# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.

import logging

from autotest_lib.client.bin import test, utils
from autotest_lib.client.common_lib import error

class security_RootfsOwners(test.test):
    """Ensures there are no files owned by chronos/chronos-access on the rootfs.
    """
    version = 1

    def run_once(self):
        """
        Do a find on the system for rootfs files owned by chronos
        or chronos-access. Fail if there are any.
        """
        cmd = 'find / -xdev -user chronos -print -o -user chronos-access -print'
        cmd_output = utils.system_output(cmd, ignore_status=True)

        if (cmd_output != ''):
            logging.error('chronos-/chronos-access-owned files:')
            logging.error(cmd_output)
            raise error.TestFail(
                'Rootfs contains files owned by chronos or chronos-access, '
                'see error log')