to create an Additional Software persistence for the "([^"]*)" package$/ do |package|
+ title = "Add #{package} to your additional software?"
+ step "I see the \"#{title}\" notification after at most 300 seconds"
+end
+
+Then /^I create the Additional Software persistence$/ do
+ gnome_shell = Dogtail::Application.new('gnome-shell')
+ gnome_shell.child('Create Persistent Storage', roleName: 'push button').click
+ step 'I create a persistent partition for Additional Software'
+ step 'The Additional Software persistence option is enabled'
+ save_and_exit_the_persistence_wizard
end
-Then /^the additional software package installation service is run$/ do
- try_for(300) do
- $vm.file_exist?('/run/live-additional-software/installed')
+Then /^The Additional Software persistence option is enabled$/ do
+ @screen.wait('ASPPersistenceSetupOptionEnabled', 60)
+end
+
+Then /^Additional Software is correctly configured for package "([^"]*)"$/ do |package|
+ assert($vm.file_exist?(ASP_CONF), "ASP configuration file not found")
+ step 'all persistence configuration files have safe access rights'
+ $vm.execute("ls /live/persistence/TailsData_unlocked/apt/cache/#{package}_*.deb").success?
+ $vm.execute("ls /live/persistence/TailsData_unlocked/apt/lists/*_Packages").success?
+ try_for(30) do
+ $vm.execute("grep --line-regexp --fixed-strings #{package} #{ASP_CONF}").success?
+ end
+end
+
+Then /^"([^"]*)" is not in the list of Additional Software$/ do |package|
+ assert($vm.file_exist?(ASP_CONF), "ASP configuration file not found")
+ step 'all persistence configuration files have safe access rights'
+ try_for(30) do
+ $vm.execute("grep \"#{package}\" #{ASP_CONF}").stdout.empty?
end
end
+
+When /^I (refuse|accept) (adding|removing) "([^"]*)" (?:to|from) Additional Software$/ do |decision, action, package|
+ gnome_shell = Dogtail::Application.new('gnome-shell')
+ case action
+ when "adding"
+ title = "Add #{package} to your additional software?"
+ step "I see the \"#{title}\" notification after at most 300 seconds"
+ case decision
+ when "accept"
+ gnome_shell.child('Install Every Time', roleName: 'push button').click
+ when "refuse"
+ gnome_shell.child('Install Only Once', roleName: 'push button').click
+ end
+ when "removing"
+ title = "Remove #{package} from your additional software?"
+ step "I see the \"#{title}\" notification after at most 300 seconds"
+ case decision
+ when "accept"
+ gnome_shell.child('Remove', roleName: 'push button').click
+ when "refuse"
+ gnome_shell.child('Cancel', roleName: 'push button').click
+ end
+ end
+end
+
+Given /^I remove "([^"]*)" from the list of Additional Software using Additional Software GUI$/ do |package|
+ asp_gui = Dogtail::Application.new('tails-additional-software-config')
+ installed_package = asp_gui.child(package, roleName: 'label')
+ installed_package.parent.parent.child('Close', roleName: 'push button').click
+ asp_gui.child('Question', roleName: 'alert').button('Remove').click
+ deal_with_polkit_prompt(@sudo_password)
+end
+
+When /^I prepare the Additional Software upgrade process to fail$/ do
+ # Remove the newest cowsay package from the APT cache with a DPKG hook
+ # before it gets upgraded so that we simulate a failing upgrade.
+ failing_dpkg_hook = <<-EOF
+DPkg::Pre-Invoke {
+ "ls -tr1 /var/cache/apt/archives/cowsay*.deb | head -n 1 | xargs rm";
+};
+EOF
+ $vm.file_overwrite('/etc/apt/apt.conf.d/00failingDPKGhook', failing_dpkg_hook)
+ # Tell the upgrade service check step not to run
+ $vm.execute("touch #{ASP_STATE_DIR}/doomed_to_fail")
+end
+
+When /^I remove the "([^"]*)" deb files from the APT cache$/ do |package|
+ $vm.execute_successfully("rm /live/persistence/TailsData_unlocked/apt/cache/#{package}_*.deb")
+ try_for(60) do
+ $vm.execute("ls /live/persistence/TailsData_unlocked/apt/cache/#{package}_*.deb").failure?
+ end
+end
+
+Then /^I can open the Additional Software documentation from the notification link$/ do
+ gnome_shell = Dogtail::Application.new('gnome-shell')
+ gnome_shell.child('Documentation', roleName: 'push button').click
+ # For some reason the below two steps fail. Dogtail can not find the Firefox
+ # application.
+ #try_for(60) { @torbrowser = Dogtail::Application.new('Firefox') }
+ #step '"Install from another Tails" has loaded in the Tor Browser'
+ # So instead let's try to find the title of the page with Sikuli.
+ @screen.wait('ASPDocumentationInstallCloning.png', 120)
+end
+
+Then /^the Additional Software dpkg hook has been run for package "([^"]*)" and notices the persistence is locked$/ do |package|
+ asp_logs = "#{ASP_STATE_DIR}/log"
+ assert(!$vm.file_empty?(asp_logs))
+ try_for(60) { $vm.execute("grep -E '^.*New\spackages\smanually\sinstalled:\s.*#{package}.*$' #{asp_logs}").success? }
+ try_for(60) { $vm.file_content(asp_logs).include?('Warning: persistence storage is locked') }
+end
+
+When /^I can open the Additional Software configuration window from the notification$/ do
+ gnome_shell = Dogtail::Application.new('gnome-shell')
+ gnome_shell.child('Configure', roleName: 'push button').click
+ asp = Dogtail::Application.new('tails-additional-software-config')
+end
+
+When /^I disable the Additional Software installation service$/ do
+ $vm.execute_successfully('systemctl disable tails-additional-software-install.service')
+end
+
+When /^I start the Additional Software installation service$/ do
+ $vm.execute_successfully('systemctl enable tails-additional-software-install.service')
+ $vm.execute_successfully('systemctl --no-block start tails-additional-software-install.service')
+end
+
+Then /^I can open the Additional Software log file from the notification$/ do
+ gnome_shell = Dogtail::Application.new('gnome-shell')
+ gnome_shell.child('Show Log', roleName: 'push button').click
+ try_for(60) { gedit = Dogtail::Application.new('gedit').child("log [Read-Only] (#{ASP_STATE_DIR}) - gedit", roleName: 'frame') }
+end
diff --git a/features/step_definitions/apt.rb b/features/step_definitions/apt.rb
index a641953..7d8d3ff 100644
--- a/features/step_definitions/apt.rb
+++ b/features/step_definitions/apt.rb
@@ -38,18 +38,6 @@ EOF
)
end
-When /^I make my current APT sources persistent$/ do
- $vm.execute("install -d -m 755 /live/persistence/TailsData_unlocked/apt-sources.list.d")
- $vm.file_append(
- '/live/persistence/TailsData_unlocked/persistence.conf',
- "/etc/apt/sources.list.d source=apt-sources.list.d,link\n"
- )
- $vm.file_overwrite(
- '/live/persistence/TailsData_unlocked/apt-sources.list.d/persistent.list',
- $vm.file_content($vm.file_glob('/etc/apt/{,*/}*.list'))
- )
-end
-
When /^I update APT using apt$/ do
recovery_proc = Proc.new do
step 'I kill the process "apt"'
@@ -63,24 +51,74 @@ When /^I update APT using apt$/ do
end
end
-Then /^I install "(.+)" using apt$/ do |package_name|
+def check_for_installation(package)
+ try_for(2*60) do
+ $vm.execute_successfully("dpkg -s '#{package}' 2>/dev/null | grep -qs '^Status:.*installed$'")
+ end
+end
+
+Then /^I install "(.+)" using apt$/ do |package|
recovery_proc = Proc.new do
step 'I kill the process "apt"'
- $vm.execute("apt purge #{package_name}")
+ $vm.execute("apt purge #{package}")
end
retry_tor(recovery_proc) do
- Timeout::timeout(2*60) do
+ Timeout::timeout(3*60) do
$vm.execute("echo #{@sudo_password} | " +
- "sudo -S DEBIAN_PRIORITY=critical apt -y install #{package_name}",
+ "sudo -S DEBIAN_PRIORITY=critical apt -y install #{package}",
:user => LIVE_USER,
:spawn => true)
- try_for(60) do
- $vm.execute_successfully("dpkg -s '#{package_name}' 2>/dev/null | grep -qs '^Status:.*installed$'")
- end
+ check_for_installation(package)
end
end
end
+def check_for_removal(package)
+ try_for(3*60) do
+ state = $vm.execute("apt-cache policy #{package}").stdout.split("\n")[1]
+ /^\s{2}Installed:\s\(none\)$/.match(state) != nil
+ end
+end
+
+Then /^I uninstall "(.+)" using apt$/ do |package|
+ $vm.execute("echo #{@sudo_password} | " +
+ "sudo -S apt -y remove #{package}",
+ :user => LIVE_USER,
+ :spawn => true)
+ check_for_removal(package)
+end
+
+When /^I configure APT to prefer an old version of cowsay$/ do
+ apt_source = 'deb tor+http://deb.tails.boum.org/ asp-test-upgrade-cowsay main'
+ apt_pref = 'Package: cowsay
+Pin: release o=Tails,a=asp-test-upgrade-cowsay
+Pin-Priority: 999'
+ $vm.file_overwrite('/etc/apt/sources.list.d/asp-test-upgrade-cowsay.list', apt_source)
+ $vm.file_overwrite('/etc/apt/preferences.d/asp-test-upgrade-cowsay', apt_pref)
+end
+
+When /^I install an old version "([^"]*)" of the cowsay package using apt$/ do |version|
+ step 'I update APT using apt'
+ step 'I install "cowsay" using apt'
+ step "the package \"cowsay\" installed version is \"#{version}\""
+end
+
+When /^I revert the APT tweaks that made it prefer an old version of cowsay$/ do
+ $vm.execute('rm -f /etc/apt/sources.list.d/asp-test-upgrade-cowsay.list /etc/apt/preferences.d/asp-test-upgrade-cowsay')
+end
+
+When /^the package "([^"]*)" installed version is( newer than)? "([^"]*)"( after Additional Software has been started)?$/ do |package, newer_than, version, asp|
+ if asp
+ step 'the Additional Software installation service has started'
+ end
+ current_version = $vm.execute("dpkg-query -W -f='${Version}' #{package}").stdout
+ if newer_than
+ cmd_helper("dpkg --compare-versions '#{version}' lt '#{current_version}'")
+ else
+ assert_equal(current_version, version)
+ end
+end
+
When /^I start Synaptic$/ do
step 'I start "Synaptic Package Manager" via GNOME Activities Overview'
deal_with_polkit_prompt(@sudo_password)
@@ -136,5 +174,6 @@ Then /^I install "(.+)" using Synaptic$/ do |package_name|
@synaptic.child('Changes applied', roleName: 'frame', recursive: false)
true
end
+ step 'I kill the process "synaptic"'
end
end
diff --git a/features/step_definitions/common_steps.rb b/features/step_definitions/common_steps.rb
index 5a042ee..a14db55 100644
--- a/features/step_definitions/common_steps.rb
+++ b/features/step_definitions/common_steps.rb
@@ -115,7 +115,7 @@ When /^I start the computer$/ do
post_vm_start_hook
end
-Given /^I start Tails( from DVD)?( with network unplugged)?( and I login)?$/ do |dvd_boot, network_unplugged, do_login|
+Given /^I start Tails( from DVD)?( with network unplugged)?( and genuine APT sources)?( and I login)?$/ do |dvd_boot, network_unplugged, keep_apt_sources, do_login|
step "the computer is set to boot from the Tails DVD" if dvd_boot
if network_unplugged
step "the network is unplugged"
@@ -123,7 +123,11 @@ Given /^I start Tails( from DVD)?( with network unplugged)?( and I login)?$/ do
step "the network is plugged"
end
step "I start the computer"
- step "the computer boots Tails"
+ if keep_apt_sources
+ step "the computer boots Tails with genuine APT sources"
+ else
+ step "the computer boots Tails"
+ end
if do_login
step "I log in to a new session"
if network_unplugged
@@ -136,7 +140,7 @@ Given /^I start Tails( from DVD)?( with network unplugged)?( and I login)?$/ do
end
end
-Given /^I start Tails from (.+?) drive "(.+?)"( with network unplugged)?( and I login( with persistence enabled)?)?$/ do |drive_type, drive_name, network_unplugged, do_login, persistence_on|
+Given /^I start Tails from (.+?) drive "(.+?)"( with network unplugged)?( and I login( with persistence enabled)?( (?:and|with) an administration password)?)?$/ do |drive_type, drive_name, network_unplugged, do_login, persistence_on, admin_password|
step "the computer is set to boot from #{drive_type} drive \"#{drive_name}\""
if network_unplugged
step "the network is unplugged"
@@ -147,7 +151,9 @@ Given /^I start Tails from (.+?) drive "(.+?)"( with network unplugged)?( and I
step "the computer boots Tails"
if do_login
step "I enable persistence" if persistence_on
+ step "I set an administration password" if admin_password
step "I log in to a new session"
+ step "the Additional Software installation service has started"
if network_unplugged
step "all notifications have disappeared"
else
@@ -158,6 +164,16 @@ Given /^I start Tails from (.+?) drive "(.+?)"( with network unplugged)?( and I
end
end
+Given /^I start Tails from a freshly installed USB drive with an administration password and the network is plugged and I login$/ do
+ step "I have started Tails without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen"
+ step "I set an administration password"
+ step "I log in to a new session"
+ step "the network is plugged"
+ step "Tor is ready"
+ step "all notifications have disappeared"
+ step "available upgrades have been checked"
+end
+
When /^I power off the computer$/ do
assert($vm.is_running?,
"Trying to power off an already powered off VM")
@@ -247,13 +263,16 @@ Given /^Tails is at the boot menu's cmdline( after rebooting)?$/ do |reboot|
end
end
-Given /^the computer (re)?boots Tails$/ do |reboot|
+Given /^the computer (re)?boots Tails( with genuine APT sources)?$/ do |reboot, keep_apt_sources|
step "Tails is at the boot menu's cmdline" + (reboot ? ' after rebooting' : '')
@screen.type(" autotest_never_use_this_option blacklist=psmouse #{@boot_options}" +
Sikuli::Key.ENTER)
@screen.wait('TailsGreeter.png', 5*60)
$vm.wait_until_remote_shell_is_up
step 'I configure Tails to use a simulated Tor network'
+ # This is required to use APT in the test suite as explained in
+ # commit e2510fae79870ff724d190677ff3b228b2bf7eac
+ step 'I configure APT to use non-onion sources' if not keep_apt_sources
end
Given /^I log in to a new session(?: in )?(|German)$/ do |lang|
@@ -349,12 +368,17 @@ end
Given /^Tor is ready$/ do
step "Tor has built a circuit"
step "the time has synced"
- begin
- try_for(30) { $vm.execute('systemctl is-system-running').success? }
- rescue Timeout::Error
- jobs = $vm.execute('systemctl list-jobs').stdout
- units_status = $vm.execute('systemctl').stdout
- raise "The system is not fully running yet:\n#{jobs}\n#{units_status}"
+ # When we test for ASP upgrade failure the following tests would fail,
+ # so let's skip them in this case.
+ if !$vm.file_exist?('/run/live-additional-software/doomed_to_fail')
+ step "the Additional Software upgrade service has started"
+ begin
+ try_for(30) { $vm.execute('systemctl is-system-running').success? }
+ rescue Timeout::Error
+ jobs = $vm.execute('systemctl list-jobs').stdout
+ units_status = $vm.execute('systemctl').stdout
+ raise "The system is not fully running yet:\n#{jobs}\n#{units_status}"
+ end
end
end
@@ -564,9 +588,15 @@ When /^I request a reboot using the emergency shutdown applet$/ do
@screen.wait_and_click('TailsEmergencyShutdownReboot.png', 10)
end
-Given /^the package "([^"]+)" is installed$/ do |package|
- assert($vm.execute("dpkg -s '#{package}' 2>/dev/null | grep -qs '^Status:.*installed$'").success?,
- "Package '#{package}' is not installed")
+Given /^the package "([^"]+)" is( not)? installed( after Additional Software has been started)?$/ do |package, absent, asp|
+ if absent
+ check_for_removal(package)
+ else
+ if asp
+ step 'the Additional Software installation service has started'
+ end
+ check_for_installation(package)
+ end
end
Given /^I add a ([a-z0-9.]+ |)wired DHCP NetworkManager connection called "([^"]+)"$/ do |version, con_name|
diff --git a/features/step_definitions/usb.rb b/features/step_definitions/usb.rb
index 3cfc707..05f414b 100644
--- a/features/step_definitions/usb.rb
+++ b/features/step_definitions/usb.rb
@@ -242,6 +242,10 @@ Given /^I enable all persistence presets$/ do
debug_log("setting already enabled, skipping")
end
end
+ save_and_exit_the_persistence_wizard
+end
+
+def save_and_exit_the_persistence_wizard
@screen.type(Sikuli::Key.ENTER) # Press the Save button
@screen.wait('PersistenceWizardDone.png', 60)
@screen.type(Sikuli::Key.F4, Sikuli::KeyModifier.ALT)
@@ -257,12 +261,16 @@ When /^I disable the first persistence preset$/ do
@screen.type(Sikuli::Key.F4, Sikuli::KeyModifier.ALT)
end
-Given /^I create a persistent partition$/ do
- step 'I start "Configure persistent volume" via GNOME Activities Overview'
+Given /^I create a persistent partition( for Additional Software)?$/ do |asp|
+ if not asp
+ step 'I start "Configure persistent volume" via GNOME Activities Overview'
+ end
@screen.wait('PersistenceWizardStart.png', 60)
@screen.type(@persistence_password + "\t" + @persistence_password + Sikuli::Key.ENTER)
@screen.wait('PersistenceWizardPresets.png', 300)
- step "I enable all persistence presets"
+ if not asp
+ step "I enable all persistence presets"
+ end
end
def check_disk_integrity(name, dev, scheme)
@@ -517,8 +525,6 @@ Then /^all persistent filesystems have safe access rights$/ do
end
Then /^all persistence configuration files have safe access rights$/ do
- # XXX: #14596
- next
persistent_volumes_mountpoints.each do |mountpoint|
assert($vm.execute("test -e #{mountpoint}/persistence.conf").success?,
"#{mountpoint}/persistence.conf does not exist, while it should")
@@ -532,7 +538,12 @@ Then /^all persistence configuration files have safe access rights$/ do
file_perms = $vm.execute("stat -c %a '#{f}'").stdout.chomp
assert_equal("tails-persistence-setup", file_owner)
assert_equal("tails-persistence-setup", file_group)
- assert_equal("600", file_perms)
+ case f
+ when /.*\/live-additional-software.conf$/
+ assert_equal("644", file_perms)
+ else
+ assert_equal("600", file_perms)
+ end
end
end
end
diff --git a/features/support/helpers/vm_helper.rb b/features/support/helpers/vm_helper.rb
index 452ae9d..13ad4e2 100644
--- a/features/support/helpers/vm_helper.rb
+++ b/features/support/helpers/vm_helper.rb
@@ -522,6 +522,10 @@ class VM
execute("test -e '#{file}'").success?
end
+ def file_empty?(file)
+ return file_content(file).empty?
+ end
+
def directory_exist?(directory)
execute("test -d '#{directory}'").success?
end
diff --git a/features/support/hooks.rb b/features/support/hooks.rb
index 4862dac..284398f 100644
--- a/features/support/hooks.rb
+++ b/features/support/hooks.rb
@@ -16,7 +16,6 @@ AfterConfiguration do |config|
# space for other reasons:
'features/untrusted_partitions.feature',
# Features using temporary snapshots:
- 'features/apt.feature',
'features/root_access_control.feature',
'features/time_syncing.feature',
'features/tor_bridges.feature',
@@ -26,6 +25,9 @@ AfterConfiguration do |config|
# excluding persistence) and will create yet another disk and
# install Tails on it. This should be the peak of disk usage.
'features/usb_install.feature',
+ # This feature uses some snapshots and a disk that can be reused in
+ # the later feature below and reduce memory footprint on the system.
+ 'features/additional_software_packages.feature',
# This feature needs a copy of the ISO and creates a new disk.
'features/usb_upgrade.feature',
# This feature needs a very big snapshot (USB install with persistence)