1# Copyright (c) 2011 The Chromium OS Authors. All rights reserved. 2# Use of this source code is governed by a BSD-style license that can be 3# found in the LICENSE file. 4 5import logging, random, string, os 6from dbus.mainloop.glib import DBusGMainLoop 7 8from autotest_lib.client.bin import test, utils 9from autotest_lib.client.common_lib import error 10from autotest_lib.client.common_lib.cros import policy, session_manager 11from autotest_lib.client.cros import cros_ui, cryptohome, ownership 12 13 14class login_RemoteOwnership(test.test): 15 """Tests to ensure that the Ownership API can be used, as an 16 enterprise might, to set device policies. 17 """ 18 19 version = 1 20 21 def setup(self): 22 os.chdir(self.srcdir) 23 utils.make('OUT_DIR=.') 24 25 26 def initialize(self): 27 # Start with a clean slate wrt ownership 28 ownership.restart_ui_to_clear_ownership_files() 29 super(login_RemoteOwnership, self).initialize() 30 31 bus_loop = DBusGMainLoop(set_as_default=True) 32 self._cryptohome_proxy = cryptohome.CryptohomeProxy(bus_loop) 33 self._sm = session_manager.connect(bus_loop) 34 35 36 def run_once(self): 37 # Initial policy setup. 38 poldata = policy.build_policy_data(self.srcdir) 39 priv = ownership.known_privkey() 40 pub = ownership.known_pubkey() 41 policy.push_policy_and_verify( 42 policy.generate_policy(self.srcdir, priv, pub, poldata), self._sm) 43 44 # Force re-key the device 45 (priv, pub) = ownership.pairgen_as_data() 46 policy.push_policy_and_verify( 47 policy.generate_policy(self.srcdir, priv, pub, poldata), self._sm) 48 49 # Rotate key gracefully. 50 self.username = (''.join(random.sample(string.ascii_lowercase,6)) + 51 "@foo.com") 52 password = ''.join(random.sample(string.ascii_lowercase,6)) 53 self._cryptohome_proxy.remove(self.username) 54 self._cryptohome_proxy.mount(self.username, password, create=True) 55 56 (new_priv, new_pub) = ownership.pairgen_as_data() 57 58 if not self._sm.StartSession(self.username, ''): 59 raise error.TestFail('Could not start session for random user') 60 61 policy.push_policy_and_verify( 62 policy.generate_policy(self.srcdir, 63 key=new_priv, 64 pubkey=new_pub, 65 policy=poldata, 66 old_key=priv), 67 self._sm) 68 69 try: 70 self._sm.StopSession('') 71 except error.TestError as e: 72 logging.error(str(e)) 73 raise error.TestFail('Could not stop session for random user') 74 75 76 def cleanup(self): 77 # Best effort to bounce the UI, which may be up or down. 78 cros_ui.stop(allow_fail=True) 79 self._cryptohome_proxy.remove(self.username) 80 cros_ui.start(allow_fail=True, wait_for_login_prompt=False) 81 super(login_RemoteOwnership, self).cleanup() 82