summaryrefslogtreecommitdiffstats
path: root/features/root_access_control.feature
diff options
context:
space:
mode:
Diffstat (limited to 'features/root_access_control.feature')
-rw-r--r--features/root_access_control.feature27
1 files changed, 8 insertions, 19 deletions
diff --git a/features/root_access_control.feature b/features/root_access_control.feature
index fea20ff..5f67487 100644
--- a/features/root_access_control.feature
+++ b/features/root_access_control.feature
@@ -1,27 +1,16 @@
@product
Feature: Root access control enforcement
- As a Tails user
- when I set an administration password in Tails Greeter
- I can use the password for attaining administrative privileges.
- But when I do not set an administration password
- I should not be able to attain administration privileges at all.
+ As a Tails user, I can perform administrative tasks only by using
+ the password I have optionally set up in the Welcome Screen
- Scenario: If an administrative password is set in Tails Greeter the live user should be able to run arbitrary commands with administrative privileges.
- Given I have started Tails from DVD without network and logged in with an administration password
- Then I should be able to run administration commands as the live user
-
- Scenario: If no administrative password is set in Tails Greeter the live user should not be able to run arbitrary commands administrative privileges.
- Given I have started Tails from DVD without network and logged in
- Then I should not be able to run administration commands as the live user with the "" password
- And I should not be able to run administration commands as the live user with the "amnesia" password
- And I should not be able to run administration commands as the live user with the "live" password
-
- Scenario: If an administrative password is set in Tails Greeter the live user should be able to get administrative privileges through PolicyKit
+ Scenario: I can perform administrative tasks if I have set up an administration password in the Welcome Screen
Given I have started Tails from DVD without network and logged in with an administration password
And running a command as root with pkexec requires PolicyKit administrator privileges
- Then I should be able to run a command as root with pkexec
+ Then I can run a command as root with sudo
+ Then I can run a command as root with pkexec
- Scenario: If no administrative password is set in Tails Greeter the live user should not be able to get administrative privileges through PolicyKit with the standard passwords.
+ Scenario: If cannot perform administrative tasks unless I have set up an administration password in the Welcome Screen
Given I have started Tails from DVD without network and logged in
And running a command as root with pkexec requires PolicyKit administrator privileges
- Then I should not be able to run a command as root with pkexec and the standard passwords
+ Then I cannot run a command as root with sudo and the standard passwords
+ And I cannot run a command as root with pkexec and the standard passwords