summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authoranonym <anonym@riseup.net>2017-03-25 00:04:52 +0100
committeranonym <anonym@riseup.net>2017-03-25 00:24:26 +0100
commit1f62931542116b364f03b2e24caf47b6035019f9 (patch)
tree9739fdfbeea78291bb7623b29d5c0d394b480759
parentb2c7d793a03d44e5a652851ace1da5633758684f (diff)
Disable all other tests but those about Tor bootstrapping issues.test/tor-bootstrap-robustness_tor-0.2.9.x
-rw-r--r--features/apt.feature26
-rw-r--r--features/build.feature423
-rw-r--r--features/dhcp.feature22
-rw-r--r--features/documentation.feature7
-rw-r--r--features/electrum.feature34
-rw-r--r--features/emergency_shutdown.feature22
-rw-r--r--features/encryption.feature37
-rw-r--r--features/erase_memory.feature67
-rw-r--r--features/evince.feature64
-rw-r--r--features/gnome.feature8
-rw-r--r--features/hardening.feature14
-rw-r--r--features/i2p.feature107
-rw-r--r--features/icedove.feature58
-rw-r--r--features/keys.feature10
-rw-r--r--features/localization.feature18
-rw-r--r--features/mac_spoofing.feature64
-rw-r--r--features/mat.feature10
-rw-r--r--features/networking.feature27
-rw-r--r--features/persistence.feature63
-rw-r--r--features/pidgin.feature134
-rw-r--r--features/po.feature9
-rw-r--r--features/regression_tests.feature6
-rw-r--r--features/root_access_control.feature27
-rw-r--r--features/sane_defaults.feature15
-rw-r--r--features/ssh.feature27
-rw-r--r--features/time_syncing.feature43
-rw-r--r--features/tor_bridges.feature27
-rw-r--r--features/tor_enforcement.feature70
-rw-r--r--features/tor_stream_isolation.feature63
-rw-r--r--features/torified_browsing.feature171
-rw-r--r--features/torified_git.feature23
-rw-r--r--features/torified_gnupg.feature53
-rw-r--r--features/torified_misc.feature24
-rw-r--r--features/totem.feature64
-rw-r--r--features/unsafe_browser.feature71
-rw-r--r--features/untrusted_partitions.feature79
-rw-r--r--features/usb_install.feature95
-rw-r--r--features/usb_upgrade.feature179
-rw-r--r--features/virtualization.feature9
39 files changed, 0 insertions, 2270 deletions
diff --git a/features/apt.feature b/features/apt.feature
deleted file mode 100644
index 70c2413..0000000
--- a/features/apt.feature
+++ /dev/null
@@ -1,26 +0,0 @@
-@product
-Feature: Installing packages through APT
- As a Tails user
- when I set an administration password in Tails Greeter
- I should be able to install packages using APT and Synaptic
- and all Internet traffic should flow only through Tor.
-
- Background:
- Given I have started Tails from DVD and logged in with an administration password and the network is connected
-
- Scenario: APT sources are configured correctly
- Then the only hosts in APT sources are "vwakviie2ienjx6t.onion,sgvtcaew4bxjd7ln.onion,jenw7xbd6tf7vfhp.onion,sdscoq7snqtznauu.onion"
- And no proposed-updates APT suite is enabled
-
- @check_tor_leaks
- Scenario: Install packages using apt
- When I configure APT to use non-onion sources
- And I update APT using apt
- Then I should be able to install a package using apt
-
- @check_tor_leaks
- Scenario: Install packages using Synaptic
- When I configure APT to use non-onion sources
- And I start Synaptic
- And I update APT using Synaptic
- Then I should be able to install a package using Synaptic
diff --git a/features/build.feature b/features/build.feature
deleted file mode 100644
index 49b2d24..0000000
--- a/features/build.feature
+++ /dev/null
@@ -1,423 +0,0 @@
-@source
-Feature: custom APT sources to build branches
- As a Tails developer, when I build Tails, I'd be happy if
- the proper APT sources were automatically picked depending
- on which Git branch I am working on.
-
- Scenario: build from an untagged stable branch where the config/APT_overlays.d directory is empty
- Given I am working on the stable base branch
- And the last version mentioned in debian/changelog is 1.0
- And Tails 1.0 has not been released yet
- And the config/APT_overlays.d directory is empty
- When I successfully run tails-custom-apt-sources
- Then I should see only the 'stable' suite
-
- Scenario: build from an untagged stable branch where config/APT_overlays.d is not empty
- Given I am working on the stable base branch
- And the last version mentioned in debian/changelog is 1.0
- And Tails 1.0 has not been released yet
- And config/APT_overlays.d contains 'feature-foo'
- And config/APT_overlays.d contains 'bugfix-bar'
- When I successfully run tails-custom-apt-sources
- Then I should see the 'stable' suite
- And I should see the 'feature-foo' suite
- And I should see the 'bugfix-bar' suite
- But I should not see the '1.0' suite
-
- Scenario: build from an untagged stable branch with no encoded time-based snapshot
- Given I am working on the stable base branch
- And Tails 0.10 has been released
- And the last versions mentioned in debian/changelog are 0.10 and 1.0
- And Tails 1.0 has not been released yet
- And no frozen APT snapshot is encoded in config/APT_snapshots.d
- When I successfully run "apt-snapshots-serials prepare-build"
- And I run "apt-mirror debian"
- Then it should fail
- When I run "apt-mirror torproject"
- Then it should fail
- When I successfully run "apt-mirror debian-security"
- Then I should see a time-based snapshot
-
- Scenario: build from an untagged stable branch with encoded time-based snapshots
- Given I am working on the stable base branch
- And Tails 0.10 has been released
- And the last versions mentioned in debian/changelog are 0.10 and 1.0
- And Tails 1.0 has not been released yet
- And frozen APT snapshots are encoded in config/APT_snapshots.d
- When I successfully run "apt-snapshots-serials prepare-build"
- And I successfully run "apt-mirror debian"
- Then I should see a time-based snapshot
- When I successfully run "apt-mirror torproject"
- Then I should see a time-based snapshot
- When I successfully run "apt-mirror debian-security"
- Then I should see a time-based snapshot
-
- Scenario: build from a tagged stable branch where the config/APT_overlays.d directory is empty
- Given Tails 0.10 has been released
- And the last version mentioned in debian/changelog is 0.10
- And I am working on the stable base branch
- And I checkout the 0.10 tag
- And the config/APT_overlays.d directory is empty
- When I successfully run tails-custom-apt-sources
- Then I should see only the '0.10' suite
-
- Scenario: build from a tagged stable branch where config/APT_overlays.d is not empty
- Given Tails 0.10 has been released
- And the last version mentioned in debian/changelog is 0.10
- And I am working on the stable base branch
- And I checkout the 0.10 tag
- And config/APT_overlays.d contains 'feature-foo'
- When I run tails-custom-apt-sources
- Then it should fail
-
- Scenario: build from a tagged stable branch with no encoded time-based snapshot
- Given I am working on the stable base branch
- And Tails 0.10 has been released
- And the last version mentioned in debian/changelog is 0.10
- And no frozen APT snapshot is encoded in config/APT_snapshots.d
- And I checkout the 0.10 tag
- When I successfully run "apt-snapshots-serials prepare-build"
- And I run "apt-mirror debian"
- Then it should fail
- When I run "apt-mirror torproject"
- Then it should fail
- When I successfully run "apt-mirror debian-security"
- Then I should see the 0.10 tagged snapshot
-
- Scenario: build from a tagged stable branch with encoded time-based snapshots
- Given I am working on the stable base branch
- And Tails 0.10 has been released
- And the last version mentioned in debian/changelog is 0.10
- And frozen APT snapshots are encoded in config/APT_snapshots.d
- And I checkout the 0.10 tag
- When I successfully run "apt-snapshots-serials prepare-build"
- And I successfully run "apt-mirror debian"
- Then I should see the 0.10 tagged snapshot
- When I successfully run "apt-mirror torproject"
- Then I should see the 0.10 tagged snapshot
- When I successfully run "apt-mirror debian-security"
- Then I should see the 0.10 tagged snapshot
-
- Scenario: build from a bugfix branch without overlays for a stable release
- Given Tails 0.10 has been released
- And the last version mentioned in debian/changelog is 0.10.1
- And Tails 0.10.1 has not been released yet
- And I am working on the bugfix/disable_gdomap branch based on stable
- And the config/APT_overlays.d directory is empty
- When I successfully run tails-custom-apt-sources
- Then I should see only the 'stable' suite
-
- Scenario: build from a bugfix branch with overlays for a stable release
- Given Tails 0.10 has been released
- And the last version mentioned in debian/changelog is 0.10.1
- And Tails 0.10.1 has not been released yet
- And I am working on the bugfix/disable_gdomap branch based on stable
- And config/APT_overlays.d contains 'bugfix-disable-gdomap'
- And config/APT_overlays.d contains 'bugfix-bar'
- When I successfully run tails-custom-apt-sources
- Then I should see the 'stable' suite
- And I should see the 'bugfix-disable-gdomap' suite
- And I should see the 'bugfix-bar' suite
- But I should not see the '0.10' suite
-
- Scenario: build from a bugfix branch with no encoded time-based snapshot for a stable release
- Given Tails 0.10 has been released
- And the last version mentioned in debian/changelog is 0.10.1
- And Tails 0.10.1 has not been released yet
- And I am working on the bugfix/disable_gdomap branch based on stable
- And no frozen APT snapshot is encoded in config/APT_snapshots.d
- When I successfully run "apt-snapshots-serials prepare-build"
- And I run "apt-mirror debian"
- Then it should fail
- When I run "apt-mirror torproject"
- Then it should fail
- When I successfully run "apt-mirror debian-security"
- Then I should see a time-based snapshot
-
- Scenario: build from a bugfix branch with encoded time-based snapshots for a stable release
- Given Tails 0.10 has been released
- And the last version mentioned in debian/changelog is 0.10.1
- And Tails 0.10.1 has not been released yet
- And I am working on the bugfix/disable_gdomap branch based on stable
- And frozen APT snapshots are encoded in config/APT_snapshots.d
- When I successfully run "apt-snapshots-serials prepare-build"
- And I successfully run "apt-mirror debian"
- Then I should see a time-based snapshot
- When I successfully run "apt-mirror torproject"
- Then I should see a time-based snapshot
- When I successfully run "apt-mirror debian-security"
- Then I should see a time-based snapshot
-
- Scenario: build from an untagged testing branch where the config/APT_overlays.d directory is empty
- Given I am working on the testing base branch
- And the last version mentioned in debian/changelog is 0.11
- And Tails 0.11 has not been released yet
- And the config/APT_overlays.d directory is empty
- When I successfully run tails-custom-apt-sources
- Then I should see the 'testing' suite
- And I should not see the '0.11' suite
- And I should not see the 'feature-foo' suite
- And I should not see the 'bugfix-bar' suite
-
- Scenario: build from an untagged testing branch where config/APT_overlays.d is not empty
- Given I am working on the testing base branch
- And the last version mentioned in debian/changelog is 0.11
- And Tails 0.11 has not been released yet
- And config/APT_overlays.d contains 'feature-foo'
- And config/APT_overlays.d contains 'bugfix-bar'
- When I successfully run tails-custom-apt-sources
- Then I should see the 'testing' suite
- And I should see the 'feature-foo' suite
- And I should see the 'bugfix-bar' suite
- But I should not see the '0.11' suite
-
- Scenario: build from an untagged testing branch with no encoded time-based snapshot
- Given I am working on the testing base branch
- And Tails 0.10 has been released
- And the last versions mentioned in debian/changelog are 0.10 and 1.0
- And Tails 1.0 has not been released yet
- And no frozen APT snapshot is encoded in config/APT_snapshots.d
- When I successfully run "apt-snapshots-serials prepare-build"
- And I run "apt-mirror debian"
- Then it should fail
- When I run "apt-mirror torproject"
- Then it should fail
- When I successfully run "apt-mirror debian-security"
- Then I should see a time-based snapshot
-
- Scenario: build from an untagged testing branch with encoded time-based snapshots
- Given I am working on the testing base branch
- And Tails 0.10 has been released
- And the last versions mentioned in debian/changelog are 0.10 and 1.0
- And Tails 1.0 has not been released yet
- And frozen APT snapshots are encoded in config/APT_snapshots.d
- When I successfully run "apt-snapshots-serials prepare-build"
- And I successfully run "apt-mirror debian"
- Then I should see a time-based snapshot
- When I successfully run "apt-mirror torproject"
- Then I should see a time-based snapshot
- When I successfully run "apt-mirror debian-security"
- Then I should see a time-based snapshot
-
- Scenario: build from a tagged testing branch where the config/APT_overlays.d directory is empty
- Given I am working on the testing base branch
- And the last version mentioned in debian/changelog is 0.11
- And Tails 0.11 has been released
- And the config/APT_overlays.d directory is empty
- And I checkout the 0.11 tag
- When I successfully run tails-custom-apt-sources
- Then I should see only the '0.11' suite
-
- Scenario: build from a tagged testing branch where config/APT_overlays.d is not empty
- Given I am working on the testing base branch
- And the last version mentioned in debian/changelog is 0.11
- And Tails 0.11 has been released
- And config/APT_overlays.d contains 'feature-foo'
- And I checkout the 0.11 tag
- When I run tails-custom-apt-sources
- Then it should fail
-
- Scenario: build from a tagged testing branch with no encoded time-based snapshot
- Given I am working on the testing base branch
- And the last version mentioned in debian/changelog is 0.11
- And Tails 0.11 has been released
- And no frozen APT snapshot is encoded in config/APT_snapshots.d
- And I checkout the 0.11 tag
- When I successfully run "apt-snapshots-serials prepare-build"
- And I run "apt-mirror debian"
- Then it should fail
- When I run "apt-mirror torproject"
- Then it should fail
- When I successfully run "apt-mirror debian-security"
- Then I should see the 0.11 tagged snapshot
-
- Scenario: build from a tagged testing branch with encoded time-based snapshots
- Given I am working on the testing base branch
- And the last version mentioned in debian/changelog is 0.11
- And Tails 0.11 has been released
- And frozen APT snapshots are encoded in config/APT_snapshots.d
- And I checkout the 0.11 tag
- When I successfully run "apt-snapshots-serials prepare-build"
- And I successfully run "apt-mirror debian"
- Then I should see the 0.11 tagged snapshot
- When I successfully run "apt-mirror torproject"
- Then I should see the 0.11 tagged snapshot
- When I successfully run "apt-mirror debian-security"
- Then I should see the 0.11 tagged snapshot
-
- Scenario: build a release candidate from a tagged testing branch
- Given I am working on the testing base branch
- And Tails 0.11 has been released
- And the last version mentioned in debian/changelog is 0.12~rc1
- And Tails 0.12-rc1 has been tagged
- And the config/APT_overlays.d directory is empty
- And I checkout the 0.12-rc1 tag
- When I successfully run tails-custom-apt-sources
- Then I should see only the '0.12-rc1' suite
-
- Scenario: build a release candidate from a tagged testing branch where config/APT_overlays.d is not empty
- Given I am working on the testing base branch
- And Tails 0.11 has been released
- And the last version mentioned in debian/changelog is 0.12~rc1
- And Tails 0.12-rc1 has been tagged
- And config/APT_overlays.d contains 'bugfix-bar'
- And I checkout the 0.12-rc1 tag
- When I run tails-custom-apt-sources
- Then it should fail
-
- Scenario: build from a bugfix branch with no encoded time-based snapshot for a major release
- Given I am working on the testing base branch
- And Tails 0.10~rc1 has been released
- And the last versions mentioned in debian/changelog are 0.10~rc1 and 0.10
- And Tails 0.10 has not been released yet
- And I am working on the bugfix/disable_gdomap branch based on testing
- And no frozen APT snapshot is encoded in config/APT_snapshots.d
- When I successfully run "apt-snapshots-serials prepare-build"
- And I run "apt-mirror debian"
- Then it should fail
- When I run "apt-mirror torproject"
- Then it should fail
- When I successfully run "apt-mirror debian-security"
- Then I should see a time-based snapshot
-
- Scenario: build from a bugfix branch with encoded time-based snapshots for a major release
- Given I am working on the testing base branch
- And Tails 0.10~rc1 has been released
- And the last versions mentioned in debian/changelog are 0.10~rc1 and 0.10
- And Tails 0.10 has not been released yet
- And I am working on the bugfix/disable_gdomap branch based on testing
- And frozen APT snapshots are encoded in config/APT_snapshots.d
- When I successfully run "apt-snapshots-serials prepare-build"
- And I successfully run "apt-mirror debian"
- Then I should see a time-based snapshot
- When I successfully run "apt-mirror torproject"
- Then I should see a time-based snapshot
- When I successfully run "apt-mirror debian-security"
- Then I should see a time-based snapshot
-
- Scenario: build from the devel branch without overlays
- Given I am working on the devel base branch
- And the config/APT_overlays.d directory is empty
- When I successfully run tails-custom-apt-sources
- Then I should see only the 'devel' suite
-
- Scenario: build from the devel branch with overlays
- Given I am working on the devel base branch
- And config/APT_overlays.d contains 'feature-foo'
- And config/APT_overlays.d contains 'bugfix-bar'
- When I successfully run tails-custom-apt-sources
- Then I should see the 'devel' suite
- And I should see the 'feature-foo' suite
- And I should see the 'bugfix-bar' suite
-
- Scenario: build from the devel branch with no encoded time-based snapshot
- Given I am working on the devel base branch
- And no frozen APT snapshot is encoded in config/APT_snapshots.d
- When I successfully run "apt-snapshots-serials prepare-build"
- And I successfully run "apt-mirror debian"
- Then I should see a time-based snapshot
- When I successfully run "apt-mirror torproject"
- Then I should see a time-based snapshot
- When I successfully run "apt-mirror debian-security"
- Then I should see a time-based snapshot
-
- Scenario: build from the devel branch with encoded time-based snapshots
- Given I am working on the devel base branch
- And frozen APT snapshots are encoded in config/APT_snapshots.d
- When I successfully run "apt-snapshots-serials prepare-build"
- And I run "apt-mirror debian"
- Then it should fail
- When I run "apt-mirror torproject"
- Then it should fail
- When I successfully run "apt-mirror debian-security"
- Then I should see a time-based snapshot
-
- Scenario: build from the feature/jessie branch without overlays
- Given I am working on the feature/jessie base branch
- And the config/APT_overlays.d directory is empty
- When I successfully run tails-custom-apt-sources
- Then I should see only the 'feature-jessie' suite
-
- Scenario: build from the feature/jessie branch with overlays
- Given I am working on the feature/jessie base branch
- And config/APT_overlays.d contains 'feature-7756-reintroduce-whisperback'
- When I successfully run tails-custom-apt-sources
- Then I should see the 'feature-jessie' suite
- And I should see the 'feature-7756-reintroduce-whisperback' suite
-
- Scenario: build from a feature branch with overlays based on devel
- Given I am working on the feature/icedove branch based on devel
- And config/APT_overlays.d contains 'feature-icedove'
- And config/APT_overlays.d contains 'bugfix-bar'
- When I successfully run tails-custom-apt-sources
- Then I should see the 'devel' suite
- And I should see the 'feature-icedove' suite
- And I should see the 'bugfix-bar' suite
-
- Scenario: build from a feature branch without overlays based on devel
- Given I am working on the feature/icedove branch based on devel
- And the config/APT_overlays.d directory is empty
- When I successfully run tails-custom-apt-sources
- Then I should see only the 'devel' suite
-
- Scenario: build from a feature branch based on devel with no encoded time-based snapshot
- Given I am working on the feature/icedove branch based on devel
- And no frozen APT snapshot is encoded in config/APT_snapshots.d
- When I successfully run "apt-snapshots-serials prepare-build"
- And I successfully run "apt-mirror debian"
- Then I should see a time-based snapshot
- When I successfully run "apt-mirror torproject"
- Then I should see a time-based snapshot
- When I successfully run "apt-mirror debian-security"
- Then I should see a time-based snapshot
-
- Scenario: build from a feature branch based on devel with encoded time-based snapshots
- Given I am working on the feature/icedove branch based on devel
- And frozen APT snapshots are encoded in config/APT_snapshots.d
- When I successfully run "apt-snapshots-serials prepare-build"
- And I run "apt-mirror debian"
- Then it should fail
- When I run "apt-mirror torproject"
- Then it should fail
- When I successfully run "apt-mirror debian-security"
- Then I should see a time-based snapshot
-
- Scenario: build from a feature branch with overlays based on feature/jessie
- Given I am working on the feature/7756-reintroduce-whisperback branch based on feature/jessie
- And config/APT_overlays.d contains 'feature-7756-reintroduce-whisperback'
- And config/APT_overlays.d contains 'bugfix-bar'
- When I successfully run tails-custom-apt-sources
- Then I should see the 'feature-jessie' suite
- And I should see the 'feature-7756-reintroduce-whisperback' suite
- And I should see the 'bugfix-bar' suite
-
- Scenario: build from a feature branch without overlays based on feature/jessie
- Given I am working on the feature/icedove branch based on feature/jessie
- And the config/APT_overlays.d directory is empty
- When I successfully run tails-custom-apt-sources
- Then I should see only the 'feature-jessie' suite
-
- Scenario: build from a feature branch based on devel with dots in its name
- Given I am working on the feature/live-boot-3.x branch based on devel
- And config/APT_overlays.d contains 'feature-live-boot-3.x'
- When I successfully run tails-custom-apt-sources
- Then I should see the 'devel' suite
- And I should see the 'feature-live-boot-3.x' suite
-
- Scenario: build from a branch that has no config/APT_overlays.d directory
- Given I am working on the stable base branch
- And the config/APT_overlays.d directory does not exist
- When I run tails-custom-apt-sources
- Then it should fail
-
- Scenario: build from a branch that has no config/base_branch file
- Given I am working on the stable base branch
- And the config/base_branch file does not exist
- When I run tails-custom-apt-sources
- Then it should fail
-
- Scenario: build from a branch where config/base_branch is empty
- Given I am working on the stable base branch
- And the config/base_branch file is empty
- When I run tails-custom-apt-sources
- Then it should fail
diff --git a/features/dhcp.feature b/features/dhcp.feature
deleted file mode 100644
index 0e17fce..0000000
--- a/features/dhcp.feature
+++ /dev/null
@@ -1,22 +0,0 @@
-@product
-Feature: Getting a DHCP lease without leaking too much information
- As a Tails user
- when I connect to a network with a DHCP server
- I should be able to connect to the Internet
- and the hostname should not have been leaked on the network.
-
- Background:
- Given I have started Tails from DVD without network and logged in
- And I capture all network traffic
- And the network is plugged
- And Tor is ready
- And all notifications have disappeared
- And available upgrades have been checked
-
- Scenario: Getting a DHCP lease with the default NetworkManager connection
- Then the hostname should not have been leaked on the network
-
- Scenario: Getting a DHCP lease with a manually configured NetworkManager connection
- When I add a wired DHCP NetworkManager connection called "manually-added-con"
- And I switch to the "manually-added-con" NetworkManager connection
- Then the hostname should not have been leaked on the network
diff --git a/features/documentation.feature b/features/documentation.feature
deleted file mode 100644
index f6be5ef..0000000
--- a/features/documentation.feature
+++ /dev/null
@@ -1,7 +0,0 @@
-@product @doc
-Feature: Tails documentation
-
- Scenario: The "Report an Error" launcher will open the support documentation
- Given I have started Tails from DVD without network and logged in
- When I double-click the Report an Error launcher on the desktop
- Then the support documentation page opens in Tor Browser
diff --git a/features/electrum.feature b/features/electrum.feature
deleted file mode 100644
index b611d23..0000000
--- a/features/electrum.feature
+++ /dev/null
@@ -1,34 +0,0 @@
-@product @check_tor_leaks
-Feature: Electrum Bitcoin client
- As a Tails user
- I might want to use a Bitcoin client
- And all Internet traffic should flow only through Tor
-
- Scenario: A warning will be displayed if Electrum is not persistent
- Given I have started Tails from DVD without network and logged in
- When I start Electrum through the GNOME menu
- But persistence for "electrum" is not enabled
- Then I see a warning that Electrum is not persistent
-
- #11697
- @fragile
- Scenario: Using a persistent Electrum configuration
- Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
- And the network is plugged
- And Tor is ready
- And available upgrades have been checked
- And all notifications have disappeared
- Then persistence for "electrum" is enabled
- When I start Electrum through the GNOME menu
- But a bitcoin wallet is not present
- Then I am prompted to configure Electrum
- When I create a new bitcoin wallet
- Then a bitcoin wallet is present
- And I see the main Electrum client window
- And Electrum successfully connects to the network
- And I shutdown Tails and wait for the computer to power off
- Given I start Tails from USB drive "__internal" and I login with persistence enabled
- When I start Electrum through the GNOME menu
- And a bitcoin wallet is present
- And I see the main Electrum client window
- Then Electrum successfully connects to the network
diff --git a/features/emergency_shutdown.feature b/features/emergency_shutdown.feature
deleted file mode 100644
index 3fac61e..0000000
--- a/features/emergency_shutdown.feature
+++ /dev/null
@@ -1,22 +0,0 @@
-@product
-Feature: Emergency shutdown
-
- Scenario: The emergency shutdown applet can shutdown Tails
- Given I have started Tails from DVD without network and logged in
- When I request a shutdown using the emergency shutdown applet
- Then Tails eventually shuts down
-
- Scenario: The emergency shutdown applet can reboot Tails
- Given I have started Tails from DVD without network and logged in
- When I request a reboot using the emergency shutdown applet
- Then Tails eventually restarts
-
- Scenario: Tails shuts down on DVD boot medium removal
- Given I have started Tails from DVD without network and logged in
- When I eject the boot medium
- Then Tails eventually shuts down
-
- Scenario: Tails shuts down on USB boot medium removal
- Given I have started Tails without network from a USB drive without a persistent partition and logged in
- When I eject the boot medium
- Then Tails eventually shuts down
diff --git a/features/encryption.feature b/features/encryption.feature
deleted file mode 100644
index d4426f7..0000000
--- a/features/encryption.feature
+++ /dev/null
@@ -1,37 +0,0 @@
-@product
-Feature: Encryption and verification using GnuPG
- As a Tails user
- I want to be able to easily encrypt and sign messages using GnuPG
- And decrypt and verify GnuPG blocks
-
- Background:
- Given I have started Tails from DVD without network and logged in
- And I generate an OpenPGP key named "test" with password "asdf"
-
- #10992
- @fragile
- Scenario: Encryption and decryption using OpenPGP Applet
- When I type a message into gedit
- And I encrypt the message using my OpenPGP key
- Then I can decrypt the encrypted message
-
- #10992
- @fragile
- Scenario: Signing and verification using OpenPGP Applet
- When I type a message into gedit
- And I sign the message using my OpenPGP key
- Then I can verify the message's signature
-
- #10991
- @fragile
- Scenario: Encryption/signing and decryption/verification using OpenPGP Applet
- When I type a message into gedit
- And I both encrypt and sign the message using my OpenPGP key
- Then I can decrypt and verify the encrypted message
-
- # 11394
- @fragile
- Scenario: Symmetric encryption and decryption using OpenPGP Applet
- When I type a message into gedit
- And I symmetrically encrypt the message with password "asdf"
- Then I can decrypt the encrypted message
diff --git a/features/erase_memory.feature b/features/erase_memory.feature
deleted file mode 100644
index 28779f6..0000000
--- a/features/erase_memory.feature
+++ /dev/null
@@ -1,67 +0,0 @@
-@product
-Feature: System memory erasure on shutdown
- As a Tails user
- when I shutdown Tails
- I want the system memory to be free from sensitive data.
-
- Scenario: Anti-test: no memory erasure on a modern computer
- Given a computer
- And the computer is a modern 64-bit system
- And the computer has 8 GiB of RAM
- And I set Tails to boot with options "debug=wipemem"
- And I start Tails from DVD with network unplugged and I login
- Then the PAE kernel is running
- And at least 8 GiB of RAM was detected
- And process "memlockd" is running
- And process "udev-watchdog" is running
- And udev-watchdog is monitoring the correct device
- When I fill the guest's memory with a known pattern without verifying
- And I reboot without wiping the memory
- And I stop the boot at the bootloader menu
- Then I find many patterns in the guest's memory
-
- Scenario: Memory erasure on a modern computer
- Given a computer
- And the computer is a modern 64-bit system
- And the computer has 8 GiB of RAM
- And I set Tails to boot with options "debug=wipemem"
- And I start Tails from DVD with network unplugged and I login
- Then the PAE kernel is running
- And at least 8 GiB of RAM was detected
- And process "memlockd" is running
- And process "udev-watchdog" is running
- And udev-watchdog is monitoring the correct device
- When I fill the guest's memory with a known pattern
- And I shutdown and wait for Tails to finish wiping the memory
- Then I find very few patterns in the guest's memory
-
- Scenario: Anti-test: no memory erasure on an old computer
- Given a computer
- And the computer is an old pentium without the PAE extension
- And the computer has 8 GiB of RAM
- And I set Tails to boot with options "debug=wipemem"
- And I start Tails from DVD with network unplugged and I login
- Then the non-PAE kernel is running
- And at least 3 GiB of RAM was detected
- And process "memlockd" is running
- And process "udev-watchdog" is running
- And udev-watchdog is monitoring the correct device
- When I fill the guest's memory with a known pattern without verifying
- And I reboot without wiping the memory
- And I stop the boot at the bootloader menu
- Then I find many patterns in the guest's memory
-
- Scenario: Memory erasure on an old computer
- Given a computer
- And the computer is an old pentium without the PAE extension
- And the computer has 8 GiB of RAM
- And I set Tails to boot with options "debug=wipemem"
- And I start Tails from DVD with network unplugged and I login
- And the non-PAE kernel is running
- And at least 3 GiB of RAM was detected
- And process "memlockd" is running
- And process "udev-watchdog" is running
- And udev-watchdog is monitoring the correct device
- When I fill the guest's memory with a known pattern
- And I shutdown and wait for Tails to finish wiping the memory
- Then I find very few patterns in the guest's memory
diff --git a/features/evince.feature b/features/evince.feature
deleted file mode 100644
index c9501f9..0000000
--- a/features/evince.feature
+++ /dev/null
@@ -1,64 +0,0 @@
-@product
-Feature: Using Evince
- As a Tails user
- I want to view and print PDF files in Evince
- And AppArmor should prevent Evince from doing dangerous things
-
- #10994
- @fragile
- Scenario: I can view and print a PDF file stored in /usr/share
- Given I have started Tails from DVD without network and logged in
- When I open "/usr/share/cups/data/default-testpage.pdf" with Evince
- Then I see "CupsTestPage.png" after at most 40 seconds
- And I can print the current document to "/home/amnesia/output.pdf"
-
- #10994
- @fragile
- Scenario: I can view and print a PDF file stored in non-persistent /home/amnesia
- Given I have started Tails from DVD without network and logged in
- And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia" as user "amnesia"
- When I open "/home/amnesia/default-testpage.pdf" with Evince
- Then I see "CupsTestPage.png" after at most 40 seconds
- And I can print the current document to "/home/amnesia/output.pdf"
-
- Scenario: I cannot view a PDF file stored in non-persistent /home/amnesia/.gnupg
- Given I have started Tails from DVD without network and logged in
- And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia/.gnupg" as user "amnesia"
- Then the file "/home/amnesia/.gnupg/default-testpage.pdf" exists
- And the file "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf" exists
- And the file "/live/overlay/home/amnesia/.gnupg/default-testpage.pdf" exists
- Given I start monitoring the AppArmor log of "/usr/bin/evince"
- When I try to open "/home/amnesia/.gnupg/default-testpage.pdf" with Evince
- Then I see "EvinceUnableToOpen.png" after at most 10 seconds
- And AppArmor has denied "/usr/bin/evince" from opening "/home/amnesia/.gnupg/default-testpage.pdf"
- When I close Evince
- Given I restart monitoring the AppArmor log of "/usr/bin/evince"
- When I try to open "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf" with Evince
- Then I see "EvinceUnableToOpen.png" after at most 10 seconds
- And AppArmor has denied "/usr/bin/evince" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf"
- When I close Evince
- Given I restart monitoring the AppArmor log of "/usr/bin/evince"
- When I try to open "/live/overlay/home/amnesia/.gnupg/default-testpage.pdf" with Evince
- Then I see "EvinceUnableToOpen.png" after at most 10 seconds
- # Due to our AppArmor aliases, /live/overlay will be treated
- # as /lib/live/mount/overlay.
- And AppArmor has denied "/usr/bin/evince" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf"
-
- #10994
- @fragile
- Scenario: I can view and print a PDF file stored in persistent /home/amnesia/Persistent
- Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
- And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia/Persistent" as user "amnesia"
- Then the file "/home/amnesia/Persistent/default-testpage.pdf" exists
- When I open "/home/amnesia/Persistent/default-testpage.pdf" with Evince
- Then I see "CupsTestPage.png" after at most 40 seconds
- And I can print the current document to "/home/amnesia/Persistent/output.pdf"
-
- Scenario: I cannot view a PDF file stored in persistent /home/amnesia/.gnupg
- Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
- And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia/.gnupg" as user "amnesia"
- Then the file "/home/amnesia/.gnupg/default-testpage.pdf" exists
- Given I start monitoring the AppArmor log of "/usr/bin/evince"
- And I try to open "/home/amnesia/.gnupg/default-testpage.pdf" with Evince
- Then I see "EvinceUnableToOpen.png" after at most 10 seconds
- And AppArmor has denied "/usr/bin/evince" from opening "/home/amnesia/.gnupg/default-testpage.pdf"
diff --git a/features/gnome.feature b/features/gnome.feature
deleted file mode 100644
index 21b2672..0000000
--- a/features/gnome.feature
+++ /dev/null
@@ -1,8 +0,0 @@
-@product
-Feature: GNOME is well-integrated into Tails
-
- Scenario: A screenshot is taken when the PRINTSCREEN key is pressed
- Given I have started Tails from DVD without network and logged in
- And there is no screenshot in the live user's Pictures directory
- When I press the "PRINTSCREEN" key
- Then a screenshot is saved to the live user's Pictures directory
diff --git a/features/hardening.feature b/features/hardening.feature
deleted file mode 100644
index 42600b8..0000000
--- a/features/hardening.feature
+++ /dev/null
@@ -1,14 +0,0 @@
-@product
-Feature: Hardening features
-
- Scenario: AppArmor is enabled and has enforced profiles
- Given I have started Tails from DVD without network and logged in
- Then AppArmor is enabled
- And some AppArmor profiles are enforced
-
- Scenario: The tor process should be confined with Seccomp
- Given I have started Tails from DVD without network and logged in
- And the network is plugged
- And Tor is ready
- Then the running process "tor" is confined with Seccomp in filter mode
-
diff --git a/features/i2p.feature b/features/i2p.feature
deleted file mode 100644
index c2d8b7c..0000000
--- a/features/i2p.feature
+++ /dev/null
@@ -1,107 +0,0 @@
-@product
-Feature: I2P
- As a Tails user
- I *might* want to use I2P
-
- Scenario: I2P is disabled by default
- Given I have started Tails from DVD without network and logged in
- Then the I2P Browser desktop file is not present
- And the I2P Browser sudo rules are not present
- And the I2P firewall rules are disabled
-
- Scenario: I2P is enabled when the "i2p" boot parameter is added
- Given I have started Tails from DVD with I2P enabled and logged in
- Then the I2P Browser desktop file is present
- And the I2P Browser sudo rules are present
- And the I2P firewall rules are enabled
-
- #11114
- @fragile
- Scenario: I2P's AppArmor profile is in enforce mode
- Given I have started Tails from DVD with I2P enabled and logged in and the network is connected
- When I2P is running
- Then the running process "i2p" is confined with AppArmor in enforce mode
-
- #11114
- @fragile
- Scenario: The I2P Browser works as it should
- Given I have started Tails from DVD with I2P enabled and logged in and the network is connected
- And the I2P router console is ready
- When I start the I2P Browser through the GNOME menu
- Then the I2P router console is displayed in I2P Browser
- And the I2P Browser uses all expected TBB shared libraries
-
- #11114, #11457, #11458
- @fragile
- Scenario: Closing the I2P Browser shows a stop notification and properly tears down the chroot.
- Given I have started Tails from DVD with I2P enabled and logged in and the network is connected
- And the I2P router console is ready
- When I successfully start the I2P Browser
- And I close the I2P Browser
- Then I see the I2P Browser stop notification
- And the I2P Browser chroot is torn down
-
- #11114, #11465
- @fragile
- Scenario: The I2P internal websites can be viewed in I2P Browser
- Given I have started Tails from DVD with I2P enabled and logged in and the network is connected
- And the I2P router console is ready
- When I start the I2P Browser through the GNOME menu
- Then the I2P router console is displayed in I2P Browser
- And I see shared client tunnels in the I2P router console
- When I open the address "http://i2p-projekt.i2p" in the I2P Browser
- Then the I2P homepage loads in I2P Browser
-
- #11114
- @fragile
- Scenario: I2P is configured to run in Hidden mode
- Given I have started Tails from DVD with I2P enabled and logged in and the network is connected
- And the I2P router console is ready
- When I start the I2P Browser through the GNOME menu
- Then the I2P router console is displayed in I2P Browser
- And I2P is running in hidden mode
-
- #10474, #11114
- @fragile
- Scenario: Connecting to the #i2p IRC channel with the pre-configured account
- Given I have started Tails from DVD with I2P enabled and logged in and the network is connected
- And the I2P router console is ready
- And I start the I2P Browser through the GNOME menu
- And the I2P router console is displayed in I2P Browser
- And I see shared client tunnels in the I2P router console
- When I start Pidgin through the GNOME menu
- Then I see Pidgin's account manager window
- When I activate the "I2P" Pidgin account
- And I close Pidgin's account manager window
- Then Pidgin successfully connects to the "I2P" account
- And I can join the pre-configured "#i2p" channel on "I2P"
-
- #11452
- @fragile
- Scenario: I2P displays a notice when bootstrapping fails
- Given I have started Tails from DVD with I2P enabled and logged in
- And I2P is not running
- When the network is plugged
- And Tor has built a circuit
- And I2P is running
- And I2P's reseeding started
- And the network is unplugged
- Then I see a notification that I2P is not ready
- And I2P's reseeding failed
- But I2P is still running
- When I start the I2P Browser through the GNOME menu
- Then the I2P router console is displayed in I2P Browser
-
- #11462
- @fragile
- Scenario: I2P displays a notice when it fails to start
- Given I have started Tails from DVD with I2P enabled and logged in
- And I2P is not running
- And I block the I2P router console port
- Then I2P is not running
- When the network is plugged
- And Tor has built a circuit
- Then I2P is running
- But the network is unplugged
- Then I see a notification that I2P failed to start
- And I2P is not running
diff --git a/features/icedove.feature b/features/icedove.feature
deleted file mode 100644
index 298be78..0000000
--- a/features/icedove.feature
+++ /dev/null
@@ -1,58 +0,0 @@
-#11465
-@product @check_tor_leaks
-Feature: Icedove email client
- As a Tails user
- I may want to use an email client
-
- Background:
- Given I have started Tails from DVD and logged in and the network is connected
- And I have not configured an email account
- When I start Icedove
- Then I am prompted to setup an email account
-
- Scenario: Only the expected addons are installed
- Given I cancel setting up an email account
- When I open Icedove's Add-ons Manager
- And I click the extensions tab
- Then I see that only the Enigmail and TorBirdy addons are enabled in Icedove
-
- Scenario: Enigmail is configured to use the correct keyserver
- Given I cancel setting up an email account
- And I go into Enigmail's preferences
- And I enable Enigmail's expert settings
- When I click Enigmail's Keyserver tab
- Then I see that Enigmail is configured to use the correct keyserver
- When I click Enigmail's Advanced tab
- Then I see that Enigmail is configured to use the correct SOCKS proxy
-
- Scenario: Torbirdy is configured to use Tor
- Given I cancel setting up an email account
- Then I see that Torbirdy is configured to use Tor
-
- #11890
- @fragile
- Scenario: Icedove's autoconfiguration wizard defaults to IMAP and secure protocols
- When I enter my email credentials into the autoconfiguration wizard
- Then the autoconfiguration wizard's choice for the incoming server is secure IMAP
- Then the autoconfiguration wizard's choice for the outgoing server is secure SMTP
-
- #11890
- @fragile
- Scenario: Icedove can send emails, and receive emails over IMAP
- When I enter my email credentials into the autoconfiguration wizard
- Then the autoconfiguration wizard's choice for the incoming server is secure IMAP
- When I accept the autoconfiguration wizard's configuration
- And I send an email to myself
- And I fetch my email
- Then I can find the email I sent to myself in my inbox
-
- #11890
- @fragile
- Scenario: Icedove can download the inbox with POP3
- When I enter my email credentials into the autoconfiguration wizard
- Then the autoconfiguration wizard's choice for the incoming server is secure IMAP
- When I select the autoconfiguration wizard's POP3 choice
- Then the autoconfiguration wizard's choice for the incoming server is secure POP3
- When I accept the autoconfiguration wizard's configuration
- And I fetch my email
- Then my Icedove inbox is non-empty
diff --git a/features/keys.feature b/features/keys.feature
deleted file mode 100644
index e1db95c..0000000
--- a/features/keys.feature
+++ /dev/null
@@ -1,10 +0,0 @@
-@product
-Feature: Tails-related cryptographic keys are up-to-date
-
- Scenario: The shipped Tails OpenPGP keys are up-to-date
- Given I have started Tails from DVD without network and logged in
- Then the OpenPGP keys shipped with Tails will be valid for the next 3 months
-
- Scenario: The Tails Debian repository key is up-to-date
- Given I have started Tails from DVD without network and logged in
- Then the shipped Debian repository key will be valid for the next 3 months
diff --git a/features/localization.feature b/features/localization.feature
deleted file mode 100644
index 2697ff8..0000000
--- a/features/localization.feature
+++ /dev/null
@@ -1,18 +0,0 @@
-@product
-Feature: Localization
- As a Tails user
- I want Tails to be localized in my native language
- And various Tails features should still work
-
- @doc
- Scenario: The Report an Error launcher will open the support documentation in supported non-English locales
- Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen
- And I log in to a new session in German
- When I double-click the Report an Error launcher on the desktop
- Then the support documentation page opens in Tor Browser
-
- #11711
- @fragile
- Scenario: The Unsafe Browser can be used in all languages supported in Tails
- Given I have started Tails from DVD and logged in and the network is connected
- Then the Unsafe Browser works in all supported languages
diff --git a/features/mac_spoofing.feature b/features/mac_spoofing.feature
deleted file mode 100644
index c775841..0000000
--- a/features/mac_spoofing.feature
+++ /dev/null
@@ -1,64 +0,0 @@
-@product
-Feature: Spoofing MAC addresses
- In order to not reveal information about the physical location
- As a Tails user
- I want to be able to control whether my network devices MAC addresses should be spoofed
- And I want this feature to fail safe and notify me in case of errors
-
- Background:
- Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen
- And I capture all network traffic
- And the network is plugged
-
- Scenario: MAC address spoofing is disabled
- When I enable more Tails Greeter options
- And I disable MAC spoofing in Tails Greeter
- And I log in to a new session
- And Tor is ready
- Then 1 network interface is enabled
- And the network device has its default MAC address configured
- And the real MAC address was leaked
-
- Scenario: MAC address spoofing is successful
- When I log in to a new session
- And Tor is ready
- Then 1 network interface is enabled
- And the network device has a spoofed MAC address configured
- And the real MAC address was not leaked
-
- #10774
- @fragile
- Scenario: MAC address spoofing fails and macchanger returns false
- Given macchanger will fail by not spoofing and always returns false
- When I log in to a new session
- And see the "Network card disabled" notification
- Then no network interfaces are enabled
- And the real MAC address was not leaked
-
- #10774
- @fragile
- Scenario: MAC address spoofing fails and macchanger returns true
- Given macchanger will fail by not spoofing and always returns true
- When I log in to a new session
- And see the "Network card disabled" notification
- Then no network interfaces are enabled
- And the real MAC address was not leaked
-
- #10774
- @fragile
- Scenario: MAC address spoofing fails and the module is not removed
- Given macchanger will fail by not spoofing and always returns true
- And no network interface modules can be unloaded
- When I log in to a new session
- And see the "All networking disabled" notification
- Then 1 network interface is enabled
- But the MAC spoofing panic mode disabled networking
- And the real MAC address was not leaked
-
- Scenario: The MAC address is not leaked when booting Tails
- Given a computer
- And I capture all network traffic
- When I start the computer
- Then the computer boots Tails
- And no network interfaces are enabled
- And the real MAC address was not leaked
diff --git a/features/mat.feature b/features/mat.feature
deleted file mode 100644
index 1b6345f..0000000
--- a/features/mat.feature
+++ /dev/null
@@ -1,10 +0,0 @@
-@product
-Feature: Metadata Anonymization Toolkit
- As a Tails user
- I want to be able to remove leaky metadata from documents and media files
-
- Scenario: MAT can clean a PNG file
- Given a computer
- And I start Tails from DVD with network unplugged and I login
- And I plug and mount a USB drive containing a sample PNG
- Then MAT can clean some sample PNG file
diff --git a/features/networking.feature b/features/networking.feature
deleted file mode 100644
index a5e15b2..0000000
--- a/features/networking.feature
+++ /dev/null
@@ -1,27 +0,0 @@
-@product
-Feature: Networking
-
- Scenario: No initial network
- Given I have started Tails from DVD without network and logged in
- And I wait between 30 and 60 seconds
- Then the Tor Status icon tells me that Tor is not usable
- When the network is plugged
- Then Tor is ready
- And the Tor Status icon tells me that Tor is usable
- And all notifications have disappeared
- And the time has synced
-
- Scenario: The Tails Greeter "disable all networking" option disables networking within Tails
- Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen
- And I enable more Tails Greeter options
- And I disable all networking in the Tails Greeter
- And I log in to a new session
- Then no network interfaces are enabled
-
- #11463
- @fragile
- Scenario: The 'Tor is ready' notification is shown when Tor has bootstrapped
- Given I have started Tails from DVD without network and logged in
- And the network is plugged
- When I see the 'Tor is ready' notification
- Then Tor is ready
diff --git a/features/persistence.feature b/features/persistence.feature
deleted file mode 100644
index c7416e4..0000000
--- a/features/persistence.feature
+++ /dev/null
@@ -1,63 +0,0 @@
-@product
-Feature: Tails persistence
- As a Tails user
- I want to use Tails persistence feature
-
- Scenario: Booting Tails from a USB drive with a disabled persistent partition
- Given I have started Tails without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen
- When I log in to a new session
- Then Tails is running from USB drive "__internal"
- And persistence is disabled
- But a Tails persistence partition exists on USB drive "__internal"
-
- Scenario: Booting Tails from a USB drive with an enabled persistent partition and reconfiguring it
- Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
- Then Tails is running from USB drive "__internal"
- And all persistence presets are enabled
- And all persistent directories have safe access rights
- When I disable the first persistence preset
- And I shutdown Tails and wait for the computer to power off
- And I start Tails from USB drive "__internal" with network unplugged and I login with read-only persistence enabled
- Then all persistence presets but the first one are enabled
-
- Scenario: Writing files first to a read/write-enabled persistent partition, and then to a read-only-enabled persistent partition
- Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
- And the network is plugged
- And Tor is ready
- And I take note of which persistence presets are available
- When I write some files expected to persist
- And I add a wired DHCP NetworkManager connection called "persistent-con"
- And I shutdown Tails and wait for the computer to power off
- # XXX: The next step succeeds (and the --debug output confirms that it's actually looking for the files) but will fail in a subsequent scenario restoring the same snapshot. This exactly what we want, but why does it work? What is guestfs's behaviour when qcow2 internal snapshots are involved?
- Then only the expected files are present on the persistence partition on USB drive "__internal"
- Given I start Tails from USB drive "__internal" with network unplugged and I login with read-only persistence enabled
- And the network is plugged
- And Tor is ready
- Then Tails is running from USB drive "__internal"
- And the boot device has safe access rights
- And all persistence presets are enabled
- And I switch to the "persistent-con" NetworkManager connection
- And there is no GNOME bookmark for the persistent Tor Browser directory
- And I write some files not expected to persist
- And I remove some files expected to persist
- And I take note of which persistence presets are available
- And I shutdown Tails and wait for the computer to power off
- Then only the expected files are present on the persistence partition on USB drive "__internal"
-
- Scenario: Deleting a Tails persistent partition
- Given I have started Tails without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen
- And I log in to a new session
- Then Tails is running from USB drive "__internal"
- And the boot device has safe access rights
- And persistence is disabled
- But a Tails persistence partition exists on USB drive "__internal"
- And all notifications have disappeared
- When I delete the persistent partition
- Then there is no persistence partition on USB drive "__internal"
-
- Scenario: Dotfiles persistence
- Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
- When I write some dotfile expected to persist
- And I shutdown Tails and wait for the computer to power off
- And I start Tails from USB drive "__internal" with network unplugged and I login with persistence enabled
- Then the expected persistent dotfile is present in the filesystem
diff --git a/features/pidgin.feature b/features/pidgin.feature
deleted file mode 100644
index 84ec5dd..0000000
--- a/features/pidgin.feature
+++ /dev/null
@@ -1,134 +0,0 @@
-@product
-Feature: Chatting anonymously using Pidgin
- As a Tails user
- when I chat using Pidgin
- I should be able to use OTR
- And I should be able to persist my Pidgin configuration
- And AppArmor should prevent Pidgin from doing dangerous things
- And all Internet traffic should flow only through Tor
-
- #11453
- @check_tor_leaks @fragile
- Scenario: Chatting with some friend over XMPP
- Given I have started Tails from DVD and logged in and the network is connected
- When I start Pidgin through the GNOME menu
- Then I see Pidgin's account manager window
- When I create my XMPP account
- And I close Pidgin's account manager window
- Then Pidgin automatically enables my XMPP account
- Given my XMPP friend goes online
- When I start a conversation with my friend
- And I say something to my friend
- Then I receive a response from my friend
-
- #11414
- @check_tor_leaks @fragile
- Scenario: Chatting with some friend over XMPP in a multi-user chat
- Given I have started Tails from DVD and logged in and the network is connected
- When I start Pidgin through the GNOME menu
- Then I see Pidgin's account manager window
- When I create my XMPP account
- And I close Pidgin's account manager window
- Then Pidgin automatically enables my XMPP account
- When I join some empty multi-user chat
- And I clear the multi-user chat's scrollback
- And my XMPP friend goes online and joins the multi-user chat
- Then I can see that my friend joined the multi-user chat
- And I say something to my friend in the multi-user chat
- Then I receive a response from my friend in the multi-user chat
- When I say https://labs.riseup.net/code/projects/tails/roadmap to my friend in the multi-user chat
- Then I see the Tails roadmap URL
- When I wait 10 seconds
- And I click on the Tails roadmap URL
- Then the Tor Browser has started and loaded the Tails roadmap
-
- #11453
- @check_tor_leaks @fragile
- Scenario: Chatting with some friend over XMPP and with OTR
- Given I have started Tails from DVD and logged in and the network is connected
- When I start Pidgin through the GNOME menu
- Then I see Pidgin's account manager window
- When I create my XMPP account
- And I close Pidgin's account manager window
- Then Pidgin automatically enables my XMPP account
- Given my XMPP friend goes online
- When I start a conversation with my friend
- And I start an OTR session with my friend
- Then Pidgin automatically generates an OTR key
- And an OTR session was successfully started with my friend
- When I say something to my friend
- Then I receive a response from my friend
-
- #11414
- @check_tor_leaks @fragile
- Scenario: Connecting to the tails multi-user chat with my XMPP account
- Given I have started Tails from DVD and logged in and the network is connected
- And Pidgin has the expected accounts configured with random nicknames
- When I start Pidgin through the GNOME menu
- Then I see Pidgin's account manager window
- And I create my XMPP account
- And I close Pidgin's account manager window
- Then Pidgin automatically enables my XMPP account
- And I can join the "tails" channel on "conference.riseup.net"
-
- Scenario: Adding a certificate to Pidgin
- Given I have started Tails from DVD and logged in and the network is connected
- And I start Pidgin through the GNOME menu
- And I see Pidgin's account manager window
- And I close Pidgin's account manager window
- Then I can add a certificate from the "/home/amnesia" directory to Pidgin
-
- Scenario: Failing to add a certificate to Pidgin
- Given I have started Tails from DVD and logged in and the network is connected
- When I start Pidgin through the GNOME menu
- And I see Pidgin's account manager window
- And I close Pidgin's account manager window
- Then I cannot add a certificate from the "/home/amnesia/.gnupg" directory to Pidgin
- When I close Pidgin's certificate import failure dialog
- And I close Pidgin's certificate manager
- Then I cannot add a certificate from the "/lib/live/mount/overlay/home/amnesia/.gnupg" directory to Pidgin
- When I close Pidgin's certificate import failure dialog
- And I close Pidgin's certificate manager
- Then I cannot add a certificate from the "/live/overlay/home/amnesia/.gnupg" directory to Pidgin
-
- #11584
- @check_tor_leaks @fragile
- Scenario: Using a persistent Pidgin configuration
- Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
- And Pidgin has the expected accounts configured with random nicknames
- And the network is plugged
- And Tor is ready
- And available upgrades have been checked
- And all notifications have disappeared
- When I start Pidgin through the GNOME menu
- Then I see Pidgin's account manager window
- When I create my XMPP account
- And I close Pidgin's account manager window
- Then Pidgin automatically enables my XMPP account
- When I close Pidgin
- # And I generate an OTR key for the default Pidgin account
- And I take note of the configured Pidgin accounts
- # And I take note of the OTR key for Pidgin's "conference.riseup.net" account
- And I shutdown Tails and wait for the computer to power off
- Given a computer
- And I start Tails from USB drive "__internal" and I login with persistence enabled
- And Pidgin has the expected persistent accounts configured
- # And Pidgin has the expected persistent OTR keys
- When I start Pidgin through the GNOME menu
- Then Pidgin automatically enables my XMPP account
- And I join some empty multi-user chat
- # Exercise Pidgin AppArmor profile with persistence enabled.
- # This should really be in dedicated scenarios, but it would be
- # too costly to set up the virtual USB drive with persistence more
- # than once in this feature.
- Given I start monitoring the AppArmor log of "/usr/bin/pidgin"
- Then I cannot add a certificate from the "/home/amnesia/.gnupg" directory to Pidgin
- And AppArmor has denied "/usr/bin/pidgin" from opening "/home/amnesia/.gnupg/test.crt"
- When I close Pidgin's certificate import failure dialog
- And I close Pidgin's certificate manager
- Given I restart monitoring the AppArmor log of "/usr/bin/pidgin"
- Then I cannot add a certificate from the "/live/persistence/TailsData_unlocked/gnupg" directory to Pidgin
- And AppArmor has denied "/usr/bin/pidgin" from opening "/live/persistence/TailsData_unlocked/gnupg/test.crt"
- When I close Pidgin's certificate import failure dialog
- And I close Pidgin's certificate manager
- Then I can add a certificate from the "/home/amnesia" directory to Pidgin
diff --git a/features/po.feature b/features/po.feature
deleted file mode 100644
index 91b8fd0..0000000
--- a/features/po.feature
+++ /dev/null
@@ -1,9 +0,0 @@
-@source
-Feature: check PO files
- As a Tails developer, when I build Tails, I want to make sure
- the PO files in use are correct.
-
- @doc
- Scenario: check all PO files
- Given I am in the Git branch being tested
- Then all the PO files should be correct
diff --git a/features/regression_tests.feature b/features/regression_tests.feature
deleted file mode 100644
index a1925ff..0000000
--- a/features/regression_tests.feature
+++ /dev/null
@@ -1,6 +0,0 @@
-@product
-Feature: Regressions tests
-
- Scenario: tails-debugging-info does not leak information
- Given I have started Tails from DVD without network and logged in
- Then tails-debugging-info is not susceptible to symlink attacks
diff --git a/features/root_access_control.feature b/features/root_access_control.feature
deleted file mode 100644
index fea20ff..0000000
--- a/features/root_access_control.feature
+++ /dev/null
@@ -1,27 +0,0 @@
-@product
-Feature: Root access control enforcement
- As a Tails user
- when I set an administration password in Tails Greeter
- I can use the password for attaining administrative privileges.
- But when I do not set an administration password
- I should not be able to attain administration privileges at all.
-
- Scenario: If an administrative password is set in Tails Greeter the live user should be able to run arbitrary commands with administrative privileges.
- Given I have started Tails from DVD without network and logged in with an administration password
- Then I should be able to run administration commands as the live user
-
- Scenario: If no administrative password is set in Tails Greeter the live user should not be able to run arbitrary commands administrative privileges.
- Given I have started Tails from DVD without network and logged in
- Then I should not be able to run administration commands as the live user with the "" password
- And I should not be able to run administration commands as the live user with the "amnesia" password
- And I should not be able to run administration commands as the live user with the "live" password
-
- Scenario: If an administrative password is set in Tails Greeter the live user should be able to get administrative privileges through PolicyKit
- Given I have started Tails from DVD without network and logged in with an administration password
- And running a command as root with pkexec requires PolicyKit administrator privileges
- Then I should be able to run a command as root with pkexec
-
- Scenario: If no administrative password is set in Tails Greeter the live user should not be able to get administrative privileges through PolicyKit with the standard passwords.
- Given I have started Tails from DVD without network and logged in
- And running a command as root with pkexec requires PolicyKit administrator privileges
- Then I should not be able to run a command as root with pkexec and the standard passwords
diff --git a/features/sane_defaults.feature b/features/sane_defaults.feature
deleted file mode 100644
index 65c10f9..0000000
--- a/features/sane_defaults.feature
+++ /dev/null
@@ -1,15 +0,0 @@
-@product
-Feature: Tails has a sane default configuration
-
- Scenario: The live user is setup correctly
- Given I have started Tails from DVD without network and logged in
- Then the live user has been setup by live-boot
- And the live user is a member of only its own group and "audio cdrom dialout floppy video plugdev netdev scanner lp lpadmin vboxsf"
- And the live user owns its home dir and it has normal permissions
-
- Scenario: No unexpected network services
- Given I have started Tails from DVD without network and logged in
- When the network is plugged
- And Tor is ready
- Then no unexpected services are listening for network connections
-
diff --git a/features/ssh.feature b/features/ssh.feature
deleted file mode 100644
index 695f1b6..0000000
--- a/features/ssh.feature
+++ /dev/null
@@ -1,27 +0,0 @@
-@product
-Feature: Logging in via SSH
- As a Tails user
- When I connect to SSH servers on the Internet
- all Internet traffic should flow only through Tor
-
- Background:
- Given I have started Tails from DVD and logged in and the network is connected
-
- @check_tor_leaks
- Scenario: Connecting to an SSH server on the Internet
- Given I have the SSH key pair for an SSH server
- When I connect to an SSH server on the Internet
- Then I have sucessfully logged into the SSH server
-
- @check_tor_leaks
- Scenario: Connecting to an SSH server on the LAN
- Given I have the SSH key pair for an SSH server
- And an SSH server is running on the LAN
- When I connect to an SSH server on the LAN
- Then I am prompted to verify the SSH fingerprint for the SSH server
-
- @check_tor_leaks
- Scenario: Connecting to an SFTP server on the Internet using the GNOME "Connect to Server" feature
- Given I have the SSH key pair for an SFTP server
- When I connect to an SFTP server on the Internet
- Then I successfully connect to the SFTP server
diff --git a/features/time_syncing.feature b/features/time_syncing.feature
deleted file mode 100644
index cd835bc..0000000
--- a/features/time_syncing.feature
+++ /dev/null
@@ -1,43 +0,0 @@
-@product @check_tor_leaks
-Feature: Time syncing
- As a Tails user
- I want Tor to work properly
- And for that I need a reasonably accurate system clock
-
- Scenario: Clock with host's time
- Given I have started Tails from DVD without network and logged in
- When the network is plugged
- And Tor is ready
- Then Tails clock is less than 5 minutes incorrect
-
- #11589
- @fragile
- Scenario: Clock with host's time in bridge mode
- Given I have started Tails from DVD without network and logged in with bridge mode enabled
- When the network is plugged
- And the Tor Launcher autostarts
- And I configure some bridge pluggable transports in Tor Launcher
- And Tor is ready
- Then Tails clock is less than 5 minutes incorrect
-
- Scenario: The system time is not synced to the hardware clock
- Given I have started Tails from DVD without network and logged in
- When I bump the system time with "-15 days"
- And I warm reboot the computer
- And the computer reboots Tails
- Then Tails' hardware clock is close to the host system's time
-
- Scenario: Anti-test: Changes to the hardware clock are kept when rebooting
- Given I have started Tails from DVD without network and logged in
- When I bump the hardware clock's time with "-15 days"
- And I warm reboot the computer
- And the computer reboots Tails
- Then the hardware clock is still off by "-15 days"
-
- Scenario: Boot with a hardware clock set way in the past and make sure that Tails sets the clock to the build date
- Given a computer
- And the network is unplugged
- And the hardware clock is set to "01 Jan 2000 12:34:56"
- And I start the computer
- And the computer boots Tails
- Then the system clock is just past Tails' build date
diff --git a/features/tor_bridges.feature b/features/tor_bridges.feature
deleted file mode 100644
index 1355f2b..0000000
--- a/features/tor_bridges.feature
+++ /dev/null
@@ -1,27 +0,0 @@
-#11606
-@product @fragile
-Feature: Using Tails with Tor pluggable transports
- As a Tails user
- I want to circumvent censorship of Tor by using Tor pluggable transports
- And avoid connecting directly to the Tor Network
-
- Background:
- Given I have started Tails from DVD without network and logged in with bridge mode enabled
- And I capture all network traffic
- When the network is plugged
- Then the Tor Launcher autostarts
- And the Tor Launcher uses all expected TBB shared libraries
-
- #11589
- @fragile
- Scenario: Using bridges
- When I configure some bridge pluggable transports in Tor Launcher
- Then Tor is ready
- And available upgrades have been checked
- And all Internet traffic has only flowed through the configured pluggable transports
-
- Scenario: Using obfs4 pluggable transports
- When I configure some obfs4 pluggable transports in Tor Launcher
- Then Tor is ready
- And available upgrades have been checked
- And all Internet traffic has only flowed through the configured pluggable transports
diff --git a/features/tor_enforcement.feature b/features/tor_enforcement.feature
deleted file mode 100644
index 0095f77..0000000
--- a/features/tor_enforcement.feature
+++ /dev/null
@@ -1,70 +0,0 @@
-@product
-Feature: The Tor enforcement is effective
- As a Tails user
- I want all direct Internet connections I do by mistake or applications do by misconfiguration or buggy leaks to be blocked
- And as a Tails developer
- I want to ensure that the automated test suite detects firewall leaks reliably
-
- Scenario: The firewall configuration is very restrictive
- Given I have started Tails from DVD and logged in and the network is connected
- Then the firewall's policy is to drop all IPv4 traffic
- And the firewall is configured to only allow the clearnet and debian-tor users to connect directly to the Internet over IPv4
- And the firewall's NAT rules only redirect traffic for Tor's TransPort and DNSPort
- And the firewall is configured to block all external IPv6 traffic
-
- Scenario: Anti test: Detecting TCP leaks from the Unsafe Browser with the firewall leak detector
- Given I have started Tails from DVD and logged in and the network is connected
- And I capture all network traffic
- When I successfully start the Unsafe Browser
- And I open Tails homepage in the Unsafe Browser
- And Tails homepage loads in the Unsafe Browser
- Then the firewall leak detector has detected leaks
-
- Scenario: Anti test: Detecting TCP leaks of DNS lookups with the firewall leak detector
- Given I have started Tails from DVD and logged in and the network is connected
- And I capture all network traffic
- And I disable Tails' firewall
- When I do a TCP DNS lookup of "torproject.org"
- Then the firewall leak detector has detected leaks
-
- Scenario: Anti test: Detecting UDP leaks of DNS lookups with the firewall leak detector
- Given I have started Tails from DVD and logged in and the network is connected
- And I capture all network traffic
- And I disable Tails' firewall
- When I do a UDP DNS lookup of "torproject.org"
- Then the firewall leak detector has detected leaks
-
- Scenario: Anti test: Detecting ICMP leaks of ping with the firewall leak detector
- Given I have started Tails from DVD and logged in and the network is connected
- And I capture all network traffic
- And I disable Tails' firewall
- When I send some ICMP pings
- Then the firewall leak detector has detected leaks
-
- @check_tor_leaks
- Scenario: The Tor enforcement is effective at blocking untorified TCP connection attempts
- Given I have started Tails from DVD and logged in and the network is connected
- When I open an untorified TCP connections to 1.2.3.4 on port 42 that is expected to fail
- Then the untorified connection fails
- And the untorified connection is logged as dropped by the firewall
-
- @check_tor_leaks
- Scenario: The Tor enforcement is effective at blocking untorified UDP connection attempts
- Given I have started Tails from DVD and logged in and the network is connected
- When I open an untorified UDP connections to 1.2.3.4 on port 42 that is expected to fail
- Then the untorified connection fails
- And the untorified connection is logged as dropped by the firewall
-
- @check_tor_leaks @fragile
- Scenario: The Tor enforcement is effective at blocking untorified ICMP connection attempts
- Given I have started Tails from DVD and logged in and the network is connected
- When I open an untorified ICMP connections to 1.2.3.4 that is expected to fail
- Then the untorified connection fails
- And the untorified connection is logged as dropped by the firewall
-
- Scenario: The system DNS is always set up to use Tor's DNSPort
- Given I have started Tails from DVD without network and logged in
- And the system DNS is using the local DNS resolver
- And the network is plugged
- And Tor is ready
- Then the system DNS is still using the local DNS resolver
diff --git a/features/tor_stream_isolation.feature b/features/tor_stream_isolation.feature
deleted file mode 100644
index 129707e..0000000
--- a/features/tor_stream_isolation.feature
+++ /dev/null
@@ -1,63 +0,0 @@
-@product @check_tor_leaks
-Feature: Tor stream isolation is effective
- As a Tails user
- I want my Torified sessions to be sensibly isolated from each other to prevent identity correlation
-
- Background:
- Given I have started Tails from DVD and logged in and the network is connected
-
- Scenario: tails-security-check is using the Tails-specific SocksPort
- When I monitor the network connections of tails-security-check
- And I re-run tails-security-check
- Then I see that tails-security-check is properly stream isolated
-
- Scenario: htpdate is using the Tails-specific SocksPort
- When I monitor the network connections of htpdate
- And I re-run htpdate
- Then I see that htpdate is properly stream isolated
-
- Scenario: tails-upgrade-frontend-wrapper is using the Tails-specific SocksPort
- When I monitor the network connections of tails-upgrade-frontend-wrapper
- And I re-run tails-upgrade-frontend-wrapper
- Then I see that tails-upgrade-frontend-wrapper is properly stream isolated
-
- #11592
- @fragile
- Scenario: The Tor Browser is using the web browser-specific SocksPort
- When I monitor the network connections of Tor Browser
- And I start the Tor Browser
- And the Tor Browser has started and loaded the startup page
- Then I see that Tor Browser is properly stream isolated
-
- @fragile
- Scenario: Gobby is using the default SocksPort
- When I monitor the network connections of Gobby
- And I start "Gobby" via the GNOME "Internet" applications menu
- And I connect Gobby to "gobby.debian.org"
- Then I see that Gobby is properly stream isolated
-
- Scenario: SSH is using the default SocksPort
- When I monitor the network connections of SSH
- And I run "ssh lizard.tails.boum.org" in GNOME Terminal
- And I see "SSHAuthVerification.png" after at most 60 seconds
- Then I see that SSH is properly stream isolated
-
- Scenario: whois lookups use the default SocksPort
- When I monitor the network connections of whois
- And I query the whois directory service for "boum.org"
- And the whois command is successful
- Then I see that whois is properly stream isolated
-
- @fragile
- Scenario: Explicitly torify-wrapped applications are using the default SocksPort
- When I monitor the network connections of Gobby
- And I run "torify /usr/bin/gobby-0.5" in GNOME Terminal
- And I connect Gobby to "gobby.debian.org"
- Then I see that Gobby is properly stream isolated
-
- @fragile
- Scenario: Explicitly torsocks-wrapped applications are using the default SocksPort
- When I monitor the network connections of Gobby
- And I run "torsocks /usr/bin/gobby-0.5" in GNOME Terminal
- And I connect Gobby to "gobby.debian.org"
- Then I see that Gobby is properly stream isolated
diff --git a/features/torified_browsing.feature b/features/torified_browsing.feature
deleted file mode 100644
index 7de383d..0000000
--- a/features/torified_browsing.feature
+++ /dev/null
@@ -1,171 +0,0 @@
-@product
-Feature: Browsing the web using the Tor Browser
- As a Tails user
- when I browse the web using the Tor Browser
- all Internet traffic should flow only through Tor
-
- #11591, #11592
- @fragile
- Scenario: The Tor Browser cannot access the LAN
- Given I have started Tails from DVD and logged in and the network is connected
- And a web server is running on the LAN
- And I capture all network traffic
- When I start the Tor Browser
- And the Tor Browser has started and loaded the startup page
- And I open a page on the LAN web server in the Tor Browser
- Then the Tor Browser shows the "Unable to connect" error
- And no traffic was sent to the web server on the LAN
-
- #11592
- @check_tor_leaks @fragile
- Scenario: The Tor Browser directory is usable
- Given I have started Tails from DVD and logged in and the network is connected
- Then the amnesiac Tor Browser directory exists
- And there is a GNOME bookmark for the amnesiac Tor Browser directory
- And the persistent Tor Browser directory does not exist
- When I start the Tor Browser
- And the Tor Browser has started and loaded the startup page
- Then I can save the current page as "index.html" to the default downloads directory
- And I can print the current page as "output.pdf" to the default downloads directory
-
- #11592
- @check_tor_leaks @fragile
- Scenario: Downloading files with the Tor Browser
- Given I have started Tails from DVD and logged in and the network is connected
- When I start the Tor Browser
- Then the Tor Browser has started and loaded the startup page
- When I download some file in the Tor Browser
- Then I get the browser download dialog
- When I save the file to the default Tor Browser download directory
- Then the file is saved to the default Tor Browser download directory
-
- #11592
- @check_tor_leaks @fragile
- Scenario: Playing HTML5 audio
- Given I have started Tails from DVD and logged in and the network is connected
- When I start the Tor Browser
- And the Tor Browser has started and loaded the startup page
- And no application is playing audio
- And I open the address "http://www.terrillthompson.com/tests/html5-audio.html" in the Tor Browser
- And I click the HTML5 play button
- And 1 application is playing audio after 10 seconds
-
- @check_tor_leaks
- Scenario: Watching a WebM video
- Given I have started Tails from DVD and logged in and the network is connected
- When I start the Tor Browser
- And the Tor Browser has started and loaded the startup page
- And I open the address "https://tails.boum.org/lib/test_suite/test.webm" in the Tor Browser
- And I click the blocked video icon
- And I see "TorBrowserNoScriptTemporarilyAllowDialog.png" after at most 30 seconds
- And I accept to temporarily allow playing this video
- Then I see "TorBrowserSampleRemoteWebMVideoFrame.png" after at most 180 seconds
-
- #11592
- @fragile
- Scenario: I can view a file stored in "~/Tor Browser" but not in ~/.gnupg
- Given I have started Tails from DVD and logged in and the network is connected
- And I copy "/usr/share/synaptic/html/index.html" to "/home/amnesia/Tor Browser/synaptic.html" as user "amnesia"
- And I copy "/usr/share/synaptic/html/index.html" to "/home/amnesia/.gnupg/synaptic.html" as user "amnesia"
- And I copy "/usr/share/synaptic/html/index.html" to "/tmp/synaptic.html" as user "amnesia"
- Then the file "/home/amnesia/.gnupg/synaptic.html" exists
- And the file "/lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html" exists
- And the file "/live/overlay/home/amnesia/.gnupg/synaptic.html" exists
- And the file "/tmp/synaptic.html" exists
- Given I start monitoring the AppArmor log of "/usr/local/lib/tor-browser/firefox"
- When I start the Tor Browser
- And the Tor Browser has started and loaded the startup page
- And I open the address "file:///home/amnesia/Tor Browser/synaptic.html" in the Tor Browser
- Then I see "TorBrowserSynapticManual.png" after at most 5 seconds
- And AppArmor has not denied "/usr/local/lib/tor-browser/firefox" from opening "/home/amnesia/Tor Browser/synaptic.html"
- Given I restart monitoring the AppArmor log of "/usr/local/lib/tor-browser/firefox"
- When I open the address "file:///home/amnesia/.gnupg/synaptic.html" in the Tor Browser
- Then I do not see "TorBrowserSynapticManual.png" after at most 5 seconds
- And AppArmor has denied "/usr/local/lib/tor-browser/firefox" from opening "/home/amnesia/.gnupg/synaptic.html"
- Given I restart monitoring the AppArmor log of "/usr/local/lib/tor-browser/firefox"
- When I open the address "file:///lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html" in the Tor Browser
- Then I do not see "TorBrowserSynapticManual.png" after at most 5 seconds
- And AppArmor has denied "/usr/local/lib/tor-browser/firefox" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html"
- Given I restart monitoring the AppArmor log of "/usr/local/lib/tor-browser/firefox"
- When I open the address "file:///live/overlay/home/amnesia/.gnupg/synaptic.html" in the Tor Browser
- Then I do not see "TorBrowserSynapticManual.png" after at most 5 seconds
- # Due to our AppArmor aliases, /live/overlay will be treated
- # as /lib/live/mount/overlay.
- And AppArmor has denied "/usr/local/lib/tor-browser/firefox" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html"
- # We do not get any AppArmor log for when access to files in /tmp is denied
- # since we explictly override (commit 51c0060) the rules (from the user-tmp
- # abstration) that would otherwise allow it, and we do so with "deny", which
- # also specifies "noaudit". We could explicitly specify "audit deny" and
- # then have logs, but it could be a problem when we set up desktop
- # notifications for AppArmor denials (#9337).
- When I open the address "file:///tmp/synaptic.html" in the Tor Browser
- Then I do not see "TorBrowserSynapticManual.png" after at most 5 seconds
-
- @doc
- Scenario: The "Tails documentation" link on the Desktop works
- Given I have started Tails from DVD and logged in and the network is connected
- When I double-click on the "Tails documentation" link on the Desktop
- Then the Tor Browser has started
- And "Tails - Getting started..." has loaded in the Tor Browser
-
- Scenario: The Tor Browser uses TBB's shared libraries
- Given I have started Tails from DVD and logged in and the network is connected
- When I start the Tor Browser
- And the Tor Browser has started
- Then the Tor Browser uses all expected TBB shared libraries
-
- #11592
- @check_tor_leaks @fragile
- Scenario: The Tor Browser's "New identity" feature works as expected
- Given I have started Tails from DVD and logged in and the network is connected
- When I start the Tor Browser
- And the Tor Browser has started and loaded the startup page
- And I open Tails homepage in the Tor Browser
- Then Tails homepage loads in the Tor Browser
- When I request a new identity using Torbutton
- And I acknowledge Torbutton's New Identity confirmation prompt
- Then the Tor Browser loads the startup page
-
- #11592
- @fragile
- Scenario: The Tor Browser should not have any plugins enabled
- Given I have started Tails from DVD and logged in and the network is connected
- When I start the Tor Browser
- And the Tor Browser has started and loaded the startup page
- Then the Tor Browser has no plugins installed
-
- #11592
- @fragile
- Scenario: The persistent Tor Browser directory is usable
- Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
- And the network is plugged
- And Tor is ready
- And available upgrades have been checked
- And all notifications have disappeared
- Then the persistent Tor Browser directory exists
- And there is a GNOME bookmark for the persistent Tor Browser directory
- When I start the Tor Browser
- And the Tor Browser has started and loaded the startup page
- And I can save the current page as "index.html" to the persistent Tor Browser directory
- When I open the address "file:///home/amnesia/Persistent/Tor Browser/index.html" in the Tor Browser
- Then I see "TorBrowserSavedStartupPage.png" after at most 10 seconds
- And I can print the current page as "output.pdf" to the persistent Tor Browser directory
-
- #11585
- @fragile
- Scenario: Persistent browser bookmarks
- Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
- And all persistence presets are enabled
- And all persistent filesystems have safe access rights
- And all persistence configuration files have safe access rights
- And all persistent directories have safe access rights
- And I start the Tor Browser in offline mode
- And the Tor Browser has started in offline mode
- And I add a bookmark to eff.org in the Tor Browser
- And I warm reboot the computer
- And the computer reboots Tails
- And I enable read-only persistence
- And I log in to a new session
- And I start the Tor Browser in offline mode
- And the Tor Browser has started in offline mode
- Then the Tor Browser has a bookmark to eff.org
diff --git a/features/torified_git.feature b/features/torified_git.feature
deleted file mode 100644
index cbb3963..0000000
--- a/features/torified_git.feature
+++ /dev/null
@@ -1,23 +0,0 @@
-@product @check_tor_leaks
-Feature: Cloning a Git repository
- As a Tails user
- when I clone a Git repository
- all Internet traffic should flow only through Tor
-
- Background:
- Given I have started Tails from DVD and logged in and the network is connected
-
- #11563
- @fragile
- Scenario: Cloning a Git repository anonymously over HTTPS
- When I clone the Git repository "https://git-tails.immerda.ch/myprivatekeyispublic/testing" in GNOME Terminal
- Then the Git repository "testing" has been cloned successfully
-
- Scenario: Cloning a Git repository anonymously over the Git protocol
- When I clone the Git repository "git://git.tails.boum.org/myprivatekeyispublic/testing" in GNOME Terminal
- Then the Git repository "testing" has been cloned successfully
-
- Scenario: Cloning git repository over SSH
- Given I have the SSH key pair for a Git repository
- When I clone the Git repository "tails@git.tails.boum.org:myprivatekeyispublic/testing" in GNOME Terminal
- Then the Git repository "testing" has been cloned successfully
diff --git a/features/torified_gnupg.feature b/features/torified_gnupg.feature
deleted file mode 100644
index bba2744..0000000
--- a/features/torified_gnupg.feature
+++ /dev/null
@@ -1,53 +0,0 @@
-@product @check_tor_leaks
-Feature: Keyserver interaction with GnuPG
- As a Tails user
- when I interact with keyservers using various GnuPG tools
- the configured keyserver must be used
- and all Internet traffic should flow only through Tor.
-
- Background:
- Given I have started Tails from DVD and logged in and the network is connected
- And the "10CC5BC7" OpenPGP key is not in the live user's public keyring
-
- Scenario: Seahorse is configured to use the correct keyserver
- Then Seahorse is configured to use the correct keyserver
-
- Scenario: Fetching OpenPGP keys using GnuPG should work and be done over Tor.
- When I fetch the "10CC5BC7" OpenPGP key using the GnuPG CLI
- Then GnuPG uses the configured keyserver
- And the GnuPG fetch is successful
- And the "10CC5BC7" key is in the live user's public keyring
-
- Scenario: Fetching OpenPGP keys using Seahorse should work and be done over Tor.
- When I fetch the "10CC5BC7" OpenPGP key using Seahorse
- And the Seahorse operation is successful
- Then the "10CC5BC7" key is in the live user's public keyring
-
- Scenario: Fetching OpenPGP keys using Seahorse via the OpenPGP Applet should work and be done over Tor.
- When I fetch the "10CC5BC7" OpenPGP key using Seahorse via the OpenPGP Applet
- And the Seahorse operation is successful
- Then the "10CC5BC7" key is in the live user's public keyring
-
- Scenario: Syncing OpenPGP keys using Seahorse should work and be done over Tor.
- Given I fetch the "10CC5BC7" OpenPGP key using the GnuPG CLI without any signatures
- And the GnuPG fetch is successful
- And the "10CC5BC7" key is in the live user's public keyring
- But the key "10CC5BC7" has only 2 signatures
- When I start Seahorse
- Then Seahorse has opened
- And I enable key synchronization in Seahorse
- And I synchronize keys in Seahorse
- And the Seahorse operation is successful
- Then the key "10CC5BC7" has more than 2 signatures
-
- Scenario: Syncing OpenPGP keys using Seahorse started from the OpenPGP Applet should work and be done over Tor.
- Given I fetch the "10CC5BC7" OpenPGP key using the GnuPG CLI without any signatures
- And the GnuPG fetch is successful
- And the "10CC5BC7" key is in the live user's public keyring
- But the key "10CC5BC7" has only 2 signatures
- When I start Seahorse via the OpenPGP Applet
- Then Seahorse has opened
- And I enable key synchronization in Seahorse
- And I synchronize keys in Seahorse
- And the Seahorse operation is successful
- Then the key "10CC5BC7" has more than 2 signatures
diff --git a/features/torified_misc.feature b/features/torified_misc.feature
deleted file mode 100644
index aab694a..0000000
--- a/features/torified_misc.feature
+++ /dev/null
@@ -1,24 +0,0 @@
-@product @check_tor_leaks
-Feature: Various checks for torified software
-
- Background:
- Given I have started Tails from DVD and logged in and the network is connected
-
- Scenario: wget(1) should work for HTTP and go through Tor.
- When I wget "http://example.com/" to stdout
- Then the wget command is successful
- And the wget standard output contains "Example Domain"
-
- Scenario: wget(1) should work for HTTPS and go through Tor.
- When I wget "https://example.com/" to stdout
- Then the wget command is successful
- And the wget standard output contains "Example Domain"
-
- Scenario: wget(1) with tricky options should work for HTTP and go through Tor.
- When I wget "some Tails mirror" to stdout with the '--spider --header="Host: dl.amnesia.boum.org"' options
- Then the wget command is successful
-
- Scenario: whois(1) should work and go through Tor.
- When I query the whois directory service for "torproject.org"
- Then the whois command is successful
- Then the whois standard output contains "The Tor Project"
diff --git a/features/totem.feature b/features/totem.feature
deleted file mode 100644
index 2944739..0000000
--- a/features/totem.feature
+++ /dev/null
@@ -1,64 +0,0 @@
-@product
-Feature: Using Totem
- As a Tails user
- I want to watch local and remote videos in Totem
- And AppArmor should prevent Totem from doing dangerous things
- And all Internet traffic should flow only through Tor
-
- Background:
- Given I create sample videos
-
- Scenario: Watching a MP4 video stored on the non-persistent filesystem
- Given I have started Tails from DVD without network and logged in
- And I plug and mount a USB drive containing sample videos
- And I copy the sample videos to "/home/amnesia" as user "amnesia"
- And the file "/home/amnesia/video.mp4" exists
- Given I start monitoring the AppArmor log of "/usr/bin/totem"
- When I open "/home/amnesia/video.mp4" with Totem
- Then I see "SampleLocalMp4VideoFrame.png" after at most 40 seconds
- And AppArmor has not denied "/usr/bin/totem" from opening "/home/amnesia/video.mp4"
- Given I close Totem
- And I copy the sample videos to "/home/amnesia/.gnupg" as user "amnesia"
- And the file "/home/amnesia/.gnupg/video.mp4" exists
- And I restart monitoring the AppArmor log of "/usr/bin/totem"
- When I try to open "/home/amnesia/.gnupg/video.mp4" with Totem
- Then I see "TotemUnableToOpen.png" after at most 10 seconds
- And AppArmor has denied "/usr/bin/totem" from opening "/home/amnesia/.gnupg/video.mp4"
- Given I close Totem
- And the file "/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4" exists
- And I restart monitoring the AppArmor log of "/usr/bin/totem"
- When I try to open "/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4" with Totem
- Then I see "TotemUnableToOpen.png" after at most 10 seconds
- And AppArmor has denied "/usr/bin/totem" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4"
- Given I close Totem
- And the file "/live/overlay/home/amnesia/.gnupg/video.mp4" exists
- And I restart monitoring the AppArmor log of "/usr/bin/totem"
- When I try to open "/live/overlay/home/amnesia/.gnupg/video.mp4" with Totem
- Then I see "TotemUnableToOpen.png" after at most 10 seconds
- # Due to our AppArmor aliases, /live/overlay will be treated
- # as /lib/live/mount/overlay.
- And AppArmor has denied "/usr/bin/totem" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4"
- Given I close Totem
- And I copy "/home/amnesia/video.mp4" to "/home/amnesia/.purple/otr.private_key" as user "amnesia"
- And I restart monitoring the AppArmor log of "/usr/bin/totem"
- When I try to open "/home/amnesia/.purple/otr.private_key" with Totem
- Then I see "TotemUnableToOpen.png" after at most 10 seconds
- And AppArmor has denied "/usr/bin/totem" from opening "/home/amnesia/.purple/otr.private_key"
-
- @check_tor_leaks @fragile
- Scenario: Watching a WebM video over HTTPS
- Given I have started Tails from DVD and logged in and the network is connected
- Then I can watch a WebM video over HTTPs
-
- Scenario: Watching MP4 videos stored on the persistent volume should work as expected given our AppArmor confinement
- Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
- And I plug and mount a USB drive containing sample videos
- And I copy the sample videos to "/home/amnesia/Persistent" as user "amnesia"
- When I open "/home/amnesia/Persistent/video.mp4" with Totem
- Then I see "SampleLocalMp4VideoFrame.png" after at most 40 seconds
- Given I close Totem
- And I start monitoring the AppArmor log of "/usr/bin/totem"
- And I copy the sample videos to "/home/amnesia/.gnupg" as user "amnesia"
- When I try to open "/home/amnesia/.gnupg/video.mp4" with Totem
- Then I see "TotemUnableToOpen.png" after at most 10 seconds
- And AppArmor has denied "/usr/bin/totem" from opening "/home/amnesia/.gnupg/video.mp4"
diff --git a/features/unsafe_browser.feature b/features/unsafe_browser.feature
deleted file mode 100644
index a0a26fa..0000000
--- a/features/unsafe_browser.feature
+++ /dev/null
@@ -1,71 +0,0 @@
-@product
-Feature: Browsing the web using the Unsafe Browser
- As a Tails user
- when I browse the web using the Unsafe Browser
- I should have direct access to the web
-
- #11458
- @fragile
- Scenario: The Unsafe Browser can access the LAN
- Given I have started Tails from DVD and logged in and the network is connected
- And a web server is running on the LAN
- When I successfully start the Unsafe Browser
- And I open a page on the LAN web server in the Unsafe Browser
- Then I see "UnsafeBrowserHelloLANWebServer.png" after at most 20 seconds
-
- #11458
- @fragile
- Scenario: Starting the Unsafe Browser works as it should.
- Given I have started Tails from DVD and logged in and the network is connected
- When I successfully start the Unsafe Browser
- Then the Unsafe Browser runs as the expected user
- And the Unsafe Browser has a red theme
- And the Unsafe Browser shows a warning as its start page
- And the Unsafe Browser has no plugins installed
- And the Unsafe Browser has no add-ons installed
- And the Unsafe Browser has only Firefox's default bookmarks configured
- And the Unsafe Browser has no proxy configured
- And the Unsafe Browser uses all expected TBB shared libraries
-
- #11457, #11458
- @fragile
- Scenario: Closing the Unsafe Browser shows a stop notification and properly tears down the chroot.
- Given I have started Tails from DVD and logged in and the network is connected
- When I successfully start the Unsafe Browser
- And I close the Unsafe Browser
- Then I see the Unsafe Browser stop notification
- And the Unsafe Browser chroot is torn down
-
- #11458
- @fragile
- Scenario: Starting a second instance of the Unsafe Browser results in an error message being shown.
- Given I have started Tails from DVD and logged in and the network is connected
- When I successfully start the Unsafe Browser
- And I start the Unsafe Browser
- Then I see a warning about another instance already running
-
- #11458
- @fragile
- Scenario: The Unsafe Browser cannot be configured to use Tor and other local proxies.
- Given I have started Tails from DVD and logged in and the network is connected
- When I successfully start the Unsafe Browser
- Then I cannot configure the Unsafe Browser to use any local proxies
-
- #11458
- @fragile
- Scenario: The Unsafe Browser will not make any connections to the Internet which are not user initiated
- Given I have started Tails from DVD and logged in and the network is connected
- And I capture all network traffic
- And Tor is ready
- And I configure the Unsafe Browser to check for updates more frequently
- But checking for updates is disabled in the Unsafe Browser's configuration
- When I successfully start the Unsafe Browser
- Then the Unsafe Browser has started
- And I wait 120 seconds
- And the clearnet user has not sent packets out to the Internet
- And all Internet traffic has only flowed through Tor
-
- Scenario: Starting the Unsafe Browser without a network connection results in a complaint about no DNS server being configured
- Given I have started Tails from DVD without network and logged in
- When I start the Unsafe Browser
- Then the Unsafe Browser complains that no DNS server is configured
diff --git a/features/untrusted_partitions.feature b/features/untrusted_partitions.feature
deleted file mode 100644
index ff94cd5..0000000
--- a/features/untrusted_partitions.feature
+++ /dev/null
@@ -1,79 +0,0 @@
-@product
-Feature: Untrusted partitions
- As a Tails user
- I don't want to touch other media than the one Tails runs from
-
- Scenario: Tails will not enable disk swap
- Given a computer
- And I temporarily create a 100 MiB disk named "swap"
- And I create a gpt swap partition on disk "swap"
- And I plug sata drive "swap"
- When I start Tails with network unplugged and I login
- Then a "swap" partition was detected by Tails on drive "swap"
- But Tails has no disk swap enabled
-
- Scenario: Tails will detect LUKS-encrypted GPT partitions labeled "TailsData" stored on USB drives as persistence volumes when the removable flag is set
- Given a computer
- And I temporarily create a 100 MiB disk named "fake_TailsData"
- And I create a gpt partition labeled "TailsData" with an ext4 filesystem encrypted with password "asdf" on disk "fake_TailsData"
- And I plug removable usb drive "fake_TailsData"
- When I start the computer
- And the computer boots Tails
- Then drive "fake_TailsData" is detected by Tails
- And Tails Greeter has detected a persistence partition
-
- Scenario: Tails will not detect LUKS-encrypted GPT partitions labeled "TailsData" stored on USB drives as persistence volumes when the removable flag is unset
- Given a computer
- And I temporarily create a 100 MiB disk named "fake_TailsData"
- And I create a gpt partition labeled "TailsData" with an ext4 filesystem encrypted with password "asdf" on disk "fake_TailsData"
- And I plug non-removable usb drive "fake_TailsData"
- When I start the computer
- And the computer boots Tails
- Then drive "fake_TailsData" is detected by Tails
- And Tails Greeter has not detected a persistence partition
-
- Scenario: Tails will not detect LUKS-encrypted GPT partitions labeled "TailsData" stored on local hard drives as persistence volumes
- Given a computer
- And I temporarily create a 100 MiB disk named "fake_TailsData"
- And I create a gpt partition labeled "TailsData" with an ext4 filesystem encrypted with password "asdf" on disk "fake_TailsData"
- And I plug sata drive "fake_TailsData"
- When I start the computer
- And the computer boots Tails
- Then drive "fake_TailsData" is detected by Tails
- And Tails Greeter has not detected a persistence partition
-
- Scenario: Tails can boot from live systems stored on hard drives
- Given a computer
- And I temporarily create a 2 GiB disk named "live_hd"
- And I cat an ISO of the Tails image to disk "live_hd"
- And the computer is set to boot from sata drive "live_hd"
- And I set Tails to boot with options "live-media="
- When I start Tails with network unplugged and I login
- Then Tails is running from sata drive "live_hd"
-
- Scenario: Tails booting from a DVD does not use live systems stored on hard drives
- Given a computer
- And I temporarily create a 2 GiB disk named "live_hd"
- And I cat an ISO of the Tails image to disk "live_hd"
- And I plug sata drive "live_hd"
- And I start Tails from DVD with network unplugged and I login
- Then drive "live_hd" is detected by Tails
- And drive "live_hd" is not mounted
-
- Scenario: Booting Tails does not automount untrusted ext2 partitions
- Given a computer
- And I temporarily create a 100 MiB disk named "gpt_ext2"
- And I create a gpt partition with an ext2 filesystem on disk "gpt_ext2"
- And I plug sata drive "gpt_ext2"
- And I start Tails from DVD with network unplugged and I login
- Then drive "gpt_ext2" is detected by Tails
- And drive "gpt_ext2" is not mounted
-
- Scenario: Booting Tails does not automount untrusted fat32 partitions
- Given a computer
- And I temporarily create a 100 MiB disk named "msdos_fat32"
- And I create an msdos partition with a vfat filesystem on disk "msdos_fat32"
- And I plug sata drive "msdos_fat32"
- And I start Tails from DVD with network unplugged and I login
- Then drive "msdos_fat32" is detected by Tails
- And drive "msdos_fat32" is not mounted
diff --git a/features/usb_install.feature b/features/usb_install.feature
deleted file mode 100644
index 64da8ee..0000000
--- a/features/usb_install.feature
+++ /dev/null
@@ -1,95 +0,0 @@
-@product
-Feature: Installing Tails to a USB drive
- As a Tails user
- I want to install Tails to a suitable USB drive
-
- Scenario: Try installing Tails to a too small USB drive
- Given I have started Tails from DVD without network and logged in
- And I temporarily create a 2 GiB disk named "too-small-device"
- And I start Tails Installer in "Clone & Install" mode
- But a suitable USB device is not found
- When I plug USB drive "too-small-device"
- Then Tails Installer detects that a device is too small
- And a suitable USB device is not found
- When I unplug USB drive "too-small-device"
- And I create a 4 GiB disk named "big-enough"
- And I plug USB drive "big-enough"
- Then the "big-enough" USB drive is selected
-
- Scenario: Detecting when a target USB drive is inserted or removed
- Given I have started Tails from DVD without network and logged in
- And I temporarily create a 4 GiB disk named "temp"
- And I start Tails Installer in "Clone & Install" mode
- But a suitable USB device is not found
- When I plug USB drive "temp"
- Then the "temp" USB drive is selected
- When I unplug USB drive "temp"
- Then no USB drive is selected
- And a suitable USB device is not found
-
- Scenario: Installing Tails to a pristine USB drive
- Given I have started Tails from DVD without network and logged in
- And I temporarily create a 4 GiB disk named "install"
- And I plug USB drive "install"
- And I "Clone & Install" Tails to USB drive "install"
- Then the running Tails is installed on USB drive "install"
- But there is no persistence partition on USB drive "install"
-
- Scenario: Booting Tails from a USB drive without a persistent partition and creating one
- Given I have started Tails without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen
- And I log in to a new session
- When I create a persistent partition
- Then a Tails persistence partition exists on USB drive "__internal"
-
- Scenario: Booting Tails from a USB drive without a persistent partition
- Given I have started Tails without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen
- When I log in to a new session
- Then Tails is running from USB drive "__internal"
- And the persistent Tor Browser directory does not exist
- And there is no persistence partition on USB drive "__internal"
-
- #11583
- @fragile
- Scenario: Booting Tails from a USB drive in UEFI mode
- Given I have started Tails without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen
- Then I power off the computer
- Given the computer is set to boot in UEFI mode
- When I start Tails from USB drive "__internal" with network unplugged and I login
- Then the boot device has safe access rights
- And Tails is running from USB drive "__internal"
- And the boot device has safe access rights
- And Tails has started in UEFI mode
-
- Scenario: Installing Tails to a USB drive with an MBR partition table but no partitions, and making sure that it boots
- Given I have started Tails from DVD without network and logged in
- And I temporarily create a 4 GiB disk named "mbr"
- And I create a msdos label on disk "mbr"
- And I plug USB drive "mbr"
- And I "Clone & Install" Tails to USB drive "mbr"
- Then the running Tails is installed on USB drive "mbr"
- But there is no persistence partition on USB drive "mbr"
- When I shutdown Tails and wait for the computer to power off
- And I start Tails from USB drive "mbr" with network unplugged and I login
- Then Tails is running from USB drive "mbr"
- And the boot device has safe access rights
- And there is no persistence partition on USB drive "mbr"
-
- Scenario: Cat:ing a Tails isohybrid to a USB drive and booting it, then trying to upgrading it but ending up having to do a fresh installation, which boots
- Given a computer
- And I temporarily create a 4 GiB disk named "isohybrid"
- And I cat an ISO of the Tails image to disk "isohybrid"
- And I start Tails from USB drive "isohybrid" with network unplugged and I login
- Then Tails is running from USB drive "isohybrid"
- When I shutdown Tails and wait for the computer to power off
- And I start Tails from DVD with network unplugged and I login
- And I try a "Clone & Upgrade" Tails to USB drive "isohybrid"
- Then I am suggested to do a "Clone & Install"
- When I kill the process "tails-installer"
- And I "Clone & Install" Tails to USB drive "isohybrid"
- Then the running Tails is installed on USB drive "isohybrid"
- But there is no persistence partition on USB drive "isohybrid"
- When I shutdown Tails and wait for the computer to power off
- And I start Tails from USB drive "isohybrid" with network unplugged and I login
- Then Tails is running from USB drive "isohybrid"
- And the boot device has safe access rights
- And there is no persistence partition on USB drive "isohybrid"
diff --git a/features/usb_upgrade.feature b/features/usb_upgrade.feature
deleted file mode 100644
index 33cc0da..0000000
--- a/features/usb_upgrade.feature
+++ /dev/null
@@ -1,179 +0,0 @@
-@product
-Feature: Upgrading an old Tails USB installation
- As a Tails user
- If I have an old versoin of Tails installed on a USB device
- and the USB device has a persistent partition
- I want to upgrade Tails on it
- and keep my persistent partition in the process
-
- # An issue with this feature is that scenarios depend on each
- # other. When editing this feature, make sure you understand these
- # dependencies (which are documented below).
-
- Scenario: Try to "Upgrade from ISO" Tails to a pristine USB drive
- Given I have started Tails from DVD without network and logged in
- And I plug and mount a USB drive containing the Tails ISO
- And I temporarily create a 4 GiB disk named "pristine"
- And I plug USB drive "pristine"
- And I start Tails Installer in "Upgrade from ISO" mode
- Then a suitable USB device is not found
- And I am told that the destination device cannot be upgraded
-
- Scenario: Try to "Clone & Upgrade" Tails to a pristine USB drive
- Given I have started Tails from DVD without network and logged in
- And I temporarily create a 4 GiB disk named "pristine"
- And I plug USB drive "pristine"
- And I start Tails Installer in "Clone & Upgrade" mode
- Then a suitable USB device is not found
- And I am told that the destination device cannot be upgraded
-
- Scenario: Try to "Upgrade from ISO" Tails to a USB drive with GPT and a FAT partition
- Given I have started Tails from DVD without network and logged in
- And I plug and mount a USB drive containing the Tails ISO
- And I temporarily create a 4 GiB disk named "gptfat"
- And I create a gpt partition with a vfat filesystem on disk "gptfat"
- And I plug USB drive "gptfat"
- And I start Tails Installer in "Upgrade from ISO" mode
- Then a suitable USB device is not found
- And I am told that the destination device cannot be upgraded
-
- Scenario: Try to "Clone & Upgrade" Tails to a USB drive with GPT and a FAT partition
- Given I have started Tails from DVD without network and logged in
- And I temporarily create a 4 GiB disk named "gptfat"
- And I create a gpt partition with a vfat filesystem on disk "gptfat"
- And I plug USB drive "gptfat"
- And I start Tails Installer in "Clone & Upgrade" mode
- Then a suitable USB device is not found
- And I am told that the destination device cannot be upgraded
-
- Scenario: Installing an old version of Tails to a pristine USB drive
- Given a computer
- And the computer is set to boot from the old Tails DVD
- And the network is unplugged
- And I start the computer
- When the computer boots Tails
- And I log in to a new session
- And all notifications have disappeared
- And I create a 4 GiB disk named "old"
- And I plug USB drive "old"
- And I "Clone & Install" Tails to USB drive "old"
- Then the running Tails is installed on USB drive "old"
- But there is no persistence partition on USB drive "old"
- And I unplug USB drive "old"
-
- # Depends on scenario: Installing an old version of Tails to a pristine USB drive
- Scenario: Creating a persistent partition with the old Tails USB installation
- Given a computer
- And I start Tails from USB drive "old" with network unplugged and I login
- Then Tails is running from USB drive "old"
- And I create a persistent partition
- And I take note of which persistence presets are available
- Then a Tails persistence partition exists on USB drive "old"
- And I shutdown Tails and wait for the computer to power off
-
- # Depends on scenario: Creating a persistent partition with the old Tails USB installation
- Scenario: Writing files to a read/write-enabled persistent partition with the old Tails USB installation
- Given a computer
- And I start Tails from USB drive "old" with network unplugged and I login with persistence enabled
- Then Tails is running from USB drive "old"
- And all persistence presets are enabled
- And I write some files expected to persist
- And all persistent filesystems have safe access rights
- And all persistence configuration files have safe access rights
- And all persistent directories from the old Tails version have safe access rights
- And I take note of which persistence presets are available
- And I shutdown Tails and wait for the computer to power off
- # XXX: how does guestfs work vs snapshots?
- Then only the expected files are present on the persistence partition on USB drive "old"
-
- # Depends on scenario: Writing files to a read/write-enabled persistent partition with the old Tails USB installation
- Scenario: Upgrading an old Tails USB installation from a Tails DVD
- Given I have started Tails from DVD without network and logged in
- And I clone USB drive "old" to a new USB drive "to_upgrade"
- And I plug USB drive "to_upgrade"
- When I "Clone & Upgrade" Tails to USB drive "to_upgrade"
- Then the running Tails is installed on USB drive "to_upgrade"
- And I unplug USB drive "to_upgrade"
-
- # Depends on scenario: Upgrading an old Tails USB installation from a Tails DVD
- Scenario: Booting Tails from a USB drive upgraded from DVD with persistence enabled
- Given a computer
- And I start Tails from USB drive "to_upgrade" with network unplugged and I login with persistence enabled
- Then all persistence presets from the old Tails version are enabled
- And Tails is running from USB drive "to_upgrade"
- And the boot device has safe access rights
- And the expected persistent files created with the old Tails version are present in the filesystem
- And all persistent directories from the old Tails version have safe access rights
-
- # Depends on scenario: Writing files to a read/write-enabled persistent partition with the old Tails USB installation
- Scenario: Upgrading an old Tails USB installation from another Tails USB drive
- Given I have started Tails without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen
- And I log in to a new session
- And I clone USB drive "old" to a new USB drive "to_upgrade"
- And I plug USB drive "to_upgrade"
- When I "Clone & Upgrade" Tails to USB drive "to_upgrade"
- Then the running Tails is installed on USB drive "to_upgrade"
- And I unplug USB drive "to_upgrade"
- And I unplug USB drive "__internal"
-
- # Depends on scenario: Upgrading an old Tails USB installation from another Tails USB drive
- Scenario: Booting Tails from a USB drive upgraded from USB with persistence enabled
- Given a computer
- And I start Tails from USB drive "to_upgrade" with network unplugged and I login with persistence enabled
- Then all persistence presets from the old Tails version are enabled
- And Tails is running from USB drive "to_upgrade"
- And the boot device has safe access rights
- And the expected persistent files created with the old Tails version are present in the filesystem
- And all persistent directories from the old Tails version have safe access rights
-
- # Depends on scenario: Writing files to a read/write-enabled persistent partition with the old Tails USB installation
- Scenario: Upgrading an old Tails USB installation from an ISO image, running on the old version
- Given a computer
- And I clone USB drive "old" to a new USB drive "to_upgrade"
- When I start Tails from USB drive "old" with network unplugged and I login
- And I plug and mount a USB drive containing the Tails ISO
- And I plug USB drive "to_upgrade"
- And I do a "Upgrade from ISO" on USB drive "to_upgrade"
- Then the ISO's Tails is installed on USB drive "to_upgrade"
- And I unplug USB drive "to_upgrade"
-
- # Depends on scenario: Writing files to a read/write-enabled persistent partition with the old Tails USB installation
- Scenario: Upgrading an old Tails USB installation from an ISO image, running on the new version
- Given I have started Tails from DVD without network and logged in
- And I plug and mount a USB drive containing the Tails ISO
- And I clone USB drive "old" to a new USB drive "to_upgrade"
- And I plug USB drive "to_upgrade"
- And I do a "Upgrade from ISO" on USB drive "to_upgrade"
- Then the ISO's Tails is installed on USB drive "to_upgrade"
- And I unplug USB drive "to_upgrade"
-
- # Depends on scenario: Upgrading an old Tails USB installation from an ISO image, running on the new version
- Scenario: Booting a USB drive upgraded from ISO with persistence enabled
- Given a computer
- And I start Tails from USB drive "to_upgrade" with network unplugged and I login with persistence enabled
- Then all persistence presets from the old Tails version are enabled
- And Tails is running from USB drive "to_upgrade"
- And the boot device has safe access rights
- And the expected persistent files created with the old Tails version are present in the filesystem
- And all persistent directories from the old Tails version have safe access rights
-
- Scenario: Upgrading Tails with Tails Upgrader through an incremental upgrade
- Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
- And Tails is fooled to think it is running version 1.0~test
- And the file system changes introduced in version 1.1~test are not present
- When the network is plugged
- And Tor is ready
- And all notifications have disappeared
- Then I am proposed to install an incremental upgrade to version 1.1~test
- And I can successfully install the incremental upgrade to version 1.1~test
- Given I shutdown Tails and wait for the computer to power off
- When I start Tails from USB drive "__internal" with network unplugged and I login with persistence enabled
- Then Tails is running version 1.1~test
- And all persistence presets are enabled
- And the file system changes introduced in version 1.1~test are present
- When the network is plugged
- And the network connection is ready within 30 seconds
- And all notifications have disappeared
- # Regression test on #8158 (i.e. the IUK's filesystem is not part of the Unsafe Browser's chroot)
- And I successfully start the Unsafe Browser
- Then the file system changes introduced in version 1.1~test are present in the Unsafe Browser's chroot
diff --git a/features/virtualization.feature b/features/virtualization.feature
deleted file mode 100644
index 38a4e80..0000000
--- a/features/virtualization.feature
+++ /dev/null
@@ -1,9 +0,0 @@
-@product
-Feature: Virtualization support
-
- Scenario: VirtualBox guest modules are available
- Given a computer
- And the computer is an old pentium without the PAE extension
- And I start Tails from DVD with network unplugged and I login
- When Tails has booted a 32-bit kernel
- Then the VirtualBox guest modules are available